{"id":63647,"date":"2023-01-24T17:08:26","date_gmt":"2023-01-24T09:08:26","guid":{"rendered":"https:\/\/version-2.com.sg\/?p=63647"},"modified":"2024-09-13T16:31:49","modified_gmt":"2024-09-13T08:31:49","slug":"cloud-application-security-guide","status":"publish","type":"post","link":"https:\/\/version-2.com\/en\/2023\/01\/cloud-application-security-guide\/","title":{"rendered":"Cloud application security guide"},"content":{"rendered":"<div data-elementor-type=\"wp-post\" data-elementor-id=\"63647\" class=\"elementor elementor-63647\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-35fe5dd post-content elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"35fe5dd\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;cef08c3&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-409a2e9a\" data-id=\"409a2e9a\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-5a8be8f elementor-widget elementor-widget-text-editor\" data-id=\"5a8be8f\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><img fetchpriority=\"high\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/2BpheVCvY99ltmiY5b8WQv\/a35f000a16898305233737f10ac3bf4a\/Cloud_application_security_blog_cover_1400x800__1_.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp\" width=\"1400\" height=\"800\" \/><\/p><div class=\"nord-col lg:col-8 lg:offset-1 break-words mt-5 text-grey-shuttle\"><article><p class=\"my-4 blog-paragraph text-still-dark-blue\">In the modern economy, around <strong>75% of workloads have migrated to the cloud.<\/strong> Millions of workers use the cloud daily to send messages, develop code, and manage customer relationships. Cloud computing is convenient, flexible, and cost-effective. But<strong> relying on the cloud brings security risks.<\/strong><\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>Unsecured apps are vulnerable to external attacks, data loss, and infrastructure damage.<\/strong> One unprotected app can cause an enterprise-wide data breach. Fortunately, there are many ways to strengthen cloud security and make application usage safe.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">This blog will explore cloud app security and the threats users face. You should find everything you need to know when securing critical cloud assets.<\/p><h2 id=\"what-is-cloud-application-security\" class=\"Heading Heading-h2 text-dark-blue\">What Is cloud application security?<\/h2><p class=\"my-4 blog-paragraph text-still-dark-blue\">Cloud application security is <strong>a set of tools, policies, and procedures that protect information passing across a cloud environment.<\/strong> The aim is to:<\/p><ul class=\"list\"><li class=\"ml-4 pl-4\"><p class=\"my-4 blog-paragraph text-still-dark-blue\">Create a secure environment and protect data on all cloud apps<\/p><\/li><li class=\"ml-4 pl-4\"><p class=\"my-4 blog-paragraph text-still-dark-blue\">Manage cyber threats<\/p><\/li><li class=\"ml-4 pl-4\"><p class=\"my-4 blog-paragraph text-still-dark-blue\">Prevent unauthorized access to cloud resources<\/p><\/li><li class=\"ml-4 pl-4\"><p class=\"my-4 blog-paragraph text-still-dark-blue\">Ensure the availability of critical assets<\/p><\/li><\/ul><p class=\"my-4 blog-paragraph text-still-dark-blue\">Cloud application security covers popular platforms like Amazon AWS, Google, and Microsoft Azure. It also extends to individual SaaS apps hosted on cloud platforms. Collaboration tools like Slack or Zoom require specific security solutions. The same applies to cloud-hosted business tools like Salesforce or data storage services.<\/p><h2 id=\"do-you-need-cloud-application-security\" class=\"Heading Heading-h2 text-dark-blue\">Do you need cloud application security?<\/h2><p class=\"my-4 blog-paragraph text-still-dark-blue\">Yes. <strong>Legacy network security tools cannot properly protect cloud assets<\/strong>. VPNs and firewalls can protect locally-hosted data and applications. But cloud apps are hosted by third parties. <strong>Users can access them from virtually anywhere via a huge range of devices.<\/strong><\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Attack surfaces have become more complex as cloud apps have proliferated. Cloud endpoints cannot be secured by locally-managed hardware or encrypted network connections. Older tech plays a role, but <strong>new application security approaches are essential.<\/strong><\/p><h2 id=\"cloud-application-security-threats\" class=\"Heading Heading-h2 text-dark-blue\">Cloud application security threats<\/h2><p class=\"my-4 blog-paragraph text-still-dark-blue\">The first step in securing a cloud environment is understanding critical security threats. Here are some of the most important cloud application security risks to factor into security planning.<\/p><ul class=\"list\"><li class=\"ml-4 pl-4\"><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>Misconfigured cloud apps<\/strong> \u2013 Gartner reports that as many as<a class=\"hyperlink Link Link--blue-dodger font-medium\" href=\"https:\/\/www.gartner.com\/smarterwithgartner\/is-the-cloud-secure\/\" target=\"_blank\" rel=\"nofollow noopener noreferrer\"> 99% of cloud security issues are due to client error<\/a>. Cloud deployments are complex, and teams must manage a range of application configurations. Every SaaS app requires access controls and processes to guard against shadow IT. Getting app configurations right is essential.<\/p><\/li><li class=\"ml-4 pl-4\"><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>Account hijacking<\/strong> \u2013 Malicious attackers can hijack user accounts and infiltrate cloud-hosted apps. Account hijacking tends to result from poor password hygiene and credential exposure. Security teams must enforce strong password policies. Password managers make life easier for workers. Encryption keeps credentials private and secure.<\/p><\/li><li class=\"ml-4 pl-4\"><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>Phishing<\/strong> \u2013 Phishers persuade employees to provide access credentials. They may also entice users to click links that harvest private data. Security teams must train all staff and enforce responsible behavior.<\/p><\/li><li class=\"ml-4 pl-4\"><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>Automated attacks<\/strong> \u2013 Attackers may find vulnerabilities via scanning agents. Botnets target poorly secured cloud apps, taking down cloud resources via denial-of-service attacks.<\/p><\/li><li class=\"ml-4 pl-4\"><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>Buggy APIs<\/strong> \u2013 APIs connect cloud applications and users. They need to be secure at all times. The problem with APIs is that they are both feature and data-rich. One compromised feature could expose data inside the app for outsiders to harvest.<\/p><\/li><li class=\"ml-4 pl-4\"><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>Physical security<\/strong> \u2013 Cloud applications rest on physical hardware somewhere in the world. Cloud providers must protect hardware against theft and take measures to handle fire, extreme weather, and other sources of damage.<\/p><\/li><li class=\"ml-4 pl-4\"><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>Inadvertent data loss <\/strong>\u2013 Staff can accidentally delete data, change it irreversibly, or lose encryption keys. This places intact data out of reach. A comprehensive data backup strategy is essential.<picture><source srcset=\"https:\/\/images.ctfassets.net\/5natoedl294r\/3Bi1Gco22NtX2DuE64LoE7\/440772e67fc1f021550aadec9dacddbb\/Cloud_application_security_threats_1400x1235.png?w=750&amp;h=662&amp;q=50&amp;fm=webp 750w, https:\/\/images.ctfassets.net\/5natoedl294r\/3Bi1Gco22NtX2DuE64LoE7\/440772e67fc1f021550aadec9dacddbb\/Cloud_application_security_threats_1400x1235.png?w=1080&amp;h=953&amp;q=50&amp;fm=webp 1080w, https:\/\/images.ctfassets.net\/5natoedl294r\/3Bi1Gco22NtX2DuE64LoE7\/440772e67fc1f021550aadec9dacddbb\/Cloud_application_security_threats_1400x1235.png?w=1366&amp;h=1205&amp;q=50&amp;fm=webp 1366w, https:\/\/images.ctfassets.net\/5natoedl294r\/3Bi1Gco22NtX2DuE64LoE7\/440772e67fc1f021550aadec9dacddbb\/Cloud_application_security_threats_1400x1235.png?w=1400&amp;h=1235&amp;q=50&amp;fm=webp 1400w\" type=\"image\/webp\" sizes=\"100vw\" \/><img decoding=\"async\" style=\"object-fit: cover; opacity: 1;\" title=\"Cloud application security threats diagram\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/3Bi1Gco22NtX2DuE64LoE7\/440772e67fc1f021550aadec9dacddbb\/Cloud_application_security_threats_1400x1235.png?w=1400&amp;h=1235&amp;q=50&amp;fm=png\" sizes=\"100vw\" srcset=\"https:\/\/images.ctfassets.net\/5natoedl294r\/3Bi1Gco22NtX2DuE64LoE7\/440772e67fc1f021550aadec9dacddbb\/Cloud_application_security_threats_1400x1235.png?w=750&amp;h=662&amp;q=50&amp;fm=png 750w, https:\/\/images.ctfassets.net\/5natoedl294r\/3Bi1Gco22NtX2DuE64LoE7\/440772e67fc1f021550aadec9dacddbb\/Cloud_application_security_threats_1400x1235.png?w=1080&amp;h=953&amp;q=50&amp;fm=png 1080w, https:\/\/images.ctfassets.net\/5natoedl294r\/3Bi1Gco22NtX2DuE64LoE7\/440772e67fc1f021550aadec9dacddbb\/Cloud_application_security_threats_1400x1235.png?w=1366&amp;h=1205&amp;q=50&amp;fm=png 1366w, https:\/\/images.ctfassets.net\/5natoedl294r\/3Bi1Gco22NtX2DuE64LoE7\/440772e67fc1f021550aadec9dacddbb\/Cloud_application_security_threats_1400x1235.png?w=1400&amp;h=1235&amp;q=50&amp;fm=png 1400w\" alt=\"Cloud application security threats diagram\" width=\"1\" height=\"0.8821428571428571\" data-main-image=\"\" \/><\/picture><\/p><\/li><\/ul><p><img decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/3Bi1Gco22NtX2DuE64LoE7\/440772e67fc1f021550aadec9dacddbb\/Cloud_application_security_threats_1400x1235.png?w=1400&amp;h=1235&amp;q=50&amp;fm=webp\" width=\"1400\" height=\"1235\" \/><\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\"><picture><\/picture><noscript><br data-mce-bogus=\"1\"><\/noscript><noscript><picture><source type=\"image\/webp\" srcset=\"https:\/\/images.ctfassets.net\/5natoedl294r\/3Bi1Gco22NtX2DuE64LoE7\/440772e67fc1f021550aadec9dacddbb\/Cloud_application_security_threats_1400x1235.png?w=750&amp;h=662&amp;q=50&amp;fm=webp 750w, https:\/\/images.ctfassets.net\/5natoedl294r\/3Bi1Gco22NtX2DuE64LoE7\/440772e67fc1f021550aadec9dacddbb\/Cloud_application_security_threats_1400x1235.png?w=1080&amp;h=953&amp;q=50&amp;fm=webp 1080w, https:\/\/images.ctfassets.net\/5natoedl294r\/3Bi1Gco22NtX2DuE64LoE7\/440772e67fc1f021550aadec9dacddbb\/Cloud_application_security_threats_1400x1235.png?w=1366&amp;h=1205&amp;q=50&amp;fm=webp 