SlideShare ist ein Scribd-Unternehmen logo

How to implement cloud computing security

Als DOCX, PDF herunterladen
Randall Spence
Randall Spence
TechnologieBusiness
1 von 7
1 Cloud Security - Some Implementation Techniques It has been wonderful to discuss with software vendors both large and small their transition to the cloud. And as you would expect, security is very much “top of mind”. After reading a post by Olivier Coudert, I decided to provide a high-level description of some of the main techniques used to secure a cloud implementation. Hopefully it’s useful when considering a cloud (Infrastructure-as-a-Service, IaaS) or platform (Platform-as-a-Service, PaaS) provider. Most of our customers use our platform with the Amazon cloud. And so the infrastructure portion of this discussion will be taken from their implementation, described in more detail in their white paper. (One of the primary reasons why we built our platform on top of Amazon’s infrastructure is because of their security.) The areas to consider are illustrated below. The user (client) on the left, and the public or private cloud on the right form the two end-points. The communication network in between (what we used to call “the cloud”, before there was “The Cloud” ) is the other key component. End-points to Cloud Security The Cloud - Physical Security This is the most fundamental of considerations. Not only is it important if your data is valuable, but if you’re in a public cloud consider what else could be stored and valued in the same physical location. The Amazon Cloud boasts extensive physical security measures, protocols, and technology, including “military grade perimeter control berms” and other “natural boundary protection”. The Cloud - Logical Security Firewall
2 Many breaches of security come from bots pinging IP addresses on multiple ports, mechanically looking for a way to get in somewhere (Port Scanning). This type of attack is prevented at the Firewall: (i) Close all ports except those that are to be used. And only open those when they are actually used. (ii) Restrict access by the protocol used (http, ssh, etc.) (iii) Restrict access to only known client IP addresses. In addition to this, AWS detects port scanning, stops it and blocks it. Counter measures are also in place to protect against Distributed Denial of Service (DDoS) and Man In the Middle (MITM) attacks. Operating System (Host and Guest) Operating System Security The Host Operating System that resides on the actual hardware needs to have strong key access to a limited number of Administrators. No one else should have access at this level. And those that do have access should only have it on a limited basis and only when they are doing actual work. Guest OS’s (the virtual instances that are actually used by the hosted software) are isolated from the Host by the hypervisor (which also provides isolation between running instances). Unprivileged Access to these instances should only be allowed via token or key-based authentication. Key control is paramount for success at this level. Data - Backup & Encryption All stored data should be redundantly backed up, ideally (as with AWS) in multiple physical locations. In addition, data can be encrypted on the remote instance. In fact, encryption can be taken down to a very low level, but performance trade-offs come into play very quickly.
3 The Network Other than protection from threats residing elsewhere on the network, data interception should be protected against. Therefore, data traveling across the network should be encrypted. In our case, we implemented communication and data transfer protocols that use AES-128 symmetric key encryption for all data sent between the client and the cloud server. The User After all of the above (and much more) has been put in place, we still need to provide access to users (customers) outside of the firewall. And so we need to know who the users are, and to be able to confirm that they are indeed who they say they are. In order to scale the business, the authentication and validation process must be automated and built into the on-boarding and access process. Fortunately, as we’re dealing in a business-to-business environment, the easiest and most reliable way to automatically confirm identity is via an email validation process during user on-boarding. Once validated and prior to accessing the cloud, the user’s identity should be authenticated again using the email address (or a username linked to the email address) and a password. On the Xuropa Platform, we go one step further and add an additional security protocol to ensure that only the previously authenticated user can gain access to the cloud from a detected IP address. Life’s a Trade-off These are just a few of the techniques employed - when it comes down to it, anything is possible. However, people need to have access, and in order for businesses to run, access needs to be straight forward for the user, monitored, controlled, and automated. In architecting our platform, security is paramount, which means we have to put a great deal of effort into automation and the user experience (UX) design. How are you securing your cloud processes? And what are your concerns related to security  find out how the Cloud is going to Operate compared to the DMZ wen it comes to logical Information Security. By the looks of things the Clouds is going to operate outside the DMZ. if that is True, that will make the Cloud computing to be highly vulnerable. o Please explain to me how logical security will operate in the clouds.  James Colgan May 25, 2011 12:23 pm o Thanks for your comment Putso. Unfortunately “DMZ” really doesn’t mean that much without context.
4 How To Implement Cloud Computing Security o Logical security involves such strategies as the encryption of data traversing to/from the cloud, and between instances within the cloud. It also refers to the issuance of credentials to authorized users and then logically locking communication between that user’s client and the cloud resource. o o It also refers to locking down the ports on firewalls at the points of entry to the cloud. We can also go further up the stack and look at access control interfaces, etc. There’s so much in this domain…I’ll put together more posts on the subject in the near future. Maintaining security after a cloud computing implementation You've successfully migrated your organization's selected applications and data into the cloud, and everyone has said what a great job you've done. But you and I both know the task of maintaining the security of these apps and data has only just begun. In this tip, I'll review which technologies and processes must be initiated, monitored and secured after a cloud computing implementation or initiative is up and running. IAM Cloud computing turns us all into remote workers, which makes identity and access management (IAM) one of the key challenges after a cloud computing move. It is important to have robust lifecycle management regarding users and user access so that user accounts, credentials and access rights are always relevant and up to date, including disabling an account when an employee leaves. Also look to initiate an IAM strategy that can make full use of federated identity management, which enables users to securely access data or systems across autonomous security domains. More specifically, consider introducing single sign-on (SSO) for enterprise applications and leveraging this architecture to simplify cloud provider implementations. A move to the cloud will appear far more seamless to your users if they are already used to SSO, and it'll make managing trust across different types of cloud services less onerous. You will also have logged baseline data to help you monitor and gauge changes due to cloud activity. How To Implement Cloud Computing Security How To Implement Cloud Computing Security You may not realize it but your company may have adopted cloud computing. Your company may have subscribed to other miscellaneous services like the ones being offered by Salesforce.com or you may be using a hosted email. Your organization may even be implementing an internal private cloud. With all the uncertainties and fears of using the cloud, one must accept the fact that cloud computing will be here for a long time.
