We hear it again and again: “Is the Cloud really secure?”
Before we get onto that, please excuse the immediate digression, but I cant help myself:
10 years ago my dad insisted that his data was critically important. So important in fact, that he bought a dedicated workstation which would “…never see the internet!“. I remember him boasting to his mates, “That will keep my data secure!“. He was right. At least until the moment that his well meaning IT guy, decided to do him a favor while topping up the printer cartridges and connected and configured the internal modem. An hour later all the antibiotics in the world couldn’t have cured the viruses which had infected that machine. Data was a complete mess. On the plus side, the CD drive would randomly auto eject at exactly the right time to act as a handy cup holder. What my dad realised that day, is that it’s not about putting blinkers on and hoping that you’re okay. It’s about education and following the necessary steps (all of them) to secure your environment. The Cloud is no different. Besides all the hard work that the Go2Cloud team put in to secure our data centers, at it’s most basic there are three things you need to look at when securing your Cloud Server: 1) Create strong passwords2) Properly configure firewalls
3) Update your OS and Apps often (yes “apps” includes additional threat management software) Let’s look at that in more detail shall we: Creating Strong Passwords Structure strong passwords, and don’t share them with anyone.
Sounds like common sense, but it happens all too often. Passwords are given up way too easily. In some cases the individual may not have asked you for your password, but spends a little time guessing and trying out a few common options.
If these individuals get more serious about cracking your password code, they may even use software tools to work through common passwords in an attempts to gain access to your server directly. Remember that you can see these attempts as well as the IP addresses they originate from within the Event Log. With your Cloud server, be sure to set the access passwords at both an OS level and inside the Go2Cloud control panel per server. Note that Go2Cloud do not broadcast our policies on password choice, but would gladly provide suggestions one to one if you like. Properly Configure Firewalls You wouldn’t leave your on premise server “firewalless” would you? Do the same with your Cloud server. Inside our control panel we offer you a general software based firewall capability. This allows you to specify which ports you want to enable on your servers. Feel free to treat this as a supplementary security layer if you also have an additional firewall in place.Most operating systems, such as Windows, have firewall capability built in. I know that the Go2Cloud technical team often recommend that it’s a good idea to start off by blocking everything and only opening ports when needed. It is also possible to restrict access on certain ports and protocols to certain IP addresses.
For multi-server setups you can take advantage of the private VLAN capability inside the control panel and have a server acting as a dedicated firewall. All other servers on your VLAN could then have their public nics disabled.
Remember that there are many great firewall software packages out there. ForeFront TMG is good option in the Microsoft space and for Linux we often suggest tools like Untangle. Update your OS and Apps Often Ever wondered what happens to those error reports which you so diligently send back to the vendors and community? Well, they actually go somewhere, get checked out by smart people and result in software updates. This means that if any threat, loophole or bug is flagged in a current release, the future updates will work on addressing them We all know that managing updates can be a bit of a pain, but it is a must.For those Go2Cloud customers running Windows environments, you may have already noticed how quickly these updates download. This is because our smart technical team have done great work to ensure that updates are caching locally rather than having to be drawn from international servers all the time. FYI – Rebooting and updating servers is “blazingly fast” (quote from an actual customer) on the Go2Cloud platform which should all contribute to making updates easy. So there you have it, a few basics on how to improve the security of your Cloud servers. As always, if you have any questions or comments, feel free to reach out to our team!