This post is the seventh in a series of eight on the five pillars to actionable cloud security. For the rest of the series, visit the Five Pillars blog page here.
For a number of organizations, Incident Response (IR) is the first symptom of a non-actionable cloud security framework. Often, incidents aren’t even identified until well after they have occurred, and damage has been done. In those cases, response quickly escalates to remediation, and there are numerous cautionary tales of companies being irreparably harmed by large and undetected breaches and incidents.For many organizations, incident response (IR) is 1st symptom of non-actionable cloud security framework. Within an actionable IR Framework, incidents are security or compliance failures that can be found and resolved before damage is done. Click To Tweet
Within an actionable IR Framework, the notion of IR is more basic. Incidents are typically security failures or non-compliances that can be easily identified and rectified, with the intention of responding to the “incident” before there has been damage. Solutions that prevent incidents still may have the requirement to identify intentional malicious incidents, even if they were ultimately prevented for occurring.
IR can take many forms, from simple identification and rectification, or prevention, to changes in policies and strategies that avoid future similar incidents. Organizations that leverage actionable cloud frameworks as a basis to enforce security and workflow best practices can utilize IR as a way to identify where best practices aren’t being followed and why. In that way, IR becomes part of a continuous feedback loop to help keep an actionable cloud framework secure.
Within the Azure infrastructure, the products and services identified here need to be considered as part of an organization’s IR pillar:
To develop an actionable IR pillar, customers must:
- Unify IR strategy across the board – both cloud and on-premises
- Detect and remediate on a continuous basis
- Leverage all available preventative tools which can prevent incidents
In the next blog in this series, we'll look at managing an actionable cloud security framework.Organizations w/ actionable cloud frameworks can utilize IR as part of a continuous feedback loop to help keep that cloud framework secure. Click To Tweet
Rich est directeur marketing pour les produits de cloud public chez Barracuda. Il a rejoint l'équipe dans le cadre de l'acquisition de C2C Systems en 2014. Rich est l'un des experts du cloud public de Barracuda. Il travaille directement sur les écosystèmes cloud et est cité dans des ebooks de Microsoft sur la sécurisation du cloud public. Il est également contributeur régulier des blogs thématiques sur le cloud de Barracuda. Dans le cadre de notre travail sur le cloud, il aide au développement de stratégies et à leur exécution avec nos partenaires et nos équipes commerciales.
Vous pouvez contacter Rich par e-mail à l'adresse firstname.lastname@example.org.