Today’s digital, on-demand age sees many organisations rely heavily on multiple cloud services for the day-to-day running of their operations. But the third-party nature of this functionality introduces additional security risks and, with bad actors ever-present to take advantage of porous network perimeters, cyber security professionals must ensure they are rigorous in safeguarding the enterprise.
The following offer key checkpoints for best practice to secure cloud-based applications.
Asset management and data flow
Understanding how assets are managed and where data flows within the organisation is critical. This knowledge makes it possible to identify gaps in the cyber security posture, and with that locate the attack vectors. Organisations can seek input from vendors to identify such gaps within their systems and use tools (such as CrowdStrike) to take action against vulnerabilities that emerge. To ensure there is a clear understanding of where things exist, this work includes identifying each asset present in the organisation, as well as the mapping of both structured and unstructured data.
Security policies and procedures
It only takes one weak link to make the…
