Zero Trust

 View Only

NSA CISA Implement Network Segmentation and Encryption in Cloud Environments

  • 1.  NSA CISA Implement Network Segmentation and Encryption in Cloud Environments

    Posted Mar 07, 2024 01:16:00 PM
      |   view attached

    Hi All,

    NSA and CISA just published Implement Network Segmentation and Encryption in Cloud Environments

    Network security is a crucial component for cloud users to configure properly. Historically, network security practices have focused on perimeter security, with few additional restrictions once authenticated to an organization's internal network and the acceptance of unauthenticated and vulnerable "internal" protocols. Over the years, this has changed with the push to adopt Zero Trust (ZT) security principles such as:
     Tying identity information into network requests
     Implementing end-to-end encryption
     Micro segmenting the network
    This cybersecurity information sheet (CSI) makes recommendations for implementing these principles in a cloud environment, which can differ from on-premises (on-prem) networks. While on-prem networks require specialized appliances to enable ZT, cloud technologies natively provide the necessary infrastructure and services for implementing these recommendations to varying degrees. This CSI focuses on best practices using features commonly available in cloud environments.



    ------------------------------
    Michael Roza CPA, CISA, CIA, CC, MBA, Exec MBA, CSA Research Fe
    ------------------------------