I will share my experience on the Cloud Implementation’s Best Practice and doesn’t applied to any of my previous, current organisations. My options would be off for certain organisation and individuals.
Below are my top 5 Best Practice that need to implement in Cloud Environment.
1. Identity Assessment Management in Active Directory
As everyone has aware, Multi-Factor authentication has been used on most applications or system nowadays to prevent any cyberattacks such as phishing and access control on the compromised credentials. At least, administrative account need to enable multi-factor authentication
An Organization will need to ensure that unused guest user has been disabled in the Cloud Active Directory. It should be considered as critical as you will need to do auditing on-premises Active Directory for security and compliance purpose.
2. Microsoft SQL Server Networking segment
SQL Server will be considered as crucial element in the Cloud Environment because it will stored database in the wild. SQL Server normally use the port 3389 which mostly people well-known.
For Security purpose, you will need to audit the SQL Server Firewall in order to evaluate and ensure that all port has been closed to the public’s internet. The reason is that to prevent any malicious user to access into it.
3. Activity Log Alerts
The Activity Log Alerts that required us to monitor and analyze on the following events:
- Anything that related to “Create” Functions
- Anything that related to “Delete” Functions
- Update Security Policy
4. Cloud Security
All Cloud Account required to use protection such as:
- Blob Encryption
- File Encryption
- Secure Transfer
It also advisable to periodically regenerated the Key in Cloud to reduce the risk of compromised access key.