CISA and NSA Release Cybersecurity Information Sheets on Cloud Security Best Practices

Today, CISA and the National Security Agency (NSA) released five joint Cybersecurity Information Sheets (CSIs) to provide organizations with recommended best practices and/or mitigations to improve the security of their cloud environment(s).

• Use Secure Cloud Identity and Access Management Practices
• Use Secure Cloud Key Management Practices
• Implement Network Segmentation and Encryption in Cloud Environments
• Secure Data in the Cloud
• Mitigate Risks from Managed Service Providers in Cloud Environments

CISA and NSA encourage all organizations to review the practices and implement the mitigations provided in the joint CSIs to help strengthen their cloud security. For more information on cloud security best practices, see CISA’s Secure Cloud Business Applications (SCuBA) Project and Trusted Internet Connections (TIC) pages.