Keeping Your Data Safe: Cloud Security(Part 1)
What happens if a junior developer mistakenly deletes a running production database? What happens if your data is suddenly wiped off from your storage device? What happens if someone infiltrates/gained access to your privacy? What happens if someone locked you out of your account? What will you do to a developer who mistakenly deletes a running codebase? What happens if Phisher deceitfully collects your private data or obtains financial and other confidential information from you? The question goes …
Be aware that design for security is pervasive!! Keeping your data safe, alongside cloud security is genuinely important.
There are quite a few ways you can implement data security for yourself or your organization.
Organizations need to now approach network security from a more holistic and strategic viewpoint, you should embrace a data-centric approach through which they develop a strategic understanding of what data they have and how valuable that data is to their business operations.
CLOUD SECURITY WHILE KEEPING YOUR DATA SAFE
When you or your organization move its infrastructure, applications and data into the cloud, security operations such as network security, data protection, vulnerability management and application security, as well as cloud-based security services, take on new importance.
You have to learn how to handle cloud security management, including how to keep the integrity of your data and applications as they move to the cloud and how outsourced IT operations affect security operations.
When you have services with more than a million users, can be more or less, you can bet security should always be on the minds of developers. Some hackers work on the internet are to target applications to hack/infiltrate, disrupt or obstruct how it functions, Don’t be surprised to wake up and see that your application has been hacked or takedown completely or rather someone has breakthrough your admin security pass, and you are locked out of your own account or application.
This scenario can be heartbroken, we have seen people having heart attacks on such issues, some times these hackers do it for fun, some for practice, some to test their skills, while some infringe your privacy and probably turn to blackmail you and a lot more reasons, these are more reason why security is important.
Let’s talk about a few ways to keep customers’ data safe, starting at the bottom and working up.
Case Study: Google Cloud
Both the server boards and the networking equipment in Google data centres are custom designed by Google. Google also designs custom chips, including a hardware security chip called Titan that’s currently being deployed on both servers and peripherals. Google server machines use cryptographic signatures to make sure they are booting the correct software. Google designs and builds its own data centres which incorporate multiple layers of physical security protections. Access to these data centres is limited to only a very small fraction of Google employees.
Google’s infrastructure provides cryptographic privacy and integrity for a remote procedure called data-on-the-network, which is how Google services communicate with each other. The infrastructure automatically encrypts PC traffic in transit between data centres.
Google Central Identity Service, which usually manifests to end-users as the Google log-in page, goes beyond asking for a simple username and password. It also intelligently challenges users for additional information based on risk factors such as whether they have logged in from the same device or a similar location in the past. Users can also use second factors when signing in, including devices based on the universal second factor U2F open standard.
Below are a few steps and best practices on how to keep your data safe and secured.
TWO STEPS/MULTI-FACTOR AUTHENTICATION:
This is also known as multi-level/Multi-factor authentication is an authentication method in which a computer user is granted access only after successfully presenting two or more pieces of evidence (or factors) to an authentication mechanism.
This might be either the knowledge of something the user and only the user knows or possession of something the user and only the user has and inherence of something the user and only the user is.
This is stronger security for your Account, with 2-Step Verification, you’ll protect your account with both your password and your phone or Password and PIN.
Examples of Multi-Factor Authentication include using a combination of these elements to authenticate: for instance, Codes generated by smartphone apps. Badges, USB devices, or other physical devices, Soft tokens, certificates, Fingerprints.
BACKUPS
What will you do to a junior developer who mistakenly deletes a running production database?
The importance of testing data backups is just as critical as actually creating the backups. This doesn’t have to be a complex procedure; a simple test file on a non-critical server can be quickly tested in a matter of minutes. However, it’s not a bad idea to run through a full restore of a system every now and again, and make it a regular base.
Protect your data by doing encryption and backups the right way. They should also look to the Center for Internet Security’s Control 10 Data Recovery Capabilities.
Organizations should develop a robust data backup strategy and test that strategy and their backups often. Here are different ways you can backup your data on Cloud.
Cloud Storage is best for structured and unstructured, binary or object data like images, large media files and backups.
Coldline storage is a very low cost, highly durable service for data archiving, online backup, and disaster recovery.
Cloud SQL also helps you backup your data with either on-demand or scheduled backups. This is highly recommended from the security perspective, Cloud SQL instances include network firewalls, and customer data is encrypted when on Google’s internal networks, and when stored in database tables, temporary files, and backups.
ON SECURE AUTHENTICATION
Train your workforce members on the importance of enabling and utilizing secure authentication. (HTTPS)
Notes: Some of the most high-profile attacks we’ve seen over the years could have been prevented with secure authentication, which is covered in Control 16. Strong passwords and multi-factor/two-factor/two-step authentication goes a long way in protecting your network.
SENSITIVE DATA HANDLING
What will you do to a developer who mistakenly deletes a running codebase? or say the company’s sensitive data was mistakenly deleted!
Train your workforce on how to use, identify and properly store, transfer, archive and destroy sensitive information.
Stay tuned for part 2 of this article.
Follow Shades of Cloud Publication for more insightful stuff on cloud computing.
Medium: Shades of Cloud Publication.
Twitter: @shadesofcloud
Facebook: @Shadesofcloud
Blog: Shadesofcloud
Author: Follow @meetslick on all platforms </>
Thank You!!
