RANSOMWARE TRACKING MAPS

Recent problems experienced with Ransomware are evident from infections, which have occurred in 99 countries including China and Russia. The organization that was worst hit by the attack was the National Health Service in England. It was reported that there was a WannaCry programme that demanded...

How To Secure Your Cloud Hosting? Part 3

How To Secure Your Cloud Hosting? Part III

Authentication 

For signing in to the cloud account AWS goes with mail id and password as the usual credentials. Rackspace goes with user id and password. AWS introduced Multi Factor Authentication long time back. Multi Factor Authentication involves an authentication device. Gemalto provides the compatible device. (See image of Gemalto device) When we sign in to our AWS Portal or AWS Console, access is granted when we give the authentication credentials of email id and password. When we opt in for AWS MFA (Amazon Web Service – Multi Factor Authentication) feature, access will be granted only when the precise code from the authentication device is provided additionally. This is an extra protection. This protection given to AWS Management Console can be extended to EC2 Instances, CloudFront and S3 Versioning.

Securing Instances

In the case of AWS EC2, it is not that Quick Start Images are there but also community AMIs (Amazon Machine Instances),  a several thousands of them. We found some of them already hardened with security features. These cover Windows and other Unix distros.  When creating AWS instance, Key Pair and Security Zone are the two items required. Key Pair has to be named and downloaded to the computer.

Tip: Save the key pair in a secure place so that you can remember.

Only once can we get a Private Key. For the first time you access an instance this will be used.

In the case of Rackspace, the root password will be shown on the screen. Also, Rackspace sent an email containing an IP address and Password.

AWS Security Zone can be assumed as a firewall.

Tip: Security Zone settings are the ultimate decider that will over rule the other settings that we give in instances.

It is customary to choose default zone, when we are working on the first time. To harden the system, better to go for specific protocols and ip addresses specifically. If we name the security zones uniquely, we can use it for future instances.

We have done projects in the past one year with Gogrid, Microsoft Windows Azure, Amazon Web Services and Rackspace. The cloud services are continuously evolving with new features. We find that issues are being resolved continuously by service providers. Just for an example: We covered the issues involved in sending email from cloud.

On 25th Jan 2011, AWS announced the introduction of Simple Email Service. We can cover more on the security of cloud services related to SSH access, application/ code etc., in future posts.

By Glenn Blake

About Glenn Blake

Glenn Blake is a writer for CloudTweaks and has been writing about technology trends for over 25 years.

View Website

SYNDICATED NEWS SOURCES

Hack of U.S. securities regulator rattles investors, stirs doubts

By CloudBuzz | September 21, 2017

WASHINGTON/NEW YORK (Reuters) – Wall Street’s top regulator faced questions on Thursday about its defenses against cyber criminals after admitting hackers breached its electronic database of corporate announcements and may have used it for insider trading. The incursion at the…

Leaking Cloud Databases and Servers Expose Over 1 Billion Records

By CloudBuzz | September 21, 2017

Servers Expose Over 1 Billion Records As The Wall Street Journal recently pointed out, some clients of cloud service providers such as Amazon and Microsoft are accidentally leaving their cloud databases exposed due to misconfigurations of their services. Coupled with recent headline-making…

Thales Joins the Microsoft Enterprise Cloud Alliance

By CloudBuzz | September 21, 2017

SAN JOSE, Calif., Sept. 21, 2017 /PRNewswire/ — Thales, a leader in critical information systems, cybersecurity and data security, is now a member of the Microsoft Enterprise Cloud Alliance (ECA). Designed to foster innovation and promote awareness of partner solutions, the ECA membership…

Addressing the UK NCSC’s Cloud Security Principles

By CloudBuzz | September 20, 2017

As your organization adopts more cloud services, it’s essential to get a clear picture of how sensitive data will be protected. Many authorities, from government regulators, to industry standards bodies and consortia, have provided guidance on how to evaluate cloud…

RiskVision Named 2017 Cybersecurity Breakthrough Awards Winner

By CloudBuzz | September 20, 2017

RiskVision Named 2017 Cybersecurity Breakthrough Awards Winner for Enterprise Risk Management (ERM) Software of the Year SUNNYVALE, CA–(Marketwired – Sep 20, 2017) – RiskVision, the enterprise risk intelligence company formerly known as Agiliance, today announced that the RiskVision platform has…

Amazon working on ‘smart glasses’ as its first wearable device: FT

By CloudBuzz | September 20, 2017

(Reuters) – Amazon.com Inc is working on its first wearable device – a pair of ‘smart glasses’, the Financial Times reported on Wednesday. The device, designed like a regular pair of spectacles, will allow Amazon’s digital assistant Alexa to be…