Designing a Secure Cloud Model (for Small businesses)


These days even the Intelligence Community is using the Cloud to pool resources for greater efficiency and cost savings.  But there is great planning in the Security and operational aspects of these computing resources.  A hybrid approach would seem almost necessary to allow for disaster recovery.

Explain the Cloud

When planning a Cloud for a small business encourage the same approach.  By having a Hybrid Cloud you can gain the operational and and cost advantages and still have your on-premises to fall back on should an emergency occur.  And believe us, these emergencies do occur.  With the rise of Ransomware as an example it now makes even more sense to spread your data across locations.

Does your Cloud need a split personality?

Let us consider that recently Amazon Web Services and Microsoft Azure have both had serious outages.  When this happens, if you have placed all your data in the Cloud and do not have a Disaster Recovery plan in place, your business could be put on hold.

Virtualization technologies helped to propel the Cloud industry. In 2015 the Gartner Group wrote about the explosion of Cloud VMs. Now we have containerization technologies like Docker that are compartmentalizing apps for even greater efficiency.

On the high end Enterprises have been using commodity hardware in-house with Xen, KVM, & VMWare Esxi.  Developers have been using Oracle Virtualbox (free), Parallels, and VmWare Fusion for desktop and even small server deployments.  The biggest providers like AWS are using homebrew solutions based on KVM or Hyper-V in the case of Microsoft.

The use of virtualization allows some organizations to level the playing field of technology.  But, this usually takes time away from the business at hand.  Business owners have become more tech savvy over the years, and for many facets it may make sense for them to manage basic operational tasks in IT.  But the majority are seeking and using the guidance of Cloud professionals to manage the security and operational tasks.  Open Source software is being used by everyone on the Cloud.  This brings new opportunities and risks which have to be weighed out with careful judgement.  Having the right resource at the right time could mean a serious competitive advantage to a business’ bottom line.

So how did we get to talking about Virtualization and Open Source in the topic of Security?  That is because every facet of your Cloud needs to be scrutinized for security holes.

In the Security world, there is the concept of “least privilege.”  This means that by default with grant the least amount of privileges necessary to do the job.  This is also how we design access to your Cloud Network.  By granting the least amount of privileges we have less bases to cover.  We also Security is only as strong as its weakest link.  So it’s best to have less pieces with stronger security, than more pieces with weaker security.

  1. Consider only having one way into your network perimeter
  2. Use least privilege to assign rights
  3. Keep it simple and avoid creating more Security holes

 

Security Defense in Depth

Security Defense in Depth