Cyber Security News

NSA Releases Top Ten Best Practices For Cloud Environments

Threat actors aim at Cloud environments because of their wide acceptance and one-stop storage of important information. 

Exploiting shortcomings in cloud security may enable unauthorized access to sensitive data, interruptions in infrastructure, or earning money.

The fact that the systems are highly scalable and interconnected makes them good targets for cyber-attacks.

Cybersecurity analysts at the NSA recently released the top ten best security practices for cloud environments.

Top Ten Best Practices For Cloud Environments

NSA researchers recently released cloud security mitigation strategies in an attempt to educate cloud users about important security practices. Threat actors mostly target cloud users while they shift their data to cloud environments.

The document has 10 Cybersecurity Information Sheets (CSIs), every one focusing on a distinct approach.

For six of the 10 strategies, the Cybersecurity and Infrastructure Security Agency (CISA) collaborates with the National Security Agency (NSA).

Here below, we have mentioned all the top ten best security practices for cloud environments provided by the NSA:-

  • Uphold the cloud shared responsibility model: This CSI educates on a cloud framework by clarifying the security responsibilities for both Cloud Infrastructure Entitlement Management (CIEM) and customers in securing their chosen cloud instance.
  • Use secure cloud identity and access management practices (Joint with CISA): This CSI clarifies cloud identity management threats and suggests best practices to mitigate them for organizations in the cloud.
  • Use secure cloud key management practices (Joint with CISA): This CSI suggests key management options and best practices for their use. It emphasizes the importance of understanding shared security responsibilities with cloud KMS.
  • Implement network segmentation and encryption in cloud environments (Joint with CISA): This CSI advises on applying principles in cloud environments that are distinct from on-prem networks. Cloud tech offers an infrastructure for ZT without specialized appliances. It primarily highlights the best practices using common cloud features.
  • Secure data in the cloud (Joint with CISA): Securing cloud data is crucial as organizations migrate. Understanding data sensitivity, choosing proper storage, and applying security measures are the key factors. This CSI gives an overview and practices for securing and auditing cloud storage.
  • Defending continuous integration/continuous delivery environments (Joint with CISA): NSA and CISA offer this CSI to enhance cloud DevSecOps defenses. It guides integrating security into DevOps CI/CD environments, leveraging government guidance for robust CI/CD cloud deployments.
  • Enforce secure automated deployment practices through infrastructure such as code: IaC, baselines, and golden images, which are templates for deploying resources across on-premises and in the cloud. IaC automates deployment using code, including security policies. Baselines and golden images provide secure starting points.
  • Account for complexities introduced by hybrid cloud and multi-cloud environments: This CSI tackles challenges in implementing hybrid and multi-cloud by offering solutions to mitigate increased complexity.
  • Mitigate risks from managed service providers in cloud environments (Joint with CISA): MSPs manage IT services in the cloud, offering backup, infrastructure, and security. They provide tailored solutions, but using them increases cybersecurity risks.
  • Manage cloud logs for effective threat hunting: Cloud tenant access is complex due to virtualization, as the security relies on unmodifiable logs. So, the access policies, logs, and audits must be monitored. Organizations must manage logs for threat hunting and compliance.

Cloud computing boosts IT efficacy and security if deployed correctly.

However, data concentration attracts the threat actors, so these guidelines will allow them to safeguard their cloud environment.

With Perimeter81 malware protection, you can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits. All are incredibly harmful and can wreak havoc on your network.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.

Tushar Subhra

Tushar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Recent Posts

LightSpy iOS Malware Enhanced with 28 New Destructive Plugins

The LightSpy threat actor exploited publicly available vulnerabilities and jailbreak kits to compromise iOS devices.…

1 day ago

ATPC Cyber Forum to Focus on Next Generation Cybersecurity and Artificial Intelligence Issues

White House National Cyber Director, CEOs, Key Financial Services Companies, Congressional and Executive Branch Experts…

3 days ago

New PySilon RAT Abusing Discord Platform to Maintain Persistence

Cybersecurity experts have identified a new Remote Access Trojan (RAT) named PySilon. This Trojan exploits…

3 days ago

Konni APT Hackers Attacking Organizations with New Spear-Phishing Tactics

The notorious Konni Advanced Persistent Threat (APT) group has intensified its cyber assault on organizations…

3 days ago

Google Chrome Security, Critical Vulnerabilities Patched

Google has updated its Chrome browser, addressing critical vulnerabilities that posed potential risks to millions…

4 days ago

Notorious WrnRAT Delivered Mimic As Gambling Games

WrnRAT is a new malware attack that cybercriminals have deployed by using popular gambling games…

4 days ago