Question

You and your colleague develop a proposal for migrating your department's resources to a public cloud and then present it to the department's IT services director. he is immediately concerned about security. Some of the data derived from experiments, including gene sequencing information, is stored on your server's hard disks and is strictly confidential. a data leak would lead to great embarrassment, and possibly lawsuits. Not only that, but the IT services director believes that if data were stolen from a cloud computing environment, the culprit would probably never be found. You investigate the security aassurances of two leading cloud network solutions, Amazon's EC2 andRackspace. After looking into it, list the security measures and and guarantees these providers promise. Based on what you have learned, what aspect of public cloud security remains the weakest? How does this compare with the security of your network as it is currently structured? What types of security are you, as the network administrator, still responsible for providing? How do you answer your boss's claim that security breaches in the cloud cannot be traced?

Answer 1

What types of security are you, as the network administrator, still responsible for providing?

- Always Change the default passwords for the default users.
- And Do not reuse the same passwords.
- when ever an employee is in leave Always disable the user accounts.
- Always track the logs in the server or systems and examine all kind of security logs in servers.
- Always do the regular network scans in the server or system.
- Always monitor the outbound network traffic in order to avoid the Malware detection.
- Always patch the systems and updates which are available and Keep the operating system and application software up to date.
- Always have plan for security precautions and implement the security plan.
- In between the clients and vendors raise user awareness about the security info.
- And have the management support to implement the security plan.

There are some ideas on improving the network security in the cloud as follows below:

How does this compare with the security of your network as it is currently structured?

- Adopting the mindset of the IT team to prioritize the most business critical parts in cloud security.

- The network and use network segmentation to achieve the creation of network zones and limits the ability for a hacker to move laterally across a compromised network.

- Network segmentation requires continual updates and configurations in servers and systems for better security and they must maintain the difference between a hacker and employees for troubling the computer and helping themselves in cloud computing.

- Better to Implement an enterprise wide security policy to serve as a crucial road map for any cloud team and IT team to maintain the security architecture.

- We should protect the cloud systems and findout the best way for the network to operate with minimal risk.

- The security policy should always take the consideration for all the regulatory and enterprise compliance which are require and how to apply timely patches to maintain compliance in the cloud business.

- There should be a good Security policy enforcement. So that the security policy can defines how the IT platform behaves and validate that it is being enforced across our network.

- Doing the minimal amount of security precautions and security steps with some regulations wont make our network safer. So the Organizations must monitor their network for changes to configurations and ensure the changes are approved and compliant with the policy maintained.

- There is a new generation of cybercriminals has been intimated the knowledge of cloud systems and inner workings which are using the vulnerabilities to their advantage.

- So While managing the network security it can be a complex, resource intensive task, it is a crucial part for all the senior management and they cant have an accurate picture of the security posture at all times and they cant have the ability to act quickly to close the gaps in the cloud security.