Cloud Security and how to make it happen

Cloud Security and how to make it happen - Κεντρική Εικόνα
25 May 2016
IT Engineer

Each day more and more companies decide to take a step that brings them closer to the cloud. Building a strong shield that will provide security to all the applications and data they move to cloud infrastructures becomes, thus, a prime concern.  To create an environment that provides the best possible level of security, one has to bear in mind certain rules and follow some examples of 'best practice'.

  1. Choose a cloud service provider that has a solid track record in this field
  2. Make sure your agreed SLAs cover the following:
    • the end of business operations
    • data disposal
    • responding to legal requirements
    • backup and tape storage
    • cost of shared infrastructure
    • reaction to DDoS attacks
    • business continuity (data center disaster plan)
  3. Make sure you understand the security model of your cloud service provider
    • You must understand the security architecture of the cloud side to build the proper security on your own side.
  4. You need to check with your ISP about possible firewall conflicts. Some ISP offerings include packages with additional protection that may prohibit communication with your cloud solution.
  5. Make sure that the cloud application solution you pick is able to:
    • Manage new generation firewalls
    • Detect intrusion using multiple tools
    • Provide detail logging of your system
  6. Make sure that all networks have explicit firewall zones, allowing for different security policies to be implemented on the Server Environment and within the Users
  7. To have better control, allow the following
    • Vulnerability analysis by IT team
    • Access to the environment log and systems
    • Use of log retention and correlation tools
  8. Demonstrate the process of cryptographic keys (SSL protocols etc.)
  9. Impose a clear and multi-level Access Control mechanism
    • Physical tokens (proximity)
    • Password cards
    • Digital certificates (SSL)
    • Biometry
    • SMS password
  10. Perform penetration tests on the final solution

Read Also

Read Also: 
Key Benefits From Using a Single Data Source For All Sub-Systems - Κεντρική Εικόνα
18 Apr 2016

What is best, specialized stand-alone systems or an integrated super system? Argyro discusses pros and cons of each approach.