Securing a Private Cloud…

How to secure a private cloud

Currently the whole debate of private cloud vs public cloud is still going on, although it has died down somewhat. Personally, I am on the fence for this one as I believe (like so many others) that a private cloud is the same as a public cloud, just that the reins for control and security are more wholly in your corner.  As such, if anything goes wrong your buttocks are most likely to get prodded.

Here are some tips on how to secure a private cloud:

  • Don’t take half measures – embedding crytpographically strong checksums into specific security files such as manifests or descriptors that have been pre-checked may be a valid security measure but why stop there? Why not ensure secure retrieval for the entire archive while you’re at it? If you are going to implement something like signatures make sure that it is enabled at every point of entry covering every aspect possible.
  • Best practices have not changed – the platform may have changed but the basics remain the same. This includes making sure of access, integrity, authenticity and confidentiality just like before. For example, secure password creation and usage is the basics of any form of networking security yet it is still one of the most commonly exploited factors in any attack from outside sources. This is because people still use “password” or “1234” as their password of choice even when logging into your private cloud.
  • Be wary of outside intentions – if you are relying on an outside company to provide security for your private cloud even a simple link to their site may act as a security breach, allowing attackers to discreetly enter and wreak havoc. While I am not advocating that you trust no one, some security companies commonly register non-secure URL HTTP links in their VMfeed modules to appliances and the like which can be used to piggyback into your “secure” private cloud.
  • Virtual security for virtual services – thinking that a new security hardware will stop an attack on a virtual system such as your private cloud is one sure way to get your buttocks prodded. What may work for a hardware based network may not work all the time for a virtual system, especially one that constantly changes. As such you should make sure that all your bases are covered, especially the virtual ones, for example, shifting towards a more flexible logic-based security and so forth.
  • Make sure everyone is on the level – since everything is still new, there are still no set standards or policies which govern the security for a private cloud. Making sure that everyone related to the security measures in your company are on the same level as yourself is a good way to keep everything tight and secure. You do not want a private cloud vulnerability to open up just because someone else likes to do things differently.

Disclaimer: These tips are not the be and all for every security vulnerability or possibility that may occur in your private cloud, but if you follow them in general, you can expect the likelihood of security breaches in your private cloud to be less.

By Muz Ismial

Sorry, comments are closed for this post.

The Future Of Work: What Cloud Technology Has Allowed Us To Do Better

The Future Of Work: What Cloud Technology Has Allowed Us To Do Better

The Future of Work: What Cloud Technology Has Allowed Us to Do Better The cloud has made our working lives easier, with everything from virtually unlimited email storage to access-from-anywhere enterprise resource planning (ERP) systems. It’s no wonder the 2013 cloud computing research IDG survey revealed at least 84 percent of the companies surveyed run at…

Cloud Infographic – Cloud Fast Facts

Cloud Infographic – Cloud Fast Facts

Cloud Infographic – Cloud Fast Facts It’s no secret that Cloud Computing is more than just a buzz term as that ship has sailed off a long time ago. More and more companies are adopting the uses and benefits of cloud computing while aggressively factoring cloud services spending into their budget. Included is an excellent…

IBM and SAP Announce Industry’s Largest Cloud Deal

IBM and SAP Announce Industry’s Largest Cloud Deal

IBM and SAP Announce Industry’s Largest Cloud Deal IBM and SAP have shaken the cloud computing world this afternoon with the announcement of one of the largest cloud deals in the industry’s history – bringing together two of the largest technology companies in a bid to offer a more holistic service to their clients. SAP…

Cloud Infographic – The Future Of Big Data

Cloud Infographic – The Future Of Big Data

The Future Of Big Data Big Data is BIG business and will continue to be one of the more predominant areas of focus in the coming years from small startups to large scale corporations. We’ve already covered on CloudTweaks how Big Data can be utilized in a number of interesting ways from preventing world hunger to helping teams win…

Big Data Analytics Adoption

Big Data Analytics Adoption

Big Data Analytics Adoption Big Data is an emerging phenomenon. Nowadays, many organizations have adopted information technology (IT) and information systems (IS) in business to handle huge amounts of data and gain better insights into their business. Many scholars believe that Business Intelligence (BI), solutions with Analytics capabilities, offer benefits to companies to achieve competitive…

CONNECT TO THE CLOUD

 

Cloud Logo Sponsors

hp Logo CityCloud-PoweredByOpenstack-Bluesquare_logo_100x100-01
cisco_logo_100x100 vmware citrix100


Contributor Spotlight

Established in 2009, CloudTweaks is recognized as one of the leading influencers in cloud computing, big data and internet of things (IoT) information. Our goal is to continue to build our growing information portal, by providing the best in-depth articles, interviews, event listings, whitepapers, infographics and much more.

Contact

CloudTweaks Media
Phone: 1 (212) 763-0021