5 It is but expected that everyone will have security as their number one fear when a new technology is introduced to the market especially when media tends to play up the security inconsistencies of cloud computing. But when you really look deeper into the problem, you’ll realize that these security breaches happen because the organization allows them to happen. Cyber criminals often look at cloud computing loopholes and attach those which have loose controls in place. When an organization decides to move to the clouds, it must first determine its foundational controls which form the backbone of the company’s security principles. Plans must be laid out in order to secure the company’s assets so that when the company subscribes to cloud computing, all the needed security controls must already be in place. Also, the company will have to be workload-focused instead of cloud-focused. When moving to the clouds, the organization must take into consideration each workload so that it will be able to enforce a security program which is focused on the workload with a possibility to implement non-traditional security measures. More often than not, a company decides to move to the clouds because higher management has decided it. Because not all parties are included in the decision process, some security measures may not have been considered. When this happens, the organization may face usability and integration challenges. Concerned departments must be included in the decision making so that people working with the affected departments will know what to expect when cloud computing is finally implemented. A plan must be enforced to mitigate the risks. It must have a documented plan so that employees will be able to quickly resolve cloud computing issues when they arise. Training, education, as well as documentation and management of risks must be included in the risk mitigation plan. A major advantage of cloud computing is that it is capable of virtualization and because of this advantage an organization must have a management process for its storage image implemented. This will guarantee that the required images are made available when needed. The images must also be appropriately managed and identified so that image sprawl will be avoided. Before a company migrates to the clouds, it must first check the cloud computing provider’s infrastructure and applications for any security hazards so that controls can be set in place in order to ensure that the transfer to the clouds are secure. The company must also take note of ethical hacking so that they can use it to check their own cloud applications for the usual security vulnerabilities. There are also security services available in the market which can help the company obtain the best security without the traditional overhead expense. These services include security event log management, identity and access management, and intrusion prevention which transfer the strain of implementing them from the organization to the security services provider. A resiliency program must also be considered when adopting cloud computing because cloud technologies are not perfect. Critical workloads must be restored quickly in case
6 of attack or catastrophe. Restoration must be done quickly and responsibly so that there is less impact on the business process. Monitoring is also important when the organization moves to the clouds. If the company fails to oversee the implementations in cloud computing, there is a great possibility that there will be security, satisfaction, and performance issues. A monitoring program must be actively implemented so that security threats are properly identified. By diligently ensuring security measures are in place, the company can be a step in allaying fears of security breaches. Security plans must be reviewed regularly because new threats may be just lurking around the corner and as such the company must be prepared to deal with them. Florence de Borja “Choosing a Cloud Provider with Confidence” Cloud computing is rapidly transforming the IT landscape and the conversation around adopting cloud technology has progressed from “if” to “when”… Free Download Report (Disclaimer: CloudTweaks publishes news and opinion articles from different contributors. All views and opinions in these articles belong entirely to our contributors. They do not reflect or represent in any way the personal or professional opinions of CloudTweaks.com or those of its staff.) Tagged as: adopting cloud computing, business process, Cloud Application, Cloud applications, Cloud Computing, cloud computing loopholes, Cloud Computing Security, cloud technologies, clouds, computing security, Crime preventionCrime prevention, cyber criminals, depa, implement cloud computing, miscellaneous services, new technology, Private Cloud, Salesforce .com, security breach, security breaches, security event log management, security measures, security principles, security program, security services, security threats, security vulnerabilities, services provider, traditional security, virtualization Cloud Security Guidance IBM Recommendations for the Implementation of Cloud Security Abstract Cloud computing is a flexible, cost-effective, and proven delivery platform for providing business or consumer IT services over the Internet. Cloud resources can be rapidly deployed and easily scaled, with all processes, applications, and services provisioned "on demand", regardless of user location or device. As a result, cloud computing gives organizations the opportunity to increase their service delivery efficiencies, streamline IT management, and better align IT services with dynamic business requirements. In many ways, cloud computing offers the "best of both worlds", providing solid support for core business functions along with the capacity to develop new and innovative services.
7 Cloud Security In addition to the usual challenges of developing secure IT systems, cloud computing presents an added level of risk, because essential services are often outsourced to a third party. The "externalized" aspect of outsourcing makes it harder to maintain data integrity and privacy, support data and service availability, and demonstrate compliance. The security measures discussed in this IBM Redpapers™ publication represent best practice implementations for cloud security.

