Newsletter Subscribe

Bringing you thought leadership, news, infographics, resources and our own brand of comics each week to your inbox...

Securing a Private Cloud

Securing a Private Cloud

Currently the whole debate of private cloud vs public cloud is still going on, although it has died down somewhat. Personally, I am on the fence for this one as I believe (like so many others) that a private cloud is the same as a public cloud, just that the reins for control and security are more wholly in your corner.  As such, if anything goes wrong your buttocks are most likely to get prodded.

Here are some tips on how to secure a private cloud:

  • Don’t take half measures – embedding crytpographically strong checksums into specific security files such as manifests or descriptors that have been pre-checked may be a valid security measure but why stop there? Why not ensure secure retrieval for the entire archive while you’re at it? If you are going to implement something like signatures make sure that it is enabled at every point of entry covering every aspect possible.
  • Best practices have not changed – the platform may have changed but the basics remain the same. This includes making sure of access, integrity, authenticity and confidentiality just like before. For example, secure password creation and usage is the basics of any form of networking security yet it is still one of the most commonly exploited factors in any attack from outside sources. This is because people still use “password” or “1234” as their password of choice even when logging into your private cloud.
  • Be wary of outside intentions – if you are relying on an outside company to provide security for your private cloud even a simple link to their site may act as a security breach, allowing attackers to discreetly enter and wreak havoc. While I am not advocating that you trust no one, some security companies commonly register non-secure URL HTTP links in their VMfeed modules to appliances and the like which can be used to piggyback into your “secure” private cloud.
  • Virtual security for virtual services – thinking that a new security hardware will stop an attack on a virtual system such as your private cloud is one sure way to get your buttocks prodded. What may work for a hardware based network may not work all the time for a virtual system, especially one that constantly changes. As such you should make sure that all your bases are covered, especially the virtual ones, for example, shifting towards a more flexible logic-based security and so forth.
  • Make sure everyone is on the level – since everything is still new, there are still no set standards or policies which govern the security for a private cloud. Making sure that everyone related to the security measures in your company are on the same level as yourself is a good way to keep everything tight and secure. You do not want a private cloud vulnerability to open up just because someone else likes to do things differently.

Disclaimer: These tips are not the be and all for every security vulnerability or possibility that may occur in your private cloud, but if you follow them in general, you can expect the likelihood of security breaches in your private cloud to be less.

By Muz Ismial

About CloudBuzz

Daily tech news snapshots and insights from around the world...

View Website
Philips spotlights connected technology, predictive analytics software, and artificial intelligence advancing population health and precision medicine at HIMSS 2017 AMSTERDAM, Feb. 17, 2017 /PRNewswire/ -- Featuring new and enhanced connected health offerings at the 2017 HIMSS Conference & Exhibition (HIMSS17), Royal Philips (NYSE: PHG,AEX: PHIA), a global leader in health technology, will showcase a broad range of population health management, ...
Read More
Cupertino, California — Apple today announced its 28th annual Worldwide Developers Conference (WWDC) — hosting the world’s most talented developer community — will be held at the McEnery Convention Center in San Jose. The conference, kicking off June 5, will inspire developers from all walks of life to turn their passions into the next great innovations and apps that customers ...
Read More
When Cisco Systems Inc. reports earnings Wednesday, the big question will be if the networking giant’s repeated gambles on software can reverse a yearlong sales slide, or at least point to a reversal of that trend in the future. Cisco CSCO, +1.06%  is scheduled to report fiscal second-quarter earnings less than a month after announcing its latest multibillion-dollar software acquisition, ...
Read More
Offering Integrated and Automated Solutions, Expansive Partner Ecosystem, Advanced Architecture with Cross-Industry Collaboration SAN FRANCISCO, Feb. 14, 2017 – Today Intel Security outlined a new, unifying approach for the cybersecurity industry that strives to eliminate fragmentation through updated integrated solutions, new cross-industry partnerships and product integrations within the Intel Security Innovation Alliance and Cyber Threat Alliance (CTA). “Transforming isolated technologies ...
Read More
IoT Enablement, Analytics Offer Strong Monetisation Opportunities HAMPSHIRE, UNITED KINGDOM--(Marketwired - February 13, 2017) - A new study from Juniper Research has calculated that mobile network operators can realise an additional $85 billion in revenues over the next five years through the deployment and enhancement of non-core services including Big Data analytics and IoT (Internet of Things) enablement. Operators "Can ...
Read More