Cloud Computing Adaptations are increasingly high among the organizations. It has the flexibility of running your traditional application, SaaS application to next generation PAAS application and also providing micro instance of servers to any level of computing and storage capacity. All these are available instantly .
Along with this benefits customers are not to forget that your applications are running in other’s data centre and your data is stored in public network. This poses great challenges in terms of Security. All the Cloud Users are in the position to understand the risk and mitigate them using appropriate practices, methods and technologies.
Following the below mentioned steps can ensure that your risks are balanced and your Cloud Services are secure.
Verify your Cloud Service Provider is certified with ISO27001 or any other industry standard certification for providing secure services to the users.
- Ensure your cloud services are encapsulated with the firewall services and only the needed ports are open and accessible.
- Use HTTPS with valid Encryption certificate instead of HTTP so that your sessions are secured.
VPN can be used instead of HTTPS if your services needs to be accessed by only your user not by the entire world.
Proper security controls are to be enabled in appropriate junction of application.
If your have multiple servers interconnected in the cloud, consider creating private subnets instead of interconnected public IPs.
Avoid shared passwords and keep the passwords complex not easily guessed by others.
Use sensible cost effective multiple layer of authentication by combining normal username & password with VPN Token or SMS based authentication.