Learning Center 9/29/14

Securing Your Cloud Network, Part 1

Bill Tindall, Senior Network Consultant
IT Cloud applications and networking carry new security risks. You need to consider the security of your cloud provider and your own network. Here's how.

So you’ve decided to make use of the cloud to run your business applications.

But as with any new venture, it carries new risks, and you need to know how to do it right so it doesn’t all blow up. What needs to happen to your network environment to make this work? There are three main priorities you need to think about: security, reliability, and performance.

These are not new topics in the world of IT, but you need to look at them in new ways. In this series of blog posts, we'll talk about the security needs of cloud network environments. I’d like to highlight some of the main concerns in this new cloud-centered model we are adopting.

First of all, there’s the security of the host environment itself.

If your valuable business data is going to be out there in the cloud (i.e. the “Internet”), it had better be protected from unauthorized access and abuse. Do some research regarding the hosting company you are choosing. How much do they value the security of your data? How difficult would it be for an unauthorized user to gain access? What is their policy on reporting to you any breaches in security?

Consider two-factor authentication as a requirement.

All that means is that the user is validated in two separate ways before they can have access to the data. The most common example is the user password. But you want to have a secondary means of authentication as well, in case that password is somehow compromised.

I strongly recommend you insist on this second means of authentication whenever the user logs on, if your data is valuable to you.

There are a vareity of possibilities for the second required means of authentication, including the list below.

  • VPN client
  • Secret Question
  • Secure ID
  • IP address restriction
  • Mobile/text/email verification.

While none of these methods is completely foolproof, they go a long way towards making it very difficult for your valuable data to get hacked or otherwise compromised.

Secondly, you still need to give careful consideration to the security of your on-premise environment.

This is the environment you and your employees will be using to access your cloud services. Many people overlook the importance of doing this right, and many have suffered the consequences of such negligence. Why is it so important?

Because if the computers and devices you use to access your online data are compromised, your data is compromised as well.

It's as though you have just given the keys to your business to a band of thieves and opened the door for them. Anything you have access to, they will have access to as well, so you need to protect yourself.

Hacking attempts have been on the rise in recent years, and they are getting much more sophisticated and costly for all of us. You need to take steps to protect your devices and environment. In part 2, we’ll discuss some of the considerations for doing this the right way.

In the meantime, AIE offers full security services for both cloud and on-premise networking. Give us a call to schedule your network assessment today!