1366w, https:\/\/images.ctfassets.net\/5natoedl294r\/3Bi1Gco22NtX2DuE64LoE7\/440772e67fc1f021550aadec9dacddbb\/Cloud_application_security_threats_1400x1235.png?w=1400&amp;h=1235&amp;q=50&amp;fm=webp 1400w\" sizes=\"100vw\"\/><img title=\"Cloud application security threats diagram\" width=\"1\" height=\"0.8821428571428571\" data-main-image=\"\" style=\"object-fit:cover;opacity:0\" sizes=\"auto, 100vw\" decoding=\"async\" loading=\"lazy\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/3Bi1Gco22NtX2DuE64LoE7\/440772e67fc1f021550aadec9dacddbb\/Cloud_application_security_threats_1400x1235.png?w=1400&amp;h=1235&amp;q=50&amp;fm=png\" srcset=\"https:\/\/images.ctfassets.net\/5natoedl294r\/3Bi1Gco22NtX2DuE64LoE7\/440772e67fc1f021550aadec9dacddbb\/Cloud_application_security_threats_1400x1235.png?w=750&amp;h=662&amp;q=50&amp;fm=png 750w, https:\/\/images.ctfassets.net\/5natoedl294r\/3Bi1Gco22NtX2DuE64LoE7\/440772e67fc1f021550aadec9dacddbb\/Cloud_application_security_threats_1400x1235.png?w=1080&amp;h=953&amp;q=50&amp;fm=png 1080w, https:\/\/images.ctfassets.net\/5natoedl294r\/3Bi1Gco22NtX2DuE64LoE7\/440772e67fc1f021550aadec9dacddbb\/Cloud_application_security_threats_1400x1235.png?w=1366&amp;h=1205&amp;q=50&amp;fm=png 1366w, https:\/\/images.ctfassets.net\/5natoedl294r\/3Bi1Gco22NtX2DuE64LoE7\/440772e67fc1f021550aadec9dacddbb\/Cloud_application_security_threats_1400x1235.png?w=1400&amp;h=1235&amp;q=50&amp;fm=png 1400w\" alt=\"Cloud application security threats diagram\"\/><\/picture><\/noscript><\/p><h2 id=\"cloud-application-security-best-practices\" class=\"Heading Heading-h2 text-dark-blue\">Cloud application security best practices<\/h2><p class=\"my-4 blog-paragraph text-still-dark-blue\">Failure to deal with cloud security vulnerabilities can have serious consequences. Let\u2019s explore some app security best practices to lock down critical assets.<\/p><h3 class=\"Heading Heading-h3 text-dark-blue\">1. Understand the threat surface<\/h3><p class=\"my-4 blog-paragraph text-still-dark-blue\">Robust cloud application security rests upon strong visibility. Total awareness of cloud workloads and device connections puts you in a good position to apply controls.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Create and maintain inventories of connected cloud apps. This inventory will form the basis for security measures later on. Trim the inventory regularly to remove any unneeded cloud apps. Try to keep the threat surface as small as possible.<\/p><h3 class=\"Heading Heading-h3 text-dark-blue\">2. Deploy identity and access management (IAM)<\/h3><p class=\"my-4 blog-paragraph text-still-dark-blue\">Every cloud application is vulnerable to credential theft. Enterprises must establish complete control over who accesses cloud apps. They must also define and manage user privileges.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Cloud-native IAM tools <strong>manage access by authenticating log-in requests<\/strong>. They compare login credentials with secure directories and ensure that only authentic users gain access. Multi-Factor Authentication (MFA) adds another set of time-limited and unique credentials.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">After admitting users,<strong> IAM systems authorize their privileges.<\/strong> Privileges allow users to carry out core workloads and restrict access to other applications.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Developers can access the tools they need. Sales teams can access CRM databases and marketing assets. Every role is limited, but workers are free to carry out their duties.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Additionally, IAM applies<strong> Single Sign On<\/strong>. SSO creates a single point of entry to cloud resources. One cloud-based application provides access to all apps. There is no need to secure multiple cloud endpoints.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">More advanced IAM tools actively check for unsafe credential storage. They alert security teams if staff store credentials digitally or share information insecurely. All these features enhance the safety of cloud applications.<\/p><h3 class=\"Heading Heading-h3 text-dark-blue\">3. Create a cloud application security strategy<\/h3><p class=\"my-4 blog-paragraph text-still-dark-blue\">Companies need <strong>cloud application security<\/strong>. This strategy should specify how to access cloud apps safely and how user identities are verified. Users should know what they need to do and what threat mitigation controls are in place.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Looking beyond security policies, security teams should have a clear plan to secure data on all cloud applications. This can be visualized on three levels to cover vulnerabilities:<\/p><ul class=\"list\"><li class=\"ml-4 pl-4\"><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>Platforms. <\/strong>Cloud infrastructure underlying can include exposed data files. If companies develop cloud infrastructure in-house, security staff must focus on correctly configuring platforms. Encrypting all data is advisable.<\/p><\/li><li class=\"ml-4 pl-4\"><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>Databases. <\/strong>Secure cloud databases with appropriate encryption and access controls. Assess the right authorization levels for every role. Workers should only have access to relevant data. All other information should be out of reach.<\/p><\/li><li class=\"ml-4 pl-4\"><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>Applications. <\/strong>Secure the attack surface by extending IAM to all applications. Check API configurations, and use any threat detection systems provided by app developers. Set up automated notifications about unusual access requests or network traffic patterns.<\/p><\/li><\/ul><h3 class=\"Heading Heading-h3 text-dark-blue\">4. Use automated security testing<\/h3><p class=\"my-4 blog-paragraph text-still-dark-blue\">Testing is a critical aspect of cloud app security. It may be too late to detect and mitigate vulnerabilities when cloud apps go live. Instead, companies should switch from standard DevOps to DevSecOps (Development Security Operations).<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>DevSecOps includes automated testing systems<\/strong> that assess code during the development phase. Testing during the CI\/CD process <strong>uncovers weaknesses before hackers have a chance to exploit them.<\/strong><\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Testing should extend to open-source code libraries used to build cloud applications. It should also cover data containers and user-provisioned cloud deployments. Every part of the cloud environment is vulnerable.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Testing does not end after app provisioning. Enterprises must<strong> continuously test IAM systems<\/strong> to ensure the integrity of IAM processes. They should also test encryption tools. Keys may be exposed or out of date, creating inherent weaknesses.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Automation is vital. You can <strong>automate development and post-deployment testing to reduce security workloads<\/strong> and ensure regular results.<\/p><h3 class=\"Heading Heading-h3 text-dark-blue\">5. Focus on password hygiene<\/h3><p class=\"my-4 blog-paragraph text-still-dark-blue\">Companies need to <strong>drive home the importance of password hygiene<\/strong>. Access controls and encryption mean little if employees expose passwords to outsiders.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Stolen or hacked credentials are a major security weakness. Staff must use strong passwords and change them regularly.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">SSO helps make this task more manageable as workers handle fewer credentials. Cloud-native password managers also automate password strengthening and password replacement.<\/p><h3 class=\"Heading Heading-h3 text-dark-blue\">6. Employ comprehensive encryption strategies<\/h3><p class=\"my-4 blog-paragraph text-still-dark-blue\">Exposed data is an easy target for hackers inside cloud perimeters. That\u2019s why <strong>encryption is a critical component of cloud app security<\/strong>.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Encryption scrambles data, making it unreadable to anyone without specific encryption keys. There are three main ways to encrypt data on the cloud:<\/p><ul class=\"list\"><li class=\"ml-4 pl-4\"><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>Encrypting data at rest <\/strong>secures information stored by enterprises. This could include HR information or financial records. Companies can encrypt files, databases, and even cloud platforms. With more layers covered, hackers will struggle to access confidential data.<\/p><\/li><li class=\"ml-4 pl-4\"><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>Encrypting data in transit<\/strong> makes collaboration safer. Data constantly moves throughout cloud environments. Information passes from on-premises networks and remote devices to the cloud. Encrypting data as it moves protects against interception attacks.<\/p><\/li><li class=\"ml-4 pl-4\"><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>Encrypting data in use <\/strong>makes using applications safer. Employees may retain workloads in an open state for long periods. This leaves data vulnerable to interception and extraction. The use of encryption and tools like DRM makes in-use data less accessible.<\/p><\/li><\/ul><h3 class=\"Heading Heading-h3 text-dark-blue\">7. Active threat detection<\/h3><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>Monitor cloud applications in real-time to detect threats and protect data<\/strong>. User behavior patterns can provide clues about ongoing attacks. Access requests for sensitive files can generate automated alerts.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Security teams can use activity monitoring data to fine-tune privileges management. Monitoring data is also a valuable compliance tool, providing evidence of continuous security management.<\/p><h3 class=\"Heading Heading-h3 text-dark-blue\">8. Regularly patch software and apply system updates<\/h3><p class=\"my-4 blog-paragraph text-still-dark-blue\">Cloud applications require<strong> timely and frequent updates<\/strong> to keep pace with evolving threats. Codebase changes and new services constantly present new vulnerabilities and exploits for hackers to target. Automated scheduled updates neutralize weak spots as they emerge.