How To Secure Your Cloud Hosting? Part 2

Practically Speaking About Cloud Computing

Before getting into the nitty gritty of what we did in our projects for hardening the cloud servers hosted by us, we would like to emphasize the following, so that these can be firmly embedded in the mind set of readers.

  • First, the way cloud computing is attracting attention is mind boggling. Enterprises have started adopting to cloud concept where in they go for sharing public infrastructure. Having started this trend, it will go without any stopping in future. Traditional Security measures practiced in-house are not enough in the new trend.
  • Second, the inherent nature of elasticity multiplies the security need. Servers that we are talking about here are not servers as we saw them in the past as boxes. With virtualization, the servers we mention here are only files; instances as they may be called. System administrators should be aware of this fact.
  • Third, Organizations those turn in to IaaS, PaaS and SaaS, seems to be always in a hurry. They want the server to be up yesterday! There is no time given to do network and system administration jobs. As such there is a serious need to look at all the aspects of cloud servers starting from operating system, application security, to implementation of ISMS.
  • Fourth, the cyber criminals out there are even more sophisticated than what we could figure out every time! An entire underground business is running there parallel. There is economy working there, too. New servers coming up in cloud en-masse is aiding their activities. It is just that the forces that have nothing to do with our business may be encountered.
  • Fifth, the implication of security breach is severe nowadays. Reputation of businesses built over years and decades can go shambles in minutes! Just remember the recent news on the down times and outages of global services. Overnight businesses can go to bankruptcy if there is an attack.

Traditionally, system security is approached with Authentication/Access Control Methods, Input Handling and Denial of Service attacks.

Authentication:

We started with RDP in the first part. Remote Desktop Connection is a required feature for server administration. Initially closing this is just like closing the house door. We did that. We need to do it in the initial days of server gone live. Because everyone is trying to hack the password and try to enter through Remote Connection, as soon as the cloud server is hosted! Then create a Secondary Administrator. The secondary Administrator user name should be very difficult to guess and figure out. The password for the same should be strongest.

Tip:

In case we resort to complete disable or deletion of Administrator, as an extreme security measure, we can still log in through console. But, for resetting the password there will not be a way. Hence, as resetting the password may be required in future in the chance of us forgetting the credentials, better not to disable the Administrator access.

-Screen shot of new user (Alternate user / Secondary Admin) creation in Windows Server.

(To be continued in Part 3)

By Malick Md

Follow Us!

CloudTweaks

Established in 2009, CloudTweaks.com is recognized as one of the leading authorities in cloud computing information. Most of the excellent CloudTweaks articles are provided by our own paid writers, with a small percentage provided by guest authors from around the globe, including CEOs, CIOs, Technology bloggers and Cloud enthusiasts. Our goal is to continue to build a growing community offering the best in-depth articles, interviews, event listings, whitepapers, infographics and much more...
Follow Us!

One Response to How To Secure Your Cloud Hosting? Part 2

Join Our Newsletter

Receive updates each week on news, tips, events, comics and much more...

Can I Contribute To CloudTweaks?

Yes, much of our focus in 2015 will be on working with other influencers in a collaborative manner. If you're a technology influencer looking to collaborate long term with CloudTweaks – a globally recognized leader in cloud computing information – drop us an email with “tech influencer” in the subject line.

Please review the guidelines before applying.

Contributors

Cloud Infographic – Wearable Tech And Preventative Healthcare

Cloud Infographic – Wearable Tech And Preventative Healthcare

Wearable Tech And Preventative Healthcare There are so many exciting new opportunities available to utilize wearable technology in the future.  Areas such as nanotechnology disease monitoring, crowdfunding to wearable accessories are some excellent examples of the potential. Estimates vary, but appear to suggest that the market will produce between $14-50 Billion over the next few years. Included below

Ten Tips For Successful Business Intelligence Implementation

Ten Tips For Successful Business Intelligence Implementation

Ten Tips for Successful Business Intelligence Implementation The cost of Business Intelligence (BI) software goes far beyond the purchase price. Time spent researching, implementing, and maintaining your BI investment can snowball quickly and mistakes are often expensive. Your time is valuable – save it by learning from other businesses’ experiences. We’ve compiled the top ten

Knots And Cloud Service Providers

Knots And Cloud Service Providers

How Do These Two Compare? In Boy Scouts, I learned how to tie knots. The quickest knot you can tie is the slipknot. It’s very effective for connecting one thing to another via the rope you have. It was used in setting up tents, mooring boats to docks temporarily and lifting your food up into

Aggregated News

Popular News Sources

Storage Considerations for SharePoint Backups

Storage Considerations for SharePoint Backups

Storage Considerations for SharePoint Backups Wednesday, October 29, 2014 @ 9:00 am/12:00pm ET. Backup and Restore of a SharePoint environment can be a complex endeavor as the product consists of multiple components running at various tiers, each with their own backup and restore requirements. In addition, SharePoint documents are stored as Binary Large Objects (BLOBs) in

OpenDNS Deployment Leads to Twenty-Fold Decrease in Malware Infections at Hamamatsu

OpenDNS Deployment Leads to Twenty-Fold Decrease in Malware Infections at Hamamatsu

Decreases in Malware Infections at Hamamatsu OpenDNS, a leading provider of cloud-delivered security, today announced that it has enabled Hamamatsu, a Japanese manufacturer of optical sensor technologies, to virtually eliminate malware infections across its U.S. Read the source article at Finance News About Latest Posts Follow Us!CloudTweaksEstablished in 2009, CloudTweaks.com is recognized as one of the

IBM and Microsoft – What Are They Doing With The Hybrid Cloud?

IBM and Microsoft – What Are They Doing With The Hybrid Cloud?

What Are They Doing With The Hybrid Cloud? “Microsoft is committed to helping enterprise customers realize the tremendous benefits of cloud computing across their own systems, partner clouds and Microsoft Azure,” said Scott Guthrie, executive vice president,Cloud and Enterprise, Microsoft. “With this … Read the source article at CNNMoney About Latest Posts Follow Us!CloudTweaksEstablished in 2009, CloudTweaks.com is recognized