First, you want to try and reduce the organization’s overall exposure when it comes to using cloud services. A solid first action is to inventory the number and type of services currently in use. To do this, you should enlist a combination of technology and old fashioned methods (a/k/a asking teams what they are using).
With a better idea of your current systems, you can then start working with the teams throughout the organization to ensure that they are aware of the risks and security challenges associated with the services they use.
An ongoing discussion and education campaign is a pillar of the good security practices and critical to address the issue of multi-service use.
Leave a reply