Network Trace
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

00) Does your organisation maintain on-premise or cloud-hosted environments — or a hybrid of both — for internal use, or to deliver services to clients?

September 11, 2024
Network and Cloud Security
Scoping
Small Framework

Answer Yes to this question if:Your organisation maintains (or is responsible for maintaining) a physical or cloud-hosted network that allows user devices to connect and communicate with any data storage or processing services;Your organisation maintains any physical or cloud-hosted application or service delivery infrastructure;Your organisation uses a public cloud to host applications or services where you are responsible for implementing security controls within that environment, guided by the host’s shared security responsibility model (e.g. AWS, GCP and Azure)

Answer Yes to this question if:

  • Your organisation maintains (or is responsible for maintaining) a physical or cloud-hosted network that allows user devices to connect and communicate with any data storage or processing services;
  • Your organisation maintains any physical or cloud-hosted application or service delivery infrastructure;
  • Your organisation uses a public cloud to host applications or services where you are responsible for implementing security controls within that environment, guided by the host’s shared security responsibility model (e.g. AWS, GCP and Azure)

You should answer no if your organisation only uses Software-as-a-Service that is hosted and maintained by external service providers (e.g. Google Workspace, Microsoft365, etc.), accessed through standard web or desktop applications.

Networks are a common target for cyber attack as they often offer a public facing way for attackers to access confidential information. The connections from your networks to the Internet, and other partner networks, expose your systems and technologies to attack. By creating and implementing some simple policies and appropriate architectural and technical responses, you can reduce the chances of these attacks succeeding (or causing harm to your organisation).

Your organisation's networks almost certainly span many sites, and the use of mobile / remote working, and cloud services, makes defining a fixed network boundary difficult. Rather than focusing purely on physical connections, think also about where your data is stored and processed, and where an attacker would have the opportunity to interfere with it.

How to implement the control

There are numerous consultancies or individual consultants that will be able to assist in crafting a network security capability within your organisation. Please message us if you would like a recommendation.

If you would like to contribute to this article or provide feedback, please email knowledge@riskledger.com. Contributors will be recognised on our contributors page.

Pattern Trapezoid Mesh

Defend against supply chain attacks with Defend-As-One.

No organisation is an island.