Cloud Security: The Good, The Bad, and The Ugly
by Sarah Harvey / March 28th, 2018
Cloud Security Best Practices
Cloud environments bring advantages to businesses of all sizes–reduced cost, flexibility, low risk, efficiency–so why do you need to go the extra mile and implement cloud security best practices? Security vulnerabilities exist, even in the cloud. Traditional security problems of an internal network still show up in cloud environments, like one vicious cycle.
In this webinar, we discuss three areas where traditional security problems must be reassessed for cloud environments: credential reuse and management interface, secure configurations, and system logging and monitoring.
1. Credential Reuse and Securing the Management Interface
In a traditional internal network, you may encounter issues like the same local administrator account being used on all deployed workstations, domain administrator permissions being granted to daily use accounts, and static password service accounts having administrative permissions. You could encounter these same traditional security problems in cloud environments, they’ll just look slightly different. For example, the same SSH key may be used for all IaaS server instances without securing the private key properly, administrator permissions may be granted to daily use accounts, and account keys may be used for scripted automation tasks.
2. Managing Secure Configurations
Secure configurations are vital to a traditional internal network or cloud environments. Patching and hardening systems can be a disruptive process that requires a significant amount of resources, making it one of the most common traditional security problems. This approach dos not need to be carried over into cloud environments. To gain the advantages that cloud environments can provide, applications need to be totally transformed to bring additional business value.
3. System Logging and Monitoring
Analysis and retention of log data can easily overburden limited IT resources. In the PCI DSS framework, for example, you must retain all logs for a year. When reassessed for cloud environments, system logging and monitoring can become less expensive and burdensome. Object-based storage for retention is less expensive than large amounts of physical storage, and security-as-service providers can make the log analysis process automated.
Listen to the full webinar to learn about best practices for cloud security. For more information on cloud security assessments, contact us today.
More Cloud Resources
European Union Agency for Network and Information Security (ENISA)
