How To Secure Your Cloud Hosting? Part 1

How to secure your cloud hosting? Part 1

So having completed the migration of your application or site to the cloud, say to AWS or RS, be prepared to get surprised by the initial hacker attack attempts on your site! Recently, we had the experience of handling two projects, one with AWS and another with RS. We were surprised to take note of our system event viewer logs.

(See the screen shot).

RDP- Remote Desktop Protocol

To start the hardening process first we disabled the RDP service in the server. This will have its own effects as something like closing our own house door. We started using the console provided.

We found that a several hundred attempts to login in to our account from the hackers worldwide within two days of launch. Bad guys from all around the world… from Iran, China, Korea and so many other countries. It seems that they are never going to stop trying to get in. So the so called hardening work started. Hardening the cloud system. Let me explain what we did to harden the cloud servers.

It is told that ‘ a ship in harbor is safe. But that is not what ships are for.’

Similarly the objective of cloud hosted site or application is to give ease of access to the intended worldwide varied audience. At the same time, we should have ease of access too for doing the admin works, adding content, making changes to the code etc., One of the oldest ways practiced by hackers is cracking the Administrator password. If our id can be taken, an outsider becomes insider. In the cloud computing model, every one including System Admin is an outsider! The cloud eco system throws open an added list of vulnerabilities. In the initial days immediately after the launch, we have to make an approach wherein we systematically close down ways of outsider intruding in to our system.

To be continued in Part 2

By Glenn Blake

About Glenn Blake

Glenn Blake is a writer for CloudTweaks and has been writing about technology trends for over 25 years.

Find out more
View All Articles

Sorry, comments are closed for this post.

Comic
InformationWeek Reveals Top 125 Vendors Taking the Technology Industry by Storm

InformationWeek Reveals Top 125 Vendors Taking the Technology Industry by Storm

InformationWeek Reveals Top 125 Vendors Five-part series details companies to watch across five essential technology sectors SAN FRANCISCO, Sept. 27, 2016 /PRNewswire/ — InformationWeek released its list of “125 Vendors to Watch” in 2017. Selected by InformationWeek’s expert editorial team, the companies listed fall into one of five key themes: infrastructure, security, cloud, data management and…

Part 1 – Connected Vehicles: Paving The Way For IoT On Wheels

Part 1 – Connected Vehicles: Paving The Way For IoT On Wheels

Connected Vehicles From cars to combines, the IoT market potential of connected vehicles is so expansive that it will even eclipse that of the mobile phone. Connected personal vehicles will be the final link in a fully connected IoT ecosystem. This is an incredibly important moment to capitalize on given how much time people spend…

Embedded Sensors and the Wearable Personal Cloud

Embedded Sensors and the Wearable Personal Cloud

The Wearable Personal Cloud Wearable tech is one avenue of technology that’s encouraging cloud connections and getting us all onto interconnected networks, and with the continued miniaturization and advancement of computing the types of wearable tech are always expanding and providing us with new opportunities. A few years ago, smartwatches were rather clunky devices with…

SWIFT Says Bank Hacks Set To Increase

SWIFT Says Bank Hacks Set To Increase

Bank Hacks Set To Increase SWIFT, whose messaging network is used by banks to send payment instructions worth trillions of dollars each day, said three clients were hacked over the summer and cyber attacks on banks are set to increase. The theft of $81 million in February from Bangladesh’s central bank using SWIFT messages rocked…

Security: Avoiding A Hatton Garden-Style Data Center Heist

Security: Avoiding A Hatton Garden-Style Data Center Heist

Data Center Protection In April 2015, one of the world’s biggest jewelry heists occurred at the Hatton Garden Safe Deposit Company in London. Posing as workmen, the criminals entered the building through a lift shaft and cut through a 50cm-thick concrete wall with an industrial power drill. Once inside, the criminals had free and unlimited…

