Cloud Security Research
Cloud security is a group of procedures and technology created to direct external and internal threats to a business’s security. It is the protection of data stored online through cloud computing platforms from theft and leakage. Methods of providing cloud security include examples such as firewalls and virtual private networks (VPN). Cloud security is important because organizations require it as they move toward their adaptation to become digital and include cloud based tools and services as part of their framework.
Cloud security relates to a few concepts in MIS3406 such as security in the 5 pillars of the AWS well architected framework, a security group, NACLs, IAM, and a key pair. An ACL is a access control list and it’s main function is to protect the subnet in the network. It can be understood as the firewall or protection for the subnet. An ACL is related to Cloud Security because they both provide the protection of data. A security group is an AWS firewall that filters incoming and outgoing traffic from an EC2 instance. In MIS3406, we have created security groups that allow for a remote desktop to access an EC2 instance that we created and started. It then allows for you to access MySQL Workbench to get to the database server. We also created a security group that allows the MySQL database server to respond to requests from Lambda functions and MySQL Workbench.
Cloud security is similar to a key pair because it provides security to access a resource. For example, in our MIS3406 class we created an instance which then would require for you to get a password by providing a key pair. Before having created the instance, we created a key pair. A key pair is a security code used to login to instances. Using the key pair is similar to cloud security in the sense that cloud computing is the protection of data stored online through cloud computing platforms.
A type of cloud security solution available is Identity and Access Management (IAM) tools/services. The main function of an IAM is to create digital IDS for all users so that they can be monitored during all data interactions. IAM tools and services allow for enterprises to use policy enforced protocols for all users trying to access both on premises and cloud based services. In MIS3406, we have created IAM roles on AWS to control access to who’s able to access AWS resources. We then created a Lambda function on AWS to use the existing IAM role that we created.
From the 5 pillars of the AWS well architected framework, the pillar “Security” builds and deploys a secure custom component and selects secure APIs/services with appropriate levels for a business scenario. The security pillar also protects information, systems, and assets while delivering business value. The pillar security is related to cloud security because they both protect information and systems. An example of a cloud security solution that protects information would be DLP (data loss prevention). DLP services offer tools and services created to make sure that regulated cloud data is secure. DLP solutions use a combination of data encryption and remediation alerts to protect all stored data. In MIS3406 we used the pillar security’s tools such an ACL, security group, key pairs, private subnets, and public subnets when using AWS to create an instance. What we learned in class relates to cloud security’s example I provided because they both require the use of data encryption to secure custom components with authentication.
References:
“Cloud Security: Network Security, Security Groups.” Aviatrix, 7 Feb. 2022, https://aviatrix.com/learn-center/cloud-security/.
“What Is Cloud Security? Cloud Security Defined.” IBM, https://www.ibm.com/topics/cloud-security.