Empfohlen

Cloud Security Top 10 Risk Mitigation Techniques for 2019
Cloud Security Top 10 Risk Mitigation Techniques for 2019Cloud Security Top 10 Risk Mitigation Techniques for 2019
Cloud Security Top 10 Risk Mitigation Techniques for 2019Joseph Holbrook, Chief Learning Officer (CLO)
 
A Secure Framework for Cloud Computing With Multi-cloud Service Providers
A Secure Framework for Cloud Computing With Multi-cloud Service ProvidersA Secure Framework for Cloud Computing With Multi-cloud Service Providers
A Secure Framework for Cloud Computing With Multi-cloud Service Providersiosrjce
 
Why the cloud is more secure than your existing systems
Why the cloud is more secure than your existing systemsWhy the cloud is more secure than your existing systems
Why the cloud is more secure than your existing systemsErnest Mueller
 
Cloud Computing Security Issues
Cloud Computing Security Issues Cloud Computing Security Issues
Cloud Computing Security Issues Discover Cloud Computing
 
Cloud computing security
Cloud computing securityCloud computing security
Cloud computing securityAntonio Sanz Alcober
 
Cloud security privacy- org
Cloud security privacy- orgCloud security privacy- org
Cloud security privacy- orgDharmalingam S
 
Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)
Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)
Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)Happiest Minds Technologies
 
Cloud computing security & forensics (manu)
Cloud computing security & forensics (manu)Cloud computing security & forensics (manu)
Cloud computing security & forensics (manu)ClubHack
 

Empfohlen

Cloud Security Top 10 Risk Mitigation Techniques for 2019
Cloud Security Top 10 Risk Mitigation Techniques for 2019Cloud Security Top 10 Risk Mitigation Techniques for 2019
Cloud Security Top 10 Risk Mitigation Techniques for 2019Joseph Holbrook, Chief Learning Officer (CLO)
 
A Secure Framework for Cloud Computing With Multi-cloud Service Providers
A Secure Framework for Cloud Computing With Multi-cloud Service ProvidersA Secure Framework for Cloud Computing With Multi-cloud Service Providers
A Secure Framework for Cloud Computing With Multi-cloud Service Providersiosrjce
 
Why the cloud is more secure than your existing systems
Why the cloud is more secure than your existing systemsWhy the cloud is more secure than your existing systems
Why the cloud is more secure than your existing systemsErnest Mueller
 
Cloud Computing Security Issues
Cloud Computing Security Issues Cloud Computing Security Issues
Cloud Computing Security Issues Discover Cloud Computing
 
Cloud computing security
Cloud computing securityCloud computing security
Cloud computing securityAntonio Sanz Alcober
 
Cloud security privacy- org
Cloud security privacy- orgCloud security privacy- org
Cloud security privacy- orgDharmalingam S
 
Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)
Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)
Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)Happiest Minds Technologies
 
Cloud computing security & forensics (manu)
Cloud computing security & forensics (manu)Cloud computing security & forensics (manu)
Cloud computing security & forensics (manu)ClubHack
 
A Comparative Review on Data Security Challenges in Cloud Computing
A Comparative Review on Data Security Challenges in Cloud ComputingA Comparative Review on Data Security Challenges in Cloud Computing
A Comparative Review on Data Security Challenges in Cloud ComputingIRJET Journal
 
Security in cloud computing
Security in cloud computingSecurity in cloud computing
Security in cloud computingAbhishek Kumar Sinha
 
A Question of Trust: How Service Providers Can Attract More Customers by Deli...
A Question of Trust: How Service Providers Can Attract More Customers by Deli...A Question of Trust: How Service Providers Can Attract More Customers by Deli...
A Question of Trust: How Service Providers Can Attract More Customers by Deli...SafeNet
 
Privacy Issues In Cloud Computing
Privacy Issues In Cloud ComputingPrivacy Issues In Cloud Computing
Privacy Issues In Cloud Computingiosrjce
 
(Pdf) yury chemerkin _i-society_2013
(Pdf) yury chemerkin _i-society_2013(Pdf) yury chemerkin _i-society_2013
(Pdf) yury chemerkin _i-society_2013STO STRATEGY
 
(Pdf) yury chemerkin _i-society-2013 proceedings
(Pdf) yury chemerkin _i-society-2013 proceedings(Pdf) yury chemerkin _i-society-2013 proceedings
(Pdf) yury chemerkin _i-society-2013 proceedingsSTO STRATEGY
 
Cloud security
Cloud security Cloud security
Cloud security Mohamed Shalash
 
Security Issues of Cloud Computing
Security Issues of Cloud ComputingSecurity Issues of Cloud Computing
Security Issues of Cloud ComputingFalgun Rathod
 
Cloud security and services
Cloud security and servicesCloud security and services
Cloud security and servicesJas Preet
 
Chap 6 cloud security
Chap 6 cloud securityChap 6 cloud security
Chap 6 cloud securityRaj Sarode
 
