As the pandemic continues to force organizations to shift to work-from-home setup, more companies are coming to terms with the fact that changes are needed in continuity, security, and mobility.
In the industry, including changes in online security and cybercriminal activities and the need for a greater understanding of governance as a distributed function.
Misconceptions about safety must be changed.
Working remotely is now a bit easier now that security is seen as a critical element of success. However, in the past, security teams were considered only as support to the administrative function; Too often, they were also perceived as “roadblocks” that, at the last minute, pointed to issues that needed to be addressed before solutions could be implemented.
Improving Safety has involved many changes, including changing misconceptions, transforming perspectives, asking questions that are difficult and beyond operations, continuing education, and practicing self-reliance for safety compliance. As a result, the role of security has also become more visible and involved.
However, the strategy of involving safety from the beginning depended not only on the security team, but also on changing the mindset of the entire team.
Security continues to be paramount for the company, especially since working remotely has become part of the “new normal.” To secure your operations in these circumstances, you should evaluate what changes need to be made, either temporarily or permanently, to ensure that the business is enabled and that customer privacy is maintained.

A cloud-centric strategy and enabling mobility.

The company must adopt a cloud-first mindset for quite some time and has been moving forward with significant digital transformation efforts, both of which clearly help enable a smooth transition to an equally significant remote workforce. The flexibility, availability, easy acquisition, and expandability of the cloud provide ease and help enable mobility.
Cloud security is a model of shared responsibility. Some of the controls and governance are the responsibility of the hosting provider, while others belong to the solution provider. To do this, it is key for an organization to have a good process to evaluate the security of the solutions it uses, both internally and externally through partners.

Key points:

• Perception changes. Involve security teams early on and often to build partnerships and stop being a hindrance.
  • Enable resources. Whether an organization is educating teams on how to look at functionality from an adversary’s point of view or providing tools and processes that allow them to be self-sufficient, the end result will be stronger security and better relationships.
  • Coordinate with third parties. Even today, there are many cases where businesses mistakenly trust or believe that the hosting provider only has their security covered. However, organizations need to ensure that their third-party management program is asking the right questions regarding cloud/hosted solutions so that they can make informed risk-based decisions.
  • Trust partnerships. When you need new solutions/tools for the cloud, leverage existing partnerships as much as possible to drive efficiencies and integrations.

At Itera we can help you.
Contact a specialist: seguridad@iteraprocess.com

It is a security management service that enables centralized configuration and management of firewall rules across all your accounts and applications in AWS Organization. As new applications are created, Firewall Manager makes it easy to onboard new compliant applications and resources by applying a common set of security rules.

Proceeds

* Simplify the management of firewall rules across all your accounts.

AWS Firewall Manager is integrated with AWS Organizations so you can enable AWS WAF rules, AWS Shield Advanced protections, and security groups for Amazon VPC across multiple AWS accounts and resources from one place. You can bundle rules, create policies, and centrally deploy the latter across your infrastructure.

* Ensure compliance of new and existing applications.

AWS Firewall Manager automatically enforces the mandatory security policies that you define for all new and existing resources. The service discovers new resources as they are created in accounts.

* Easily deploy managed rules across accounts.

AWS Firewall Manager is integrated with managed rules for AWS WAF, giving you an easy way to deploy preconfigured WAF rules to your applications. This means you can choose a managed rule from an AWS Marketplace seller and deploy it consistently across your Amazon CloudFront application load balancer, API gateway, and infrastructure with a few clicks in the console.

* Enable agile responses to Internet attacks.

With AWS Firewall Manager, your security team can receive notifications about threats that allow you to respond to and mitigate an attack quickly.

Source: https://aws.amazon.com/es/firewall-manager/
At Itera we can help you.
Contact a specialist: seguridad@iteraprocess.com