I will share my experience on the Cloud Implementation’s Best Practice and doesn’t applied to any of my previous, current organisations. My options would be off for certain organisation and individuals.

Below are my top 5 Best Practice that need to implement in Cloud Environment.

1. Identity Assessment Management in Active Directory

As everyone has aware, Multi-Factor authentication has been used on most applications or system nowadays to prevent any cyberattacks such as phishing and access control on the compromised credentials. At least, administrative account need to enable multi-factor authentication

An Organization will need to ensure that unused guest user has been disabled in the Cloud Active Directory. It should be considered as critical as you will need to do auditing on-premises Active Directory for security and compliance purpose.

2. Microsoft SQL Server Networking segment

SQL Server will be considered as crucial element in the Cloud Environment because it will stored database in the wild. SQL Server normally use the port 3389 which mostly people well-known.

For Security purpose, you will need to audit the SQL Server Firewall in order to evaluate and ensure that all port has been closed to the public’s internet. The reason is that to prevent any malicious user to access into it.

3. Activity Log Alerts

The Activity Log Alerts that required us to monitor and analyze on the following events:

  1. Anything that related to “Create” Functions
  2. Anything that related to “Delete” Functions
  3. Update Security Policy

4. Cloud Security

All Cloud Account required to use protection such as:

  • Blob Encryption
  • File Encryption
  • Secure Transfer

It also advisable to periodically regenerated the Key in Cloud to reduce the risk of compromised access key.

By Wan Ariff

He brings with him working experience in Information Security filed which specializing in Penetration Testing and Digital Forensic. His passion is more to IT Security

Leave a Reply

Your email address will not be published. Required fields are marked *