Security in the Public Cloud Is a Shared Responsibility | Web Security Journal

Search

.NET
|
AJAX
|
Cloud
|
Big Data
|
Eclipse
|
iPhone
|
Java
|
Linux
|
Open Source
|
Open Stack
|
PowerBuilder
|
Security
|
SDN
|
SOA
|
Virtualization

Security Authors: James Carlini, Adrian Bridgwater, Kevin Nikkhoo, Walter Hinton, Patrick Burke

Related Topics: Cloud Expo, SOA & WOA, Virtualization, Web 2.0, Security

Cloud Expo: Blog Post

Security in the Public Cloud Is a Shared Responsibility

How to secure your applications running in the Amazon Public Cloud

By Jonathan Gershater	Article Rating:
November 29, 2012 07:00 AM EST	Reads:	3,265

Related
Print
Email
Feedback
Add This
Blog This

When you host applications in the public cloud, you assume partial responsibility for securing the application. The cloud provider, for example Amazon Web Services (AWS), secures the physical data center (with locked badge entry doors, fences, guards etc) in addition to securing the physical network with perimeter firewalls. This is no significant change from how you secure your corporate datacenter.

Just like you enhance the security of physical and virtual servers in your datacenter with host-based firewalls (ip tables, Windows firewall), anti-virus and intrusion detection, so you must protect your public cloud servers (in AWS parlance - "instances") with similar security measures. This is the joint or shared security responsibility - AWS secures the physical datacenter and firewalls the network; you the AWS customer secures each instance and its application with host-based firewalls , anti-virus and intrusion detection. In addition if your public cloud applications must be compliant, perhaps with PCI regulations, then you can add file integrity monitoring and log file monitoring to each AWS instance.

Security is shared, no blame goes around....Watch a quick demo how to enhance the security of your AWS instances and applications.

Click here to watch

CIO, CTO & Developer Resources

Published November 29, 2012 – Reads 3,265
Copyright © 2012 SYS-CON Media, Inc. — All Rights Reserved.
Syndicated stories and blog feeds, all rights reserved by the author.

Related
Print
Email
Feedback
Add This
Blog This

More Stories By Jonathan Gershater

Jonathan Gershater has lived and worked in Silicon Valley since 1996, primarily doing system and sales engineering specializing in: Web Applications, Identity and Security. At Trend Micro he works with customers to secure their virtual and cloud environments. Prior to joining Trend Micro, Jonathan worked at 3Com, Entrust (by acquisition) two startups and Sun Microsystems.

(The views expressed in this blog are entirely mine and do not represent my employer - Jonathan).

Related Stories

Comments

The Rise of the Thin Client

By Tom Flynn

wassem wrote: Hi Tom I liked your article, you covered all the benefits of the thin client computing. In the article you mentioned the low power benefit, and mentioned the HP computer, as low cost solution, but I think that our product the Cubox that Costs 120$ and needs only 3 Watt of power could be another excellent solution.

May. 27, 2013 08:08 AM EDT

read more & respond »

Cloud Expo & Big Data Expo 2012 West

KEYNOTES

Opening Keynote | Mission-Critical Applications in the Cloud – Myth or Reality?

Day 2 Keynote | An Open Cloud Discussion

Day 3 Keynote | Cloud Applications: Some Assembly Required

Day 3 Lunch Keynote | The Extended Enterprise: Taking Your App Delivery Strategy to the Cloud

Day 4 Keynote | The Ever Changing Cloud

PLATINUM PLUS SPONSORS

Nebula | OpenStack

Discussion Panel – Powered by OpenStack

Progress Software

The Impact of Big Data and Cloud on Data Connectivity

The IT Talent Shift: Preparing Your Enterprise IT Talent for the Cloud

PLATINUM SPONSORS

Is There a Silver Lining to Cloud — Or Just a Lot of Hot Air?

Enterprise without Limits: A Blueprint for Organizational Agility

Managing the Explosive Growth and Consolidation of Big Data in the Cloud

Managing the Explosive Growth and Consolidation of Big Data in the Cloud

Perception vs Reality in the Cloud

GOLD SPONSORS

Challenges and Opportunities for a Cloud-based Application Delivery Strategy

Sustainable Networking Innovation Through Collective Intelligence: Software Defined Networking

Lessons Learned from 100 IaaS Cloud Deployments...and Counting

Driving Innovation Through the Cloud

Best Practices of API Management

Building a "Mainstream" Private Cloud: What You Need to Know

From Infrastructure to Applications - the Next Step in Your Cloud Journey

Big Data Power Panel at Cloud Expo Silicon Valley: Cloud and Big Data – What's Working, What's New?

