Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

Cloud Computing Security

310 vues

Publié le

The presentation contains steps to secure the data and computing instances in the public cloud.

Publié dans : Internet
  • Soyez le premier à commenter

Cloud Computing Security

  1. 1. Cloud Computing Security Anshul Patel
  2. 2. Security Classification ● Cloud Computing Instance Security ● Cloud Networking Security ● Cloud Storage Security
  3. 3. Cloud Computing Instance Security ● CLI access to computing instance should be done via Bastion server. ● CLI access to computing instance should be key based authentication and not password based. ● CLI access to computing instance should be encrypted and over secure protocol. ● Users should access the computing instance with their corresponding key. ● LTS releases of Operating System should be used. ● Periodic security patches should be applied via Configuration Management. ● For critical hosts, HIDS should be implemented.
  4. 4. Cloud Networking Security ● Applications/Platforms should have their corresponding subnets. ● Only Public facing Applications/Platforms should be in public subnets. (DMZ) ● Non-Public facing Applications/Platforms should be in private subnets with access to NAT gateway. ● Computing Instance Firewall should allow traffic from desired ports and hosts only. ● Sensitive information should always be transferred over SSL over public network.
  5. 5. Cloud Storage Security ● Sensitive information should be encrypted and stored at rest. ● Access to data should be either role based or policy based. ● Only targeted audience should be able to access the data. ● API keys, application passwords, certificates should be stored in Key Management System. ● Access (Read/Write) to sensitive data should be logged. ● Sensitive data should be replicated.

×