Get Instant Access
to This Blueprint

Security icon

Identify the Components of Your Cloud Security Architecture

Security in the cloud requires solutions, not speculation.

  • Leveraging the cloud introduces IT professionals to a new world that they are tasked with securing. Consumers do not know what security services they need and when to implement them.
  • With many cloud vendors proposing to share the security responsibility, it can be a challenge for organizations to develop a clear understanding of how they can best secure their data off premises.

Our Advice

Critical Insight

  • Your cloud security architecture needs to be strategic, realistic, and based on risk. The NIST approach to cloud security is to include everything security into your cloud architecture to be deemed secure. However, you can still have a robust and secure cloud architecture by using a risk-based approach to identify the necessary controls and mitigating services for your environment.
  • The cloud is not the right choice for everyone. You’re not as unique as you think. Start with a reference model that is based on your risks and business attributes and optimize it from there.
  • Your responsibility doesn’t end at the vendor. Even if you outsource your security services to your vendors, you will still have security responsibilities to address.
  • Don’t boil the ocean; do what is realistic for your enterprise. Your cloud security architecture should be based on securing your most critical assets. Use our reference model to determine a launch point.
  • A successful strategy is holistic. Controlling for cloud risks comes from knowing what the risks are. Consider the full spectrum of security, including both processes and technologies.

Impact and Result

  • The business is adopting a cloud environment and it must be secured, which includes:
    • Ensuring business data cannot be leaked or stolen.
    • Maintaining the privacy of data and other information.
    • Securing the network connection points.
    • Knowing the risks associated with the cloud and mitigating those risks with the appropriate services.
  • This blueprint and associated tools are scalable for all types of organizations within various industry sectors. It allows them to know what types of risk they are facing and what security services are strongly recommended to mitigate those risks.

Identify the Components of Your Cloud Security Architecture

Start Here – read the Executive Brief

Read our concise Executive Brief to find out why you should create a cloud security architecture with security at the forefront, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

1. Cloud security alignment analysis

Explore how the cloud changes and whether your enterprise is ready for the shift to the cloud.

2. Business-critical workload analysis

Analyze the workloads that will migrated to the cloud. Consider the various domains of security in the cloud, considering the cloud’s unique risks and challenges as they pertain to your workloads.

3. Cloud security architecture mapping

Map your risks to services in a reference model from which to build a robust launch point for your architecture.

4. Cloud security strategy planning

Map your risks to services in a reference architecture to build a robust roadmap from.


Onsite Workshop: Identify the Components of Your Cloud Security Architecture

Onsite workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost onsite delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

Module 1: Cloud Security Alignment Analysis

The Purpose

Understand your suitability and associated risks with your workloads as they are deployed into the cloud.

Key Benefits Achieved

An understanding of the organization’s readiness and optimal service level for cloud security.

Activities

Outputs

1.1

Workload Deployment Plan

  • Workload deployment plan
1.2

Cloud Suitability Questionnaire

  • Determined the suitability of the cloud for your workloads
1.3

Cloud Risk Assessment

  • Risk assessment of the associated workloads
1.4

Cloud Suitability Analysis

  • Overview of cloud suitability

Module 2: Business-Critical Workload Analysis

The Purpose

Explore your business-critical workloads and the associated controls and mitigating services to secure them.

Key Benefits Achieved

Address NIST 800-53 security controls and the appropriate security services that can mitigate the risks appropriately.

Activities

Outputs

2.1

“A” Environment Analysis

  • NIST 800-53 control mappings and relevancy
2.2

“B” Environment Analysis

  • NIST 800-53 control mappings and relevancy
2.3

“C” Environment Analysis

  • NIST 800-53 control mappings and relevancy
2.4

Prioritized Security Controls

  • Prioritized security controls based on risk and environmental makeup
  • Mitigating security services for controls
2.5

Effort and Risk Dashboard Overview

  • Effort and Risk Dashboard

Module 3: Cloud Security Architecture Mapping

The Purpose

Identify security services to mitigate challenges posed by the cloud in various areas of security.

