Cloud Security Best Practices Derived from Mission Thread Analysis

July 2019 • Technical Report

Timothy Morrow, Vincent LaPiana, Donald Faatz, Angel Luis Hueca

Presents practices for secure, effective use of cloud computing and risk reduction in transitioning applications and data to the cloud. Considers needs of limited-resource businesses.

Publisher:

Software Engineering Institute

CMU/SEI Report Number

CMU/SEI-2019-TR-003

Subjects

Cloud ComputingCloud Computing

Abstract

This report presents four important security practices that are practical and effective for improving the cybersecurity posture of cloud-deployed information technology (IT) systems. These practices help to address the risks, threats, and vulnerabilities that organizations face in deploying or moving applications and systems to a cloud service provider (CSP).

The practices address cloud security issues that consumers are experiencing, illustrated by several recent cloud security incidents. The report demonstrates the practices through examples using cloud services available from Amazon Web Service (AWS), Microsoft, and Google.

The presented practices are geared toward small and medium-sized organizations; however, all organizations, independent of size, can use these practices to improve the security of their cloud usage. The focus here is on hybrid deployments where some IT applications deploy or move to a CSP while other IT applications remain in the organization’s data center. Small and medium-sized organizations likely have limited resources; where possible, these practices describe implementation approaches that may be effective in limited-resource situations.

Download PDF

Cite This Report

SEI

Morrow, Timothy; LaPiana, Vincent; Faatz, Donald; & Hueca, Angel. Cloud Security Best Practices Derived from Mission Thread Analysis. CMU/SEI-2019-TR-003. Software Engineering Institute, Carnegie Mellon University. 2019. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=551466

IEEE

Morrow. Timothy, LaPiana. Vincent, Faatz. Donald, and Hueca. Angel, "Cloud Security Best Practices Derived from Mission Thread Analysis," Software Engineering Institute, Carnegie Mellon University, Pittsburgh, Pennsylvania, Technical Report CMU/SEI-2019-TR-003, 2019. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=551466

APA

Morrow, Timothy., LaPiana, Vincent., Faatz, Donald., & Hueca, Angel. (2019). Cloud Security Best Practices Derived from Mission Thread Analysis (CMU/SEI-2019-TR-003). Retrieved January 23, 2020, from the Software Engineering Institute, Carnegie Mellon University website: http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=551466

CHI

Timothy Morrow, Vincent LaPiana, Donald Faatz, & Angel Hueca. Cloud Security Best Practices Derived from Mission Thread Analysis (CMU/SEI-2019-TR-003). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2019. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=551466

MLA

Morrow, Timothy., LaPiana, Vincent., Faatz, Donald., & Hueca, Angel. 2019. Cloud Security Best Practices Derived from Mission Thread Analysis (Technical Report CMU/SEI-2019-TR-003). Pittsburgh: Software Engineering Institute, Carnegie Mellon University. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=551466

BibTex

@techreport{MorrowCloudSecurity2019,
title={Cloud Security Best Practices Derived from Mission Thread Analysis},
author={Timothy Morrow and Vincent LaPiana and Donald Faatz and Angel Hueca},
year={2019},
number={CMU/SEI-2019-TR-003},
institution={Software Engineering Institute, Carnegie Mellon University},
address={Pittsburgh, PA},
url={http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=551466} }

Ask a question about this Technical Report

Software Engineering Institute