Best practices for securing the CPaaS technology stack

2021-05-31 05:00

From authenticating to an API for advanced features to credential management, it is critical to have a deep understanding and awareness of data protection best practices.

On the customer end, in-house security and engineering staff can prep for CPaaS implementation by becoming familiar with the use of APIs and the authentication methods, communications protocols and the data that flows to and from them.

Once CPaaS is incorporated into the hybrid work model technology stack, it is a best practice for an organization to focus its sights on its endpoint management.

Security protocols should continue to be thoroughly reviewed and updated each year along with technology standards, including examining Transport Layer Security to make certain the cipher suite and algorithms in use meet or exceed requirements for data encryption.

It is the responsibility of the CPaaS partner and its security and technology teams to work with customers and bring to their attention recommended changes, such as replacing a cipher suite or an algorithm for a particular circuit to make sure that the most appropriate and recent standards are in place.

Only engineers-and very few of them-use SSH keys, which are foundational to IaaS platforms such as Google Cloud, Microsoft Azure and AWS. With business objectives shifting and evolving, SSH keys may lay an invaluable role in further securing CPaaS. Until then, choosing a CPaaS partner wisely will help ensure the benefits far outweigh the risks.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/JbEHHnsLKX4/

#bestpractices