Login

Register

Login

Register

NSA: Here’s How to Mitigate Cloud Vulnerabilities

National Security Agency (NSA) guide helps guard against cloud misconfigurations, poor access controls & share tenancy & supply chain vulnerabilities.

Cloud misconfigurations, poor access controls and shared tenancy and supply chain vulnerabilities plague many organizations, and the National Security Agency (NSA) has released guidance to help organizations mitigate these issues.

The NSA offers several tips that organizations can use to address cloud vulnerabilities, such as:

1. Cloud Misconfigurations

  • Leverage cloud service policies to prevent users from sharing data publicly.
  • Deploy cloud or third-party tools to detect misconfigurations.
  • Limit access to cloud resources.
  • Audit data access logs.
  • Restrict data access.

2. Poor Access Controls

  • Use multi-factor authentication.
  • Leverage cloud-based access controls.
  • Avoid the use of application programming interface (API) keys in software version control systems.

3. Shared Tenancy and Supply Chain Vulnerabilities

MSSPs and Public Cloud Services Security

MSSPs and MSPs also can leverage various solutions to help organizations limit cloud vulnerabilities.

For example, Sophos last month extended its MSP Connect Flex billing options to Cloud Optix, a solution that automatically discovers and secures customer assets stored in Amazon Web Services (AWS), Microsoft Azure and Google Cloud. MSSPs and MSPs can access Cloud Optix via the Sophos Central platform.

Furthermore, BlackBerry Cylance in October integrated CylancePROTECT and CylanceOPTICS with Chronicle Backstory, a Google Cloud-based security platform. This enables MSSPs and MSPs to leverage BlackBerry Cylance endpoint protection, threat detection, prevention and response capabilities in conjunction with a Google Cloud-based security analytics platform.


Return Home

Source

Leave a Reply

Shqip Shqip አማርኛ አማርኛ العربية العربية English English Français Français Deutsch Deutsch Português Português Русский Русский Español Español

National Cyber Security Consulting App

 https://apps.apple.com/us/app/id1521390354

https://play.google.com/store/apps/details?id=nationalcybersecuritycom.wpapp


Ads

NATIONAL CYBER SECURITY RADIO

Ads

ALEXA “OPEN NATIONAL CYBER SECURITY RADIO”

National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.   

nationalcybersecurity.com

FREE
VIEW