<\/p><h3 class=\"Heading Heading-h3 text-dark-blue\">9. Proactive privacy and compliance policies<\/h3><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>Data privacy is a central part of compliance strategies. <\/strong>Enterprises operating in the cloud face major regulatory challenges, including GDPR, PCI-DSS, or HIPAA compliance. Secure cloud apps to meet relevant compliance standards.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>Security teams should build app security audits into their schedule<\/strong>. Check that apps and security controls meet regulatory guidelines. Include the development environment used to provision cloud applications and open-source libraries used by DevOps teams.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>Use regulatory requirements as a framework to build effective controls<\/strong>. For instance, PCI-DSS compliance demands data encryption for financial records. HIPAA demands tight identity management and encryption of sensitive information.<\/p><div class=\"gatsby-image-wrapper\" data-gatsby-image-wrapper=\"\"><div style=\"opacity: 0; transition: opacity 500ms linear 0s; object-fit: cover;\" aria-hidden=\"true\" data-placeholder-image=\"\">\u00a0<\/div><p><picture><source srcset=\"https:\/\/images.ctfassets.net\/5natoedl294r\/3JHsnVBkcW5KTkRuS7mgMR\/f68782ae85e1b25f6dc8c8dae26ba512\/Cloud_application_security_best_practices_1400x1386.png?w=750&amp;h=743&amp;q=50&amp;fm=webp 750w, https:\/\/images.ctfassets.net\/5natoedl294r\/3JHsnVBkcW5KTkRuS7mgMR\/f68782ae85e1b25f6dc8c8dae26ba512\/Cloud_application_security_best_practices_1400x1386.png?w=1080&amp;h=1069&amp;q=50&amp;fm=webp 1080w, https:\/\/images.ctfassets.net\/5natoedl294r\/3JHsnVBkcW5KTkRuS7mgMR\/f68782ae85e1b25f6dc8c8dae26ba512\/Cloud_application_security_best_practices_1400x1386.png?w=1366&amp;h=1352&amp;q=50&amp;fm=webp 1366w, https:\/\/images.ctfassets.net\/5natoedl294r\/3JHsnVBkcW5KTkRuS7mgMR\/f68782ae85e1b25f6dc8c8dae26ba512\/Cloud_application_security_best_practices_1400x1386.png?w=1400&amp;h=1386&amp;q=50&amp;fm=webp 1400w\" type=\"image\/webp\" sizes=\"100vw\" \/><img decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/3JHsnVBkcW5KTkRuS7mgMR\/f68782ae85e1b25f6dc8c8dae26ba512\/Cloud_application_security_best_practices_1400x1386.png?w=1400&amp;h=1386&amp;q=50&amp;fm=webp\" width=\"1400\" height=\"1386\" \/><\/picture><picture><img decoding=\"async\" style=\"object-fit: cover; opacity: 1;\" title=\"Cloud application security best practices full list\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/3JHsnVBkcW5KTkRuS7mgMR\/f68782ae85e1b25f6dc8c8dae26ba512\/Cloud_application_security_best_practices_1400x1386.png?w=1400&amp;h=1386&amp;q=50&amp;fm=png\" sizes=\"100vw\" srcset=\"https:\/\/images.ctfassets.net\/5natoedl294r\/3JHsnVBkcW5KTkRuS7mgMR\/f68782ae85e1b25f6dc8c8dae26ba512\/Cloud_application_security_best_practices_1400x1386.png?w=750&amp;h=743&amp;q=50&amp;fm=png 750w, https:\/\/images.ctfassets.net\/5natoedl294r\/3JHsnVBkcW5KTkRuS7mgMR\/f68782ae85e1b25f6dc8c8dae26ba512\/Cloud_application_security_best_practices_1400x1386.png?w=1080&amp;h=1069&amp;q=50&amp;fm=png 1080w, https:\/\/images.ctfassets.net\/5natoedl294r\/3JHsnVBkcW5KTkRuS7mgMR\/f68782ae85e1b25f6dc8c8dae26ba512\/Cloud_application_security_best_practices_1400x1386.png?w=1366&amp;h=1352&amp;q=50&amp;fm=png 1366w, https:\/\/images.ctfassets.net\/5natoedl294r\/3JHsnVBkcW5KTkRuS7mgMR\/f68782ae85e1b25f6dc8c8dae26ba512\/Cloud_application_security_best_practices_1400x1386.png?w=1400&amp;h=1386&amp;q=50&amp;fm=png 1400w\" alt=\"Cloud application security best practices full list\" width=\"1\" height=\"0.99\" data-main-image=\"\" \/><\/picture><noscript><picture><source type=\"image\/webp\" srcset=\"https:\/\/images.ctfassets.net\/5natoedl294r\/3JHsnVBkcW5KTkRuS7mgMR\/f68782ae85e1b25f6dc8c8dae26ba512\/Cloud_application_security_best_practices_1400x1386.png?w=750&amp;h=743&amp;q=50&amp;fm=webp 750w, https:\/\/images.ctfassets.net\/5natoedl294r\/3JHsnVBkcW5KTkRuS7mgMR\/f68782ae85e1b25f6dc8c8dae26ba512\/Cloud_application_security_best_practices_1400x1386.png?w=1080&amp;h=1069&amp;q=50&amp;fm=webp 1080w, https:\/\/images.ctfassets.net\/5natoedl294r\/3JHsnVBkcW5KTkRuS7mgMR\/f68782ae85e1b25f6dc8c8dae26ba512\/Cloud_application_security_best_practices_1400x1386.png?w=1366&amp;h=1352&amp;q=50&amp;fm=webp 1366w, https:\/\/images.ctfassets.net\/5natoedl294r\/3JHsnVBkcW5KTkRuS7mgMR\/f68782ae85e1b25f6dc8c8dae26ba512\/Cloud_application_security_best_practices_1400x1386.png?w=1400&amp;h=1386&amp;q=50&amp;fm=webp 1400w\" sizes=\"100vw\"\/><img title=\"Cloud application security best practices full list\" width=\"1\" height=\"0.99\" data-main-image=\"\" style=\"object-fit:cover;opacity:0\" sizes=\"auto, 100vw\" decoding=\"async\" loading=\"lazy\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/3JHsnVBkcW5KTkRuS7mgMR\/f68782ae85e1b25f6dc8c8dae26ba512\/Cloud_application_security_best_practices_1400x1386.png?w=1400&amp;h=1386&amp;q=50&amp;fm=png\" srcset=\"https:\/\/images.ctfassets.net\/5natoedl294r\/3JHsnVBkcW5KTkRuS7mgMR\/f68782ae85e1b25f6dc8c8dae26ba512\/Cloud_application_security_best_practices_1400x1386.png?w=750&amp;h=743&amp;q=50&amp;fm=png 750w, https:\/\/images.ctfassets.net\/5natoedl294r\/3JHsnVBkcW5KTkRuS7mgMR\/f68782ae85e1b25f6dc8c8dae26ba512\/Cloud_application_security_best_practices_1400x1386.png?w=1080&amp;h=1069&amp;q=50&amp;fm=png 1080w, https:\/\/images.ctfassets.net\/5natoedl294r\/3JHsnVBkcW5KTkRuS7mgMR\/f68782ae85e1b25f6dc8c8dae26ba512\/Cloud_application_security_best_practices_1400x1386.png?w=1366&amp;h=1352&amp;q=50&amp;fm=png 1366w, https:\/\/images.ctfassets.net\/5natoedl294r\/3JHsnVBkcW5KTkRuS7mgMR\/f68782ae85e1b25f6dc8c8dae26ba512\/Cloud_application_security_best_practices_1400x1386.png?w=1400&amp;h=1386&amp;q=50&amp;fm=png 1400w\" alt=\"Cloud application security best practices full list\"\/><\/picture><\/noscript><\/p><\/div><p class=\"my-4 blog-paragraph text-still-dark-blue\">Compliance strategies aren\u2019t static. Enterprises should take a proactive approach when securing sensitive data, using regulatory frameworks as guides.<\/p><h2 id=\"how-businesses-could-secure-their-cloud-applications\" class=\"Heading Heading-h2 text-dark-blue\">How businesses could secure their cloud applications<\/h2><p class=\"my-4 blog-paragraph text-still-dark-blue\">Legacy tools like VPNs have security limitations when guarding the cloud. Instead, <strong>using security tools that function alongside cloud application APIs is advisable.<\/strong><\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">IAM and SSO systems are essential components of cloud security strategies alongside data encryption and threat monitoring. Fortunately, you can<strong> source solutions that bring together core app security functions.<\/strong><\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">The two major options here are <strong>proxy or API-integrated Cloud Access Security Brokers (CASBs):<\/strong><\/p><ul class=\"list\"><li class=\"ml-4 pl-4\"><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>Proxy CASBs<\/strong> route traffic through a separate proxy between user devices and cloud apps. Proxies usually employ HTTP and can intervene with traffic passing through cloud endpoints. The CASB applies encryption and tracks anomalies such as suspicious login requests.<\/p><\/li><li class=\"ml-4 pl-4\"><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>API-based CASBs <\/strong>do not require an extra layer of routing. These CASBs are built into cloud apps instead. This has many potential benefits, as well as some drawbacks.<\/p><\/li><\/ul><p class=\"my-4 blog-paragraph text-still-dark-blue\">Benefits of API-based CASBs include:<\/p><ul class=\"list\"><li class=\"ml-4 pl-4\"><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>Improved speed <\/strong>\u2013 There is no need to route traffic via a proxy. This boosts speeds and improves the user experience. Routing large amounts of traffic through a proxy may lead to performance issues as demands grow.<\/p><\/li><li class=\"ml-4 pl-4\"><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>Firewall interaction<\/strong> &#8211; API CASBs supplement existing network firewalls. They add cloud security features that protect data and monitor activity. Proxy CASBs damage performance by adding another security barrier alongside firewalls.<\/p><\/li><li class=\"ml-4 pl-4\"><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>Easy upgrades<\/strong> \u2013 Users must update CASBs as applications evolve. App developers often add or exchange protocols and authentication systems. But developers do not routinely alert CASB developers about needed upgrades. API-based tools are easier to patch as apps change. Over time, cloud apps will leave proxy CASBs behind.<\/p><\/li><li class=\"ml-4 pl-4\"><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>Better security<\/strong> \u2013 Proxy-based CASBs break TLS sessions to access the HTTP stream. They then reconstruct TLS protection to complete cloud access. Users trust their CASB to restore TLS sessions safely and reliably. This weak point can compromise the security of cloud deployments.<\/p><\/li><\/ul><p class=\"my-4 blog-paragraph text-still-dark-blue\">Major cloud computing providers like Google and Amazon recommend API-embedded CASBs where possible. This makes perfect sense in a fast-changing cloud application environment.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">However, <strong>API-based CASBs may not work with all SaaS deployments.<\/strong> CASBs are often compatible with most but not all APIs. This can add complexity to cloud security architecture. Proxy CASBs can operate across different APIs, resulting in simple solutions.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Enterprises also need to be aware of problems surrounding CASBs. For instance, <strong>cloud infrastructure providers rarely inform CASB developers about platform alterations<\/strong> that cause security issues. Cloud platforms can change quickly. CASB vendors need to keep up with changes and plug any security holes.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">This issue affects proxy CASBs more than API-based versions. API-based brokers integrate closely with apps. App developers tend to flag any API changes for CASB developers. As a result, patches appear in a more timely manner. Users can expect stronger security.<\/p><h2 id=\"the-shared-security-responsibility-model\" class=\"Heading Heading-h2 text-dark-blue\">The shared security responsibility model<\/h2><p class=\"my-4 blog-paragraph text-still-dark-blue\">Before implementing cloud application security best practices, <strong>bring the shared responsibility model into the picture<\/strong>.