Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Cloud Computing Security


Published on

The presentation contains steps to secure the data and computing instances in the public cloud.

Published in: Internet
  • Be the first to comment

Cloud Computing Security

  1. 1. Cloud Computing Security Anshul Patel
  2. 2. Security Classification ● Cloud Computing Instance Security ● Cloud Networking Security ● Cloud Storage Security
  3. 3. Cloud Computing Instance Security ● CLI access to computing instance should be done via Bastion server. ● CLI access to computing instance should be key based authentication and not password based. ● CLI access to computing instance should be encrypted and over secure protocol. ● Users should access the computing instance with their corresponding key. ● LTS releases of Operating System should be used. ● Periodic security patches should be applied via Configuration Management. ● For critical hosts, HIDS should be implemented.
  4. 4. Cloud Networking Security ● Applications/Platforms should have their corresponding subnets. ● Only Public facing Applications/Platforms should be in public subnets. (DMZ) ● Non-Public facing Applications/Platforms should be in private subnets with access to NAT gateway. ● Computing Instance Firewall should allow traffic from desired ports and hosts only. ● Sensitive information should always be transferred over SSL over public network.
  5. 5. Cloud Storage Security ● Sensitive information should be encrypted and stored at rest. ● Access to data should be either role based or policy based. ● Only targeted audience should be able to access the data. ● API keys, application passwords, certificates should be stored in Key Management System. ● Access (Read/Write) to sensitive data should be logged. ● Sensitive data should be replicated.