It should be taken into account that

rakhirhif8963 · Post by **rakhirhif8963** » Sat Feb 08, 2025 3:31 am

If, when switching to remote work, a company decides to use cloud applications (cloud office programs, storage, mail, CRM services, the Desktop-as-a-Service concept, etc.), it is necessary to make sure that these resources are sufficiently protected on the side of cloud providers. If the security as a service (SaaS) model is used, tools such as Cloud Access Security Broker should be used, for example, Cisco Umbrella CloudLock , which allow, by analyzing cloud service logs via API, to identify threats and anomalies in them, such as data leakage, password guessing, employee abuse, violation of the law, etc. When using IaaS or PaaS cloud computing models, you can use both traditional security solutions implemented in the form of virtual solutions and specialized tools for cloud monitoring, for example, Cisco Stealthwatch Cloud .

Russian cloud providers, even among the leaders, still consider cybersecurity tasks as secondary and, at best, implement only basic security functions, since today they are faced with the task of survival or market capture. They do not provide for the integration of their services on the client side into corporate security monitoring systems. Thus, it is almost azerbaijan mobile database to retrieve logs from Russian clouds in order to enter them into the corporate security event management system (SIEM), transfer them to the corporate center for monitoring and responding to information security incidents (SOC) in order to control the state of corporate information security. But the leaders of foreign cloud computing (Amazon, Google, Microsoft) are doing much better in terms of ensuring the information security of their clients.

In remote work, the task of backing up system administrators and VIP users has become more urgent, which is due to a sharp increase in risks associated with the inability to perform their work functions - exclusive access to ICT resources, the implementation of VIP powers regarding the preparation of documents, management actions, etc. The business continuity strategy should provide for the possibility of replacing system administrators who have become unavailable or the presence of a way to contact the CEO if his traditional communication channels suddenly stop working, or the ability to obtain the signature of the chief accountant who has been quarantined and who still has a flash drive with electronic signature keys.