Se ha denunciado esta presentación.
Utilizamos tu perfil de LinkedIn y tus datos de actividad para personalizar los anuncios y mostrarte publicidad más relevante. Puedes cambiar tus preferencias de publicidad en cualquier momento.

Cloud Computing Security

295 visualizaciones

Publicado el

The presentation contains steps to secure the data and computing instances in the public cloud.

Publicado en: Internet
  • Sé el primero en comentar

Cloud Computing Security

  1. 1. Cloud Computing Security Anshul Patel
  2. 2. Security Classification ● Cloud Computing Instance Security ● Cloud Networking Security ● Cloud Storage Security
  3. 3. Cloud Computing Instance Security ● CLI access to computing instance should be done via Bastion server. ● CLI access to computing instance should be key based authentication and not password based. ● CLI access to computing instance should be encrypted and over secure protocol. ● Users should access the computing instance with their corresponding key. ● LTS releases of Operating System should be used. ● Periodic security patches should be applied via Configuration Management. ● For critical hosts, HIDS should be implemented.
  4. 4. Cloud Networking Security ● Applications/Platforms should have their corresponding subnets. ● Only Public facing Applications/Platforms should be in public subnets. (DMZ) ● Non-Public facing Applications/Platforms should be in private subnets with access to NAT gateway. ● Computing Instance Firewall should allow traffic from desired ports and hosts only. ● Sensitive information should always be transferred over SSL over public network.
  5. 5. Cloud Storage Security ● Sensitive information should be encrypted and stored at rest. ● Access to data should be either role based or policy based. ● Only targeted audience should be able to access the data. ● API keys, application passwords, certificates should be stored in Key Management System. ● Access (Read/Write) to sensitive data should be logged. ● Sensitive data should be replicated.

×