Cloud Security

Migrate, Secure and Manage Cloud Platforms

Advanced Cloud Security enhances security and manages your cloud platforms

Cloud Firewalls 

As cloud computing (PaaS & IaaS) has escalated over the last five years the need to secure cloud platforms like, AWS (Amazon Web Services) and MS Azure has increased. Cloud providers do have security tools built into their systems and they should be configured correctly to help ensure the security of the system. However, they can be tricky to set up correctly, vary from one PaaS provider to another and may only offer a basic level of native security.

This is where Cloud Firewalls come in, they overlay the cloud service with enterprise class security that offers the same firewall protection as the organisations main internet gateway as from a dedicated security vendor. This allows the organisation to feel secure that the cloud service is fully protected.

The cloud firewall works with and upscales the PaaS providers existing security and adds additional protection. Functions like enterprise class Intrusion Protection (IPS), alerting, monitoring and reporting on security events in the cloud environment, this can all be done in a single security console for administration along with the corporate firewalls, this ensures the security is standardised to “Best in Class” across the whole of the organisation. The Cyber Security team also have one solution to learn, monitor and administer.

Cloud Security Solutions Provide:
  • Enhanced Security – linking into the cloud providers inbuilt tools and where appropriate, enhance it with higher grade technology, to always give the strongest security.  
  • Automation – many of the in-built cloud providers tools need manual set up and updates. Deploying a dedicated cloud security solution provides easy configuration of the security settings, both native and enhanced. It also automates the security so that the right fixes are provided at the right time  
  • Visibility – knowing what is happening inside your cloud environment and making sense of log data is key to having a secure environment. A dedicated cloud solution can provide in built reports and real time events for security and cloud teams to respond to.  

PaaS – Platform as a Service

Platform as a Service has exploded over the last five years. It is a way of providing server power, with an installed operating system, analytics and storage in the cloud. Key vendors include Amazon Web Services (AWS), Microsoft Azure and Google Cloud. PaaS is sometimes called cloud computing.

PaaS allows organisations to consume the vendors platform (Servers, operating systems and storage) on demand without having to worry about physical space or power. They can also consume the service temporarily to do testing or run service for a short period. Another benefit is that the vendor keeps everything up to date on the latest operating system version and adds reliance into the system, so the service is always available.

Some of the drawbacks are that cloud computing can be more expensive than running software licenses on premises, especially if there are a lot of users consuming the service. Vendor licensing models can include, number of services being used, connections by users, data transfer amount, analytics and storage. An active internet connection is also needed.

From a security perspective, like SaaS the user can bypass the organisations security from home or remote locations if it is not directed through a VPN, Web Security or CASB. Also the Cloud Provider will not guarantee the security of the data residing on their system. They do offer some tools to secure it, but the organisation must ensure these are configured correctly and it is a good idea to install a Cloud Firewall to further harden the installation.

GDPR is also a consideration if the cloud service is hosted outside of the EU. Although most providers offer an option that the service is run out of an EU based datacentre.

IaaS – Infrastructure as a Service

IaaS is the same as PaaS but only the server space is offered. The organisation must set up the operating system and do all the updates. 

Many hosting companies offer IaaS solutions, and the benefits are like PaaS.

The security considerations are like PaaS but patching the operating system for vulnerabilities is also a factor.  As well as running a regular backup.

Apstorm works with a number of leading vendors to provide Cloud Security, contact us for a free of charge Cloud Security Audit. 

For more information on protecting Cloud Platforms