How To Secure Your Cloud Hosting? Part 2

Secure Your Cloud Hosting

Before getting into the nitty gritty of what we did in our projects for hardening the cloud servers hosted by us, we would like to emphasize the following, so that these can be firmly embedded in the mind set of readers.

  • First, the way cloud computing is attracting attention is mind boggling. Enterprises have started adopting to cloud concept where in they go for sharing public infrastructure. Having started this trend, it will go without any stopping in future. Traditional Security measures practiced in-house are not enough in the new trend.
  • Second, the inherent nature of elasticity multiplies the security need. Servers that we are talking about here are not servers as we saw them in the past as boxes. With virtualization, the servers we mention here are only files; instances as they may be called. System administrators should be aware of this fact.
  • Third, Organizations those turn in to IaaS, PaaS and SaaS, seems to be always in a hurry. They want the server to be up yesterday! There is no time given to do network and system administration jobs. As such there is a serious need to look at all the aspects of cloud servers starting from operating system, application security, to implementation of ISMS.
  • Fourth, the cyber criminals out there are even more sophisticated than what we could figure out every time! An entire underground business is running there parallel. There is economy working there, too. New servers coming up in cloud en-masse is aiding their activities. It is just that the forces that have nothing to do with our business may be encountered.
  • Fifth, the implication of security breach is severe nowadays. Reputation of businesses built over years and decades can go shambles in minutes! Just remember the recent news on the down times and outages of global services. Overnight businesses can go to bankruptcy if there is an attack.

Traditionally, system security is approached with Authentication/Access Control Methods, Input Handling and Denial of Service attacks.

Authentication: We started with RDP in the first part. Remote Desktop Connection is a required feature for server administration. Initially closing this is just like closing the house door. We did that. We need to do it in the initial days of server gone live. Because everyone is trying to hack the password and try to enter through Remote Connection, as soon as the cloud server is hosted! Then create a Secondary Administrator. The secondary Administrator user name should be very difficult to guess and figure out. The password for the same should be strongest.

Tip: In case we resort to complete disable or deletion of Administrator, as an extreme security measure, we can still log in through console. But, for resetting the password there will not be a way. Hence, as resetting the password may be required in future in the chance of us forgetting the credentials, better not to disable the Administrator access.

By Malick Md

About CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in connected technology information and services.

We embrace and instill thought leadership insights, relevant and timely news related stories, unbiased benchmark reporting as well as offer green/cleantech learning and consultive services around the world.

Our vision is to create awareness and to help find innovative ways to connect our planet in a positive eco-friendly manner.

In the meantime, you may connect with CloudTweaks by following and sharing our resources.

View All Articles

Sorry, comments are closed for this post.

‘Tis The Season To Be Deploying Sensors

‘Tis The Season To Be Deploying Sensors

Deploying Sensors Overhead the Christmas Drones are buzzing, delivering packages to the good girls and boys. Back at the main location people are analyzing the good and bad data collected over the year about each person. Data analytics that is creating a list, gathering all the data and then checking the data on that list…

The Cloud Showdown: How To Determine The Best Cloud Solution For Your Business

The Cloud Showdown: How To Determine The Best Cloud Solution For Your Business

The Cloud Showdown For small and medium businesses (SMB) seeking to grow in 2016, options for increasing efficiency abound. The Cloud offers many benefits for businesses, including slashing IT expenses, providing a more efficient and reliable way to store and back up data, and facilitating collaboration among employees. In fact, 39 percent of SMBs claim…

How Your Business Can Overcome Its Fear of BYOD

How Your Business Can Overcome Its Fear of BYOD

Overcoming BYOD Fear While the popularity of the remote workforce has been on the rise, more and more people are returning to the office to work out of fear that their business data isn’t secure, according to a Neustar report. A whopping 83 percent of respondents are worried about the security of their files, and 27…

The Evolution Of The Connected Cloud

The Evolution Of The Connected Cloud

The Connected Cloud Cloud computing is interesting first, but not only, because of the prevalence of cloud projects. There are many of them launched every day. Some have lofty expectations for business benefits (cost saving of 20 percent or more) and others carry even more intriguing goals. In 2005 “the cloud” was new. Shared computing…

The Modular Drone Concept In Action

The Modular Drone Concept In Action

The Modular Drone Concept As the Internet of Things (IoT) world explodes around us, it is interesting to think about new ways of solving old problems. For example, drones allow for a potential solutions to a number of long-standing problems. Aerial drones that can carry modules are appearing. These new modular drones have a number…

How Data Privacy Reform Is Wreaking Havoc In The Cloud

How Data Privacy Reform Is Wreaking Havoc In The Cloud

Data Privacy Reform Is Wreaking Havoc Nations around the globe are stepping up efforts to better protect the personal data of private citizens. In particular, cross-border data security regulations and legislative reform is on the rise. The laws must evolve in order to mitigate theft, abuse and misappropriation of personally identifiable information (PII), better guard…

Cloud Computing – The Real Story Is About Business Strategy, Not Technology

Cloud Computing – The Real Story Is About Business Strategy, Not Technology

Enabling Business Strategies The cloud is not really the final destination: It’s mid-2015, and it’s clear that the cloud paradigm is here to stay. Its services are growing exponentially and, at this time, it’s a fluid model with no steady state on the horizon. As such, adopting cloud computing has been surprisingly slow and seen more…

CloudTweaks is recognized as one of the leading influencers in cloud computing, infosec, big data and the internet of things (IoT) information. Our goal is to continue to build our growing information portal by providing the best in-depth articles, interviews, event listings, whitepapers, infographics and much more.

Advertising