Cloud security is a fundamentally new landscape for many companies. While many security principles remain the same as on-premises, the implementation is often very different. This overview provides a snapshot of five best practices for cloud security: identity and access management, security posture management, apps and data security, threat protection and network security.
1. Strengthen access control
Traditional security measures are not enough to defend against modern security attacks. Today’s best practice is to ‘assume breach’ and protect as though the attacker has breached the network perimeter. A Zero Trust approach that verifies and secures every identity, validates device health, enforces least-privilege access and captures and analyses telemetry is therefore a new security mandate.
Strengthen access control
Institute multi-factor authentication
Provide another layer of security by requiring two or more of the following authentication methods:
• Something you know (typically a password)
• Something you have (a trusted device that is not easily duplicated, like a phone)
• Something you are (biometrics)
Enforce Conditional Access policies
Master the balance between security and productivity by factoring how a resource is accessed into access control decisions. Implement automated access control decisions for accessing your cloud apps that are based on conditions.
Ensure least privilege access
Simplify access management in multi-cloud environments with unified cross-cloud visibility into all permissions and identities and automate least privilege policy enforcement consistently to protect your most sensitive cloud resources.
English 
Arabic