Book Image

Enterprise Cloud Security and Governance

By : Zeal Vora
Book Image

Enterprise Cloud Security and Governance

By: Zeal Vora

Overview of this book

Modern day businesses and enterprises are moving to the Cloud, to improve efficiency and speed, achieve flexibility and cost effectiveness, and for on-demand Cloud services. However, enterprise Cloud security remains a major concern because migrating to the public Cloud requires transferring some control over organizational assets to the Cloud provider. There are chances these assets can be mismanaged and therefore, as a Cloud security professional, you need to be armed with techniques to help businesses minimize the risks and misuse of business data. The book starts with the basics of Cloud security and offers an understanding of various policies, governance, and compliance challenges in Cloud. This helps you build a strong foundation before you dive deep into understanding what it takes to design a secured network infrastructure and a well-architected application using various security services in the Cloud environment. Automating security tasks, such as Server Hardening with Ansible, and other automation services, such as Monit, will monitor other security daemons and take the necessary action in case these security daemons are stopped maliciously. In short, this book has everything you need to secure your Cloud environment with. It is your ticket to obtain industry-adopted best practices for developing a secure, highly available, and fault-tolerant architecture for organizations.
Table of Contents (11 chapters)

Bonus points

This is just a fun name that has been given. These points are the ones which do not directly fit into the previous three sections:

Sr. no.

Point

Description

1

Single Sign On

If your organization has multiple internal applications and if it ranges more than eight, then you should consider the possibility of SSO. We can either design it with ADFS or use SaaS solutions such as Okta or JumpCloud, which are pretty easy to set up and have a lot of integrations with other providers such as AWS and Gmail.

2

Have MFA across

Multifactor authentication is a must specifically at entry points such as VPN and AWS. In short, any place where an attacker can log in with stolen credentials should be supported by MFA.

3

Full disk encryption—a must for workstations

Many developers or even system administrators have copies of access/secret keys,...