Security practices

NSA Recommends Ten Strategies to Improve Cloud Security

The National Security Agency has issued a report highlighting ten recommended strategies to improve cloud security practices.

The report emphasizes the importance of the cloud shared responsibility model, educating the need for the customer and the cloud provider to have a shared responsibility in securing cloud environments. The NSA said it could be achieved by outlining each party’s responsibilities.

Other cloud security strategies listed include using secure cloud key management practices and enforcing secure automated deployment practices through infrastructure as code, CISA said.

Rob Joyce, director of cybersecurity at the NSA, said organizations need to adopt cloud solutions correctly to get the most out of what the agency is offering. He added that with critical data stored on cloud services, it has become an attractive target for malicious actors.

In 2023, Commander Lt. Gen. Maria Barrett, commanding general of the U.S. Army Cyber Command, emphasized the importance of proper design and implementation in enterprise cloud security. The ARCYBER leader discussed how automated checkpoints reauthorizing users can improve cloud security.