Six ways to stay secure in the cloud
Whether you’ve just moved to Azure, or have been operating in the cloud for a few years, staying secure is a top priority. According to a 2023 Cloud Security Report by Cybersecurity Insiders, ’95 per cent of organisations are moderately to extremely concerned about cloud security, while a recent IBM report states that the global average cost of a data breach was $4.45 million US dollars in 2023. It is, therefore, the perfect time to get on top of your security needs in the cloud.
Microsoft Cloud is as vast as it is complex, so it can at first seem tricky to figure out what to do next to stay secure on your cloud journey. If you’re reading this, then that probably means you’ve already decided to start the next chapter of your cloud journey. Learning from experts in the field is a great next step, so you’re in the right place – we hold five of the six Azure and M365 Microsoft Solutions Partner certifications, as well as being an Azure Expert Managed Service Provider. So, without further ado, here’s our advice our advice on staying secure.
Zero Trust
Adopting a Zero Trust policy is a fantastic first step when looking to become secure in the cloud. A Zero Trust policy treats all devices as a threat until they are verified, regardless of connection, ownership, or previous access permissions. Nothing is getting access to your network unless you allow it to. This is often used to buffer more traditional security practices, such as using strong and unique passwords, and is even more effective when combined with multi-factor authentication.
Implementing a Zero Trust policy requires a bit more than just adopting new technologies. It means changing your culture and training your employees as well. According to the World Economic Forum, 95 per cent of all cybersecurity issues can be traced to human error, and adopting a Zero Trust policy that combines the factors above means that someone accidentally revealing a password or leaving a device behind is no longer as much of a major threat.
Zero Trust comes with three guiding principles. There is the previously mentioned verify explicitly, the practice of always authenticating and authorising data points. There’s least privileged access, which is a system where you set the boundaries so that everyone gets access to exactly what they need to complete their job function and nothing more than that. Finally, assume breach, which is the foundation of Zero Trust and assumes that all devices and anomalies are a threat and treats them as such until verified as otherwise.
Microsoft Sentinel
Sentinel is a cloud-native Security Information and Event Management (SIEM) solution, that monitors signals and data from all applications, services, infrastructure, networks, and users within your estate, regardless of whether it is hosted on-premise, in Azure, or with another cloud service. It provides a bird’s eye view of everything.
Because Sentinel is cloud-native it is fully scalable, which allows you to reduce cost during times of low activity and scale to meet demand during times of high traffic. It provides full flexibility for fluctuating workloads.
Sentinel also uses advanced analytics and machine learning to proactively detect threats, and will even respond to them itself in real time. If someone’s trying to access your network outside of your agreed region, Sentinel will automatically hold the device in quarantine and deny access until you allow the device in.
Microsoft Defender suite
The Microsoft Defender suite is a collection of products that will really bolster your security standing. In 2022, Defender blocked 70 billion email and identity threats, while Defender for Cloud reduced security breaches to cloud workloads by up to 25 per cent.
- Defender for Cloud allows you to protect your specific Azure workloads.
- Defender for Cloud Applications keeps you secure down to the coding level, enabling smoother deployments.
- Defender for Endpoints helps you monitor and keep safe end users on your network.
- Defender for Microsoft 365 allows you to defend your modern work data.
Defender’s cloud-based products are designed to keep all areas of your business protected, from your Azure workloads to more targeted areas like DevOps environments that need protection from the top level down to the coding level. It even provides threat protection across multi-cloud environments, including Azure, AWS, and on-premise environments.
Copilot for Security
This one is perfect for those who are further along in their cloud journey and are ready to make the most of AI. It pairs fantastically with the previously mentioned products, but it shouldn’t be thought of as a standalone solution, but rather as a string to the bow of cybersecurity professionals.
When paired with products like Sentinel and Defender, Copilot for Security really sparkles. Studies show that security analysts who used Security for Copilot with Sentinel were 44% more accurate across all tasks, which demonstrates the impact it can have when it’s in the right hands.
We’re only scratching the surface of what Copilot for Security is capable of here. Trained on 78 trillion security signals, it delivers information about threat actors, indicators of compromise, and vulnerabilities in an instant – empowering your cybersecurity staff and your organisation. If you’re looking to learn more about Copilot for security then we wrote another blog earlier this month for you to check out.
Cloud Operating Model
Security products are all well and good when looking to stay secure in the cloud, but a solid foundation and a security blueprint are vital for long-term success. A Cloud Operating Model is a set of principles, practices, and processes designed to help you govern, manage, and protect your cloud estate.
As we’ve mentioned, 95 percent of all cyber security incidents can be traced to human error, but a Cloud Operating Model will identify the roles and responsibilities that allow you to hold members of your organisation accountable for security errors. It also lays the groundwork for upskilling your security team and providing improvements that will benefit your business in the long term.
If you have been thinking about implementing a Cloud Operating Model but don’t know where to start, we’ve outlined seven considerations you should have for your Cloud Operating Model on our Learning Hub.
Working with a Managed Service Provider
The biggest issue with cybersecurity in general is staffing. It’s an industry that is strained, and finding the right personnel is both a difficult and often long process, so this is where partnering with a Cloud Managed Service Provider can be key.
The idea of outsourcing work can often put businesses off, but a Managed Service Provider can fill the gap of existing vacancies and has a range of other benefits too, from cost-effectiveness and in-depth expertise to around-the-clock availability.
We understand that using a fully managed service isn’t for everyone, but there are of course other ways to work with a Managed Service Provider. If you work with an Azure Expert MSP – like Cloud Direct, for example – then they might be able to gain you access to Microsoft funding pots that other partners don’t, which could unlock exciting opportunities for your business and allow you to de-risk and accelerate your security and future cloud projects.
If you’re interested in learning more about some of the lesser-known benefits of partnering with a Cloud Managed Service Provider, then our CTO Paul Sells has got you covered.
What’s next in your security journey?
Now that you know how to stay secure in the cloud, what’s next? It’s all well and good having the information but what you do with it is key, Cloud Direct offers funded assessments and workshops that link to the aforementioned Sentinel, Defender, and Zero trust, if you’re interested in exploring any of these options then get in touch with a member of our team and find out how you can add some sparkle to your cloud journey.