Security in the Public Cloud Is a Shared Responsibility | SOA World Magazine

Search

.NET
|
AJAX
|
Cloud
|
Big Data
|
Eclipse
|
iPhone
|
Java
|
Linux
|
Open Source
|
Open Stack
|
PowerBuilder
|
Security
|
SDN
|
SOA
|
Virtualization

SOA & WOA Authors: Maureen O'Gara, Liz McMillan, Stephen Pierzchala, Jason Bloomberg, Elizabeth White

Related Topics: Cloud Expo, SOA & WOA, Virtualization, Web 2.0, Security

Cloud Expo: Blog Post

Security in the Public Cloud Is a Shared Responsibility

How to secure your applications running in the Amazon Public Cloud

By Jonathan Gershater	Article Rating:
November 29, 2012 07:00 AM EST	Reads:	2,946

Related
Print
Email
Feedback
Add This
Blog This

When you host applications in the public cloud, you assume partial responsibility for securing the application. The cloud provider, for example Amazon Web Services (AWS), secures the physical data center (with locked badge entry doors, fences, guards etc) in addition to securing the physical network with perimeter firewalls. This is no significant change from how you secure your corporate datacenter.

Just like you enhance the security of physical and virtual servers in your datacenter with host-based firewalls (ip tables, Windows firewall), anti-virus and intrusion detection, so you must protect your public cloud servers (in AWS parlance - "instances") with similar security measures. This is the joint or shared security responsibility - AWS secures the physical datacenter and firewalls the network; you the AWS customer secures each instance and its application with host-based firewalls , anti-virus and intrusion detection. In addition if your public cloud applications must be compliant, perhaps with PCI regulations, then you can add file integrity monitoring and log file monitoring to each AWS instance.

Security is shared, no blame goes around....Watch a quick demo how to enhance the security of your AWS instances and applications.

Click here to watch

CIO, CTO & Developer Resources

Published November 29, 2012 – Reads 2,946
Copyright © 2012 SYS-CON Media, Inc. — All Rights Reserved.
Syndicated stories and blog feeds, all rights reserved by the author.

Related
Print
Email
Feedback
Add This
Blog This

More Stories By Jonathan Gershater

Jonathan Gershater has lived and worked in Silicon Valley since 1996, primarily doing system and sales engineering specializing in: Web Applications, Identity and Security. At Trend Micro he works with customers to secure their virtual and cloud environments. Prior to joining Trend Micro, Jonathan worked at 3Com, Entrust (by acquisition) two startups and Sun Microsystems.

(The views expressed in this blog are entirely mine and do not represent my employer - Jonathan).

Comments

RightScale Adds to "Multi-Cloud" Discussion

By Roger Strukhoff

cloudhosting14 wrote: As you would already know that managed hosting itself is another form of Cloud hosting in which the system administrations of servers is looked upon by the CPs. Similar is the case with managed multi Cloud hosting. You can very well understand how a big burden it would be to manage multi cloud servers for organization; this is why a service known as managed multi Cloud is provided to these users. This service ensures them the seam less running of their system administrative operations while organizations focus more on t...

May. 21, 2013 04:08 AM EDT

read more & respond »

Cloud Expo & Big Data Expo 2012 West

KEYNOTES

Opening Keynote | Mission-Critical Applications in the Cloud – Myth or Reality?

Day 2 Keynote | An Open Cloud Discussion

Day 3 Keynote | Cloud Applications: Some Assembly Required

Day 3 Lunch Keynote | The Extended Enterprise: Taking Your App Delivery Strategy to the Cloud

Day 4 Keynote | The Ever Changing Cloud

PLATINUM PLUS SPONSORS

Nebula | OpenStack

Discussion Panel – Powered by OpenStack

Progress Software

The Impact of Big Data and Cloud on Data Connectivity

The IT Talent Shift: Preparing Your Enterprise IT Talent for the Cloud

PLATINUM SPONSORS

Is There a Silver Lining to Cloud — Or Just a Lot of Hot Air?

