How to Choose A Cloud Security Posture Management Solution

How to Choose A Cloud Security Posture Management Solution

Either way, the manner in which higher education IT provisions and manages services has been forever changed. The flexibility and agility of the cloud allows technologists to improve the level of service they provide to students, faculty and staff while also keeping costs under control. These services do, however, pose new potential cybersecurity risks that must be ­mitigated. Perhaps the most significant risk in a cloud-centric environment is the potential misconfiguration of cloud provider security controls.

Today, cloud computing plays a central role in the technology ecosystems of every college and university. The degree of cloud adoption varies, of course. Some schools might use a handful of carefully vetted Software as a Service (SaaS) providers for videoconferencing, email and their learning management systems. Others have taken an all-in, cloud-first approach to managing their infrastructure.

Shifting to a cloud model does transfer some cybersecurity responsibilities to the cloud provider. Even so, the shared-responsibility model of cloud computing leaves some security controls in the hands of the customer. SaaS providers manage the underlying infrastructure and code base, but customers must still configure application security settings and control access to their data.

What Cloud Security Posture Management Does
CSPM solutions seek to reduce the administrative burden on organizations by centralizing control over cloud computing environments. CSPM platforms offer direct integrations into the configuration of many different cloud services, allowing the assessment and configuration of SaaS, IaaS and other cloud offerings. These capabilities begin with features that allow the deep inspection of cloud service configurations against industry best practices. Institutions can then proactively detect misconfigurations before an attacker discovers and exploits those vulnerabilities.

How to Choose the Right CSPM Solution
When choosing a CSPM platform, technologists should first consider the product’s ability to support the range of cloud services that their institutions use. The major CSPM offerings all support the most common cloud service providers. It’s hard to imagine any offering that won’t support a school’s email service provider or IaaS platform of choice.

The real value of provider integrations lies in edge cases. Perhaps an institution is using an uncommon learning management system, classroom scheduling service or enterprise resource planning system. Take time to match your institution’s cloud services with each CSPM platform’s capabilities. Given the breadth of cloud services most schools use, any deployment will probably require a few manual integrations, but institutions should strive to keep those to a minimum.

After validating a CSPM solution’s coverage, the next step is to verify that it performs effective assessment and remediation in alignment with your institution’s security standards. Many universities rely on the cloud security standards offered by their IaaS providers and the National Institute of Standards and Technology, and most CSPM platforms support these assessments.

Still, colleges and universities also find themselves subject to a wide range of regulatory requirements, including HIPAA compliance, the Payment Card Industry Data Security Standard, and state cybersecurity and privacy regulations. When selecting CSPM solutions, always verify that potential candidates can meet all of the institution’s regulatory obligations.

Integrating CSPM with Other Cybersecurity Controls
CSPM technology shouldn’t operate in a vacuum. Information provided by these tools should feed directly into other components of an institution’s security program to increase their efficiency and effectiveness. CSPM alerts requiring manual remediation should automatically open trouble tickets in an institution’s IT service management solution, flowing directly into existing vulnerability management workflows. Configuration information from cloud services should flow back into the security information and event management platform, enhancing cloud security visibility. Many of these integrations may be available out of the box, but others may require custom integrations.

The News Highlights

  • How to Choose A Cloud Security Posture Management Solution
  • Check the latest update on Security news
  • .

Disclaimer: If you need to edit or update this news from compsmag then kindly contact us Learn more

For Latest News Follow us on Google News


Latest Headlines
  • Show all
  • Trending News
  • Popular By week
CVS handles disparities in care, community-based preventive care

CVS handles disparities in care, community-based preventive care

Last year, CVS Health committed close to $600 million to invest in programs that address racial health disparities faced by Black patients and other at-risk ...
Epic Games brought a PlayStation 5, Xbox Series X to court in the legal fight against Apple

Epic Games brought a PlayStation 5, Xbox Series X to court in the legal fight against Apple

(Image: Lumen/ Twitter) One such incident was spotted by Twitter user Lumen. In a recent tweet, Lumen pointed out that Epic Games had brought a PlayStation 5 ...
Hyundai recalls over 390,000 vehicles for possible engine fires

Hyundai recalls over 390,000 vehicles for possible engine fires

The other recall covers nearly 187,000 2019 and 2020 Elantras, and 2019 through 2021 Konas and Velosters. All have 2-liter engines. Hyundai says the recall ...
The cloud is more secure than on-prem, but the speed of adoption is making it less so

The cloud is more secure than on-prem, but the speed of adoption is making it less so

Ron Bennatan: We all know that the transformation, the move to cloud, the move of the workloads to the cloud, I mean, it’s something that’s been happening ...
Game Pass wins ‘FIFA 21’ and ‘Dragon Quest Builders 2’ in May

Game Pass wins ‘FIFA 21’ and ‘Dragon Quest Builders 2’ in May

Finally, PC players will be getting access to Remnant: From The Ashes, a co-op shooter set in a decaying world. Rounding out the releases on May 13 are three ...
State health officials report sustained improvements in reducing maternal morbidity

State health officials report sustained improvements in reducing maternal morbidity

However, though severe maternal morbidity among hypertension was also reduced by almost 12%, the goal of a 20% reduction was not reached. The report shows ...
Tony Hawk’s Pro Skater 1 + 2 Nintendo Switch price and release date revealed

Tony Hawk’s Pro Skater 1 + 2 Nintendo Switch price and release date revealed

It’s unlikely there’ll be any special editions of this game available for Nintendo Switch in the way there were special editions for other platforms. ...
Trading update

Trading update

News Highlights ...
White House claims U.S. Space Command tracks Chinese rocket

White House claims U.S. Space Command tracks Chinese rocket

Source ” US Space Command is aware of and tracking the location of Chinese Long March 5B in space,” Psaki said at a press briefing. White House spokesperson ...
Made in Abyss video game adaptation announced

Made in Abyss video game adaptation announced

— Spike Chunsoft, Inc. (@SpikeChunsoft_e) May 5, 2021 Descend into the world of the Abyss and grow through surviving its depths in this 3D Action RPG. Relive ...
Show next
Compsmag - Latest News from tech, business and health
Logo