How To Secure Your Cloud Hosting? Part 1

How to secure your cloud hosting? Part 1

So having completed the migration of your application or site to the cloud, say to AWS or RS, be prepared to get surprised by the initial hacker attack attempts on your site! Recently, we had the experience of handling two projects, one with AWS and another with RS. We were surprised to take note of our system event viewer logs.

(See the screen shot).

RDP- Remote Desktop Protocol

To start the hardening process first we disabled the RDP service in the server. This will have its own effects as something like closing our own house door. We started using the console provided.

We found that a several hundred attempts to login in to our account from the hackers worldwide within two days of launch. Bad guys from all around the world… from Iran, China, Korea and so many other countries. It seems that they are never going to stop trying to get in. So the so called hardening work started. Hardening the cloud system. Let me explain what we did to harden the cloud servers.

It is told that ‘ a ship in harbor is safe. But that is not what ships are for.’

Similarly the objective of cloud hosted site or application is to give ease of access to the intended worldwide varied audience. At the same time, we should have ease of access too for doing the admin works, adding content, making changes to the code etc., One of the oldest ways practiced by hackers is cracking the Administrator password. If our id can be taken, an outsider becomes insider. In the cloud computing model, every one including System Admin is an outsider! The cloud eco system throws open an added list of vulnerabilities. In the initial days immediately after the launch, we have to make an approach wherein we systematically close down ways of outsider intruding in to our system.

To be continued in Part 2

By Glenn Blake

About Glenn Blake

Glenn Blake is a writer for CloudTweaks and has been writing about technology trends for over 25 years.

View Website
View All Articles

Sorry, comments are closed for this post.

Comics
Four Trends Driving Demand For Data Security In 2017

Four Trends Driving Demand For Data Security In 2017

Data Security Trends 2017 will be a hallmark year for security in the enterprise as all industries have reached a tipping point with respect to cloud and mobile adoption, forcing more and more data beyond the corporate firewall. Over 100 IT executives weighed in on their plans for 2017 in our latest survey; buried among…

The Fully Aware, Hybrid-Cloud Approach

The Fully Aware, Hybrid-Cloud Approach

Hybrid-Cloud Approach For over 20 years, organizations have been attempting to secure their networks and protect their data. However, have any of their efforts really improved security? Today we hear journalists and industry experts talk about the erosion of the perimeter. Some say it’s squishy, others say it’s spongy, and yet another claims it crunchy.…

Three Reasons Cloud Adoption Can Close The Federal Government’s Tech Gap

Three Reasons Cloud Adoption Can Close The Federal Government’s Tech Gap

Federal Government Cloud Adoption No one has ever accused the U.S. government of being technologically savvy. Aging software, systems and processes, internal politics, restricted budgets and a cultural resistance to change have set the federal sector years behind its private sector counterparts. Data and information security concerns have also been a major contributing factor inhibiting the…

Choosing IaaS or a Cloud-Enabled Managed Hosting Provider?

Choosing IaaS or a Cloud-Enabled Managed Hosting Provider?

There is a Difference – So Stop Comparing We are all familiar with the old saying “That’s like comparing apples to oranges” and though we learned this lesson during our early years we somehow seem to discount this idiom when discussing the Cloud. Specifically, IT buyers often feel justified when comparing the cost of a…

Three Challenges of Network Deployment in Hyperconverged Infrastructure for Private Cloud

Three Challenges of Network Deployment in Hyperconverged Infrastructure for Private Cloud

Hyperconverged Infrastructure In this article, we’ll explore three challenges that are associated with network deployment in a hyperconverged private cloud environment, and then we’ll consider several methods to overcome those challenges. The Main Challenge: Bring Your Own (Physical) Network Some of the main challenges of deploying a hyperconverged infrastructure software solution in a data center are the diverse physical…

Maintaining Network Performance And Security In Hybrid Cloud Environments

Maintaining Network Performance And Security In Hybrid Cloud Environments

Hybrid Cloud Environments After several years of steady cloud adoption in the enterprise, an interesting trend has emerged: More companies are retaining their existing, on-premise IT infrastructures while also embracing the latest cloud technologies. In fact, IDC predicts markets for such hybrid cloud environments will grow from the over $25 billion global market we saw…

Cyber Criminals Are Business People Too

Cyber Criminals Are Business People Too

Cyber Crime Business You’re on the morning train on the way to work and take a look at the guy next to you. He’s clean-cut, wearing a crisp suit and holding a leather briefcase just like dozens of others. Just another worker headed to the office, right?. Yes, but not in the way you think…

2017 Brings DLP Technology and IoT’s Weaknesses to Light

2017 Brings DLP Technology and IoT’s Weaknesses to Light

DLP Technology In regards to data loss prevention (DLP), in the last five years many companies rushed to implement DLP solutions without taking the time to first identify the data that should not transit egress points. Most of these rushed implementations have not been successful. Security analysts, in particular 451 Research, have been recommending that…

Through the Looking Glass: 2017 Tech and Security Industry Predictions

Through the Looking Glass: 2017 Tech and Security Industry Predictions

2017 Tech and Security Industry Predictions As we close out 2016, which didn’t start off very well for tech IPOs, momentum and performance has increased in the second half, and I believe that will continue well into 2017. M&A activity will also increase as many of the incumbents will realize that they need to inject…