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">In cloud environments, cloud providers and users share responsibility for security. Responsibility levels depend upon your cloud computing setup and your choice of a cloud service provider.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Generally speaking, cloud providers like AWS or Microsoft Azure assume responsibility for protecting:<\/p><ul class=\"list\"><li class=\"ml-4 pl-4\"><p class=\"my-4 blog-paragraph text-still-dark-blue\">The infrastructure stack (including hosts and data centers)<\/p><\/li><li class=\"ml-4 pl-4\"><p class=\"my-4 blog-paragraph text-still-dark-blue\">Software required to host cloud applications and data<\/p><\/li><li class=\"ml-4 pl-4\"><p class=\"my-4 blog-paragraph text-still-dark-blue\">Networking infrastructure connecting cloud apps<\/p><\/li><\/ul><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>Clients must handle everything else.<\/strong> Responsibilities vary according to whether you choose IaaaS, PaaS, or SaaS deployments.<\/p><ul class=\"list\"><li class=\"ml-4 pl-4\"><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>IaaS<\/strong> \u2013 Infrastructure-as-a-service users have the widest responsibilities. <strong>Users must protect apps and data, as well as infrastructure. <\/strong>This includes middleware and can include the cloud operating system.<\/p><\/li><li class=\"ml-4 pl-4\"><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>PaaS <\/strong>\u2013 Platform-as-a-service users must <strong>protect any infrastructure they maintain,<\/strong> including apps and data hosted by their service provider. Any proprietary apps hosted by third parties remain your responsibility.<\/p><\/li><li class=\"ml-4 pl-4\"><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>SaaS<\/strong> \u2013 Software-as-a-service users are<strong> responsible for data stored or processed by cloud applications. <\/strong>The main security risks relating to SaaS applications are access management and encrypting sensitive data.<\/p><\/li><\/ul><div class=\"gatsby-image-wrapper\" data-gatsby-image-wrapper=\"\"><div style=\"padding-top: 88.35714285714286%;\" aria-hidden=\"true\">\u00a0<\/div><div style=\"opacity: 0; transition: opacity 500ms linear 0s; object-fit: cover;\" aria-hidden=\"true\" data-placeholder-image=\"\">\u00a0<\/div><p><picture><source srcset=\"https:\/\/images.ctfassets.net\/5natoedl294r\/1dCCV7dHDwWKjbQA19FjcR\/9fd51effaeedeb4922a768241198e508\/Cloud_security_shared_responsibility_model_1400x1237__1_.png?w=750&amp;h=663&amp;q=50&amp;fm=webp 750w, https:\/\/images.ctfassets.net\/5natoedl294r\/1dCCV7dHDwWKjbQA19FjcR\/9fd51effaeedeb4922a768241198e508\/Cloud_security_shared_responsibility_model_1400x1237__1_.png?w=1080&amp;h=954&amp;q=50&amp;fm=webp 1080w, https:\/\/images.ctfassets.net\/5natoedl294r\/1dCCV7dHDwWKjbQA19FjcR\/9fd51effaeedeb4922a768241198e508\/Cloud_security_shared_responsibility_model_1400x1237__1_.png?w=1366&amp;h=1207&amp;q=50&amp;fm=webp 1366w, https:\/\/images.ctfassets.net\/5natoedl294r\/1dCCV7dHDwWKjbQA19FjcR\/9fd51effaeedeb4922a768241198e508\/Cloud_security_shared_responsibility_model_1400x1237__1_.png?w=1400&amp;h=1237&amp;q=50&amp;fm=webp 1400w\" type=\"image\/webp\" sizes=\"100vw\" \/><img decoding=\"async\" style=\"object-fit: cover; opacity: 1;\" title=\"shared cloud security responsibility model diagram\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/1dCCV7dHDwWKjbQA19FjcR\/9fd51effaeedeb4922a768241198e508\/Cloud_security_shared_responsibility_model_1400x1237__1_.png?w=1400&amp;h=1237&amp;q=50&amp;fm=png\" sizes=\"100vw\" srcset=\"https:\/\/images.ctfassets.net\/5natoedl294r\/1dCCV7dHDwWKjbQA19FjcR\/9fd51effaeedeb4922a768241198e508\/Cloud_security_shared_responsibility_model_1400x1237__1_.png?w=750&amp;h=663&amp;q=50&amp;fm=png 750w, https:\/\/images.ctfassets.net\/5natoedl294r\/1dCCV7dHDwWKjbQA19FjcR\/9fd51effaeedeb4922a768241198e508\/Cloud_security_shared_responsibility_model_1400x1237__1_.png?w=1080&amp;h=954&amp;q=50&amp;fm=png 1080w, https:\/\/images.ctfassets.net\/5natoedl294r\/1dCCV7dHDwWKjbQA19FjcR\/9fd51effaeedeb4922a768241198e508\/Cloud_security_shared_responsibility_model_1400x1237__1_.png?w=1366&amp;h=1207&amp;q=50&amp;fm=png 1366w, https:\/\/images.ctfassets.net\/5natoedl294r\/1dCCV7dHDwWKjbQA19FjcR\/9fd51effaeedeb4922a768241198e508\/Cloud_security_shared_responsibility_model_1400x1237__1_.png?w=1400&amp;h=1237&amp;q=50&amp;fm=png 1400w\" alt=\"shared cloud security responsibility model diagram\" width=\"1\" height=\"0.8835714285714287\" data-main-image=\"\" \/><\/picture><noscript><picture><source type=\"image\/webp\" srcset=\"https:\/\/images.ctfassets.net\/5natoedl294r\/1dCCV7dHDwWKjbQA19FjcR\/9fd51effaeedeb4922a768241198e508\/Cloud_security_shared_responsibility_model_1400x1237__1_.png?w=750&amp;h=663&amp;q=50&amp;fm=webp 750w, https:\/\/images.ctfassets.net\/5natoedl294r\/1dCCV7dHDwWKjbQA19FjcR\/9fd51effaeedeb4922a768241198e508\/Cloud_security_shared_responsibility_model_1400x1237__1_.png?w=1080&amp;h=954&amp;q=50&amp;fm=webp 1080w, https:\/\/images.ctfassets.net\/5natoedl294r\/1dCCV7dHDwWKjbQA19FjcR\/9fd51effaeedeb4922a768241198e508\/Cloud_security_shared_responsibility_model_1400x1237__1_.png?w=1366&amp;h=1207&amp;q=50&amp;fm=webp 1366w, https:\/\/images.ctfassets.net\/5natoedl294r\/1dCCV7dHDwWKjbQA19FjcR\/9fd51effaeedeb4922a768241198e508\/Cloud_security_shared_responsibility_model_1400x1237__1_.png?w=1400&amp;h=1237&amp;q=50&amp;fm=webp 1400w\" sizes=\"100vw\"\/><img title=\"shared cloud security responsibility model diagram\" width=\"1\" height=\"0.8835714285714287\" data-main-image=\"\" style=\"object-fit:cover;opacity:0\" sizes=\"auto, 100vw\" decoding=\"async\" loading=\"lazy\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/1dCCV7dHDwWKjbQA19FjcR\/9fd51effaeedeb4922a768241198e508\/Cloud_security_shared_responsibility_model_1400x1237__1_.png?w=1400&amp;h=1237&amp;q=50&amp;fm=png\" srcset=\"https:\/\/images.ctfassets.net\/5natoedl294r\/1dCCV7dHDwWKjbQA19FjcR\/9fd51effaeedeb4922a768241198e508\/Cloud_security_shared_responsibility_model_1400x1237__1_.png?w=750&amp;h=663&amp;q=50&amp;fm=png 750w, https:\/\/images.ctfassets.net\/5natoedl294r\/1dCCV7dHDwWKjbQA19FjcR\/9fd51effaeedeb4922a768241198e508\/Cloud_security_shared_responsibility_model_1400x1237__1_.png?w=1080&amp;h=954&amp;q=50&amp;fm=png 1080w, https:\/\/images.ctfassets.net\/5natoedl294r\/1dCCV7dHDwWKjbQA19FjcR\/9fd51effaeedeb4922a768241198e508\/Cloud_security_shared_responsibility_model_1400x1237__1_.png?w=1366&amp;h=1207&amp;q=50&amp;fm=png 1366w, https:\/\/images.ctfassets.net\/5natoedl294r\/1dCCV7dHDwWKjbQA19FjcR\/9fd51effaeedeb4922a768241198e508\/Cloud_security_shared_responsibility_model_1400x1237__1_.png?w=1400&amp;h=1237&amp;q=50&amp;fm=png 1400w\" alt=\"shared cloud security responsibility model diagram\"\/><\/picture><\/noscript><\/p><\/div><h3 class=\"Heading Heading-h3 text-dark-blue\">Shared responsibility model in practice<\/h3><p class=\"my-4 blog-paragraph text-still-dark-blue\">Getting the balance right when applying the shared responsibility model is all-important. A good starting point is assessing every cloud application.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">It is critical to <strong>define the responsibilities of users and providers for each application.<\/strong> Be clear about internal security controls and what your provider offers. Write a clear description of who is responsible for securing each asset and how to ensure data security.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Regardless of the cloud model in use, users are <strong>always <\/strong>responsible for:<\/p><ul class=\"list\"><li class=\"ml-4 pl-4\"><p class=\"my-4 blog-paragraph text-still-dark-blue\">Securing on-premises and remote access endpoints<\/p><\/li><li class=\"ml-4 pl-4\"><p class=\"my-4 blog-paragraph text-still-dark-blue\">Protecting data flowing through cloud resources<\/p><\/li><li class=\"ml-4 pl-4\"><p class=\"my-4 blog-paragraph text-still-dark-blue\">Managing access to cloud applications.<\/p><\/li><\/ul><p class=\"my-4 blog-paragraph text-still-dark-blue\">Bring operations and security teams together. Developers need to provision cloud services flexibly and quickly. Security teams must advise about how to calibrate those services safely.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">However, cloud users aren\u2019t alone. Cloud service providers realize the complexity involved in managing cloud application security threats.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Providers usually offer user controls within APIs to secure their apps. They may also offer monitoring and threat management functions. Always investigate and use available cloud-native security tools.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Enterprises can also<strong> request audit information from providers.<\/strong> This should include details about their security strategy. Compare the material provided with your service terms to ensure providers meet their obligations.<\/p><h2 id=\"cloud-application-security-assessment-checklist\" class=\"Heading Heading-h2 text-dark-blue\">Cloud application security assessment checklist<\/h2><p class=\"my-4 blog-paragraph text-still-dark-blue\">Before we finish, here is a quick checklist of critical cloud application security measures:<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>1. Create robust security policies covering all cloud apps. <\/strong>Take into account private, public and multi-cloud environments. Consider how to secure remote workers. Include processes to onboard and off-board employees. And put plans in place to detect and mitigate data breaches.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>2. Implement IAM for the cloud. <\/strong>Ensure users have the correct privileges. Keep in mind Zero Trust concepts and the principle of least privilege. Combine cloud apps with SSO and add an extra protective screen with MFA.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>3. Train staff in cloud security awareness. <\/strong>Make sure staff is aware of data storage and password policies. Train workers in secure cloud application usage and ways to share data safely. Focus on the threat posed by phishing attacks.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>4. Deploy cloud security controls. <\/strong>Protect endpoints with encryption and CASBs. For instance, cloud-specific controls like disabling SSH and SQL Server access guard against brute force attacks.