Key Benefits Achieved

Comprehensive list of security services, and their applicability to your network environment. Documentation of your “current” state of cloud security.

Activities

Outputs

3.1

Cloud Security Control Mapping

  • 1. Cloud Security Architecture Archive Document to codify and document each of the associated controls and their risk levels to security services
3.2

Cloud Security Architecture Reference Model Mapping

  • 2. Mapping of the codified controls onto Info-Tech’s Cloud Security Architecture Reference Model for clear security prioritization

Module 4: Cloud Security Strategy Planning

The Purpose

Prepare a communication deck for executive stakeholders to socialize them to the state of your cloud security initiatives and where you still have to go.

Key Benefits Achieved

A roadmap for improving security in the cloud.

Activities

Outputs

4.1

Cloud Security Strategy Considerations

  • Consider the additional security considerations of the cloud for preparation in the communication deck.
4.2

Cloud Security Architecture Communication Deck

  • Codify all your results into an easily communicable communication deck with a clear pathway for progression and implementation of security services to mitigate cloud risks.

About Info-Tech

Info-Tech Research Group is the world’s fastest-growing information technology research and advisory company, proudly serving over 30,000 IT professionals.

We produce unbiased and highly relevant research to help CIOs and IT leaders make strategic, timely, and well-informed decisions. We partner closely with IT teams to provide everything they need, from actionable tools to analyst guidance, ensuring they deliver measurable results for their organizations.

What Is a Blueprint?

A blueprint is designed to be a roadmap, containing a methodology and the tools and templates you need to solve your IT problems.

Each blueprint can be accompanied by a Guided Implementation that provides you access to our world-class analysts to help you get through the project.

Security in the cloud requires solutions, not speculation.

Need Extra Help?
Try Our Guided Implementations

Get the help you need in this 4-phase advisory process. You'll receive 12 touchpoints with our researchers, all included in your membership.

Guided Implementation #1 - Cloud security alignment analysis
  • Call #1 - Scope requirements, objectives, and your specific challenges

Guided Implementation #2 - Business-critical workload analysis
  • Call #1 - Workload deployment and Cloud Suitability Questionnaire
  • Call #2 - Cloud Risk Assessment and Cloud Suitability Results

Guided Implementation #3 - Cloud security architecture mapping
  • Call #1 - “A” Cloud Environment Analysis
  • Call #2 - “B” Cloud Environment Analysis
  • Call #3 - “C” Cloud Environment Analysis
  • Call #4 - Prioritized Security Components & Results Dashboard
  • Call #5 - Cloud Security Architecture Mappings
  • Call #6 - Continue Cloud Security Architecture Mappings

Guided Implementation #4 - Cloud security strategy planning
  • Call #1 - Cloud Security Strategy Considerations
  • Call #2 - Cloud Security Architecture Communication Deck
  • Call #3 - Summarize results and plan next steps

Author(s)

Shastri Sooknanan

Contributors

  • Arghya Basu, Cognitive & Information Architect, Amgen
  • Nenad Begovic, Director of Cloud Infrastructure, Equitable Bank
  • Don Davidson, Security Architect, Canada Life
  • Susanne Tedrick, IBM Technical Specialist, IBM Cloud Platform, IBM
  • Kantcho Manahov, Senior Cloud Cyber Security Manager, KPMG
  • Yvon Day, Asset Management Consultant, BDC
  • Christopher Odediran, Head of IT Asset Management, Mott Macdonald
  • Luz Cervantes, IT Asset Manager, Northgate Markets
  • Tammy Krauthammer, VP of Technology, LPL Financial
Visit our COVID-19 Resource Center and our Cost Management Center
Over 100 analysts waiting to take your call right now: 1-519-432-3550 x2019