Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Cloud Infrastructure

Posted on 2016-09-09
5
Medium Priority
?
168 Views
Last Modified: 2016-09-21
Could someone explain the issues in network, host, and applications levels of cloud infrastructure security?
0
Comment
Question by:K K
  • 2
  • 2
5 Comments
 
LVL 66

Assisted Solution

by:btan
btan earned 1000 total points
ID: 41792130
It is not really issue in the 3 areas per se of the security architecture. Instead you should ask the challenges in ensuring those domains are secured against threats such as

- data leakage or theft due to misconfiguration, infection esp for exploitation due to co-sharing of host and network in cloud vm environment and no proper security segregation of data based on sensitivity or classification

- Unauthorised access and abuse via 3rd party contractor or privileged user esp from remote access and not using any form of 2FA (rely on username and password), lack of audit trail and no proper access matrix done

- No data integrity and unable to detect tampering or hijacking attempt esp when data are not end to end encrypted and no protection when data at rest, data in transit and data in use.

- Lack of oversight of the whole posture of setup due to over reliance & manual checking with outsourced vendor, no form of regime for penetration test and vulnerability scanning to establish snapshots of security health and using no compliance outdated application/system

Key for above the cloud security architecture need a security by design strategy and always Adopt a trust but verify mindset to ascertain the claims - e.g. verified to be working as it is expected.
0
 
LVL 25

Accepted Solution

by:
madunix earned 1000 total points
ID: 41792262
Cloud Deployment Models
  • Private (exclusive use by single organization);
  • Community (exclusive use by specific community);
  • Public (used by general public);
  • Hybrid (composed of two or more deployed models);


Cloud Service models
  • Software as a Service (SaaS), Example: Web mail customer uses providers applications;
  • Platform as a Service (PaaS), Example: Web service hosting; customer controls apps;
  • Infrastructure as a Service (IaaS),  Example: Linux server hosting; customer controls-operating systems, storage and applications;


Notice: It is important that you carefully review the terms of service when
evaluating a potential contract for cloud services and consider them in the
context of your organization’s security, so review contracts to ensure security and protection levels are agreed upon and ensure they have a business continuity plan (BCP) in place
0
 
LVL 66

Assisted Solution

by:btan
btan earned 1000 total points
ID: 41792273
Can also check out the checklist in Cloud Security Alliance Cloud Controls Matrix (CCM)

As a framework, the CSA CCM provides organizations with the needed structure, detail and clarity relating to information security tailored to the cloud industry.

The CSA CCM strengthens existing information security control environments by emphasizing business information security control requirements, reduces and identifies consistent security threats and vulnerabilities in the cloud, provides standardized security and operational risk management, and seeks to normalize security expectations, cloud taxonomy and terminology, and security measures implemented in the cloud.
 https://cloudsecurityalliance.org/group/cloud-controls-matrix/
0
 
LVL 25

Expert Comment

by:madunix
ID: 41792278
Look at Statement on Auditing Standards (SAS) 70 audit report; SAS 70 is an internal controls audit carried out by a third-party auditing organization. http://sas70.com/
0
 
LVL 37

Expert Comment

by:bbao
ID: 41792309
a broad question. could you please tell us your particular requirement or the things you most worry about?
0

Featured Post

Managing Security & Risk at the Speed of Business

Gartner Research VP, Neil McDonald & AlgoSec CTO, Prof. Avishai Wool, discuss the business-driven approach to automated security policy management, its benefits and how to align security policy management with business processes to address today's security challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It’s a season to be thankful, and we’re thankful for users like you who engage on site, solve technology problems, and network with others in the industry. What tech are we most thankful for? Keep reading.
With more and more companies allowing their employees to work remotely, it begs the question: What are some of the security risks involved with remote employees and what actions should we take to secure them?
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…
Suggested Courses

572 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question