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>5. Check application configurations<\/strong>. Poorly configured cloud apps are a critical security threat. Enforce API protection policies to configure apps properly. Focus on potential malware injection sites to neutralize common external attacks.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>6. Put backups in place.<\/strong> Store sensitive data and workloads on separate cloud servers. Backup server files to ensure smooth disaster recovery. Carry out regular restoration tests to make sure data is recoverable.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>7. Update software when needed<\/strong>. Use automated patch management to update cloud applications and deliver patches to all worker devices. Test updates when possible before deployment.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>8. Track threats and log incidents<\/strong>. Use automated threat scanning and activity logging. Cloud logging tools can organize and analyze complex data. Use this data to improve your security posture and provide evidence of compliance.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>9. Apply data security policies<\/strong>. Put in place policies to encrypt data at rest, in transit, and in use. Check encryption keys are used safely, preventing exposure to external attackers.<\/p><h2 id=\"how-can-nordlayer-help\" class=\"Heading Heading-h2 text-dark-blue\">How can NordLayer help?<\/h2><p class=\"my-4 blog-paragraph text-still-dark-blue\">Follow our cloud application security checklist and best practices to secure cloud environments. With the correct controls, enterprises can take advantage of cloud computing. Sound app security measures reduce costs and cut data loss risks.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>NordLayer offers cloud security solutions for all digital businesses<\/strong>. Install IAM, MFA, and SSO to control cloud access and reduce the attack surface. Create encrypted connections between remote workers and cloud portals. And integrate client-side security controls with tools provided by CSPs.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Find a route to ironclad cloud security. Get in touch <a class=\"hyperlink Link Link--blue-dodger font-medium\" href=\"\/en\/contact-sales\/\">and discuss your security options today<\/a>.<\/p><\/article><\/div>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2004c86 elementor-widget elementor-widget-shortcode\" data-id=\"2004c86\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"shortcode.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-shortcode\">\t\t<div data-elementor-type=\"page\" data-elementor-id=\"18103\" class=\"elementor elementor-18103\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-748947f elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"748947f\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-7995c19\" data-id=\"7995c19\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-a437045 elementor-widget elementor-widget-image-box\" data-id=\"a437045\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image-box.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-image-box-wrapper\"><div class=\"elementor-image-box-content\"><h3 class=\"elementor-image-box-title\">About Version 2 Digital<\/h3><p class=\"elementor-image-box-description\">Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.\n<br><br>\nThrough an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.<\/p><\/div><\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t\n\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"64131\" class=\"elementor elementor-64131\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-35fe5dd post-content elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"35fe5dd\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;cef08c3&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-409a2e9a\" data-id=\"409a2e9a\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-5a8be8f elementor-widget elementor-widget-text-editor\" data-id=\"5a8be8f\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/s1.npass.app\/nordpass\/media\/1.1728.0\/images\/web\/blog\/svg\/business-continuity-plan-800x450.svg\" width=\"800\" height=\"450\" \/><\/p><div class=\"Post__content mx-auto container--m\"><div><div><p class=\"leading-loose text-lead my-3 font-medium\">These days, cybercrime is rampant. It&#8217;s no longer a matter of \u201cif\u201d you&#8217;re going to suffer an attack but \u201cwhen\u201d it will happen. All companies want to be ready for any crisis. And this is where a business continuity plan comes into play.<\/p><p class=\"leading-loose text-lead my-3 font-medium\">But what is a business continuity plan exactly? Why is it important? What should one include? Today, we&#8217;re exploring all these questions in-depth.<\/p><h2 id=\"what-is-a-business-continuity-plan\" class=\"text-h5 font-bold mb-6 mt-12 leading-normal\" style=\"line-height: 1.2;\">What is a business continuity plan?<\/h2><p class=\"leading-loose text-base my-3\">A business continuity plan (BCP) is a document that sets guidelines for how an organization will continue its operations in the event of a disruption, whether it&#8217;s a fire, flood, other natural disaster or a cybersecurity incident. A BCP aims to help organizations resume operations without significant downtime.<\/p><p class=\"leading-loose text-base my-3\">Unfortunately, according to a 2020 <a class=\"nord-link cursor-pointer outline-none transition-colors duration-250 ease-out text-teal hover:text-teal-dark\" href=\"https:\/\/www.mercer.com\/content\/dam\/mercer\/attachments\/global\/gl-2020-mercer-covid-19-global-survey-coronavirus-impact-to-global-market.pdf\" target=\"_blank\" rel=\"noopener noreferrer\">Mercer survey<\/a>, 51% of businesses across the globe don&#8217;t have a business continuity plan in place.<\/p><h2 id=\"whats-the-difference-between-business-continuity-and-disaster-recovery-plans\" class=\"text-h5 font-bold mb-6 mt-12 leading-normal\" style=\"line-height: 1.2;\">What&#8217;s the difference between business continuity and disaster recovery plans?<\/h2><p class=\"leading-loose text-base my-3\">We often confuse the terms business continuity plan and disaster recovery plan. The two overlap and often work together, but the disaster recovery plan focuses on containing, examining, and restoring operations after a cyber incident. On the other hand, BCP is a broader concept that considers the whole organization. A business continuity plan helps organizations stay prepared for dealing with a potential crisis and usually encompasses a disaster recovery plan.<\/p><h2 id=\"importance-of-business-continuity-planning\" class=\"text-h5 font-bold mb-6 mt-12 leading-normal\" style=\"line-height: 1.2;\">Importance of business continuity planning<\/h2><p class=\"leading-loose text-base my-3\">The number of news headlines announcing data breaches has numbed us to the fact that cybercrime is very real and frequent and poses an existential risk to companies of all sizes and industries.<\/p><p class=\"leading-loose text-base my-3\">Consider that in 2021, approximately <a class=\"nord-link cursor-pointer outline-none transition-colors duration-250 ease-out text-teal hover:text-teal-dark\" href=\"https:\/\/www.forbes.com\/sites\/chuckbrooks\/2022\/06\/03\/alarming-cyber-statistics-for-mid-year-2022-that-you-need-to-know\/?sh=7e691ccf7864\" target=\"_blank\" rel=\"noopener noreferrer\">37% of global organizations<\/a> fell victim to a ransomware attack. Then consider that business interruption and restoration costs account for <a class=\"nord-link cursor-pointer outline-none transition-colors duration-250 ease-out text-teal hover:text-teal-dark\" href=\"https:\/\/www.allianz.com\/en\/press\/news\/studies\/211013_Allianz-AGCS-Ransomware-Trends-Risks-and-Resilience.html#:~:text=Business%20interruption%20and%20restoration%20costs,involved%20in%20over%20six%20years\" target=\"_blank\" rel=\"noopener noreferrer\">50% of cyberattack-related losses<\/a>. Finally, take into account that most cyberattacks are financially motivated and the global cost of cybercrime topped <a class=\"nord-link cursor-pointer outline-none transition-colors duration-250 ease-out text-teal hover:text-teal-dark\" href=\"https:\/\/techxplore.com\/news\/2022-05-global-cybercrime-topped-trillion-defence.html\" target=\"_blank\" rel=\"noopener noreferrer\">$6 trillion last year<\/a>. The picture is quite clear \u2014 cybercrime is a lucrative venture for bad actors and potentially disastrous for those on the receiving end.<\/p><p class=\"leading-loose text-base my-3\">To thrive in these unpredictable times, organizations go beyond conventional security measures. Many companies develop a business continuity plan parallel to secure infrastructure and consider the plan a critical part of the security ecosystem. The Purpose of a business continuity plan is to significantly reduce the downtime in an emergency and, in turn, reduce the potential reputational damage and \u2014 of course \u2014 revenue losses.<\/p><h2 id=\"business-continuity-plan-template\" class=\"text-h5 font-bold mb-6 mt-12 leading-normal\" style=\"line-height: 1.2;\">Business continuity plan template<\/h2><div class=\"BlogBannerV2 py-8 md:py-10 lg:py-12 mt-8 md:mt-10 lg:mt-12 relative flex flex-col text-center font-medium overflow-hidden BlogBannerV2--default bg-blue-darkest\"><h2 class=\"nord-text text-h3 leading-normal font-medium tracking-tight inline-block font-bold mx-6 md:mx-21 z-1 text-white\" style=\"line-height: 1.2;\">Password security for your business<\/h2><p class=\"nord-text text-base leading-normal text-black mt-4 lg:mt-6 z-1 text-white\">Store, manage and share passwords.