Identify the Components of Your Cloud Security Architecture
Security in the cloud requires solutions, not speculation.
RETIRED CONTENT
Please note that the content on this page is retired. This content is not maintained and may contain information or links that are out of date.The lack of a good architecture for security of the cloud results in:
- Inadequate visibility into the environment: how many SaaS products have staff bought without consulting IT?
- A security plan designed for on-premises offerings only, and therefore, does not include considerations for the unique risks of the cloud.
- A limited understanding of how traditional threats look different in the cloud. What are the risks that I will face; how are they different in the cloud?
- How do I mitigate these risks once they are identified?
A formalized cloud security strategy process, using Info-Tech’s methodology, results in:
- Generation of a comprehensive cloud security services and roadmap that highlights how the different service models (SaaS, PaaS, and IaaS) present different security challenges and offers resolutions to these challenges.
- Tested and proven rationalization and prioritization methodologies, ensuring the strategy you generate is not only the one the organization needs but also the one the organization will support.
- Cloud security architecture reference model with which to build and formulate your development path with security in the cloud.
Book Your Workshop
Onsite Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn’t enough, we offer low-cost onsite delivery of our Project Workshops. We take you through every phase of your project and ensure that you have a road map in place to complete your project successfully.
Module 1: Cloud Security Alignment Analysis
The Purpose
Understand your suitability and associated risks with your workloads as they are deployed into the cloud.
Key Benefits Achieved
An understanding of the organization’s readiness and optimal service level for cloud security.
Activities: | Outputs: | |
---|---|---|
1.1 | Workload Deployment Plan |
|
1.2 | Cloud Suitability Questionnaire |
|
1.3 | Cloud Risk Assessment |
|
1.4 | Cloud Suitability Analysis |
|
Module 2: Business-Critical Workload Analysis
The Purpose
Explore your business-critical workloads and the associated controls and mitigating services to secure them.
Key Benefits Achieved
Address NIST 800-53 security controls and the appropriate security services that can mitigate the risks appropriately.
Activities: | Outputs: | |
---|---|---|
2.1 | “A” Environment Analysis |
|
2.2 | “B” Environment Analysis |
|
2.3 | “C” Environment Analysis |
|
2.4 | Prioritized Security Controls |
|
2.5 | Effort and Risk Dashboard Overview |
|
Module 3: Cloud Security Architecture Mapping
The Purpose
Identify security services to mitigate challenges posed by the cloud in various areas of security.
Key Benefits Achieved
Comprehensive list of security services, and their applicability to your network environment. Documentation of your “current” state of cloud security.
Activities: | Outputs: | |
---|---|---|
3.1 | Cloud Security Control Mapping |
|
3.2 | Cloud Security Architecture Reference Model Mapping |
|
Module 4: Cloud Security Strategy Planning
The Purpose
Prepare a communication deck for executive stakeholders to socialize them to the state of your cloud security initiatives and where you still have to go.
Key Benefits Achieved
A roadmap for improving security in the cloud.
Activities: | Outputs: | |
---|---|---|
4.1 | Cloud Security Strategy Considerations |
|
4.2 | Cloud Security Architecture Communication Deck |
|