Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementTechnologies & SolutionsSecurity Enterprise ServicesSecurity Leadership and ManagementLogical SecuritySecurity & Business ResilienceSecurity Education & TrainingCybersecurity News

Four security protocols to protect the new normal, a hybrid steady state

By Devin Jones
cybersecurity-controls-freepik1170x658.jpg
March 16, 2022

The digital transformation movement, accelerated by COVID-19, has made a hybrid environment of on-premise, public and/or private cloud, and SaaS environments the new norm. Businesses had to accelerate 2 to 4-year transformation projects into 2 to 6 months to accommodate for broad-based secure remote worker productivity. Gartner reports that cloud services growth in 2021 alone was 18.4%, and this growth appears to continue. 


This level of infrastructure migration is massive and requires different security considerations than before. Still, IDG reports that 84% of those surveyed believe their cloud infrastructure is more secure or as secure as their on-premises infrastructure (as opposed to the 15% that feel on-premises is more secure). However, the customer is responsible for security in any public cloud environment, which creates challenges different from legacy security concerns. 


Organizations are settling into their "new norms," and it's an excellent time to review the security architecture after shifting significant resources to a cloud environment. There are four considerations to consider when reviewing your public cloud risk profile:


Access Control

Poorly designed or misconfigured access control is one of the most common threats to cloud security. Many instances of open S3 buckets and misconfigured security groups have allowed attackers access to company assets. A robust Identity and Access Management (IAM) framework is crucial, and all human users accounts must be linked to an overarching directory service for proper privilege provisioning and monitoring. Directory services logging must be configured to detect privilege changes and access activity. Look at user and access privileges to mitigate excessive access instances. Administration privileges must be justifiable, limited, and admin privileged escalation/de-escalation should be logged.


Authentication

Authentication is a primary vector for attackers. User names and passwords are commonly sold on the dark web, and identity theft is now an everyday occurrence. As a result, authentication is an integral part of the overall IAM framework. 


Multi-factor authentication (MFA) has been around since 1986, but only the larger companies adopted it because users found it a cumbersome irritant. Most people didn't understand digital attackers' actual risk to businesses, so small and medium-sized companies refrained from adopting it. However, MFA is becoming common, regardless of company size, and users accept the need. No amount of education about complex passwords can come close to the level of confidence you get with MFA. 


Single Sign-On (SSO) is a great way to simplify and centralize authentication across disparate systems, easing administration and access activity logging. In addition, SSO improves identity protection because it strengthens identity security with MFA, reduces "password fatigue," and simplifies username/password management.


Information Protection

Data loss can occur by malicious data alteration, server outage, hard disk failure, human error, and insider theft. Therefore, every organization should have a data security program that includes a solid backup strategy and Data Loss Prevention (DLP) software tailored to the organization, and encryption.


Data protection starts with a solid backup strategy that includes frequency, strong access control for non-human accounts, and offline/off-prem storage. Next, a data plan must be established that identifies what data to back up and what should not. This data classification approach also leads to a solid DLP strategy.


DLP software includes email scanning to identify malicious attachments and prevents end-users from moving critical information outside the organization without authorization. In addition, data categorization and service rules are established to identify and ensure the proper treatment of different data classifications. This prevents the accidental release of critical information and resists malicious theft. Unfortunately, many organizations leave the discretion to send confidential data outside the organization. Still, they should strongly consider the automated tools that ensure an exception approval process is in place.


Data encryption is the only way an organization can ensure that their stolen IP and customer data aren't stolen and sold on the dark web. Data encryption solutions have improved significantly, and file-level encryption does not impose the performance burden it once did. Leveraging the data classification efforts established for DLP, also identify digital assets that should be encrypted.


Automated Monitoring

Cloud environments require the same discipline in processes, policies, and controls as a traditional on-premises network. Automated cloud environment monitoring is crucial to understand and manage operational workflow, access activity, and security. The key to automated monitoring is consolidating information from throughout the environment into a single analysis hub. With the centralization of information, analysis can correlate seemingly unrelated events that would otherwise be lost because it's siloed within a single isolated platform. Relating end-point telemetry with threat feeds can uncover otherwise undetected attacks or mishandling of information. For example, relating access information with geolocation and data flows can identify unauthorized data exfiltration. A purpose-built, automated monitoring system with strong analytics as a central hub provides otherwise lost insights in an uncoordinated cybersecurity mesh framework.


The workplace changed radically due to the pandemic and the required digital transformation accommodating that change happened incredibly fast. As a result, there wasn't time to do the needed due diligence that we usually consider adequate because an almost complete remote workforce was the only option for business continuity. As a result, we've been scrambling to deploy technical capabilities, implement the proper controls, and establish appropriate governance. Now is the time to review what we've put in place to validate that risks are minimized, vulnerabilities have been isolated, and playbooks established to ensure proper treatment for acceptable risks. 



KEYWORDS: access control authentication automation data breach information security multi-factor authentication

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Devin Jones is UncommonX's Chief Product Officer.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Top Cybersecurity Leaders
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Cyber Tactics Column
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    New Security Technology
    By: Charles Denyer
Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Pills spilled

More than 20,000 sensitive medical records exposed

Coding on screen

Research reveals mass scanning and exploitation campaigns

Laptop in darkness

Verizon 2025 Data Breach Investigations Report shows rise in cyberattacks

White post office truck

Department of Labor Sues USPS Over Texas Whistleblower Termination

Computer with binary code hovering nearby

Cyberattacks Targeting US Increased by 136%

2025 Security Benchmark banner

Events

May 22, 2025

Proactive Crisis Communication

Crisis doesn't wait for the right time - it strikes when least expected. Is your team prepared to communicate clearly and effectively when it matters most?

September 29, 2025

Global Security Exchange (GSX)

 

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • Five hands circled together

    The new normal: How to embrace a cultural approach to zero trust

    See More
  • dormakaba access control

    The enhanced role of touch-free and mobile access solutions drive a new normal

    See More
  • enterprise security with a work from home culture

    Increased enterprise security for the “new normal” working culture

    See More
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing