Cloud security threats, tips and best practices
by Mirko Zorz - Tuesday, 8 July 2014.
What security best practices should an organization implement when moving to the cloud?

Its extremely important that you provide protection for the entire application stack running on virtual machines throughout the system, network and application levels. Relatively few security vendors today support cloud deployments well, so its important to ask the right questions beyond can you deploy in the cloud? How they deploy and whether they support cloud-specific use cases is much more important.

One of the biggest mistakes we see IT security teams make is to fail to prioritize the most important business or operational requirements in designing the security requirements for a given application deployment. A simple example if your application team has a requirement for auto-scaling, then this must become the ground-floor requirement for your security toolkit as well. Otherwise, cloud deployment will move forward, but security will be left behind, which happens all too often.

How should organizations tackle security risk management when considering cloud service providers?

One of the first steps is choosing a cloud provider that offers the style of service that fits your business. For some businesses who prefer control and have the expertise to manage their own environment, cloud providers like Amazon or Azure have security partners with the capability to extend their own services dynamically for customers of those cloud providers. For businesses that need better support and an ability to outsource management of the entire application environment, a cloud provider with deep roots in managed hosting, such as Rackspace or Datapipe, might be a better choice. There are security options available in each of these cloud environments, but even the best security capabilities are ineffective if you cant deploy and manage them.

Spotlight

Review: Bulletproof SSL and TLS

Posted on 12 September 2014.  |  Deploying SSL or TLS in a secure way is a great challenge for system administrators. This book aims to simplify that challenge by offering extensive knowledge and good advice - all in one place.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Mon, Sep 15th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //