I will share my experience on the Cloud Implementation Best Practices which don’t apply to any of my previous, or current organizations. My options would be off for certain organizations and individuals.

Below are my top 5 Best Practice that needs to implement in Cloud Environment.

1. Identity Assessment Management in Cloud Implementation

As everyone has aware, multi-Factor authentication has been used on most applications or systems nowadays to prevent any cyberattacks such as phishing and access control on the compromised credentials. At least, administrative accounts need to enable multi-factor authentication

An organization will need to ensure that unused guest user has been disabled in the Cloud Active Directory.

2. Microsoft SQL Server Networking segment on Cloud Implementation

SQL Server will be considered a crucial element in the Cloud Implementation in an environment because it will store databases in the wild. SQL Server normally uses port 3389 which is mostly people well-known.

For Security purpose, you will need to audit the SQL Server Firewall to evaluate and ensure that all port has been closed to the public’s internet. The reason is to prevent any malicious user to access it.

3. Activity Log Alerts

The Activity Log Alerts required us to monitor and analyze the following events:

  1. Anything related to “Create” Functions
  2. Anything related to the “Delete” Functions
  3. Update Security Policy

4. Cloud Security

All Cloud Accounts are required to use protection such as:

  • Blob Encryption
  • File Encryption
  • Secure Transfer

It was also advisable to periodically regenerated the Key in Cloud to reduce the risk of a compromised access key.

Security Testing for Cloud Implementation

The security that we can use for Cloud Implementation can be found around here during the Cloud Penetration Testing