Security

Cloud service providers

  • „Cloud service providers offer two types of cloud. Private and public. Private is only accessible within an organization while public is accessible to the general public. Security is more enhanced in private than in public.

  • „Three services model are based on cloud computing. These are:-

  • Infrastructure as a service (IAAS) - This is access to resources offered by the provider . It can be virtual devices or physical devices e.g. virtual storage.
  • Software as a service (SAAS) - Using software applications offered by a provider for an end user benefit, for example email services.
  • Platform as a service (PAAS) - Using different environments offered by a provider to run your application, it can be in .NET, PHP, JS, Ruby or Python.
  • „Cloud computing is changing the face of technology and I would recommend that everyone acquire skills in this area

What is Cloud Security?

  • „Cloud security is a set of control-based safeguards and technology protection designed to protect resources stored online from leakage, theft, or data loss.

  • „Protection encompasses cloud infrastructure, applications, and data from threats. Security applications operate as software in the cloud using a Software as a Service (SaaS) model.

  • „Topics that fall under the umbrella of security in the cloud include:

 

  • Data Center Security
  • Access control
  • Threat prevention
  • Threat detection
  • Threat mitigation
  • Redundancy
  • Legal compliance
  • Security policy

How Do You Manage Security in the Cloud?

  • „Cloud service providers use a combination of methods to protect your data.

  • „Firewalls are a mainstay of cloud architecture. Firewalls protect the perimeter of your network security and your end-users. Firewalls also safeguard traffic between different apps stored in the cloud.

  • „Access controls protect data by allowing you to set access lists for different assets. For instance, you might allow specific employees application access, while restricting others. A general rule is to provide employees’ access to only the tools they need to do their job. By maintaining strict access control, you can keep critical documents from malicious insiders or hackers with stolen credentials.

 

 

  • „Cloud providers take steps to protect data that’s in transit. Data Security methods include virtual private networks, encryption, or masking. Virtual private networks (VPNs) allow remote employees to connect to corporate networks. VPNs accommodate tablets and smartphones for remote access.„

  • Data masking encrypts identifiable information, such as names. This maintains data integrity by keeping important information private. With data masking, a medical company can share data without violating HIPAA Laws, for example.

  • „Threat intelligence spots security threats and ranks them in order of importance. This feature helps you protect mission-critical assets from threats.

  • „Disaster recovery is key to security since it helps you recover data that are lost or stolen.

 

What are the Benefits of a Cloud Security System?

  • „Now that you understand how cloud computing security operates, explore the ways it benefits your business.

 

  • Cloud-based security systems benefit your business through:
  • Protecting your business from threats
  • Guarding against internal threats
  • Preventing data loss

  • „Top threats to systems include malware, ransomware, and DDos.

 

Encryption is a two-way function; what is encrypted can be decrypted with the proper key. Hashing, however, is a one-way function that scrambles plain text to produce a unique message digest. With a properly designed algorithm, there is no way to reverse the hashing process to reveal the original password