To operate your workload securely, you must apply overarching best practices to every area of security. Take requirements and processes that you have defined in Operational Excellence at an organizational and workload level, and apply them to all areas.
Identity and access management is a key part of an information security program. It helps ensure that only authorized and authenticated users and components are able to access your resources, and only in a menner that you intend.
You can use detective controls to identify a potential security threat or incident. They are an essential part of governance framework and can be used to support a quality process, a legal or compliance obligation, and for threat identification and response efforts.
Infrastructure protection encompasses the control methodologies, such as defense in depth, necessary to meet best practices and organizational or regulatory obligations. Use of these methodologies is critical for succesful, ongoing operations in either the cloud or on premises.
Before architecting any system, foundational practices that influence security should be in place. For example, data classification provides a way to categorize organizational data based on levels of sensitivity. Encryption protects data by way of rendering it unintelligible to unathorized access.
Even with extremely mature preventive and detective controls, your organization should still put processes in place to respond to and mitigate the potential impact of security incidents.