O slideshow foi denunciado.
Utilizamos seu perfil e dados de atividades no LinkedIn para personalizar e exibir anúncios mais relevantes. Altere suas preferências de anúncios quando desejar.

Cloud Computing Security

298 visualizações

Publicada em

The presentation contains steps to secure the data and computing instances in the public cloud.

Publicada em: Internet
  • Seja o primeiro a comentar

Cloud Computing Security

  1. 1. Cloud Computing Security Anshul Patel
  2. 2. Security Classification ● Cloud Computing Instance Security ● Cloud Networking Security ● Cloud Storage Security
  3. 3. Cloud Computing Instance Security ● CLI access to computing instance should be done via Bastion server. ● CLI access to computing instance should be key based authentication and not password based. ● CLI access to computing instance should be encrypted and over secure protocol. ● Users should access the computing instance with their corresponding key. ● LTS releases of Operating System should be used. ● Periodic security patches should be applied via Configuration Management. ● For critical hosts, HIDS should be implemented.
  4. 4. Cloud Networking Security ● Applications/Platforms should have their corresponding subnets. ● Only Public facing Applications/Platforms should be in public subnets. (DMZ) ● Non-Public facing Applications/Platforms should be in private subnets with access to NAT gateway. ● Computing Instance Firewall should allow traffic from desired ports and hosts only. ● Sensitive information should always be transferred over SSL over public network.
  5. 5. Cloud Storage Security ● Sensitive information should be encrypted and stored at rest. ● Access to data should be either role based or policy based. ● Only targeted audience should be able to access the data. ● API keys, application passwords, certificates should be stored in Key Management System. ● Access (Read/Write) to sensitive data should be logged. ● Sensitive data should be replicated.

×