Authentication cloud
Authentication cloudAuthentication cloud
Authentication cloudvidhya dharmarajan
 
Cloud security and security architecture
Cloud security and security architectureCloud security and security architecture
Cloud security and security architectureVladimir Jirasek
 
True costs of a SIEM
True costs of a SIEMTrue costs of a SIEM
True costs of a SIEMDavid Humphrey
 
Security in cloud computing
Security in cloud computingSecurity in cloud computing
Security in cloud computingveena venugopal
 
Cloud Computing Security Issues
Cloud Computing Security IssuesCloud Computing Security Issues
Cloud Computing Security IssuesStelios Krasadakis
 
OneLogin Review
OneLogin ReviewOneLogin Review
OneLogin ReviewDavid Humphrey
 
Cloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingCloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingJim Geovedi
 
Aws top 50 interview questions
Aws top 50 interview questionsAws top 50 interview questions
Aws top 50 interview questionsInfosecTrain
 
Open Digital Framework from TMFORUM
Open Digital Framework from TMFORUMOpen Digital Framework from TMFORUM
Open Digital Framework from TMFORUMMaganathin Veeraragaloo
 
Cloud computing security from single to multiple
Cloud computing security from single to multipleCloud computing security from single to multiple
Cloud computing security from single to multipleKiran Kumar
 
IDF 2011: ODCA & Developing a Usage Model Roadmap for Cloud Computing
IDF 2011: ODCA & Developing a Usage Model Roadmap for Cloud ComputingIDF 2011: ODCA & Developing a Usage Model Roadmap for Cloud Computing
IDF 2011: ODCA & Developing a Usage Model Roadmap for Cloud ComputingOpen Data Center Alliance
 
Cloud implementation security challenges
Cloud implementation security challengesCloud implementation security challenges
Cloud implementation security challengesbornresearcher
 

Weitere ähnliche Inhalte

Was ist angesagt?

A Comparative Review on Data Security Challenges in Cloud Computing
A Comparative Review on Data Security Challenges in Cloud ComputingA Comparative Review on Data Security Challenges in Cloud Computing
A Comparative Review on Data Security Challenges in Cloud ComputingIRJET Journal
 
A Question of Trust: How Service Providers Can Attract More Customers by Deli...
A Question of Trust: How Service Providers Can Attract More Customers by Deli...A Question of Trust: How Service Providers Can Attract More Customers by Deli...
A Question of Trust: How Service Providers Can Attract More Customers by Deli...SafeNet
 
Privacy Issues In Cloud Computing
Privacy Issues In Cloud ComputingPrivacy Issues In Cloud Computing
Privacy Issues In Cloud Computingiosrjce
 
(Pdf) yury chemerkin _i-society_2013
(Pdf) yury chemerkin _i-society_2013(Pdf) yury chemerkin _i-society_2013
(Pdf) yury chemerkin _i-society_2013STO STRATEGY
 
(Pdf) yury chemerkin _i-society-2013 proceedings
(Pdf) yury chemerkin _i-society-2013 proceedings(Pdf) yury chemerkin _i-society-2013 proceedings
(Pdf) yury chemerkin _i-society-2013 proceedingsSTO STRATEGY
 
Security Issues of Cloud Computing
Security Issues of Cloud ComputingSecurity Issues of Cloud Computing
Security Issues of Cloud ComputingFalgun Rathod
 
Cloud security and services
Cloud security and servicesCloud security and services
Cloud security and servicesJas Preet
 
Chap 6 cloud security
Chap 6 cloud securityChap 6 cloud security
Chap 6 cloud securityRaj Sarode
 
Cloud security and security architecture
Cloud security and security architectureCloud security and security architecture
Cloud security and security architectureVladimir Jirasek
 
Security in cloud computing
Security in cloud computingSecurity in cloud computing
Security in cloud computingveena venugopal
 
Cloud Computing Security Issues
Cloud Computing Security IssuesCloud Computing Security Issues
Cloud Computing Security IssuesStelios Krasadakis
 
Cloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingCloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingJim Geovedi
 
Aws top 50 interview questions
Aws top 50 interview questionsAws top 50 interview questions
Aws top 50 interview questionsInfosecTrain
 
Cloud computing security from single to multiple
Cloud computing security from single to multipleCloud computing security from single to multiple
Cloud computing security from single to multipleKiran Kumar
 

Was ist angesagt? (20)

A Comparative Review on Data Security Challenges in Cloud Computing
A Comparative Review on Data Security Challenges in Cloud ComputingA Comparative Review on Data Security Challenges in Cloud Computing
A Comparative Review on Data Security Challenges in Cloud Computing
 
Security in cloud computing
Security in cloud computingSecurity in cloud computing
Security in cloud computing
 
A Question of Trust: How Service Providers Can Attract More Customers by Deli...
A Question of Trust: How Service Providers Can Attract More Customers by Deli...A Question of Trust: How Service Providers Can Attract More Customers by Deli...
A Question of Trust: How Service Providers Can Attract More Customers by Deli...
 
Privacy Issues In Cloud Computing
Privacy Issues In Cloud ComputingPrivacy Issues In Cloud Computing
Privacy Issues In Cloud Computing
 
(Pdf) yury chemerkin _i-society_2013
(Pdf) yury chemerkin _i-society_2013(Pdf) yury chemerkin _i-society_2013
(Pdf) yury chemerkin _i-society_2013
 
(Pdf) yury chemerkin _i-society-2013 proceedings
(Pdf) yury chemerkin _i-society-2013 proceedings(Pdf) yury chemerkin _i-society-2013 proceedings
(Pdf) yury chemerkin _i-society-2013 proceedings
 
Cloud security
Cloud security Cloud security
Cloud security
 
Security Issues of Cloud Computing
Security Issues of Cloud ComputingSecurity Issues of Cloud Computing
Security Issues of Cloud Computing
 
Cloud security and services
Cloud security and servicesCloud security and services
Cloud security and services
 
Chap 6 cloud security
Chap 6 cloud securityChap 6 cloud security
Chap 6 cloud security
 
Authentication cloud
Authentication cloudAuthentication cloud
Authentication cloud
 
Cloud security and security architecture
Cloud security and security architectureCloud security and security architecture
Cloud security and security architecture
 
True costs of a SIEM
True costs of a SIEMTrue costs of a SIEM
True costs of a SIEM
 
Security in cloud computing
Security in cloud computingSecurity in cloud computing
Security in cloud computing
 
Cloud Computing Security Issues
Cloud Computing Security IssuesCloud Computing Security Issues
Cloud Computing Security Issues
 
OneLogin Review
OneLogin ReviewOneLogin Review
OneLogin Review
 
Cloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingCloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud Computing
 
Aws top 50 interview questions
Aws top 50 interview questionsAws top 50 interview questions
Aws top 50 interview questions
 
Open Digital Framework from TMFORUM
Open Digital Framework from TMFORUMOpen Digital Framework from TMFORUM
Open Digital Framework from TMFORUM
 
Cloud computing security from single to multiple
Cloud computing security from single to multipleCloud computing security from single to multiple
Cloud computing security from single to multiple
 

Andere mochten auch

IDF 2011: ODCA & Developing a Usage Model Roadmap for Cloud Computing
IDF 2011: ODCA & Developing a Usage Model Roadmap for Cloud ComputingIDF 2011: ODCA & Developing a Usage Model Roadmap for Cloud Computing
IDF 2011: ODCA & Developing a Usage Model Roadmap for Cloud ComputingOpen Data Center Alliance
 
Cloud implementation security challenges
Cloud implementation security challengesCloud implementation security challenges
Cloud implementation security challengesbornresearcher
 
Cloud Computing Roadmap
Cloud Computing RoadmapCloud Computing Roadmap
Cloud Computing RoadmapAkelios
 
Infrastructure Strategy
Infrastructure StrategyInfrastructure Strategy
Infrastructure StrategyRobert Jones
 
Planning IT Strategy | TechExpress.co
Planning IT Strategy | TechExpress.coPlanning IT Strategy | TechExpress.co
Planning IT Strategy | TechExpress.coTechExpressTools
 
Roadmap to Cloud Computing
Roadmap to Cloud ComputingRoadmap to Cloud Computing
Roadmap to Cloud ComputingNVISH Solutions
 

Andere mochten auch (6)

IDF 2011: ODCA & Developing a Usage Model Roadmap for Cloud Computing
IDF 2011: ODCA & Developing a Usage Model Roadmap for Cloud ComputingIDF 2011: ODCA & Developing a Usage Model Roadmap for Cloud Computing
IDF 2011: ODCA & Developing a Usage Model Roadmap for Cloud Computing
 
Cloud implementation security challenges
Cloud implementation security challengesCloud implementation security challenges
Cloud implementation security challenges
 
Cloud Computing Roadmap
Cloud Computing RoadmapCloud Computing Roadmap
Cloud Computing Roadmap
 
Infrastructure Strategy
Infrastructure StrategyInfrastructure Strategy
Infrastructure Strategy
 
Planning IT Strategy | TechExpress.co
Planning IT Strategy | TechExpress.coPlanning IT Strategy | TechExpress.co
Planning IT Strategy | TechExpress.co
 
Roadmap to Cloud Computing
Roadmap to Cloud ComputingRoadmap to Cloud Computing
Roadmap to Cloud Computing
 

Ähnlich wie How to implement cloud computing security

Cloud Computing Risks by Ravi Namboori Cisco Evangelist
Cloud Computing Risks by Ravi Namboori Cisco EvangelistCloud Computing Risks by Ravi Namboori Cisco Evangelist
Cloud Computing Risks by Ravi Namboori Cisco EvangelistRavi namboori
 
Security Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishekSecurity Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishekEr. rahul abhishek
 
AWS Security Challenges
AWS Security ChallengesAWS Security Challenges
AWS Security ChallengesSTO STRATEGY
 
Introduction to Cloud computing
Introduction to Cloud computingIntroduction to Cloud computing
Introduction to Cloud computingKumayl Rajani
 
Module 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDModule 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDSweta Kumari Barnwal
 
