What is your cloud security approach?
When designing a product to work on the cloud it’s best practice to include IT and Cloud security in the product runtime, infrastructure and operations.
The Challenge
When using cloud the approach needs to be different than on-perm or just consuming SaaS from another provider, it’s very easy to open ports and permit access to cloud resources, and because it’s in the “cloud” it might be accessible from public and external networks.
Keeping track of modifications or preventing admins and developers access to modify resources can hinder the normal operation of IT and Development, so it’s better to implement a different approach.
An approach that is a mindset of Cloud security considerations in every project and modification, changes are necessary in order to improve and develop the product you’re working on.
Authentication
Authentication means: who are you?
Examples of identify in roles and positions:
- admin
- developer
- contractor
- customers
- etc..
Authorization
Authorization means: What can you do?
Examples of permissions:
- add users
- delete users
- add new clients
- open security-group ports
- download files
- access resources (databases, servers)
- etc..
Connection
Connection means: Where are you connecting from?
Example of connections:
- Official HQ Offices
- Remote workers (VPN)
- Customers (anywhere)
- Private-Link
- etc..
How to successfully have a secure cloud account?
Choose the best suited approach for you and your team and implement that approach as a mindset, the approach with those 3 recommended rules is easy to remember and easy to implement.
Do you maintain a regular cloud security operation?
Do you know the status of your cloud security?
If your answer is yes, than contact us now and we’ll do the cloud security for you.
To contact us click HERE