Stephen Coty: A start-up Cloud Security user's Guide

Source: Internet
Author: User
Keywords Cloud security public cloud cloud security

"Editor's note" as a cloud services solution, Alert logic integrates advanced 24x7 security tools to protect against threats and compliance, and is an advanced technology partner and security provider for AWS. This article comes from Stephen Coty, chief security officer at Alert Logic, who shares the best practices in cloud security. The following translations are shared by Stephen Coty:

Many years ago, I built a security and development company with huge dreams and little money. However, as I started building the necessary infrastructure and development platform, I quickly became aware of the cost problem. Of course, this happened in the early 21st century, when there was no cloud computing infrastructure, so if you want to have the infrastructure, you have to build your own, and then there's human resources, operations, finance, sales, and marketing, so I finally set up the infrastructure that the company needs and the team that maintains the infrastructure.

As a start-up, a basic task list is needed to build cloud computing. Today's cloud comes with a variety of self-service facilities and services that make many tasks easier. But even so, security is often considered afterwards. However, it is important to remember that cloud computing is an extension of a business network, whether or not it is known. Security vulnerabilities not only endanger the user's internal network, but also put the customer's data at risk.

Public cloud Security Threats

While the public cloud brings huge economic benefits, it is shared as a threat to any other infrastructure. Over the years, attack frequencies and the use of multiple malware are on the rise. As cloud event-related vulnerability scans, Web applications, and violent attacks increase, users need to understand the types of threats that affect the cloud, thus creating an appropriate depth security policy to protect the environment from malicious attacks.

Public Security Model

In a public cloud, the key to securing is understanding the security model shared between users and service providers, such as the public cloud service provider Amazon AWS. Without this, it can be assumed that when a user is responsible for a particular security feature, the service provider is protecting the user.

For example, a service provider is responsible for all of the underlying services, such as computing power, storage, databases, and network services. At the network level, service providers are responsible for network segmentation, perimeter services, some DDoS and spoofing.

However, you-end users are responsible for network threat detection, reporting, and any incident response. At the host level, the user is responsible for access management, patch management, configuration hardening, security monitoring, and log analysis. Application Component 100% is the responsibility of the user. The following figure shows the classification of responsibilities between users and service providers:

Understanding the roles of users and cloud vendors not only helps users make the best decisions about the cloud infrastructure, but also ensures that once the network security policy is implemented, it protects your data efficiently and cheaply from cloud threats.

Cloud Security Best Practices 1, Protection Code

It is the user's responsibility to protect the code. First, make sure that security is part of the software development cycle (SDLC). To this end, the list is as follows:

• Verify that the code is continuously updated and that any plug-ins have the latest patches;

• Add latency to the code to prevent the victim from becoming a zombie network;

• Use encryption;

• Test all libraries and third-party dependencies;

• Focus on vulnerabilities of products in use;

• Finally, keep scanning the code after making any changes.

2. Create Access Management policy

First, determine what the assets are. Once you have identified the list, identify the assets that you need to access for roles and responsibilities. If it is possible to centralize authentication, use a priority model for authentication. AWS offers many options for authentication management.

3. Using Patch Management Method

Again, consider developing an important list of programs:

• Find out all the assets list;

• Identify standardization plans as far as possible;

• Study potential vulnerabilities, classification based on vulnerability and risk of possibility;

• Test on patch release if possible;

• Create a regular patch plan that includes Third-party products that need to be updated manually.

4. Log Management

Logging now benefits far more than compliance; has become a powerful security tool. Users can use log data to monitor malicious behavior and incident investigations. The trick to make logs an effective security tool is to monitor abnormal behavior 24x7.

AWS Cloudtrail has a groundbreaking proposal in this regard. With Cloudtrail, the user's security provider can monitor cloud instance access from Amazon's management environment. Everyone tends to watch and monitor their environment from the Internet, and they rarely want to monitor activities from the back end. This is Cloudtrail innovation and provides customers with a level of transparency that interacts with the AWS API.

5. Establish a Security Toolkit

Users need to think of the cloud as a corporate network. Implement a defense-in-depth strategy that covers all responsibilities. Perform IP tables, Web application firewalls, antivirus software, intrusion detection, encryption, and log management. Explore security options and ensure that you have the right solution to your business.

6. Keep Informed

Users must keep an understanding of the vulnerabilities that may exist in their environment, and here are some of the world's top research sites. This will help users get the latest messages for vulnerabilities, development, and propagation of sexual attacks:

http://www.securityfocus.com

http://www.exploit-db.com

http://seclists.org/fulldisclosure/

http://www.securitybloggersnetwork.com/

http://www.sans.org/

http://www.nist.gov/

7. Understanding Service Provider

Finally, users need to know about security vendors and security products that share their security responsibilities. Ensure that the security policy is effective and can be effectively implemented through continuous testing.

The author of this article describes: Stephen Coty,alert Logic's chief security commissioner and members of Issa, Infragard and Htcia.

Original link: https://medium.com/aws-activate-startup-blog/a-users-guide-to-cloud-security-for-startups-3ec0c83df9f4

If you need to know the latest AWS information or technical documentation to access the AWS Chinese technology community, if you have more questions please ask at the AWS Technology Forum and experts will answer later.

Subscribe to the "AWS Chinese technology Community" micro-credit public number, real-time command of AWS technology and product information!

The AWS Chinese technology community provides an Amazon Web service technical Exchange platform for the vast majority of developers, pushing the latest news, technical videos, technical documents, wonderful technical blogs and other related highlights from AWS, as well as having AWS community experts to communicate with you directly! Join the AWS Chinese technology community to quickly and better understand the AWS cloud computing technology.

(Translator/King sails Zebian/yuping)

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.