Your business and the cloud
In my last blog, ‘Managing your users and the cloud’, we looked at how your users are introducing the cloud into your IT environment. You may find that the cost and maintenance model of cloud-based infrastructure-as-a-Service (IaaS) appealing for hosting your systems.
But, how do you host sensitive systems in a cloud infrastructure that isn’t owned or managed by you? We can approach this new challenge by applying a traditional IT model that we’re all familiar with.
- Start by ensuring that systems are ring-fenced by a virtual firewall to protect your servers. You can also deploy virtual intrusion prevention systems (IPS) to detect malicious traffic within the IaaS network.
- Since the servers are in the cloud, why not utilise cloud-based security services? You can monitor this virtual network for malicious activities using cloud-based 24/7 threat monitoring services.
- Protect incoming emails with Email Security-as-a-Service.
- To protect your publically accessible Web servers from distributed denial of service (DDoS) attacks and other web-based threats, use a combination of content delivery network (CDN), Web application firewall (WAF), and DDoS prevention technologies.
- For ongoing management, there’s Vulnerability Management-as-a-Service (VMaaS). You can use VMaaS to continuously scan your servers for vulnerabilities. The same service can also be used to identify Web application vulnerabilities.
There’s a lot more you can do to protect your servers in the cloud; these are just some controls that you can consider. Make sure that you keep your users and assets safe in the cloud!