<\/p><div class=\"z-1\"><a class=\"nord-button focus:outline-none font-medium align-bottom rounded-1 select-none transition-colors ease-out duration-250 cursor-pointer nord-button--medium border text-white nord-button--v-contained nord-button--c-teal bg-teal border-teal font-medium inline-block Button__rounded mt-4 lg:mt-6 py-3 px-4 lg:px-6 whitespace-no-wrap\" href=\"\/en\/business-password-manager\/\">Get NordPass Business<\/a><\/div><p class=\"nord-text text-micro leading-normal text-black mt-3 z-1 text-white\">30-day money-back guarantee<\/p><\/div><h4 id=\"business-continuity-plan-example\" class=\"text-h6 font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">Business Continuity Plan Example<\/h4><p class=\"leading-loose text-base my-3\">[Company Name]<\/p><p class=\"leading-loose text-base my-3\">[Date]<\/p><h4 id=\"i-introduction\" class=\"text-lead font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">I. Introduction<\/h4><ul class=\"leading-loose mt-3 mb-6 list--ul\"><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Purpose of the Plan<\/p><\/li><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Scope of the Plan<\/p><\/li><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Budget<\/p><\/li><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Timeline<\/p><\/li><\/ul><p class=\"leading-loose text-base my-3\">The initial stage of developing a business continuity plan starts with a statement of the plan&#8217;s purpose, which explains the main objective of the plan, such as ensuring the organization&#8217;s ability to continue its operations during and after a disruptive event.<\/p><p class=\"leading-loose text-base my-3\">The Scope of the Plan outlines the areas or functions that the plan will cover, including business processes, personnel, equipment, and technology.<\/p><p class=\"leading-loose text-base my-3\">The Budget specifies the estimated financial resources required to implement and maintain the BCP. It includes costs related to technology, personnel, equipment, training, and other necessary expenses.<\/p><p class=\"leading-loose text-base my-3\">The Timeline provides a detailed schedule for developing, implementing, testing, and updating the BCP.<\/p><h4 id=\"ii-risk-assessment\" class=\"text-lead font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">II. Risk Assessment<\/h4><ul class=\"leading-loose mt-3 mb-6 list--ul\"><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Identification of Risks<\/p><\/li><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Prioritization of Risks<\/p><\/li><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Mitigation Strategies<\/p><\/li><\/ul><p class=\"leading-loose text-base my-3\">The Risk Assessment section of a Business Continuity Plan (BCP) is an essential part of the plan that identifies potential risks that could disrupt an organization&#8217;s critical functions.<\/p><p class=\"leading-loose text-base my-3\">The Identification of Risks involves identifying potential threats to the organization, such cybersecurity breaches, supply chain disruptions, power outages, and other potential risks. This step is critical to understand the risks and their potential impact on the organization.<\/p><p class=\"leading-loose text-base my-3\">Once the risks have been identified, the Prioritization of Risks follows, which helps determine which risks require the most attention and resources.<\/p><p class=\"leading-loose text-base my-3\">The final step in the Risk Assessment section is developing Mitigation Strategies to minimize the impact of identified risks. Mitigation strategies may include preventative measures, such as system redundancies, data backups, cybersecurity measures, as well as response and recovery measures, such as emergency protocols and employee training.<\/p><h4 id=\"iii-emergency-response\" class=\"text-lead font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">III. Emergency Response<\/h4><ul class=\"leading-loose mt-3 mb-6 list--ul\"><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Emergency Response Team<\/p><\/li><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Communication Plan<\/p><\/li><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Emergency Procedures<\/p><\/li><\/ul><p class=\"leading-loose text-base my-3\">This section of the plan focuses on immediate actions that should be taken to ensure the safety and well-being of employees and minimize the impact of the event on the organization&#8217;s operations.<\/p><p class=\"leading-loose text-base my-3\">The Emergency Response Team is responsible for managing the response to an emergency or disaster situation. This team should be composed of individuals who are trained in emergency response procedures and can act quickly and decisively during an emergency. The team should also include a designated leader who is responsible for coordinating the emergency response efforts.<\/p><p class=\"leading-loose text-base my-3\">The Communication Plan outlines how information will be disseminated during an emergency situation. It includes contact information for employees, stakeholders, and emergency response personnel, as well as protocols for communicating with these individuals.<\/p><p class=\"leading-loose text-base my-3\">The Emergency Procedures detail the steps that should be taken during an emergency or disaster situation. The emergency procedures should be developed based on the potential risks identified in the Risk Assessment section and should be tested regularly to ensure that they are effective.<\/p><h4 id=\"iv-business-impact-analysis\" class=\"text-lead font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">IV. Business Impact Analysis<\/h4><p class=\"leading-loose text-base my-3\">The Business Impact Analysis (BIA) section of a Business Continuity Plan (BCP) is a critical step in identifying the potential impact of a disruption to an organization&#8217;s critical operations.<\/p><p class=\"leading-loose text-base my-3\">The Business Impact Analysis is typically conducted by a team of individuals who understand the organization&#8217;s critical functions and can assess the potential impact of a disruption to those functions. The team may include representatives from various departments, including finance, operations, IT, and human resources.<\/p><h4 id=\"v-recovery-and-restoration\" class=\"text-lead font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">V. Recovery and Restoration<\/h4><ul class=\"leading-loose mt-3 mb-6 list--ul\"><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Procedures for recovery and restoration of critical processes<\/p><\/li><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Prioritization of recovery efforts<\/p><\/li><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Establishment of recovery time objectives<\/p><\/li><\/ul><p class=\"leading-loose text-base my-3\">The Recovery and Restoration section of a Business Continuity Plan (BCP) outlines the procedures for recovering and restoring critical processes and functions following a disruption.<\/p><p class=\"leading-loose text-base my-3\">The Procedures for recovery and restoration of critical processes describe the steps required to restore critical processes and functions following a disruption. This may include steps such as relocating to alternate facilities, restoring data and systems, and re-establishing key business relationships.<\/p><p class=\"leading-loose text-base my-3\">The Prioritization section of the plan identifies the order in which critical processes will be restored, based on their importance to the organization&#8217;s operations and overall mission.<\/p><p class=\"leading-loose text-base my-3\">Recovery time objectives (RTOs) define the maximum amount of time that critical processes and functions can be unavailable following a disruption. Establishing RTOs ensures that recovery efforts are focused on restoring critical functions within a specific timeframe.<\/p><h4 id=\"vi-plan-activation\" class=\"text-lead font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">VI. Plan Activation<\/h4><ul class=\"leading-loose mt-3 mb-6 list--ul\"><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Plan Activation Procedures<\/p><\/li><\/ul><p class=\"leading-loose text-base my-3\">The Plan Activation section is critical in ensuring that an organization can quickly and effectively activate the plan and respond to a potential emergency.<\/p><p class=\"leading-loose text-base my-3\">The Plan Activation Procedures describe the steps required to activate the BCP in response to a disruption. The procedures should be clear and concise, with specific instructions for each step to ensure a prompt and effective response.<\/p><h4 id=\"vii-testing-and-maintenance\" class=\"text-lead font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">VII. Testing and Maintenance<\/h4><ul class=\"leading-loose mt-3 mb-6 list--ul\"><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Testing Procedures<\/p><\/li><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Maintenance Procedures<\/p><\/li><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Review and Update Procedures<\/p><\/li><\/ul><p class=\"leading-loose text-base my-3\">This section of the plan is critical to ensure that an organization can effectively respond to disruptions and quickly resume its essential functions.<\/p><p class=\"leading-loose text-base my-3\">Testing procedures may include scenarios such as natural disasters, cyber-attacks, and other potential risks. The testing procedures should include clear objectives, testing scenarios, roles and responsibilities, and evaluation criteria to assess the effectiveness of the plan.<\/p><p class=\"leading-loose text-base my-3\">The Maintenance Procedures detail the steps necessary to keep the BCP up-to-date and relevant.<\/p><p class=\"leading-loose text-base my-3\">The Review and Update Procedures describe how the BCP will be reviewed and updated regularly to ensure its continued effectiveness. This may involve conducting a review of the plan on a regular basis or after significant changes to the organization&#8217;s operations or threats.<\/p><h2 id=\"what-should-a-business-continuity-plan-checklist-include\" class=\"text-h5 font-bold mb-6 mt-12 leading-normal\" style=\"line-height: 1.2;\">What should a business continuity plan checklist include?<\/h2><p class=\"leading-loose text-base my-3\">Organizations looking to develop a BCP have more than a few things to think through and consider. Variables such as the size of the organization, its IT infrastructure, personnel, and resources all play a significant role in developing a continuity plan. Remember, each crisis is different, and each organization will have a view on handling it according to all the variables in play. However, all business continuity plans will include a few elements in one way or another.<\/p><ul class=\"leading-loose mt-3 mb-6 list--ul\"><li class=\"my-2\"><h4 id=\"clearly-defined-areas-of-responsibility\" class=\"text-lead font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">Clearly defined areas of responsibility<\/h4><p class=\"leading-loose text-base my-3\">A BCP should define specific roles and responsibilities for cases of emergency. Detail who is responsible for what tasks and clarify what course of action a person in a specific position should take. Clearly defined roles and responsibilities in an emergency event allow you to act quickly and decisively and minimize potential damage.