General Cloud Security Recommendations
This short chapter introduces a general list of recommendations for enhancing cloud security.
- PDF / 65,583 Bytes
- 4 Pages / 439.37 x 666.142 pts Page_size
- 41 Downloads / 211 Views
General Cloud Security Recommendations
Abstract This short chapter introduces a general list of recommendations for enhancing cloud security. Keywords Cloud computing · IaaS · PaaS · SaaS · Cloud security · Cloud recommendations
5.1 Introduction As we have discussed in the earlier chapters, cloud security can be overwhelming. Many security aspects need to be covered to get to the point where cloud usage is safe and efficient. Although security becomes more complex when creating your own private cloud, some organizations are obligated to use private clouds for reasons related to governance and data ownership. Generally, private clouds are more suitable for large organizations with adequate resources. For small and medium businesses, a public or community cloud might be the answer. As explained in the previous chapters, public clouds come with a longer list of threats as compared to private clouds. However, in most cases, private clouds are out of the question because of financial implication. The different service models and operational cost savings make the cloud a very appealing choice. In 2013, a survey was conducted that included 1000 small- and medium-sized businesses. The survey found that the businesses that adopted Cloud technologies were twice as likely to see an earnings uplift in the year before [1]. The survey also found that only 16 % of the participating businesses were using cloud computing and 38 % have a business website. Another study was published in 2013 analyzed businesses in Australia and concluded that small- and medium-sized businesses were losing 24$ billion annually due to bad IT management [2]. The study found that nontechnical IT managers spend an average of 3.1 h/week handling IT management issues instead of attending their day-to-day duties. The study suggested that performance would greatly improve if these small- to medium-sized businesses embrace the cloud as their IT solution.
© The Author(s) 2016 M.M. Alani, Elements of Cloud Computing Security, SpringerBriefs in Computer Science, DOI 10.1007/978-3-319-41411-9_5
51
52
5 General Cloud Security Recommendations
Despite of all what we have mentioned, moving to the cloud is not an easy decision. Many choices need to be made to land the most suitable solution for the organization. Security remains the major concern for all cloud computing adopters and an important deciding factor.
5.2 General Security Recommendations The following list provides general recommendation for cloud computing security: • Install and maintain a firewall configuration. A firewall should be placed at each external network interface and between each security zone within the cloud [3]. This would assure that all ingress and egress traffic is being filtered. However, firewall rules should be written carefully so as not to allow unwanted traffic and close all unused ports. In [4], a general framework of cloud firewall was suggested. The proposed framework features event-level detection chain with dynamic resource allocation. The mathematical model for the pr
Data Loading...
