Necessity is the mother of all inventions, understanding this phrase in recent times isn’t that difficult. Over the past few weeks, we have seen many businesses across the globe innovate in their approach towards reaching customers and running their operations. This brings us to a juncture in understanding what is common apart from Covid-19 and lockdown across all these organizations, that “One Common” binding factor is going Cloud.
We as Cloud Comrade have always believed in cloud-first strategy for all our customers and globally, we now see that organizations that embarked on cloud strategy were able to adjust to the change in operations. However, all this said we still believe that post-Covid-19 all business needs to go back to the board and strategize. In this new strategy, their “One Common” aspect would be Cloud and Cloud Security. In this ever-changing world, the decision of securing the cloud infrastructure is as important as taking the cloud-first strategy and that is the reason we as CloudComrade work with partners such as InfraGuard
There are 3 steps to maintaining a strong Cloud Security practice, they are Access Control, Patch Management and SOP Automation.
Step 1 of a good security practice starts with absolute and monitored control of your infrastructure access. As a cloud computing consultancy, our suggestion to customers is to opt for a Zero-Trust model for bulletproof security.
Infraguard provides a custom access protocol that is built on role-based policies making sure only necessary personnel can access the server. The solution also provides built-in integration for existing identity providers that are available as part of the infrastructure. This custom access protocol makes sure that granular options are available to limit the actions that are available to each employee (both internal and external). All actions that have been performed are also preserved in forever logs for post-action audit and reporting.
The access controls in Infraguard.IO also have features such as Automated Key Expiry, Historical Key-Request logs, Multifunctional Key Rotation Policy and Ticketing System Integration that are part of the Privileged Access Management functionality. The standard process that is followed for an employee requesting access would follow a sequence such as Raise Key Request with Reason à A Ticket Number Allocation à Ticket Approval à Admin Approval Process à Approval or Denial Request resulting in time defined SSH/RDP key generation.
Step 2 of maintaining a strong and good cloud security practice is to make sure that the security patch is updated and this requires a good patch management solution. Infraguard.IO provide patch management as part of its server security management tool. Processes such as Selection and exclusion of patches, back up the creation and automated patching can be set scheduled across both Windows and Linux systems. This automation allows administrators to focus more on valuable tasks such as monitoring and acting on issues when required and send respective reports to stakeholders.
The 3rd and final step in making sure that good SOP Automation for cloud security practice is in place. SOP Automation, when set up correctly, can enormously reduce your operational error rates and plug security gaps that manual processes always leave open. There are 3 ways SOP automation can be placed are Central Script Inventory, Application Detection & Automation and Operational Policies.
|Central Script Inventory||An easily accessible central script inventory is available on our dashboard. Privileged users can edit and run scripts from this view on multiple servers without remote login.||Create your own library of commonly run scripts reducing error rates. Allow only specific users to access this dashboard. Save time by executing on multiple servers at one go.|
|Application Detection & Automation||Common actions are encoded at button clicks and custom actions are turned into scripts that can run on an automated schedule.||Easily manage complicated applications through the same interface that manages your servers.|
|Operational Policies||Need to Start/Stop instances at defined times? Clear caches on servers every few hours? Want to send scan reports at defined intervals? All actions can now be on auto-pilot.||Your SOPs can now be set at Company level, audited for compliance and then set on automation to remove manual intervention and errors.|
Cloud Comrade is an integrated partner with Infraguard.IO. We are only South-East Asia headquartered AWS Partner Network Premier Tier Consulting Partner, Google Premier Partner, and Microsoft Gold Cloud Competency Partner. We partner with only the best solution providers working in the field of cloud computing such as to ensure that our customers have access to the highest quality, fastest-growing and most innovative cloud advisory toolsets that are available today.