In 2020, more than 50% of organizations moved their workloads to the cloud. While migrating services and applications that used to be hosted on-site are migrating to Cloud Service Providers (CSPs) like Microsoft Azure and Amazon Web Services can make it more difficult for an adversary to gain access to your network by minimizing the impact of an attack and creating additional security, migrating to cloud-based services doesn’t mitigate all cybersecurity threats. In fact, there were over 3.1 million attacks on cloud-based users in 2020.
In this article, we will discuss our top tips for continually improving your security posture as it pertains to your CSPs.
Restrict Resources Available to Users
Tools like Microsoft Azure’s AD Conditional Access allow an administrator to control what resources users can access. One of the easiest ways to minimize your company’s attack surface and prevent lateral movement in the event of a breach is to determine what resources each user should have access to and restrict permissions where necessary.
Minimize the Use of Elevated Privileges
Tools such as Azure Privileged Identity Management (PIM) are designed to minimize the use of elevated privileges and protects potentially compromised accounts by helping an administrator:
- Enforce multi-factor authentication (MFA) for privileged roles
- Grant elevated privileges just long enough to complete a required task
- Identifying and removing unused or over privileged roles
Employ Identity Protection
Identity protection automatically determines the risk level for users. This can automatically implement cloud security measures based on a policy for each risk-level (low, medium, high). For example, if a user is seen performing actions that lead to a high risk level you can force a secure password change with MFA. Identity protection can also create sign-in risk policies that will evaluate login attempts and block them if they appear to be too unusual based on the user, time and location.
For more information about your CSP and improving your organization’s cybersecurity posture, contact us at info@redpointcyber.comand follow us on LinkedIn to avoid missing our weekly cybersecurity Tip Tuesdays!