Cloud Security--- How to protect your public cloud applications and systems.
Created#More Posted time:Jul 20, 2020 14:54 PM
Hi firends， I want to share some experiences about how to protect public cloud applications and systems.
our all know security is more and more important today. so what could we do to improve our cloud security ?
Some parts you could pay attentions:
Basic Security: DDoS, WAF, Host Security, Monitor, Log ,Security Group.
Data Security: SSL certificate, Database, KMS, RAM.
Application Security: content security, API security.
Security Service: vulnerability scan，penetration test.I had summarize a table l for your reference
1st Reply#Posted time:Sep 27, 2021 13:36 PM
More and more businesses are nowadays moving to the online platform since the digital platform is no longer an option, rather it has become a necessity for almost every person out there. And you should know that it is not only about moving to the digital platform and using powerful websites for building online stores but it is also about embracing powerful technological solutions like cloud computing.
But you should know that everything out there has its own pros and cons and this doesn’t mean that you should stop using something just because it comes along with cons. Well, the same thing can be said about the very powerful public cloud applications and systems that have become almost a new normal for everyone out there.
Even if you are running a small or medium-sized business, there are maximum chances that you must be using a public cloud application or system but just using that system is not enough as you will also have to make sure that the public cloud system is safe from all the cyber attackers out there. Well, there are many things that you can do to keep your public cloud application safe and we have discussed some of those tips here.
Fit cloud like a glove in your firm
The public cloud is not a one-size-fits-all solution. Every business has its own unique needs, requirements, and goals. A transition to the public cloud, or a hybrid cloud solution, entails careful research, planning, execution, and regular review for a successful implementation.
Security is paramount to cloud adoption because, without proper security surrounding sensitive and/or regulated information, business continuity, financial loss, and company reputation are at stake. The cloud – public, private, or hybrid – offers many advantages to businesses of all sizes but needs to be done in a responsible and thoughtful manner.
Never miss the updates
Regular and routine updates to security architecture are vital with any cloud environment. In many ways, network security is a moving target and necessitates constant vigilance. This function could be performed by the third-party security provider or done in-house within the IT department. If an internal IT is unable to provide these services, consider enlisting a managed security service provider (MSSP) that has expertise in these areas for support.
Don’t miss the configuration
Configure the environment with security best practices in mind. For example, each AWS service has a public-facing set of application programming interfaces (APIs) that should be disabled if not in use. Many new AWS users may not be aware that Amazon Simple Storage Service is a public-facing service, exposing anything stored within the internet unless locked down by policy. On Azure, when establishing an initial VNet within a resource group, users should understand that all outbound ports are open by default, introducing potentially unwanted exposure.
Concentrate on data
Application developers should have a laser focus on data security because that's where most attacks occur, but don't let your applications give hackers a path to that data. Think of data security in the cloud as a series of levels:
The platform level. This is the operating system of the machine instance, including items such as data files. Inadequate protection of the platform is a fundamental flaw that most application developers fail to consider. They may protect access to the data but not the database itself, which is exposed in the platform. In order to deal with this vulnerability, make sure you encrypt the data. That way, if someone copies the data files, they'll be useless. While this is the best approach, it sometimes can cause performance problems, so many developers prefer not to use it. Always use this approach during cloud security and data protection.
2nd Reply#Posted time:Jul 30, 2020 18:52 PM
You can keep your cloud applications and data safe by removing the bottleneck itself. Ensure that the Cloud provider that you use the service of like Windows virtual server provider stands tall on below factors.
When a company partners with a cloud provider in an IaaS model, security becomes a shared responsibility. A company now is as reliant on its cloud provider as it is on its in-house IT group to provide security for company applications and data. Internal data and network security has to evolve to be consistent with the cloud provider’s service offerings.
What does that mean?
The enterprise must align their internal security policies to be consistent with cloud service providers as data is moved to the cloud.
Evaluate and understand any gaps in security between on-premise systems and the cloud environment(s) being used.
Implement procedures to ensure end users (and administrators) are not creating cloud deployments without approval from the IT department.
Embrace dev-ops (a collaborative relationship between software developers and the IT department) and rein in shadow IT by integrating cloud resources/applications into the life cycle management process.
Ensure compliance mandates are not being violated by the movement of regulated data to the cloud.