Cloud Security
In December we had a charming session on Cloud Security to beat the Monday blues. It was spearheaded by Mr. Manas Pradhan. Manas is a proven technical leader with 15 years of experience applying technology to drive businesses.
The session started rolling on when Manas emphasized that cloud security is a shared responsibility of both Cloud Provider and Customer. He explained Cloud Security with 4 Scenarios. In the first scenario, he explained how the on-premise is migrated into the cloud. He delineated the security group, subnet configuration, NACL and internet gateway. In the next scene, have described the connection to cloud services by using VPC Endpoints. Then, he explained about securing a load balancer. Horizontal scaling refers to adding more instances rather than moving to a larger instance size. Vertical scaling is the addition of faster CPUs, memory, or resources to an existing server or the replacement of one server with a more powerful server. This is governed by the load balancer which distributes the traffic in the cloud.
In the last scenario, we were introduced to CloudFront which is a casting system that shifts on a regional basis and it will handle user traffic globally. We were made aware of securing the CloudFront. Disabling root SSH, password-based authentication, and serial port when not required will secure Virtual machines. Configuring non-root users in Docker image, making the root file system read-only and enforcing network policy will seal Containers. Both Data at rest and Transit have to be monitored carefully. Encryption should be employed on Data at Rest as well as Data at Transit. Sniffers should have to be used to monitor moving data. Access control mechanism should be intact for Stagnant data. Many thought-provoking questions such as industry readiness of cloud, confidential computing were posed in the Q&A session. In Summary, it was an overarching session that laid the cornerstone for cloud security to students.