CEO Power Panel at Cloud Expo Silicon Valley

CTO Power Panel at Cloud Expo Silicon Valley: The Cloud Computing State of the Union

Click For 2012 East Event Webcasts

Cloud Expo & Big Data Expo 2012 East

KEYNOTES

Opening Keynote | Mission-Critical Applications in the Cloud – Myth or Reality?

Day 2 Keynote | The Era of Open Clouds is Upon Us

Day 2 Lunch Keynote | A Pragmatic Journey to the Cloud

Day 3 Keynote | Step up to a Higher Cloud

Day 3 Lunch Keynote | Trends and Challenges in the Hyperconnected World

DIAMOND SPONSOR

From Chief Information Officer to Chief Innovation Officer

PLATINUM PLUS SPONSORS

Oracle's Cloud - An Enterprise Cloud for Business-Critical Applications

Cloud – Vision to Reality

PLATINUM SPONSORS

Architecting Your Cloud: Lessons Learned from 100 CloudStack Deployments

Enterprise without Limits: A Blueprint for Organizational Agility

Managing the Explosive Growth and Consolidation of Big Data in the Cloud

Pacific Control Systems

Galaxy – the Cloud-Based Platform of Platforms

GOLD SPONSORS

Taking Your Application Delivery Strategy to the Cloud

Effectively Leveraging the Cloud for Better User Experience

The World According to Cloud

NextAxiom Technology

Fuel Your Cloud with Metered, Virtualized Middleware

Taming the Cloud Data Beast – Information Privacy, Residency and Security in the Cloud

Enterprise Class or Internet Scale? The Right Cloud for the Job

Executing Enterprise Clouds

Data at the Speed of Life

POWER PANELS

Big Data Power Panel at Cloud Expo New York: What's Driving Big Data – and Why Now?

Cloud Trends' Power Panel at Cloud Expo New York: Unleashing the Ever-Growing Value of the Cloud

CEO Power Panel at Cloud Expo New York: Cloud Computing and Big Data Strategy

CTO Power Panel at Cloud Expo NY: Cloud Computing: What's Working, What's New, What's Next?

Click For 2011 West
Event Webcasts

Topics

Federal Government

From the Blogosphere

Security & Cloud Computing

Is Your Business 100% Ready for the New Era of Cloud Computing and Big Data? The Only Enterprise IT Event in 2013 Covering the Entire Scope of both Cloud & Big Data

Come to New York and get yourself up to date with the Big Data revolution! As advanced data storage, access and analytics technologies aimed at handling high-volume and/or fast moving data all move center stage, aided by the Cloud Computing boom, Cloud Expo is the single most effective event for you to learn how to use you own enterprise data – processed in the Cloud – most effectively to drive value for your business.

There is little doubt that Big Data solutions will have an increasing role in the Enterprise IT mainstream over time. Get a jump on that rapidly evolving trend at Big Data Expo, which we are introducing in June at Cloud Expo New York.

Cloud Expo was announced on February 24, 2007, the day the term "cloud computing" was coined. That same year, the first Cloud Expo took place in New York City with 450 delegates. Next June, Cloud Expo is returning to New York with more than 10,000 delegates and over 600 sponsors and exhibitors.

"Cloud" has become synonymous with "computing" and "software" in two short years. Cloud Expo is the new PC Expo, Comdex, and InternetWorld of our decade. By 2012, more than 50,000 delegates per year will participate in Cloud Expo worldwide.

The cloud is certainly a compelling alternative to running all applications within a traditional corporate data center. But moving from theory into practice is where things get complicated, and this is where attending a top industry event like Cloud Expo comes in.

No one can take full advantage of cloud computing without first becoming familiar with the latest issues and trends, which is why the organizing principle of the 10th International Cloud Conference & Expo on June 10-13, 2013 - is to ensure - through an intensive four-day schedule of keynotes, general and breakout sessions, and our bustling Expo Floor - that attending delegates leave the Javits Center with abundant resources, ideas and examples they can apply immediately to leveraging the Cloud, helping them to maximize performance, minimize cost and improve the scalability of their Enterprise IT endeavors.

Delegates will leave Cloud Expo with dramatically increased understanding the entire scope of the entire cloud computing spectrum from storage to security.

Whether you're an enterprise or small to medium business, you'll soon be benefiting from the Cloud. Join your peers in New York City June 10-13, and maximize those benefits already in 2013. See you in New York City!

Register Now!
Save $500 on your “Golden Pass”! Call 201.802.3020
or click here to Register
Early Bird Expires Friday.

Speaker Opportunities
Submit your speaking proposal for the upcoming Cloud Expo in New York City
[June 10-13, 2013]

Exhibitor Info
Please Call 201.802.3021
events (at) sys-con.com.
Carmen Gonzalez,
carmen (at) sys-con.com.

Produced and presented by Cloud Expo, Inc.