Identify the Components of Your Cloud Security Architecture

Security in the cloud requires solutions, not speculation.

Onsite Workshop

The lack of a good architecture for security of the cloud results in:

  • Inadequate visibility into the environment: how many SaaS products have staff bought without consulting IT?
  • A security plan designed for on-premises offerings only, and therefore, does not include considerations for the unique risks of the cloud.
  • A limited understanding of how traditional threats look different in the cloud. What are the risks that I will face; how are they different in the cloud?
  • How do I mitigate these risks once they are identified?

A formalized cloud security strategy process, using Info-Tech’s methodology, results in:

  • Generation of a comprehensive cloud security services and roadmap that highlights how the different service models (SaaS, PaaS, and IaaS) present different security challenges and offers resolutions to these challenges.
  • Tested and proven rationalization and prioritization methodologies, ensuring the strategy you generate is not only the one the organization needs but also the one the organization will support.
  • Cloud security architecture reference model with which to build and formulate your development path with security in the cloud.

Module 1: Cloud Security Alignment Analysis

The Purpose

Understand your suitability and associated risks with your workloads as they are deployed into the cloud.

Key Benefits Achieved

An understanding of the organization’s readiness and optimal service level for cloud security.

Activities: Outputs:
1.1 Workload Deployment Plan
  • Workload deployment plan
1.2 Cloud Suitability Questionnaire
  • Determined the suitability of the cloud for your workloads
1.3 Cloud Risk Assessment
  • Risk assessment of the associated workloads
1.4 Cloud Suitability Analysis
  • Overview of cloud suitability

Module 2: Business-Critical Workload Analysis

The Purpose

Explore your business-critical workloads and the associated controls and mitigating services to secure them.

Key Benefits Achieved

Address NIST 800-53 security controls and the appropriate security services that can mitigate the risks appropriately.

Activities: Outputs:
2.1 “A” Environment Analysis
  • NIST 800-53 control mappings and relevancy
2.2 “B” Environment Analysis
  • NIST 800-53 control mappings and relevancy
2.3 “C” Environment Analysis
  • NIST 800-53 control mappings and relevancy
2.4 Prioritized Security Controls
  • Prioritized security controls based on risk and environmental makeup
  • Mitigating security services for controls
2.5 Effort and Risk Dashboard Overview
  • Effort and Risk Dashboard

Module 3: Cloud Security Architecture Mapping

The Purpose

Identify security services to mitigate challenges posed by the cloud in various areas of security.

Key Benefits Achieved

Comprehensive list of security services, and their applicability to your network environment. Documentation of your “current” state of cloud security.

Activities: Outputs:
3.1 Cloud Security Control Mapping
  • 1. Cloud Security Architecture Archive Document to codify and document each of the associated controls and their risk levels to security services
3.2 Cloud Security Architecture Reference Model Mapping
  • 2. Mapping of the codified controls onto Info-Tech’s Cloud Security Architecture Reference Model for clear security prioritization

Module 4: Cloud Security Strategy Planning

The Purpose

Prepare a communication deck for executive stakeholders to socialize them to the state of your cloud security initiatives and where you still have to go.

Key Benefits Achieved

A roadmap for improving security in the cloud.

Activities: Outputs:
4.1 Cloud Security Strategy Considerations
  • Consider the additional security considerations of the cloud for preparation in the communication deck.
4.2 Cloud Security Architecture Communication Deck
  • Codify all your results into an easily communicable communication deck with a clear pathway for progression and implementation of security services to mitigate cloud risks.

Workshop icon Book Your Workshop

Onsite Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn’t enough, we offer low-cost onsite delivery of our Project Workshops. We take you through every phase of your project and ensure that you have a road map in place to complete your project successfully.

Book a Workshop View Blueprint
Visit our COVID-19 Resource Center and our Cost Management Center
Over 100 analysts waiting to take your call right now: 1-519-432-3550 x2019
GET HELP
Contact Us