Enterprise without Limits: A Blueprint for Organizational Agility

Managing the Explosive Growth and Consolidation of Big Data in the Cloud

Managing the Explosive Growth and Consolidation of Big Data in the Cloud

Perception vs Reality in the Cloud

GOLD SPONSORS

Challenges and Opportunities for a Cloud-based Application Delivery Strategy

Sustainable Networking Innovation Through Collective Intelligence: Software Defined Networking

Lessons Learned from 100 IaaS Cloud Deployments...and Counting

Driving Innovation Through the Cloud

Best Practices of API Management

Building a "Mainstream" Private Cloud: What You Need to Know

From Infrastructure to Applications - the Next Step in Your Cloud Journey

Big Data Power Panel at Cloud Expo Silicon Valley: Cloud and Big Data – What's Working, What's New?

CEO Power Panel at Cloud Expo Silicon Valley

CTO Power Panel at Cloud Expo Silicon Valley: The Cloud Computing State of the Union

Click For 2012 East Event Webcasts

Topics

From the Blogosphere

From the Editor

Industry Commentary

SOA & Cloud Computing

SOA & Government IT

Is Your Business 100% Ready for the New Era of Cloud Computing and Big Data? The Only Enterprise IT Event in 2013 Covering the Entire Scope of both Cloud & Big Data

Come to New York and get yourself up to date with the Big Data revolution! As advanced data storage, access and analytics technologies aimed at handling high-volume and/or fast moving data all move center stage, aided by the Cloud Computing boom, Cloud Expo is the single most effective event for you to learn how to use you own enterprise data – processed in the Cloud – most effectively to drive value for your business.

There is little doubt that Big Data solutions will have an increasing role in the Enterprise IT mainstream over time. Get a jump on that rapidly evolving trend at Big Data Expo, which we are introducing in June at Cloud Expo New York.

Cloud Expo was announced on February 24, 2007, the day the term "cloud computing" was coined. That same year, the first Cloud Expo took place in New York City with 450 delegates. Next June, Cloud Expo is returning to New York with more than 10,000 delegates and over 600 sponsors and exhibitors.

"Cloud" has become synonymous with "computing" and "software" in two short years. Cloud Expo is the new PC Expo, Comdex, and InternetWorld of our decade. By 2012, more than 50,000 delegates per year will participate in Cloud Expo worldwide.

The cloud is certainly a compelling alternative to running all applications within a traditional corporate data center. But moving from theory into practice is where things get complicated, and this is where attending a top industry event like Cloud Expo comes in.

No one can take full advantage of cloud computing without first becoming familiar with the latest issues and trends, which is why the organizing principle of the 10th International Cloud Conference & Expo on June 10-13, 2013 - is to ensure - through an intensive four-day schedule of keynotes, general and breakout sessions, and our bustling Expo Floor - that attending delegates leave the Javits Center with abundant resources, ideas and examples they can apply immediately to leveraging the Cloud, helping them to maximize performance, minimize cost and improve the scalability of their Enterprise IT endeavors.

Delegates will leave Cloud Expo with dramatically increased understanding the entire scope of the entire cloud computing spectrum from storage to security.

Whether you're an enterprise or small to medium business, you'll soon be benefiting from the Cloud. Join your peers in New York City June 10-13, and maximize those benefits already in 2013. See you in New York City!

Register Now!
Save $500 on your “Golden Pass”! Call 201.802.3020
or click here to Register
Early Bird Expires Friday.

Speaker Opportunities
Submit your speaking proposal for the upcoming Cloud Expo in New York City
[June 10-13, 2013]

Exhibitor Info
Please Call 201.802.3021
events (at) sys-con.com.
Carmen Gonzalez,
carmen (at) sys-con.com.

Produced and presented by Cloud Expo, Inc.

close this window