HOW THE CFAA RULING AFFECTS INDIVIDUALS AND PASSWORD-SHARING

HOW THE CFAA RULING AFFECTS INDIVIDUALS AND PASSWORD-SHARING

Individuals and Password-Sharing With the 1980s came the explosion of computing. In 1980, the Commodore ushered in the advent of home computing. Time magazine declared 1982 was “The Year of the Computer.” By 1983, there were an estimated 10 million personal computers in the United States alone. As soon as computers became popular, the federal government…

The Cancer Moonshot: Collaboration Is Key

The Cancer Moonshot: Collaboration Is Key

Cancer Moonshot In his final State of the Union address in January 2016, President Obama announced a new American “moonshot” effort: finding a cure for cancer. The term “moonshot” comes from one of America’s greatest achievements, the moon landing. If the scientific community can achieve that kind of feat, then surely it can rally around…

Cloud-based GRC Intelligence Supports Better Business Performance

Cloud-based GRC Intelligence Supports Better Business Performance

Cloud-based GRC Intelligence All businesses need a strategy and processes for governance, risk and compliance (GRC). Many still view GRC activity as a burdensome ‘must-do,’ approaching it reactively and managing it with non-specialized tools. GRC is a necessary business endeavor but it can be elevated from a cost drain to a value-add activity. By integrating…

Don’t Be Intimidated By Data Governance

Don’t Be Intimidated By Data Governance

Data Governance Data governance, the understanding of the raw data of an organization is an area IT departments have historically viewed as a lose-lose proposition. Not doing anything means organizations run the risk of data loss, data breaches and data anarchy – no control, no oversight – the Wild West with IT is just hoping…

THE FUTURE OF BIG DATA AND DNS ANALYTICS

THE FUTURE OF BIG DATA AND DNS ANALYTICS

Big Data and DNS Analytics Big Data is revolutionizing the way admins manage their DNS traffic. New management platforms are combining historical data with advanced analytics to inform admins about possible performance degradation in their networks. Not only that, but they also have the ability to suggest ways to optimize network configurations for faster routing.…

Infographic Introduction – Benefits of Cloud Computing

Infographic Introduction – Benefits of Cloud Computing

Benefits of Cloud Computing Based on Aberdeen Group’s Computer Intelligence Dataset, there are more than 1.6 billion permutations to choose from when it comes to cloud computing solutions. So what, on the face of it, appears to be pretty simple is actually both complex and dynamic regardless of whether you’re in the market for networking,…

Cloud Infographic: IoT For Automotive Deconstructed

Cloud Infographic: IoT For Automotive Deconstructed

IoT For Automotive Deconstructed The IoT automotive industry is moving rapidly with many exciting growth opportunities available. We’ve written about some of the risks and benefits as well as some of the players involved. One thing for certain as that the auto industry is starting to take notice and we can expect the implementation of a…

Three Factors For Choosing Your Long-term Cloud Strategy

Three Factors For Choosing Your Long-term Cloud Strategy

Choosing Your Long-term Cloud Strategy A few weeks ago I visited the global headquarters of a large multi-national company to discuss cloud strategy with the CIO. I arrived 30 minutes early and took a tour of the area where the marketing team showcased their award winning brands. I was impressed by the digital marketing strategy…

The Cloud Above Our Home

The Cloud Above Our Home

Our Home – Moving All Things Into The Cloud The promise of a smart home had excited the imagination of the movie makers long ago. If you have seen any TV shows in the nineties or before, the interpretation presented itself to us as a computerized personal assistant or a robot housekeeper. It was smart,…

Big Data – Top Critical Technology Trend For The Next Five Years

Big Data – Top Critical Technology Trend For The Next Five Years

Big Data Future Today’s organizations should become more collaborative, virtual, adaptive, and agile in order to be successful in complex business world. They should be able to respond to changes and market needs. Many organizations found that the valuable data they possess and how they use it can make them different than others. In fact,…

How Data Science And Machine Learning Is Enabling Cloud Threat Protection

How Data Science And Machine Learning Is Enabling Cloud Threat Protection

Data Science and Machine Learning Security breaches have been consistently rising in the past few years. Just In 2015, companies detected 38 percent more security breaches than in the previous year, according to PwC’s Global State of Information Security Survey 2016. Those breaches are a major expense — an average of $3.79 million per company,…