Welcome!

SDN Journal Authors: Liz McMillan, Yeshim Deniz, Elizabeth White, Pat Romanski, TJ Randall

Related Topics: @CloudExpo, Microservices Expo, Containers Expo Blog, Agile Computing, Cloud Security, SDN Journal

@CloudExpo: Article

Cloud Monitoring Essentials | Part 2: Security

Three Key Security Actions

The cloud offers users agility and flexibility at, potentially, a far lower cost than a traditional data center model. However, with these benefits come risks from cost sprawl, security holes, and availability management. Part 1 of Cloud Monitoring Essentials focused on cost concerns. This second part looks at security.

Security:
The dynamic nature of the cloud, with ever-changing security groups and rules, makes security difficult.
New instances, auto scaling groups, and buckets are created and terminated daily.  Resources that were ‘secure' yesterday may be altered today and your security posture may be compromised.

The distributed and centralized nature of the cloud creates security headaches. Not only is the deployment regularly changing, but the people changing it are across groups and departments.

To address security, you need to take these three steps:

  1. Track Deployment Changes: A large deployment is difficult to maintain in a timely manner. Tracking changes ensures that your valuable time is spent identifying new and evolving issues.
  2. Perform Daily Best Practice Checks: You should create a comprehensive best practice checklist and zealously employ it. Coverage should include issues ranging from security group rules to password policies to IP addresses to bucket permissioning.
  3. Create a Mitigation Strategy: Issues can quickly multiply and security mitigation needs to be performed daily. A solid strategy which prioritizes issues will help you efficiently manage this responsibility.

These three steps can help you avoid common problems (see 5 Common Issues) and dramatically improve your security (see study).

Unfortunately, however, implementation of these processes is neither easy nor quick. Identification alone could quickly become a full time job. Performing manual detection creates the risks of missed issues.

Employing an automated solution that performs these tasks and delivers customizable alerts solves that problem. For as little as $49 per month, solutions provide full identification scans, customized alerts, and complete mitigation instructions. Plainly, they offer a much better alternative to devoting hundreds of man hours and performing the tasks manually.

Stay tuned for Part 3 of Cloud Monitoring Essentials: Availability.

More Stories By Aaron Klein

Aaron Klein is Co-Founder and COO of CloudCheckr Inc. CloudCheckr Inc. provides a comprehensive solution (CloudCheckr Pro) that addresses the infrastructure reporting, monitoring, and control needs of AWS users through automated and customizable reports, alerts, and recommendations. Its cost, security, resource, best practice, and change monitoring analytics and features allow users otherwise unavailable insight into their deployments and usage. CloudCheckr Pro is designed to help users optimize their deployment.

CloudEXPO Stories
Founded in 2002 and headquartered in Chicago, Nexum® takes a comprehensive approach to security. Nexum approaches business with one simple statement: “Do what’s right for the customer and success will follow.” Nexum helps you mitigate risks, protect your data, increase business continuity and meet your unique business objectives by: Detecting and preventing network threats, intrusions and disruptions Equipping you with the information, tools, training and resources you need to effectively manage IT risk Nexum, Latin for an arrangement by which one pledged one’s very liberty as security, Nexum is committed to ensuring your security. At Nexum, We Mean Security®.
The Transparent Cloud-computing Consortium (T-Cloud) is a neutral organization for researching new computing models and business opportunities in IoT era. In his session, Ikuo Nakagawa, Co-Founder and Board Member at Transparent Cloud Computing Consortium, will introduce the big change toward the "connected-economy" in the digital age. He'll introduce and describe some leading-edge business cases from his original points of view, and discuss models & strategies in the connected-economy. Nowadays, "digital innovation" is a big wave of business transformation based on digital technologies. IoT, Big Data, AI, FinTech and various leading-edge technologies are key components of such business drivers.
Doug was appointed CEO of Big Switch in 2013 to lead the company on its mission to provide modern cloud and data center networking solutions capable of disrupting the stronghold by legacy vendors. Under his guidance, Big Switch has experienced 30+% average QoQ growth for the last 16 quarters; more than quadrupled headcount; successfully shifted to a software-only and subscription-based recurring revenue model; solidified key partnerships with Accton/Edgecore, Dell EMC, HPE, Nutanix, RedHat and VMware; developed Open Network Linux, an open source NOS foundational component designed in partnership with Facebook and Google; and he played an integral role in raising two-thirds of the company's $120MM of funding. Prior to Big Switch, Doug was SVP & GM of Juniper Networks $1BN business across Asia-Pacific, Japan and Greater China, and he began his time at Juniper as SVP & GM of its Security bu...
Having been in the web hosting industry since 2002, dhosting has gained a great deal of experience while working on a wide range of projects. This experience has enabled the company to develop our amazing new product, which they are now excited to present! Among dHosting's greatest achievements, they can include the development of their own hosting panel, the building of their fully redundant server system, and the creation of dhHosting's unique product, Dynamic Edge.
Digital transformation is about embracing digital technologies into a company's culture to better connect with its customers, automate processes, create better tools, enter new markets, etc. Such a transformation requires continuous orchestration across teams and an environment based on open collaboration and daily experiments. In his session at 21st Cloud Expo, Alex Casalboni, Technical (Cloud) Evangelist at Cloud Academy, explored and discussed the most urgent unsolved challenges to achieve full cloud literacy in the enterprise world.