Security continues to top the list of concerns cited by cloud computing users, so you can be sure that cloud service providers also place a high priority on ensuring that your data is neither compromised nor corrupted. Below are some of the key points you should check that your provider has implemented.
The service provider should embed security into the fabric of the infrastructure, test for vulnerabilities and respond quickly to any that may be discovered. They need to operate a rigorous set of operational security controls, including tight control over authentication and high levels of monitoring, logging and reporting.
Responsibilities for network protection and management are shared between the cloud provider and the customer. As a customer, you may not have physical access to the network, but you can implement the logical equivalent within a cloud environment through tools such as guest-operated system firewalls, virtual network gateway configuration and virtual private networks.
The provider runs a multi-tenant datacentre, meaning the network hardware transports data from multiple customers. Network operations for each customer should be logically isolated to ensure complete separation of traffic from different customers. By the same token, virtual networks should also remain detached from each other. The provider should deploy firewalls, anti-malware software and partitioned LANs, offer protection from DDOS attacks and physically separate back-end servers from public-facing interfaces.
Encryption has long been the best way to protect your data's privacy, and you should implement it where you have the power to do so. Data at rest must also be encrypted. Note that encryption will require key management to ensure that data remains accessible over long periods of time, as it is all too easy to mislay keys.
Read More: http://www.zdnet.com/article/secure-cloud-networking/
The service provider should embed security into the fabric of the infrastructure, test for vulnerabilities and respond quickly to any that may be discovered. They need to operate a rigorous set of operational security controls, including tight control over authentication and high levels of monitoring, logging and reporting.
Responsibilities for network protection and management are shared between the cloud provider and the customer. As a customer, you may not have physical access to the network, but you can implement the logical equivalent within a cloud environment through tools such as guest-operated system firewalls, virtual network gateway configuration and virtual private networks.
The provider runs a multi-tenant datacentre, meaning the network hardware transports data from multiple customers. Network operations for each customer should be logically isolated to ensure complete separation of traffic from different customers. By the same token, virtual networks should also remain detached from each other. The provider should deploy firewalls, anti-malware software and partitioned LANs, offer protection from DDOS attacks and physically separate back-end servers from public-facing interfaces.
Encryption has long been the best way to protect your data's privacy, and you should implement it where you have the power to do so. Data at rest must also be encrypted. Note that encryption will require key management to ensure that data remains accessible over long periods of time, as it is all too easy to mislay keys.
Read More: http://www.zdnet.com/article/secure-cloud-networking/
No comments:
Post a Comment