Security In The Cloud – Maintaining A Secure Environment
One of the most prevalent points brought up by skeptics of cloud computing is the integrity of the security for said systems. Different reservations are held against different models of cloud computing, in particular for public clouds. The mere fact that public clouds host environments for multiple organizations and further supply the ability to accommodate multiple tenants for each group give the perception that information stored on such system may be accessible to anyone.
The effectiveness of the security of a cloud system relies on several different factors. First and foremost, the infrastructure upon which it is built will reflect the overall security capabilities of the system. The platform, or operating system, that exists on top of the underlying hardware will be used to restrict access to records and other services that regulate the operation of the system. This will correlate to the efficacy of stopping potentially the likes of malicious administrators, as well as other users that have legitimate access to the system who may intend to harm a business digitally. For example, file auditing, a feature that has been readily available since the inception of Windows Server 2003, is a great resource both as preventative security measure, like a visible security camera, and as a tool for review, should something go awry.
Mostly, the security of the system is the responsibility of the end user. This is where a few key concepts come into play. Educating staff is the most effective way to ensure that guidelines are followed; hence instilling secure for a cloud environment.
The following are some of the most important aspects to creating and maintaining a secure environment.
- Be smart with credentials. When creating an account with just about any web service, you are generally required to create a strong password. This means the password should be at least eight characters long, and contain a combination of upper case letters, lower case letters, numbers, and special characters. The password(s) used should also be completely unique. This will inhibit anyone from guessing the password and prevent password generating software from easily gaining access.
- Regularly back up data. Data back-up procedures should not be put to the wayside, even if the infrastructure of the cloud is fully redundant. There are still times where even the most seasoned IT professional will encounter a problem that leaves him shaking his head in confusion. Furthermore, accidents can happen. A back up of information from the system to another location will help prevent catastrophe should some mishap on a “perfect” system wipe out critical data.
- Keep up with workstations and mobile devices. More than likely, a hacker is going to take the path of least resistance. To gain access to a system, it is a lot easier to extract information from an auxiliary component of the network, rather than directly attacking the network’s infrastructure. Workstations, especially Windows, should always be updated with current security patches. Antivirus and firewalls are important to help prevent malevolent applications from accessing residual information on the computer that could allow for entry. Moreover, networking hardware, such as Bluetooth, should remain disabled. The fewer conduits for someone to attack means it is less likely to happen.
By Deney Dentel
Deney serves as CEO for Nordisk Systems, Inc. Nordisk Systems expertized in various IT services by providing the best solutions for you businesses on cloud compuing, virtualization, backup and recovery, and managed services.