Welcome!

SDN Journal Authors: Elizabeth White, Yeshim Deniz, Liz McMillan, Pat Romanski, TJ Randall

Related Topics: @CloudExpo, Microservices Expo, Containers Expo Blog, Agile Computing, Cloud Security, SDN Journal

@CloudExpo: Article

Cloud Monitoring Essentials | Part 2: Security

Three Key Security Actions

The cloud offers users agility and flexibility at, potentially, a far lower cost than a traditional data center model. However, with these benefits come risks from cost sprawl, security holes, and availability management. Part 1 of Cloud Monitoring Essentials focused on cost concerns. This second part looks at security.

Security:
The dynamic nature of the cloud, with ever-changing security groups and rules, makes security difficult.
New instances, auto scaling groups, and buckets are created and terminated daily.  Resources that were ‘secure' yesterday may be altered today and your security posture may be compromised.

The distributed and centralized nature of the cloud creates security headaches. Not only is the deployment regularly changing, but the people changing it are across groups and departments.

To address security, you need to take these three steps:

  1. Track Deployment Changes: A large deployment is difficult to maintain in a timely manner. Tracking changes ensures that your valuable time is spent identifying new and evolving issues.
  2. Perform Daily Best Practice Checks: You should create a comprehensive best practice checklist and zealously employ it. Coverage should include issues ranging from security group rules to password policies to IP addresses to bucket permissioning.
  3. Create a Mitigation Strategy: Issues can quickly multiply and security mitigation needs to be performed daily. A solid strategy which prioritizes issues will help you efficiently manage this responsibility.

These three steps can help you avoid common problems (see 5 Common Issues) and dramatically improve your security (see study).

Unfortunately, however, implementation of these processes is neither easy nor quick. Identification alone could quickly become a full time job. Performing manual detection creates the risks of missed issues.

Employing an automated solution that performs these tasks and delivers customizable alerts solves that problem. For as little as $49 per month, solutions provide full identification scans, customized alerts, and complete mitigation instructions. Plainly, they offer a much better alternative to devoting hundreds of man hours and performing the tasks manually.

Stay tuned for Part 3 of Cloud Monitoring Essentials: Availability.

More Stories By Aaron Klein

Aaron Klein is Co-Founder and COO of CloudCheckr Inc. CloudCheckr Inc. provides a comprehensive solution (CloudCheckr Pro) that addresses the infrastructure reporting, monitoring, and control needs of AWS users through automated and customizable reports, alerts, and recommendations. Its cost, security, resource, best practice, and change monitoring analytics and features allow users otherwise unavailable insight into their deployments and usage. CloudCheckr Pro is designed to help users optimize their deployment.

CloudEXPO Stories
Digital Transformation and Disruption, Amazon Style - What You Can Learn. Chris Kocher is a co-founder of Grey Heron, a management and strategic marketing consulting firm. He has 25+ years in both strategic and hands-on operating experience helping executives and investors build revenues and shareholder value. He has consulted with over 130 companies on innovating with new business models, product strategies and monetization. Chris has held management positions at HP and Symantec in addition to advisory roles at startups. He has worked extensively on monetization, SAAS, IoT, ecosystems, partnerships and accelerating growth in new business initiatives.
Whenever a new technology hits the high points of hype, everyone starts talking about it like it will solve all their business problems. Blockchain is one of those technologies. According to Gartner's latest report on the hype cycle of emerging technologies, blockchain has just passed the peak of their hype cycle curve. If you read the news articles about it, one would think it has taken over the technology world. No disruptive technology is without its challenges and potential impediments that frequently get lost in the hype. The panel will discuss their perspective on what they see as they key challenges and/or impediments to adoption, and how they see those issues could be resolved or mitigated.
Lori MacVittie is a subject matter expert on emerging technology responsible for outbound evangelism across F5's entire product suite. MacVittie has extensive development and technical architecture experience in both high-tech and enterprise organizations, in addition to network and systems administration expertise. Prior to joining F5, MacVittie was an award-winning technology editor at Network Computing Magazine where she evaluated and tested application-focused technologies including app security and encryption-related solutions. She holds a B.S. in Information and Computing Science from the University of Wisconsin at Green Bay, and an M.S. in Computer Science from Nova Southeastern University, and is an O'Reilly author.
Dynatrace is an application performance management software company with products for the information technology departments and digital business owners of medium and large businesses. Building the Future of Monitoring with Artificial Intelligence. Today we can collect lots and lots of performance data. We build beautiful dashboards and even have fancy query languages to access and transform the data. Still performance data is a secret language only a couple of people understand. The more business becomes digital the more stakeholders are interested in this data including how it relates to business. Some of these people have never used a monitoring tool before. They have a question on their mind like "How is my application doing" but no idea how to get a proper answer.
Having been in the web hosting industry since 2002, dhosting has gained a great deal of experience while working on a wide range of projects. This experience has enabled the company to develop our amazing new product, which they are now excited to present! Among dHosting's greatest achievements, they can include the development of their own hosting panel, the building of their fully redundant server system, and the creation of dhHosting's unique product, Dynamic Edge.