Monday’s blog post reviewed the IDG Enterprises Cloud Computing Survey Results. Check it out if you haven’t already…but, to save you some time, the resounding cloud computing challenge uncovered in this survey still circles around security concerns.
This doesn’t surprise me, or anyone else at i-Tech because cloud security is a major issue – especially if it is not thought out and planned well. That’s where our team of security and cloud specialists comes into play. They take this daunting task head-on so you don’t have to be worried your entire network’s security and integrity are up for grabs to any hacker or stupid human error.
What we do suggest, before you take the immediate plunge into the cloud, is you determine a valid and clear plan for cloud security. Here are five useful tips to help you get started, via Cloud Computing News:
Tip #1: Lock Down Your Server Firewall.
“Your firewall is the front-line defense for all security…Make sure you only open admin and other service ports when, for whom/what, and for as long as you need.”
Tip #2: Log Everything!
“The cloud is especially difficult to log because: A) It operates outside your traditional infrastructure, where many of your monitoring solutions/services don’t operate, and B) Logs stored on your cloud server are vaporized when you tear down machines…So make sure you’re using a third party logging service, either built within your security tool and/or as an additive service, to log who’s accessing your servers…”
Tip #3: Data Encryption
“And by encrypt the data, we mean before it’s written to your cloud server. Use an encryption gateway (e.g., CiperCloud, Porticor, etc.)…It’s critical (and required, by law in some cases) to encrypt your data, so do it.”
Tip #4: Super Human Strength Passwords
“Strong passwords are not enough. Too many of today’s major breaches and security events are the result of –at least, in part – vulnerable and/or stolen passwords. Make sure you use 2-factor / strong authentication…”
Tip #5: Take Responsibility
“The Ponemon Research Study found that most people don’t know who’s responsible for their cloud security. When asked, responsibility was almost evenly assigned to the customer, provider, or both. But this ambiguity leads to big gaps…The net is, take responsibility. Because if you think someone else is responsible, you’re setting yourself up.”