T0125 - Unencrypted data in transit

M1241

Mitigation

Use strong encryption algorithms

Implementing strong encryption algorithms with appropriate key lengths and security parameters can significantly increase the resilience of encryption at rest mechanisms. Organizations should use industry-standard encryption algorithms that are widely recognized and reviewed by the security community. For example, AES, ECC, RSA.

M1250

Mitigation

Enable data sencryption in transit

Data encryption in transit is a critical security control in cloud computing that involves encrypting data as it moves between two points over a network or the internet. This is important to prevent data breaches, protect sensitive data, and comply with data privacy regulations. Cloud service providers use various encryption protocols to establish a secure communication channel, and organizations should ensure that encryption is properly implemented and verified. To implement data encryption in transit, cloud service providers use various encryption protocols such as Transport Layer Security (TLS), Secure Sockets Layer (SSL), and Internet Protocol Security (IPsec). These protocols use encryption keys and digital certificates to establish a secure communication channel between the sender and receiver. The encryption process ensures that data is scrambled and unreadable to anyone without the proper decryption key. Check your cloud provider documentation for more details on how to enable data encryption in transit.

D1260

Detection

Implement regular security audit and review

Conduct regular security audits and vulnerability assessments of your systems and storages configurations to identify and address any potential misconfigurations or vulnerabilities that could lead to exposed storage. This includes reviewing access controls, encryption settings, and other security configurations to ensure they are aligned with best practices and organizational security policies.

D1261

Detection

Implement penetration testing

Penetration testing, also known as ethical hacking or vulnerability assessment, is a proactive approach to mitigating cybersecurity risks. It involves simulating real-world cyber attacks on a system, network, or application in a controlled and authorized manner to identify vulnerabilities and weaknesses that could be exploited by malicious actors.

D1262

Detection

Implement vulnerability assesment

Vulnerability assessment is a proactive approach to mitigating cybersecurity risks by systematically identifying, evaluating, and prioritizing vulnerabilities in a system, network, or application. It involves conducting regular assessments to identify potential weaknesses that could be exploited by attackers, and taking appropriate actions to remediate or mitigate those vulnerabilities.

D1510

Detection

Implement Intrusion Detection System and anti-malware

An intrusion detection system (IDS) is a security tool designed to detect and alert on unauthorized access to a computer system or network. Implementing intrusion detection systems (IDS) and anti-malware software can help to identify and block malicious activity. IDS is a critical security tool that helps organizations to detect and respond to security incidents in a timely manner. By providing real-time monitoring and analysis of network traffic, IDS can help organizations to stay ahead of potential threats and reduce the risk of a security breach.