The Ultimate Guide For Cloud Penetration Testing.pdf
The Ultimate Guide For Cloud Penetration Testing.pdfThe Ultimate Guide For Cloud Penetration Testing.pdf
The Ultimate Guide For Cloud Penetration Testing.pdfCraw Cyber Security
 
Operational Complexity: The Biggest Security Threat to Your AWS Environment
Operational Complexity: The Biggest Security Threat to Your AWS EnvironmentOperational Complexity: The Biggest Security Threat to Your AWS Environment
Operational Complexity: The Biggest Security Threat to Your AWS EnvironmentCryptzone
 
Cloud Security, Standards and Applications
Cloud Security, Standards and ApplicationsCloud Security, Standards and Applications
Cloud Security, Standards and ApplicationsDr. Sunil Kr. Pandey
 
The 15 best cloud security practices
The 15 best cloud security practices The 15 best cloud security practices
The 15 best cloud security practices Cloudride LTD
 
Security Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishekSecurity Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishekEr. rahul abhishek
 
SaaS Security.pptx
SaaS Security.pptxSaaS Security.pptx
SaaS Security.pptxchelsi33
 
saassecurity-230424030940-08314322.pdf
saassecurity-230424030940-08314322.pdfsaassecurity-230424030940-08314322.pdf
saassecurity-230424030940-08314322.pdfSahilSingh316535
 
Authentication in cloud computing
Authentication in cloud computingAuthentication in cloud computing
Authentication in cloud computingvidhya dharmarajan
 
AWS Cloud Security From the Point of View of the Compliance
AWS Cloud Security From the Point of View of the ComplianceAWS Cloud Security From the Point of View of the Compliance
AWS Cloud Security From the Point of View of the ComplianceYury Chemerkin
 
Cloud transformation Service in Hy.pdf
Cloud transformation Service in Hy.pdfCloud transformation Service in Hy.pdf
Cloud transformation Service in Hy.pdfPetaBytz Technologies
 

Ähnlich wie How to implement cloud computing security (20)

UNIT -V.docx
UNIT -V.docxUNIT -V.docx
UNIT -V.docx
 
Cloud Computing Risks by Ravi Namboori Cisco Evangelist
Cloud Computing Risks by Ravi Namboori Cisco EvangelistCloud Computing Risks by Ravi Namboori Cisco Evangelist
Cloud Computing Risks by Ravi Namboori Cisco Evangelist
 
Security Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishekSecurity Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishek
 
Can You Trust Cloud Security In Public Cloud?
Can You Trust Cloud Security In Public Cloud?Can You Trust Cloud Security In Public Cloud?
Can You Trust Cloud Security In Public Cloud?
 
AWS Security Challenges
AWS Security ChallengesAWS Security Challenges
AWS Security Challenges
 
Introduction to Cloud computing
Introduction to Cloud computingIntroduction to Cloud computing
Introduction to Cloud computing
 
Module 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDModule 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUD
 
The Ultimate Guide For Cloud Penetration Testing.pdf
The Ultimate Guide For Cloud Penetration Testing.pdfThe Ultimate Guide For Cloud Penetration Testing.pdf
The Ultimate Guide For Cloud Penetration Testing.pdf
 
Operational Complexity: The Biggest Security Threat to Your AWS Environment
Operational Complexity: The Biggest Security Threat to Your AWS EnvironmentOperational Complexity: The Biggest Security Threat to Your AWS Environment
Operational Complexity: The Biggest Security Threat to Your AWS Environment
 
I017225966
I017225966I017225966
I017225966
 
Cloud Security, Standards and Applications
Cloud Security, Standards and ApplicationsCloud Security, Standards and Applications
Cloud Security, Standards and Applications
 
The 15 best cloud security practices
The 15 best cloud security practices The 15 best cloud security practices
The 15 best cloud security practices
 
Security Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishekSecurity Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishek
 
Presentation1
Presentation1Presentation1
Presentation1
 
SaaS Security.pptx
SaaS Security.pptxSaaS Security.pptx
SaaS Security.pptx
 
saassecurity-230424030940-08314322.pdf
saassecurity-230424030940-08314322.pdfsaassecurity-230424030940-08314322.pdf
saassecurity-230424030940-08314322.pdf
 
Cloud Security_ Unit 4
Cloud Security_ Unit 4Cloud Security_ Unit 4
Cloud Security_ Unit 4
 
Authentication in cloud computing
Authentication in cloud computingAuthentication in cloud computing
Authentication in cloud computing
 
AWS Cloud Security From the Point of View of the Compliance
AWS Cloud Security From the Point of View of the ComplianceAWS Cloud Security From the Point of View of the Compliance
AWS Cloud Security From the Point of View of the Compliance
 
Cloud transformation Service in Hy.pdf
Cloud transformation Service in Hy.pdfCloud transformation Service in Hy.pdf
Cloud transformation Service in Hy.pdf
 

Kürzlich hochgeladen

New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 

Kürzlich hochgeladen (20)

New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 

How to implement cloud computing security

  • 1. 1 Cloud Security - Some Implementation Techniques It has been wonderful to discuss with software vendors both large and small their transition to the cloud. And as you would expect, security is very much “top of mind”. After reading a post by Olivier Coudert, I decided to provide a high-level description of some of the main techniques used to secure a cloud implementation. Hopefully it’s useful when considering a cloud (Infrastructure-as-a-Service, IaaS) or platform (Platform-as-a-Service, PaaS) provider. Most of our customers use our platform with the Amazon cloud. And so the infrastructure portion of this discussion will be taken from their implementation, described in more detail in their white paper. (One of the primary reasons why we built our platform on top of Amazon’s infrastructure is because of their security.) The areas to consider are illustrated below. The user (client) on the left, and the public or private cloud on the right form the two end-points. The communication network in between (what we used to call “the cloud”, before there was “The Cloud” ) is the other key component. End-points to Cloud Security The Cloud - Physical Security This is the most fundamental of considerations. Not only is it important if your data is valuable, but if you’re in a public cloud consider what else could be stored and valued in the same physical location. The Amazon Cloud boasts extensive physical security measures, protocols, and technology, including “military grade perimeter control berms” and other “natural boundary protection”. The Cloud - Logical Security Firewall
  • 2. 2 Many breaches of security come from bots pinging IP addresses on multiple ports, mechanically looking for a way to get in somewhere (Port Scanning). This type of attack is prevented at the Firewall: (i) Close all ports except those that are to be used. And only open those when they are actually used. (ii) Restrict access by the protocol used (http, ssh, etc.) (iii) Restrict access to only known client IP addresses. In addition to this, AWS detects port scanning, stops it and blocks it. Counter measures are also in place to protect against Distributed Denial of Service (DDoS) and Man In the Middle (MITM) attacks. Operating System (Host and Guest) Operating System Security The Host Operating System that resides on the actual hardware needs to have strong key access to a limited number of Administrators. No one else should have access at this level. And those that do have access should only have it on a limited basis and only when they are doing actual work. Guest OS’s (the virtual instances that are actually used by the hosted software) are isolated from the Host by the hypervisor (which also provides isolation between running instances). Unprivileged Access to these instances should only be allowed via token or key-based authentication. Key control is paramount for success at this level. Data - Backup & Encryption All stored data should be redundantly backed up, ideally (as with AWS) in multiple physical locations. In addition, data can be encrypted on the remote instance. In fact, encryption can be taken down to a very low level, but performance trade-offs come into play very quickly.
  • 3. 3 The Network Other than protection from threats residing elsewhere on the network, data interception should be protected against. Therefore, data traveling across the network should be encrypted. In our case, we implemented communication and data transfer protocols that use AES-128 symmetric key encryption for all data sent between the client and the cloud server. The User After all of the above (and much more) has been put in place, we still need to provide access to users (customers) outside of the firewall. And so we need to know who the users are, and to be able to confirm that they are indeed who they say they are. In order to scale the business, the authentication and validation process must be automated and built into the on-boarding and access process. Fortunately, as we’re dealing in a business-to-business environment, the easiest and most reliable way to automatically confirm identity is via an email validation process during user on-boarding. Once validated and prior to accessing the cloud, the user’s identity should be authenticated again using the email address (or a username linked to the email address) and a password. On the Xuropa Platform, we go one step further and add an additional security protocol to ensure that only the previously authenticated user can gain access to the cloud from a detected IP address. Life’s a Trade-off These are just a few of the techniques employed - when it comes down to it, anything is possible. However, people need to have access, and in order for businesses to run, access needs to be straight forward for the user, monitored, controlled, and automated. In architecting our platform, security is paramount, which means we have to put a great deal of effort into automation and the user experience (UX) design. How are you securing your cloud processes? And what are your concerns related to security  find out how the Cloud is going to Operate compared to the DMZ wen it comes to logical Information Security. By the looks of things the Clouds is going to operate outside the DMZ. if that is True, that will make the Cloud computing to be highly vulnerable. o Please explain to me how logical security will operate in the clouds.  James Colgan May 25, 2011 12:23 pm o Thanks for your comment Putso. Unfortunately “DMZ” really doesn’t mean that much without context.
  • 4. 4 How To Implement Cloud Computing Security o Logical security involves such strategies as the encryption of data traversing to/from the cloud, and between instances within the cloud. It also refers to the issuance of credentials to authorized users and then logically locking communication between that user’s client and the cloud resource. o o It also refers to locking down the ports on firewalls at the points of entry to the cloud. We can also go further up the stack and look at access control interfaces, etc. There’s so much in this domain…I’ll put together more posts on the subject in the near future. Maintaining security after a cloud computing implementation You've successfully migrated your organization's selected applications and data into the cloud, and everyone has said what a great job you've done. But you and I both know the task of maintaining the security of these apps and data has only just begun. In this tip, I'll review which technologies and processes must be initiated, monitored and secured after a cloud computing implementation or initiative is up and running. IAM Cloud computing turns us all into remote workers, which makes identity and access management (IAM) one of the key challenges after a cloud computing move. It is important to have robust lifecycle management regarding users and user access so that user accounts, credentials and access rights are always relevant and up to date, including disabling an account when an employee leaves. Also look to initiate an IAM strategy that can make full use of federated identity management, which enables users to securely access data or systems across autonomous security domains. More specifically, consider introducing single sign-on (SSO) for enterprise applications and leveraging this architecture to simplify cloud provider implementations. A move to the cloud will appear far more seamless to your users if they are already used to SSO, and it'll make managing trust across different types of cloud services less onerous. You will also have logged baseline data to help you monitor and gauge changes due to cloud activity. How To Implement Cloud Computing Security How To Implement Cloud Computing Security You may not realize it but your company may have adopted cloud computing. Your company may have subscribed to other miscellaneous services like the ones being offered by Salesforce.com or you may be using a hosted email. Your organization may even be implementing an internal private cloud. With all the uncertainties and fears of using the cloud, one must accept the fact that cloud computing will be here for a long time.
