Security in Cloud

A defence in depth security policy should be applied to cloud architecture in order to secure it.

At the application level proper SDLC should be followed, using a web application firewall is a good option. At the information level using encryption, Key management and access control list will protect the data. At the management level, proper patch management, configuration management and monitoring have to be done. Deploying multiple defences at various layers of the cloud will provide us with a secure cloud.

Image Source: http://dasmu.us/introduction-to-cloud-computing-architecture/introduction-to-cloud-computing-architecture-contemporary-on-architecture-for-introduction-cloud-security-from-a-15/

Other useful security improvements could be:

• Proper Load balancing.




• Configuration management




• Disaster recovery plan




• Quality of Service and service level agreements with providers.




• Implementing strong key encryption.




• Logging and auditing




• Strong authentication and Authorization.




• Strong security policies for users.




• Vulnerability and risk assessment




• Establish incident detection and response system.