Are You Sure You Are Ready For The Cloud: Security

Cloud Security

For the last several months, we have been discussing ways to make sure you are ready for the next step in your IT evolution: Cloud.

When review the different steps of making sure you are ready, one that I have intentionally avoided was Security. I spoke to you about “Security of Business”, but not the actual securing of your cloud. It was a very simple reason why I did this: “No matter the IT environment, you must take precautions.

So, wanting to make sure we covered several of the other topics first (e.g. Design, Finance, Connectivity…), we move on to straight security. Although, isn’t that kind of an oxymoron statement? Why? Well, because security within an IT environment is multifaceted. It has move sides and needs than just simple authentication and authorization. And within and around a cloud, it is even more so. In the following example, I am going to use an onsite deployment scenario, and we can wade thru the levels one by one.

Perimeter Security

security

Lets start with our perimeter security. You have several layers, depending on your cloud management software. So, starting furthest from the center of your cloud, or in this case, we will call it a server Instance OS, we have the perimeter. This is normally a pair of firewalls setup in a fault tolerant or high availability (FT/HA) setup. It isn’t necessarily at the edge of your onsite cloud, in fact, most of the time it isn’t. It is at the edge of the datacenter, protecting all of it.

You have your firewalls at the perimeter, then, the next step down is probably another set of firewalls at the edge of the cloud. These firewalls should also be setup as FT/HA and restrict specific TCP/UDP ports traveling into and out of the cloud environment. But here, they may also divide up their responsibilities. They may provide protection for just the physical aspects of the cloud, which would be the Compute and Infrastructure nodes, or exposing an API interface from an internal port, they may provide protection for the virtual machines (VM) communicating to/from within or outside the cloud.

Security Tools

security-mail

Now, continuing on inside the cloud, and moving away from the physical infrastructure, your security becomes far more robust. Now, you will take advantage as things like LDAP or Microsoft AD for your user authentication and authorization at the VM level. Most cloud management tools also allow you to take advantage of other security tools, such as virtual firewalls, virtual edge routers and access to storage areas.

Now, lets spin it around and go back out away from your VMs. You have security in your OS. You then have it on each user based on either internal or external authentication and authorization. Then you go back through a possible virtual firewall and or an edge router. Then back through your physical kit. But remember, based on your cloud management software, you may have far more levels of security that is not based on the VMs or the physical routers and firewalls. Next month, we will dig into the SDN or Software Defined Network world of cloud.

By Richard Thayer

Future Fintech

What’s the cloud forecast for 2020?

Tech Agnosticism In 2019, we saw how cloud computing transformed the way data is managed, the way applications are developed and deployed, and also the way IT teams operate. Organizations are starting to experience the ...
Wasabi

Episode 3: The Bottomless Cloud – An Interview with David Friend of Wasabi

Why data is not “the new oil” and why “cloud” means more than we think. In his new book, author David Friend refers to the cloud as "bottomless," and disputes peoples' assessment that data is ...
Data Issues DBMS

Advantages of Database Management Systems (DBMS)

What Is A Database Management System (DBMS)? (Updated: 04,22,2020) A Database Management System, or DBMS, allows its users to create, read, delete and update data within a database. The management system works as an interface between ...
Anita Raj

The Criticality of Data Governance in a Multi-cloud Environment

The Criticality of Data Governance Multi-cloud has emerged as an enterprise favorite in almost no time.  In fact, Security Boulevard  makes a reference to a Forrester Research Report which confirms that almost 86 percent of ...
Digitizing Contact Center to Reduce Call Volume by 30% and Improve NPS

Digitizing Contact Center to Reduce Call Volume by 30% and Improve NPS

Digitizing Contact Center With a Net Promoter Score (NPS) average of 24, telecom holds the lowest industry average according to the NPS Benchmarks Report. Operational inefficiencies in contact centers play a major role in the low ...
AI and ML: Key Drivers to Building a Resilient Business

AI and ML: Key Drivers to Building a Resilient Business

The future is here. It’s 2021 and it’s already time for businesses to ready themselves for the new decade. The previous year has shown us that you have to be prepared for both expected and ...