Skip to main content

Securing the Cloud

In order to secure cloud computing, there are several factors and steps to consider:

Identify the resources: Determine which data, services, or applications you plan to move to the cloud. This will help you assess the specific risks associated with each resource.

Assess sensitivity to risk: Evaluate the sensitivity of the resources to risks such as loss of privacy, unauthorized access, data loss, and availability interruptions. Different resources may have different levels of sensitivity and require different security measures.

Consider cloud types: Understand the different cloud deployment models (public, private, hybrid, shared community) and evaluate the associated risks for each resource. Consider where the data and functionality will be stored and maintained within the chosen cloud type.

Understand the service model: Different cloud service models (IaaS, SaaS, PaaS) have different levels of security responsibilities. Determine which model you will be using and understand the security responsibilities of both the cloud service provider and the customer at each level of the service stack.

Evaluate the cloud service provider: If you have selected a specific cloud service provider, assess their security systems and practices. Understand how data is transferred, stored, and moved in and out of the cloud. Consider the provider's certifications, credentials, and security resources.

Establish security boundaries: Define the security boundaries between the responsibilities of the cloud service provider and the customer. Understand where the provider's responsibilities end and where the customer's responsibilities begin. This helps determine the security mechanisms that need to be implemented by each party.

Map security mechanisms: Map the security features, compliance auditing, and other requirements of your specific cloud service model to the application you are deploying. Identify any missing security features that would be present in an on-premises deployment and seek replacements in the cloud computing model. Consider industry compliance standards that may apply to your organization.

Maintain accountability: Ensure that accountability for security is assigned to the appropriate parties. When contracting with a cloud service provider, make sure they remain accountable for the security measures you require.

Stay informed: Stay updated on the latest security best practices and technologies in cloud computing. Regularly review the security resources and recommendations provided by industry organizations such as the Cloud Security Alliance (CSA) and follow the guidance provided by reputable sources.

By following these steps and implementing appropriate security measures, you can enhance the security of your cloud computing deployment.

Labels:

Comments

Post a Comment

Popular posts from this blog

2.1 VIRTUAL MACHINES PROVISIONING AND MANAGEABILITY

In this section, we will have an overview on the typical life cycle of VM and its major possible states of operation, which make the management and automation of VMs in virtual and cloud environments easier than in traditional computing environments As shown in Figure above, the cycle starts by a request delivered to the IT department, stating the requirement for creating a new server for a particular service.  IT administration to start seeing the servers’ resource pool, matching these resources with the requirements, and starting the provision of the needed virtual machine.  Once provisioned machine started, it is ready to provide the required service according to an SLA, or a time period after which the virtual is being released.
Post a Comment
Read more

2.2 VIRTUAL MACHINE MIGRATION SERVICES

Migration service, in the context of virtual machines, is the process of moving a virtual machine from one host server or storage location to another; there are different techniques of VM migration, hot/life migration, cold/regular migration, and live storage migration of a virtual machine. In process of migration, all key machines’ components, such as CPU, storage disks, networking, and memory, are completely virtualized, thereby facilitating the entire state of a virtual machine to be captured by a set of easily moved data files. 2.2.1. Migrations Techniques Live Migration and High Availability Live migration (which is also called hot or real-time migration) can be defined as the movement of a virtual machine from one physical host to another while being powered on.  Live migration process takes place without any noticeable effect from the end user’s point of view (a matter of milliseconds).  One of the most significant advantages of live migration is the fact that it facili...
Post a Comment
Read more

Open SaaS and SOA

A considerable amount of SaaS software is based on open source software.  When open source software is used in a SaaS,  it referred to as Open SaaS.  The advantages of using open source software are that systems are much cheaper to deploy because you don’t have to purchase the operating system or software, there is less vendor lock-in, and applications are more portable.  The popularity of open source software, from Linux to APACHE, MySQL, and Perl (the LAMP platform) on the Internet, and the number of people who are trained in open source software make Open SaaS an attractive proposition.  The impact of Open SaaS will likely translate into better profitability for the companies that deploy open source software in the cloud, resulting in lower development costs and more robust solutions. SOA (Service-Oriented Architecture): SOA is an architectural approach for designing and developing software systems that are composed of loosely coupled services.  In an SO...
Post a Comment
Read more