  • 5. 5 It is but expected that everyone will have security as their number one fear when a new technology is introduced to the market especially when media tends to play up the security inconsistencies of cloud computing. But when you really look deeper into the problem, you’ll realize that these security breaches happen because the organization allows them to happen. Cyber criminals often look at cloud computing loopholes and attach those which have loose controls in place. When an organization decides to move to the clouds, it must first determine its foundational controls which form the backbone of the company’s security principles. Plans must be laid out in order to secure the company’s assets so that when the company subscribes to cloud computing, all the needed security controls must already be in place. Also, the company will have to be workload-focused instead of cloud-focused. When moving to the clouds, the organization must take into consideration each workload so that it will be able to enforce a security program which is focused on the workload with a possibility to implement non-traditional security measures. More often than not, a company decides to move to the clouds because higher management has decided it. Because not all parties are included in the decision process, some security measures may not have been considered. When this happens, the organization may face usability and integration challenges. Concerned departments must be included in the decision making so that people working with the affected departments will know what to expect when cloud computing is finally implemented. A plan must be enforced to mitigate the risks. It must have a documented plan so that employees will be able to quickly resolve cloud computing issues when they arise. Training, education, as well as documentation and management of risks must be included in the risk mitigation plan. A major advantage of cloud computing is that it is capable of virtualization and because of this advantage an organization must have a management process for its storage image implemented. This will guarantee that the required images are made available when needed. The images must also be appropriately managed and identified so that image sprawl will be avoided. Before a company migrates to the clouds, it must first check the cloud computing provider’s infrastructure and applications for any security hazards so that controls can be set in place in order to ensure that the transfer to the clouds are secure. The company must also take note of ethical hacking so that they can use it to check their own cloud applications for the usual security vulnerabilities. There are also security services available in the market which can help the company obtain the best security without the traditional overhead expense. These services include security event log management, identity and access management, and intrusion prevention which transfer the strain of implementing them from the organization to the security services provider. A resiliency program must also be considered when adopting cloud computing because cloud technologies are not perfect. Critical workloads must be restored quickly in case
  • 6. 6 of attack or catastrophe. Restoration must be done quickly and responsibly so that there is less impact on the business process. Monitoring is also important when the organization moves to the clouds. If the company fails to oversee the implementations in cloud computing, there is a great possibility that there will be security, satisfaction, and performance issues. A monitoring program must be actively implemented so that security threats are properly identified. By diligently ensuring security measures are in place, the company can be a step in allaying fears of security breaches. Security plans must be reviewed regularly because new threats may be just lurking around the corner and as such the company must be prepared to deal with them. Florence de Borja “Choosing a Cloud Provider with Confidence” Cloud computing is rapidly transforming the IT landscape and the conversation around adopting cloud technology has progressed from “if” to “when”… Free Download Report (Disclaimer: CloudTweaks publishes news and opinion articles from different contributors. All views and opinions in these articles belong entirely to our contributors. They do not reflect or represent in any way the personal or professional opinions of CloudTweaks.com or those of its staff.) Tagged as: adopting cloud computing, business process, Cloud Application, Cloud applications, Cloud Computing, cloud computing loopholes, Cloud Computing Security, cloud technologies, clouds, computing security, Crime preventionCrime prevention, cyber criminals, depa, implement cloud computing, miscellaneous services, new technology, Private Cloud, Salesforce .com, security breach, security breaches, security event log management, security measures, security principles, security program, security services, security threats, security vulnerabilities, services provider, traditional security, virtualization Cloud Security Guidance IBM Recommendations for the Implementation of Cloud Security Abstract Cloud computing is a flexible, cost-effective, and proven delivery platform for providing business or consumer IT services over the Internet. Cloud resources can be rapidly deployed and easily scaled, with all processes, applications, and services provisioned "on demand", regardless of user location or device. As a result, cloud computing gives organizations the opportunity to increase their service delivery efficiencies, streamline IT management, and better align IT services with dynamic business requirements. In many ways, cloud computing offers the "best of both worlds", providing solid support for core business functions along with the capacity to develop new and innovative services.
  • 7. 7 Cloud Security In addition to the usual challenges of developing secure IT systems, cloud computing presents an added level of risk, because essential services are often outsourced to a third party. The "externalized" aspect of outsourcing makes it harder to maintain data integrity and privacy, support data and service availability, and demonstrate compliance. The security measures discussed in this IBM Redpapers™ publication represent best practice implementations for cloud security.