Page 5 - Cyber Warnings
P. 5
3 Top tips for companies moving to public cloud
Dr Konstantin Malkov from 5nine Software looks at the three most important
things you need to look at when moving to the public cloud.
If your company is planning on moving its networked system to the public cloud, there are three
things you need to consider closely in order to maintain the integrity and security of your data.
1. Understand that you will be giving up an element of control
It may sound obvious, but the cloud is different from a physical data centre. When IT
departments were focused on managing physical servers and workstations connected via
physical networks, securing those networks was relatively straight forward: protect the endpoint
by installing antivirus (AV), firewalls, and intrusion detection software etc.
The cloud has changed that. Now instead of having 100 physical machines communicating with
the outside world via defined network structures, you have maybe 10 physical machines each
hosting 10 virtual machines (VMs) often communicating with each other inside physical servers.
While this means less physical hardware, controlling how the individual virtual machines
communicate is far more complex.
The public cloud adds a further level of complexity, as you don’t have full access to the hosts
and VMs. While public cloud providers like Azure or AWS offer organizations a wide range of
benefits – including reduced costs – the VMs a company is using could be on a server that sits
inside the vendor’s data centres in various locations worldwide.
Not only does this restrict your physical access to your virtual servers and workloads, but it’s
also worth bearing in mind that you don’t have superadmin rights to your VMs in this
environment.
This means that as a minimum requirement for any public cloud setup you should ideally have
an easy-to-use GUI that enables you to set traffic rules for your public cloud VMs/Virtual Private
Servers( VPSs), as well as to be in control of those rules, have the ability to create VM Security
Groups, and review and save the logs. Isolation and control of your VMs has to be your number
one priority.
Even though there are various capabilities that public cloud portals or APIs provide to create
rules to protect your VMs, having an intuitive application that gives you the means to set the
isolation and traffic control rules is extremely good to have.
5 Cyber Warnings E-Magazine January 2017 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide