Key Security Considerations for Enterprise Cloud Deployments

    Enterprise cloud computing has matured, moving beyond the “what” and the “how” to the “when.” Even so, security remains a major concern for organizations considering a move to the cloud. Fortunately, security services and tactics have also matured over the past few years, allowing more and more enterprises to migrate to the cloud.

    A review of the enterprise security architecture is an absolute necessity in defining, monitoring and managing enterprise cloud deployments. This includes understanding the current security posture of IT assets, audit and compliance. It also forms the basis of creating security and compliance requirements for mainstream cloud adoption. In this slideshow, Madhavan Krishnan, of IT consulting firm Virtusa Corporation, has identified key security considerations that should be considered when transitioning to the cloud.

    Key Security Considerations for Enterprise Cloud Deployments - slide 1

    Cloud Security Checklist

    Click through for seven security issues organizations should consider when deploying assets to the cloud, as identified by Madhavan Krishnan, Virtusa Corporation.

    Key Security Considerations for Enterprise Cloud Deployments - slide 2

    Data Residency Requirements

    Organizations need to clearly identify and classify transactional and operational data residency requirements. This involves evaluating and evolving a cloud strategy that meets these requirements. Part of a thorough consideration has to be around cloud provider(s)’ capability to ensure compliance to data residency needs.

    Key Security Considerations for Enterprise Cloud Deployments - slide 3

    Government/Industry Regulations

    Industry and governmental standards such as HIPAA, EU Data Protection 2.0 regulations, PCI compliance and others require companies to adhere to strict standards when it comes to the handling of “sensitive” data, such as patient health records and user data. Thus, a cloud solution dealing with highly regulated data will need to include stringent design and governance to keep in line with regulations and legal mandates. Depending on the profile of the applications being considered for cloud migration, a detailed checklist of requirements should be developed and maintained to ensure compliance with laws and industry regulations.

    Key Security Considerations for Enterprise Cloud Deployments - slide 4

    Review Security Posture of IT Landscape

    A thorough vulnerability assessment of cloud-deployed assets should be undertaken periodically to understand, assess and address potential vulnerabilities. IT assets are prone to new attacks and have to be constantly monitored for threats. Application penetration testing along with periodic vulnerability analysis is recommended. It is also recommended that tools monitoring vulnerabilities, such as those from SQL injections, be protected with technology solutions such as Web application firewalls (WAF) until the vulnerabilities are fixed.

    Key Security Considerations for Enterprise Cloud Deployments - slide 5

    Cloud Service Provider SLAs and Accountability

    Clearly defined roles, responsibility and accountability of all parties involved are basic requirements for managing a cloud deployment. Organizations may want to consider a cloud services broker (CSB), typically a systems integrator (SI), who can help stitch together specialized services into an integrated service, providing a single point of accountability. Without this arrangement, cloud deployments with multiple niche technology vendors could end up becoming a complex maze of services to manage.

    Key Security Considerations for Enterprise Cloud Deployments - slide 6

    Multi-Tenant Deployments

    In a typical multi-tenant public cloud environment, virtual machines (VMs) can co-exist with a VM hosting another application. There is the potential threat of unintended intra-VM exposure. Security solutions should be designed to encrypt data so that it is secure at rest and while in transit.

    Key Security Considerations for Enterprise Cloud Deployments - slide 7

    Network Configurations and Potential Vulnerabilities

    Since cloud services are used over the Internet, it is important to understand the network configuration and security configuration profiles of VMs, including the network traffic ports. Software-driven security configurations that manage network security are recommended to keep a close watch on network traffic for malware and threats.

    Key Security Considerations for Enterprise Cloud Deployments - slide 8

    Consistent User Management and Access Controls

    Cloud-based infrastructures are accredited by industry standard organizations such as ISO to ensure consistent safeguards and protection to assets, data and users. Compliance to Cloud Data Center Security Standards ISO 27001 will ensure consistency of processes followed by a cloud vendor and its employees.

    User management still remains a top concern in managing cloud deployments. Human interactions with systems happen at multiple levels despite increased automation. In both private and public clouds, administrators have privileges that can potentially provide them access to systems and user data. User management systems should typically include establishing identity and access controls. User and system activity audit logs are a key requirement to ensure traceability.

    Latest Articles