Solved

Cloud Infrastructure

Posted on 2016-09-09
5
116 Views
Last Modified: 2016-09-21
Could someone explain the issues in network, host, and applications levels of cloud infrastructure security?
0
Comment
Question by:K K
  • 2
  • 2
5 Comments
 
LVL 63

Assisted Solution

by:btan
btan earned 250 total points
ID: 41792130
It is not really issue in the 3 areas per se of the security architecture. Instead you should ask the challenges in ensuring those domains are secured against threats such as

- data leakage or theft due to misconfiguration, infection esp for exploitation due to co-sharing of host and network in cloud vm environment and no proper security segregation of data based on sensitivity or classification

- Unauthorised access and abuse via 3rd party contractor or privileged user esp from remote access and not using any form of 2FA (rely on username and password), lack of audit trail and no proper access matrix done

- No data integrity and unable to detect tampering or hijacking attempt esp when data are not end to end encrypted and no protection when data at rest, data in transit and data in use.

- Lack of oversight of the whole posture of setup due to over reliance & manual checking with outsourced vendor, no form of regime for penetration test and vulnerability scanning to establish snapshots of security health and using no compliance outdated application/system

Key for above the cloud security architecture need a security by design strategy and always Adopt a trust but verify mindset to ascertain the claims - e.g. verified to be working as it is expected.
0
 
LVL 25

Accepted Solution

by:
madunix earned 250 total points
ID: 41792262
Cloud Deployment Models
  • Private (exclusive use by single organization);
  • Community (exclusive use by specific community);
  • Public (used by general public);
  • Hybrid (composed of two or more deployed models);


Cloud Service models
  • Software as a Service (SaaS), Example: Web mail customer uses providers applications;
  • Platform as a Service (PaaS), Example: Web service hosting; customer controls apps;
  • Infrastructure as a Service (IaaS),  Example: Linux server hosting; customer controls-operating systems, storage and applications;


Notice: It is important that you carefully review the terms of service when
evaluating a potential contract for cloud services and consider them in the
context of your organization’s security, so review contracts to ensure security and protection levels are agreed upon and ensure they have a business continuity plan (BCP) in place
0
 
LVL 63

Assisted Solution

by:btan
btan earned 250 total points
ID: 41792273
Can also check out the checklist in Cloud Security Alliance Cloud Controls Matrix (CCM)

As a framework, the CSA CCM provides organizations with the needed structure, detail and clarity relating to information security tailored to the cloud industry.

The CSA CCM strengthens existing information security control environments by emphasizing business information security control requirements, reduces and identifies consistent security threats and vulnerabilities in the cloud, provides standardized security and operational risk management, and seeks to normalize security expectations, cloud taxonomy and terminology, and security measures implemented in the cloud.
 https://cloudsecurityalliance.org/group/cloud-controls-matrix/
0
 
LVL 25

Expert Comment

by:madunix
ID: 41792278
Look at Statement on Auditing Standards (SAS) 70 audit report; SAS 70 is an internal controls audit carried out by a third-party auditing organization. http://sas70.com/
0
 
LVL 37

Expert Comment

by:bbao
ID: 41792309
a broad question. could you please tell us your particular requirement or the things you most worry about?
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Storing Data in multiple Countries 5 48
How to estimate Infrastructure as a Service cost. 2 160
Uninterruptable power suggestions. 16 94
Assurance for Cloud Hosted Systems 1 22
Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
There is no doubt that cloud is gaining importance. Many of you must have read about this technology and its growing importance. More and more organisations are embracing this technology not forgetting start-ups. The process begins by dipping …
This is an introductory video for CloudBerry Managed Backup. You will learn how to sign up with the service and get started in a few minutes.
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question