<\/p><\/li><li class=\"my-2\"><h4 id=\"crisis-communication-plan\" class=\"text-lead font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">Crisis communication plan<\/h4><p class=\"leading-loose text-base my-3\">In an emergency, communication is vital. It is the determining factor when it comes to crisis handling. For communication to be effective, it is critical to establish clear communication pipelines. Furthermore, it is crucial to understand that alternative communication channels should not be overlooked and outlined in a business continuity plan.<\/p><\/li><li class=\"my-2\"><h4 id=\"recovery-teams\" class=\"text-lead font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">Recovery teams<\/h4><p class=\"leading-loose text-base my-3\">A recovery team is a collective of different professionals who ensure that business operations are restored as soon as possible after the organization confronts a crisis.<\/p><\/li><li class=\"my-2\"><h4 id=\"alternative-site-of-operations\" class=\"text-lead font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">Alternative site of operations<\/h4><p class=\"leading-loose text-base my-3\">Today, when we think of an incident in a business environment, we usually think of something related to cybersecurity. However, as discussed earlier, a BCP covers many possible disasters. In a natural disaster, determine potential alternate sites where the company could continue to operate.<\/p><\/li><li class=\"my-2\"><h4 id=\"backup-power-and-data-backups\" class=\"text-lead font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">Backup power and data backups<\/h4><p class=\"leading-loose text-base my-3\">Whether a cyber event or a real-life physical event, ensuring that you have access to power is crucial if you wish to continue operations. In a BCP, you can often come across lists of alternative power sources such as generators, where such tools are located, and who should oversee them. The same applies to data. Regularly scheduled data backups can significantly reduce potential losses incurred by a crisis event.<\/p><\/li><li class=\"my-2\"><h4 id=\"recovery-guidelines\" class=\"text-lead font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">Recovery guidelines<\/h4><p class=\"leading-loose text-base my-3\">If a crisis is significant, a comprehensive business continuity plan usually includes detailed guidelines on how the recovery process will be carried out.<\/p><\/li><\/ul><h2 id=\"business-continuity-planning-steps\" class=\"text-h5 font-bold mb-6 mt-12 leading-normal\" style=\"line-height: 1.2;\">Business continuity planning steps<\/h2><figure class=\"my-12\"><div class=\"mx-auto\" style=\"max-width: 746px; max-height: 320px;\"><div class=\"nord-intrinsic relative w-full h-0 bg-transparent\" style=\"padding-top: 42.8954%;\"><picture class=\"nord-picture\"><source srcset=\"https:\/\/s1.npass.app\/nordpass\/media\/1.1728.0\/images\/web\/blog\/svg\/business-continuity-plan-steps-746x320.svg\" \/><img decoding=\"async\" class=\"nord-image nord-image--responsive\" src=\"data:image\/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==\" alt=\"business continuity plan steps\" \/><\/picture><\/div><\/div><\/figure><p class=\"leading-loose text-base my-3\">Here are some general guidelines that an organization looking to develop a BCP should consider:<\/p><h3 id=\"analysis\" class=\"text-h6 font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">Analysis<\/h3><p class=\"leading-loose text-base my-3\">A business continuity plan should include an in-depth analysis of everything that could negatively affect the overall organizational infrastructure and operations. Assessing different levels of risk should also be a part of the analysis phase.<\/p><h3 id=\"design-and-development\" class=\"text-h6 font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">Design and development<\/h3><p class=\"leading-loose text-base my-3\">Once you have a clear overview of potential risks your company could face, start developing a plan. Create a draft and reassess it to see if it takes into account even the smallest of details.<\/p><h3 id=\"implementation\" class=\"text-h6 font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">Implementation<\/h3><p class=\"leading-loose text-base my-3\">Implement BCP within the organization by providing training sessions for the staff to get familiar with the plan. Getting everyone on the same page regarding crisis management is critical.<\/p><h3 id=\"testing\" class=\"text-h6 font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">Testing<\/h3><p class=\"leading-loose text-base my-3\">Rigorously test the plan. Play out a variety of scenarios in training sessions to learn the overall effectiveness of the continuity plan. By doing so, everyone on the team will be closely familiar with the business continuity plan&#8217;s guidelines.<\/p><h3 id=\"maintenance-and-updating\" class=\"text-h6 font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">Maintenance and updating<\/h3><p class=\"leading-loose text-base my-3\">Because the threat landscape constantly changes and evolves, you should regularly reassess your BCP and take steps to update it. By making your continuity plan in tune with the times, you will be able to stay a step ahead of a crisis.<\/p><h2 id=\"level-up-your-companys-security-with-nordpass-business\" class=\"text-h5 font-bold mb-6 mt-12 leading-normal\" style=\"line-height: 1.2;\">Level up your company&#8217;s security with NordPass Business<\/h2><p class=\"leading-loose text-base my-3\">A comprehensive business continuity plan is vital for the entire organization&#8217;s security posture. However, in a perfect world, you wouldn&#8217;t have to use it. This is where NordPass Business can help.<\/p><p class=\"leading-loose text-base my-3\">Remember, weak, reused, or compromised passwords are often cited as one of the top contributing factors in data breaches. It&#8217;s not surprising, considering that an average user has around 100 passwords. Password fatigue is real and significantly affects how people treat their credentials. NordPass Business counters these issues.<\/p><p class=\"leading-loose text-base my-3\">With <a class=\"nord-link cursor-pointer outline-none transition-colors duration-250 ease-out text-teal hover:text-teal-dark\" href=\"\/en\/business-password-manager\/\">NordPass Business<\/a>, your team will have a single secure place to store all work-related passwords, credit cards, and other sensitive information. Accessing all the data stored in NordPass is quick and easy, which allows your employees not to be distracted by the task of finding the correct passwords for the correct account.<\/p><p class=\"leading-loose text-base my-3\">In cyber incidents, NordPass Business ensures that company credentials remain secure at all times. Everything stored in the NordPass vault is secured with advanced encryption algorithms, which would take hundreds of years to brute force.<\/p><p class=\"leading-loose text-base my-3\">If you are interested in learning more about NordPass Business and how it can fortify corporate security, do not hesitate to <a class=\"nord-link cursor-pointer outline-none transition-colors duration-250 ease-out text-teal hover:text-teal-dark\" href=\"\/en\/business-password-manager\/request-demo\/\">book a demo<\/a> with our representative.<\/p><\/div><\/div><div class=\"Post__socials-sticky fixed left-0 lg:ml-6\" style=\"top: 50%; bottom: unset;\"><div class=\"flex lg:flex-col justify-center align-center\">\u00a0<\/div><\/div><\/div>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2004c86 elementor-widget elementor-widget-shortcode\" data-id=\"2004c86\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"shortcode.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-shortcode\">\t\t<div data-elementor-type=\"page\" data-elementor-id=\"18103\" class=\"elementor elementor-18103\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-748947f elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"748947f\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-7995c19\" data-id=\"7995c19\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-a437045 elementor-widget elementor-widget-image-box\" data-id=\"a437045\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image-box.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-image-box-wrapper\"><div class=\"elementor-image-box-content\"><h3 class=\"elementor-image-box-title\">About Version 2 Digital<\/h3><p class=\"elementor-image-box-description\">Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.\n<br><br>\nThrough an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.<\/p><\/div><\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t\n\t\t<div data-elementor-type=\"page\" data-elementor-id=\"63567\" class=\"elementor elementor-63567\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-45e3ec76 elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"45e3ec76\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-311e216d\" data-id=\"311e216d\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-3d9a2e6f elementor-widget elementor-widget-text-editor\" data-id=\"3d9a2e6f\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><strong>About NordPass<br \/><\/strong>NordPass is developed by Nord Security, a company leading the global market of cybersecurity products.<\/p><p>The web has become a chaotic space where safety and trust have been compromised by cybercrime and data protection issues. Therefore, our team has a global mission to shape a more trusted and peaceful online future for people everywhere.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>","protected":false},"excerpt":{"rendered":"<p>In the modern economy, around 75% of workloads have mig [&hellip;]<\/p>","protected":false},"author":148637484,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1075,1130,973,61],"tags":[1076,1132,974],"class_list":["post-63647","post","type-post","status-publish","format-standard","hentry","category-year2023","category-nordlayer","category-nord-security","category-press-release","tag-1076","tag-nordlayer","tag-nord-security"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Cloud application security guide - Version 2<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/nordlayer.com\/blog\/cloud-application-security-guide\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Cloud application security guide - Version 2\" \/>\n<meta property=\"og:description\" content=\"In the modern economy, around 75% of workloads have mig [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/nordlayer.com\/blog\/cloud-application-security-guide\/\" \/>\n<meta property=\"og:site_name\" content=\"Version 2\" \/>\n<meta property=\"article:published_time\" content=\"2023-01-24T09:08:26+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-09-13T08:31:49+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/images.ctfassets.net\/5natoedl294r\/2BpheVCvY99ltmiY5b8WQv\/a35f000a16898305233737f10ac3bf4a\/Cloud_application_security_blog_cover_1400x800__1_.