Cloud security threats, tips and best practices
by Mirko Zorz - Tuesday, 8 July 2014.
What security best practices should an organization implement when moving to the cloud?

Itís extremely important that you provide protection for the entire application stack running on virtual machines Ė throughout the system, network and application levels. Relatively few security vendors today support cloud deployments well, so itís important to ask the right questions beyond ďcan you deploy in the cloud?Ē How they deploy and whether they support cloud-specific use cases is much more important.

One of the biggest mistakes we see IT security teams make is to fail to prioritize the most important business or operational requirements in designing the security requirements for a given application deployment. A simple example Ė if your application team has a requirement for auto-scaling, then this must become the ground-floor requirement for your security toolkit as well. Otherwise, cloud deployment will move forward, but security will be left behind, which happens all too often.

How should organizations tackle security risk management when considering cloud service providers?

One of the first steps is choosing a cloud provider that offers the style of service that fits your business. For some businesses who prefer control and have the expertise to manage their own environment, cloud providers like Amazon or Azure have security partners with the capability to extend their own services dynamically for customers of those cloud providers. For businesses that need better support and an ability to outsource management of the entire application environment, a cloud provider with deep roots in managed hosting, such as Rackspace or Datapipe, might be a better choice. There are security options available in each of these cloud environments, but even the best security capabilities are ineffective if you canít deploy and manage them.

Spotlight

USBdriveby: Compromising computers with a $20 microcontroller

Posted on 19 December 2014.  |  Security researcher Samy Kamkar has devised a fast and easy way to compromise an unlocked computer and open a backdoor on it: a simple and cheap ($20) pre-programmed Teensy microcontroller.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Fri, Dec 19th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //