When it comes to cloud infrastructure security, there are a few paths to take. The market for cloud security is likely going to skyrocket in the next few years. In fact, by 2019, this sector will probably be worth an estimated $8.71 billion, growing at a compound annual rate of around 15.7 percent from 2014 to 2019, according to a report published by MarketsandMarkets. This includes protection relating to disaster recovery, data loss prevention, email, encryption and network security, among many other important tools.
This is a clear indication that enterprises, small businesses and everyone in between are thinking about how best to protect their cloud deployments as more of them migrate data and applications to virtual environments. The question remains, however: Where do you start?
At Faction, we recommend layering your security so that there are multiple lines of defense between your data and would-be hackers. Some of the layers are the private cloud provider’s responsibility to monitor – but some layers fall to the customers. It’s important to be familiar with both in order to maintain a high level of security.
The way we see it, there should be seven layers to your security onion:
- Process and compliance – Ensure absolute compliance and make sure processes are protected. Ask: Are my environments secure?
- Physical – Data center security depends on factors like geographic location and how the building is constructed. Ask: What fire suppression tools does the facility have? Does it have biometric scanners to limit physical access to only a few individuals?
- Hardware and access control – Have dedicated and redundant N+1 hardware resources. Ask: Who has access to the equipment?
- OS and application – Update applications and invest in intrusion and detection tools. Ask: What is the OS upgrade process?
- Perimeter and network – Faction allows customers to deploy their own firewall configurations via a Layer 2 connection. Ask: Do I have a successful firewall strategy?
- DDoS security – Make sure you’re using content delivery networks (CDN) to reduce the chance of a network overload caused by a distributed-denial-of-service attack. Ask: Does my cloud provider have a good DDoS security strategy?
- Data – Invest in data protection tools. Ask: Am I using encryption technology?
Companies that invest in cloud infrastructure need to make sure they’re doing everything they can to protect their data and applications – and investing in layered security solutions is only the first step. For more information, see our infographic on layered cloud security in the hybrid cloud world.