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp\" \/>\n<meta name=\"author\" content=\"versionpan\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"versionpan\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"15 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/cloud-application-security-guide\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2023\\\/01\\\/cloud-application-security-guide\\\/\"},\"author\":{\"name\":\"versionpan\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/103ffe36f7fd34a1cc126a30431b94d8\"},\"headline\":\"Cloud application security guide\",\"datePublished\":\"2023-01-24T09:08:26+00:00\",\"dateModified\":\"2024-09-13T08:31:49+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2023\\\/01\\\/cloud-application-security-guide\\\/\"},\"wordCount\":2863,\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/cloud-application-security-guide\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/images.ctfassets.net\\\/5natoedl294r\\\/2BpheVCvY99ltmiY5b8WQv\\\/a35f000a16898305233737f10ac3bf4a\\\/Cloud_application_security_blog_cover_1400x800__1_.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp\",\"keywords\":[\"2023\",\"NordLayer\",\"Nord Security\"],\"articleSection\":[\"2023\",\"NordLayer\",\"Nord Security\",\"Press Release\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/version-2.com\\\/2023\\\/01\\\/cloud-application-security-guide\\\/\",\"url\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/cloud-application-security-guide\\\/\",\"name\":\"Cloud application security guide - Version 2\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/cloud-application-security-guide\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/cloud-application-security-guide\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/images.ctfassets.net\\\/5natoedl294r\\\/2BpheVCvY99ltmiY5b8WQv\\\/a35f000a16898305233737f10ac3bf4a\\\/Cloud_application_security_blog_cover_1400x800__1_.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp\",\"datePublished\":\"2023-01-24T09:08:26+00:00\",\"dateModified\":\"2024-09-13T08:31:49+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/cloud-application-security-guide\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/nordlayer.com\\\/blog\\\/cloud-application-security-guide\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/cloud-application-security-guide\\\/#primaryimage\",\"url\":\"https:\\\/\\\/images.ctfassets.net\\\/5natoedl294r\\\/2BpheVCvY99ltmiY5b8WQv\\\/a35f000a16898305233737f10ac3bf4a\\\/Cloud_application_security_blog_cover_1400x800__1_.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp\",\"contentUrl\":\"https:\\\/\\\/images.ctfassets.net\\\/5natoedl294r\\\/2BpheVCvY99ltmiY5b8WQv\\\/a35f000a16898305233737f10ac3bf4a\\\/Cloud_application_security_blog_cover_1400x800__1_.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/cloud-application-security-guide\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9801\",\"item\":\"https:\\\/\\\/version-2.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Cloud application security guide\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"name\":\"Version 2\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/version-2.com\\\/zh\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\",\"name\":\"Version 2\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"width\":1795,\"height\":335,\"caption\":\"Version 2\"},\"image\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/103ffe36f7fd34a1cc126a30431b94d8\",\"name\":\"versionpan\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/72541e15024f6716236decb252e7488d4a7359d4df6f8506b01f447174f92c7c?s=96&d=identicon&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/72541e15024f6716236decb252e7488d4a7359d4df6f8506b01f447174f92c7c?s=96&d=identicon&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/72541e15024f6716236decb252e7488d4a7359d4df6f8506b01f447174f92c7c?s=96&d=identicon&r=g\",\"caption\":\"versionpan\"},\"url\":\"https:\\\/\\\/version-2.com\\\/en\\\/author\\\/versionpan\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Cloud application security guide - Version 2","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/nordlayer.com\/blog\/cloud-application-security-guide\/","og_locale":"en_US","og_type":"article","og_title":"Cloud application security guide - Version 2","og_description":"In the modern economy, around 75% of workloads have mig [&hellip;]","og_url":"https:\/\/nordlayer.com\/blog\/cloud-application-security-guide\/","og_site_name":"Version 2","article_published_time":"2023-01-24T09:08:26+00:00","article_modified_time":"2024-09-13T08:31:49+00:00","og_image":[{"url":"https:\/\/images.ctfassets.net\/5natoedl294r\/2BpheVCvY99ltmiY5b8WQv\/a35f000a16898305233737f10ac3bf4a\/Cloud_application_security_blog_cover_1400x800__1_.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp","type":"","width":"","height":""}],"author":"versionpan","twitter_card":"summary_large_image","twitter_misc":{"Written by":"versionpan","Est. reading time":"15 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/nordlayer.com\/blog\/cloud-application-security-guide\/#article","isPartOf":{"@id":"https:\/\/version-2.com\/2023\/01\/cloud-application-security-guide\/"},"author":{"name":"versionpan","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/103ffe36f7fd34a1cc126a30431b94d8"},"headline":"Cloud application security guide","datePublished":"2023-01-24T09:08:26+00:00","dateModified":"2024-09-13T08:31:49+00:00","mainEntityOfPage":{"@id":"https:\/\/version-2.com\/2023\/01\/cloud-application-security-guide\/"},"wordCount":2863,"publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"image":{"@id":"https:\/\/nordlayer.com\/blog\/cloud-application-security-guide\/#primaryimage"},"thumbnailUrl":"https:\/\/images.ctfassets.net\/5natoedl294r\/2BpheVCvY99ltmiY5b8WQv\/a35f000a16898305233737f10ac3bf4a\/Cloud_application_security_blog_cover_1400x800__1_.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp","keywords":["2023","NordLayer","Nord Security"],"articleSection":["2023","NordLayer","Nord Security","Press Release"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/version-2.com\/2023\/01\/cloud-application-security-guide\/","url":"https:\/\/nordlayer.com\/blog\/cloud-application-security-guide\/","name":"Cloud application security guide - Version 2","isPartOf":{"@id":"https:\/\/version-2.com\/zh\/#website"},"primaryImageOfPage":{"@id":"https:\/\/nordlayer.com\/blog\/cloud-application-security-guide\/#primaryimage"},"image":{"@id":"https:\/\/nordlayer.com\/blog\/cloud-application-security-guide\/#primaryimage"},"thumbnailUrl":"https:\/\/images.ctfassets.net\/5natoedl294r\/2BpheVCvY99ltmiY5b8WQv\/a35f000a16898305233737f10ac3bf4a\/Cloud_application_security_blog_cover_1400x800__1_.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp","datePublished":"2023-01-24T09:08:26+00:00","dateModified":"2024-09-13T08:31:49+00:00","breadcrumb":{"@id":"https:\/\/nordlayer.com\/blog\/cloud-application-security-guide\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/nordlayer.com\/blog\/cloud-application-security-guide\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/nordlayer.com\/blog\/cloud-application-security-guide\/#primaryimage","url":"https:\/\/images.ctfassets.net\/5natoedl294r\/2BpheVCvY99ltmiY5b8WQv\/a35f000a16898305233737f10ac3bf4a\/Cloud_application_security_blog_cover_1400x800__1_.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp","contentUrl":"https:\/\/images.ctfassets.net\/5natoedl294r\/2BpheVCvY99ltmiY5b8WQv\/a35f000a16898305233737f10ac3bf4a\/Cloud_application_security_blog_cover_1400x800__1_.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp"},{"@type":"BreadcrumbList","@id":"https:\/\/nordlayer.com\/blog\/cloud-application-security-guide\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9801","item":"https:\/\/version-2.com\/"},{"@type":"ListItem","position":2,"name":"Cloud application security guide"}]},{"@type":"WebSite","@id":"https:\/\/version-2.com\/zh\/#website","url":"https:\/\/version-2.com\/zh\/","name":"Version 2","description":"","publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/version-2.com\/zh\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/version-2.com\/zh\/#organization","name":"Version 2","url":"https:\/\/version-2.com\/zh\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/","url":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","contentUrl":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","width":1795,"height":335,"caption":"Version 2"},"image":{"@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/103ffe36f7fd34a1cc126a30431b94d8","name":"versionpan","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/72541e15024f6716236decb252e7488d4a7359d4df6f8506b01f447174f92c7c?s=96&d=identicon&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/72541e15024f6716236decb252e7488d4a7359d4df6f8506b01f447174f92c7c?s=96&d=identicon&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/72541e15024f6716236decb252e7488d4a7359d4df6f8506b01f447174f92c7c?s=96&d=identicon&r=g","caption":"versionpan"},"url":"https:\/\/version-2.com\/en\/author\/versionpan\/"}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pbQRKm-gyz","post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/posts\/63647","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/users\/148637484"}],"replies":[{"embeddable":true,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/comments?post=63647"}],"version-history":[{"count":1,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/posts\/63647\/revisions"}],"predecessor-version":[{"id":64214,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/posts\/63647\/revisions\/64214"}],"wp:attachment":[{"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/media?parent=63647"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/categories?post=63647"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/tags?post=63647"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}