Securing Hybrid Environments

5 Essential Security Controls for Your Transition to the Cloud

New technologies, such as containers and serverless functions, have left security teams with a new landscape that combines the best of cloud and on-prem. While this may seem like a daunting environment to secure, you’ll be off to a great start if you stick to the fundamentals.

We’ve outlined five fundamentals for securing a hybrid environment that align with the “Basic” category of CIS Critical Security Controls.

CIS Top 20 Critical Security Controls

Prioritize your security program for effectiveness against real world threats

Learn More

Securing your AWS environment?

See how our vulnerability management and automation integrations can help.

Learn more

1. Discover infrastructure and applications

Security fundamentals often start with taking inventory of everything that needs protecting. When this includes ephemeral assets that quickly disappear, security solutions that dynamically discover and assess assets as they come online can help manage risk when keeping inventory isn’t as straightforward. 

Read about more efficient and effective ways to remediate vulnerabilities:

Learn more about CIS Controls 1 and 2 > 

 

2. Remediate vulnerabilities

The scope of vulnerability management grows in a hybrid world. On-premises assets are now just one component of your environment as cloud infrastructure and applications introduce potential vulnerabilities in things like container images and software packages. Approaching on-premises and cloud vulnerability management separately can make it difficult to prioritize vulnerabilities, so teams should consider solutions that address the hybrid environment as a whole.

Read more about how you can remediate vulnerabilities across cloud and on-prem:

Learn more about CIS Control 3 > 

3. Control administrative privileges

With phishing attempts among the most common attack types, properly managing administrative privileges has always been important. Because admin privileges for cloud infrastructure are often shared across DevOps teams, managing those privileges becomes even trickier for the security team. For this reason, monitoring user behavior for indicators of stolen credentials is vital for hybrid environments.

Read more about how to control administrative privileges:

Learn more about CIS Control 4 > 

 

4. Configure securely

Given its degree of configurability, misconfigured cloud infrastructure is now a primary attack vector. When securing hybrid environments, assessing cloud configuration cannot be overlooked. 

Read more about configuring securely across your stack: 

Learn more about CIS Control 5 > 

 

5. Monitor

Collecting log data can provide a strong basis for building a security program. But cloud assets, especially ephemeral ones, can make log collection challenging. This is simplified by approaching log management holistically and seeking to centralize logs from on-premises and cloud in a unified view.

Read more about how you can collect and consolidate logs, even from your cloud assets:

Learn more about CIS Control 6

Reduce risk across your entire connected environment

Get started with Rapid7 Insight today.

Learn More