Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Cloud Infrastructure

Posted on 2016-09-09
5
Medium Priority
?
162 Views
Last Modified: 2016-09-21
Could someone explain the issues in network, host, and applications levels of cloud infrastructure security?
0
Comment
Question by:K K
  • 2
  • 2
5 Comments
 
LVL 65

Assisted Solution

by:btan
btan earned 1000 total points
ID: 41792130
It is not really issue in the 3 areas per se of the security architecture. Instead you should ask the challenges in ensuring those domains are secured against threats such as

- data leakage or theft due to misconfiguration, infection esp for exploitation due to co-sharing of host and network in cloud vm environment and no proper security segregation of data based on sensitivity or classification

- Unauthorised access and abuse via 3rd party contractor or privileged user esp from remote access and not using any form of 2FA (rely on username and password), lack of audit trail and no proper access matrix done

- No data integrity and unable to detect tampering or hijacking attempt esp when data are not end to end encrypted and no protection when data at rest, data in transit and data in use.

- Lack of oversight of the whole posture of setup due to over reliance & manual checking with outsourced vendor, no form of regime for penetration test and vulnerability scanning to establish snapshots of security health and using no compliance outdated application/system

Key for above the cloud security architecture need a security by design strategy and always Adopt a trust but verify mindset to ascertain the claims - e.g. verified to be working as it is expected.
0
 
LVL 25

Accepted Solution

by:
madunix earned 1000 total points
ID: 41792262
Cloud Deployment Models
  • Private (exclusive use by single organization);
  • Community (exclusive use by specific community);
  • Public (used by general public);
  • Hybrid (composed of two or more deployed models);


Cloud Service models
  • Software as a Service (SaaS), Example: Web mail customer uses providers applications;
  • Platform as a Service (PaaS), Example: Web service hosting; customer controls apps;
  • Infrastructure as a Service (IaaS),  Example: Linux server hosting; customer controls-operating systems, storage and applications;


Notice: It is important that you carefully review the terms of service when
evaluating a potential contract for cloud services and consider them in the
context of your organization’s security, so review contracts to ensure security and protection levels are agreed upon and ensure they have a business continuity plan (BCP) in place
0
 
LVL 65

Assisted Solution

by:btan
btan earned 1000 total points
ID: 41792273
Can also check out the checklist in Cloud Security Alliance Cloud Controls Matrix (CCM)

As a framework, the CSA CCM provides organizations with the needed structure, detail and clarity relating to information security tailored to the cloud industry.

The CSA CCM strengthens existing information security control environments by emphasizing business information security control requirements, reduces and identifies consistent security threats and vulnerabilities in the cloud, provides standardized security and operational risk management, and seeks to normalize security expectations, cloud taxonomy and terminology, and security measures implemented in the cloud.
 https://cloudsecurityalliance.org/group/cloud-controls-matrix/
0
 
LVL 25

Expert Comment

by:madunix
ID: 41792278
Look at Statement on Auditing Standards (SAS) 70 audit report; SAS 70 is an internal controls audit carried out by a third-party auditing organization. http://sas70.com/
0
 
LVL 37

Expert Comment

by:bbao
ID: 41792309
a broad question. could you please tell us your particular requirement or the things you most worry about?
0

Featured Post

Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Do you know what to look for when considering cloud computing? Should you hire someone or try to do it yourself? I'll be covering these questions and looking at the best options for you and your business.
A look at how technology has changed storm coverage and how it can help in the aftermath.
This is an introductory video for CloudBerry Managed Backup. You will learn how to sign up with the service and get started in a few minutes.
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…
Suggested Courses

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question