Posts Tagged Cloud Security

Host-Based Vs. Network-Based Firewalls For Cloud Security

18th July, 2017

If you are planning to move your company’s data to the cloud, it is important that you take the necessary steps to safeguard it against viruses and malicious attacks. No matter you own a small start-up business or a well-established organization, hackers are always on the lookout for unprotected confidential information that can be exploited for malicious purposes.

It is recommended to use a firewall solution to stay protected against any online attack or malware infection. The firewall will record the incoming requests, inspect data packets and block any unauthorized or unusual traffic to the network. There are different firewall options available depending upon the level of control required and where you want to deploy it. The two main types of firewall are – host based and network based.

Given below is a complete comparison of both the options so that you can choose the right one for your cloud data.

Host Based Firewall

A host based firewall is installed on every virtual machine that is connected to the cloud. It helps to monitor all the incoming and outgoing traffic to determine if it is safe to be directed to the device. Host based firewall offers the following advantages:

  • More Flexibility: Virtual machines and applications can be easily moved between the cloud environments without the need to change the firewall’s security policy.
  • Better Features: Host based firewall also supports anti-virus and data loss prevention to provide complete protection to the virtual machine.
    Customization: The firewall settings of each device can be individually configured according to the level of security required.

Network Based Firewall

Network based firewall refers to a solution that is embedded into the cloud infrastructure. It is a good option to be deployed in a larger network. It offers a slightly stronger defense as compared to host based firewalls. Some of the advantages of using network based firewall are:

  • Greater Security: This type of firewall solution is quite difficult to circumvent. In a host based firewall, the hacker can directly access the virtual machine and easily gain administrative privileges. However, in a network based firewall, unauthorized access is likely to be detected right at the network level.
  • Scalability: These firewalls can easily be scaled up if the client requires additional bandwidth.
    Affordability: Network based firewalls prove to be cost-effective in the long run as they do not require a dedicated IT team to monitor regular maintenance and updates on every server.

For more tips on choosing the right firewall solution for cloud data, you can contact Centex Technologies at (855) 375 – 9654.

,

No Comments

Why Zero Knowledge Encryption Offers Best Cloud Security

17th April, 2017

Cloud computing has provided a convenient way to store, access and share data over the internet. However, password leaks and security breaches in the recent years have led to many apprehensions about the use of cloud services. The lack of compliance standards and stringent security policies in the cloud make your data vulnerable to many online attacks.

What Is Zero Knowledge Encryption?

Zero knowledge encryption is one of the most secure ways to protect your information stored in the public cloud. It offers complete data privacy, ensuring that no one can access your files, not even the cloud service provider. It also known as personal encryption or private key encryption.

How Does It Work?

When you upload any data to the cloud, it is encrypted on the client side. The key to decrypt the data can be accessed by the authorized user. Even the company providing the cloud services cannot access the data because the information gets encrypted before it reaches their servers. The decryption key is stored in the cloud server in a hashed format which is known only to the user.

The reliability of zero knowledge encryption is assessed on the basis of 3 principles:

  • Completeness – Assuring that the cloud service provider is properly following the security protocols.
  • Soundness – Double checking that the account can be accessed only by entering the right password.
  • Zero Knowledge – Verifying that the decryption key is known only to the user.

Advantages Of Zero Knowledge Encryption

  • It offers the highest possible control over your data stored in the cloud.
  • Zero knowledge encryption allows you to use the popular, convenient and user-friendly cloud services in the most secure way.
  • It minimizes the likelihood of a data breach as all the information is stored in an encrypted format. Even if the cloud server gets compromised, your data will still be safe because only you have the decryption key.

Limitations Of Zero Knowledge Encryption

  • In case the user forgets his account password or decryption key, there is no way to retrieve the files stored in the cloud.
  • The privacy of data becomes your responsibility. You will be held liable for any loopholes in its security or unauthorized attempts made to access the files.

For more information on zero knowledge encryption and cloud security, feel free to contact Centex Technologies. We can be reached at (855) 375 – 9654.

,

No Comments

Top Cloud Security Issues For 2016

March 18, 2016

Security has always been a major concern for the organizations that use cloud computing. Though it offers a myriad of benefits, such as scalable storage of important business data, improved collaboration of employees from multiple locations and the saved costs on hiring a specialized IT staff, failure to implement proper safety measures can lead to drastic consequences. Therefore, entrepreneurs need to be familiar with the common security issues that may impact their cloud security efforts in 2016. Some of these have been discussed below:

  • Account Hijacking: Phishing, software exploits and malware attacks may be launched by the hackers to break into business accounts. They may monitor the victim’s online activities, steal or manipulate confidential files and modify financial transactions. The hackers may also use the cloud application to infect other computer systems connected to the server. Therefore, all the cloud accounts, specifically those that comprise sensitive information, should be closely monitored.
  • Improper Authentication and Compromised Credentials: As cloud resources can be accessed from remote locations, proper authentication measures are important to determine the identity of the users. Make sure you use two-factor authentication, such as a one-time password or phone verification, before providing account access to any user. Also, the usernames and passwords should be complex to make it difficult for the cybercriminals to crack them. Data breach and other hacking attacks are often a result of compromised log-in credentials as well as weak authentication systems.
  • Excessive Data Exposure: Files stored in the cloud should have well-defined permissions to limit who can access any specific information. For instance, your company’s accounts department should be able to access all the financial data whereas the human resources division requires the employees’ personal identifiable information. All the files stored on the cloud should be encrypted so that they can be read by only those who have the password to decrypt.
  • Cloud Malware: The computers systems connected in a cloud network should be protected with firewall, antivirus, spyware, content filter and spam blocker software. This will help to identify and block any unauthorized traffic trying to access information in the cloud. Also, your service provider should follow standard and regularly updated security practices.

The cybersecurity services provided by Centex Technologies are aimed at helping business firms stay protected against common cloud computing threats. For more information, you can call at (855) 375 – 9654.

,

No Comments