Google Cloud Platform Virtual Private Cloud Similarly, for GCP, the following security policies related to networking in the CIS Google Cloud Platform are recommended: For each control, the CIS benchmarks provide detailed instructions on why the policy is recommended, as well as the rationale. For example, for 3.1 Ensure that the Default Network Does Not […]
Category: Security Command Center
Assessing data security policies – Walk-Through – Assessing Policy Settings and Resource Controls
Assessing data security policies Data within an enterprise may be one of the most essential assets that an organization owns, and ensuring that any sensitive data is properly protected through means such as encryption, data masking, and logging of changes to data are likely to be critical controls. In this walk-through, we’ll look at assessing […]
Assessing change management and configuration policies 3 – Walk-Through – Assessing Change Management, Logging, and Monitoring Policies
Policy Sentry Another tool that an IT auditor can use to monitor changes in Identity and Access Management (IAM) is an open source solution named Policy Sentry. Policy Sentry is a great tool to manage IAM entities. Policy Sentry also has functionality as an audit and analysis database. It compiles database tables based on AWS […]
Assessing change management and configuration policies 2 – Walk-Through – Assessing Change Management, Logging, and Monitoring Policies
Azure Automation Another tool that organizations use for change and configuration management is Azure Automation. Azure Automation allows an organization to automate changes in the Azure environment and across external systems. You first need to create an Automation account before using Azure Automation. To launch Azure Automation, use the following steps: A useful feature for […]
Policies for resource management – Financial Resource and Change Management Controls
Policies for resource management To ensure that cloud resources (particularly when using IaaS and PaaS services) align with operational and security policies, it’s often necessary to leverage technical policies to enforce these within a cloud environment. These technical policies allow organizations to configure a technical template of standards that the cloud resources are either configured […]
Change history – Financial Resource and Change Management Controls
Change history As an auditor, one method that may be used to correlate processes and procedures that mitigate risk is to review activity logs. In cloud environments, these logs may be made up of separate sign-in and event logs that are capturing change history and actions performed by user accounts, service accounts, or workload identities. […]
Financial billing and cost controls – Financial Resource and Change Management Controls
Financial billing and cost controls In a cloud environment, setting up services can be as easy as providing a credit card number. Although this provides the benefit of making cloud services easy to enable and consume, this also adds risk in terms of business continuity (what if the credit card holder leaves the company?), as […]
Common pitfalls – Tips and Techniques for Advanced Auditing
Common pitfalls With the scale, speed, and flexibility of the cloud comes complexity. This complexity leads to inherent pitfalls. We will review two broad areas that are common pitfalls for organizations that the IT auditor should be aware of. The first area involves administrative pitfalls that include not managing resource usage, an inability to control […]
Overly permissive access 2 – Tips and Techniques for Advanced Auditing
To get a snapshot of the AWS security posture, we can use AWS Security Hub. According to the AWS documentation, “AWS Security Hub is a cloud security posture management service that performs security best practice checks, aggregates alerts, and enables automated remediation.” To use AWS Security Hub, we first have to enable the service. We […]
Cloud Asset Inventory – Tips and Techniques for Advanced Auditing
Cloud Asset Inventory Cloud Asset Inventory is a service that allows one to view, monitor, and analyze GCP assets. To access Cloud Asset Inventory, you can either go to the Google Console under IAM & Admin or go through a browser, as shown in Figure 6.38: Figure 6.38 – Cloud Asset Inventory Three tabs are […]