Cloud Security--- How to protect your public cloud applications and systems.
Created#More Posted time:Jul 20, 2020 14:54 PM
Hi firends， I want to share some experiences about how to protect public cloud applications and systems.
our all know security is more and more important today. so what could we do to improve our cloud security ?
Some parts you could pay attentions:
Basic Security: DDoS, WAF, Host Security, Monitor, Log ,Security Group.
Data Security: SSL certificate, Database, KMS, RAM.
Application Security: content security, API security.
Security Service: vulnerability scan，penetration test.I had summarize a table l for your reference
1st Reply#Posted time:Jul 30, 2020 18:52 PM
You can keep your cloud applications and data safe by removing the bottleneck itself. Ensure that the Cloud provider that you use the service of like Windows virtual server provider stands tall on below factors.
When a company partners with a cloud provider in an IaaS model, security becomes a shared responsibility. A company now is as reliant on its cloud provider as it is on its in-house IT group to provide security for company applications and data. Internal data and network security has to evolve to be consistent with the cloud provider’s service offerings.
What does that mean?
The enterprise must align their internal security policies to be consistent with cloud service providers as data is moved to the cloud.
Evaluate and understand any gaps in security between on-premise systems and the cloud environment(s) being used.
Implement procedures to ensure end users (and administrators) are not creating cloud deployments without approval from the IT department.
Embrace dev-ops (a collaborative relationship between software developers and the IT department) and rein in shadow IT by integrating cloud resources/applications into the life cycle management process.
Ensure compliance mandates are not being violated by the movement of regulated data to the cloud.