• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Cloud   »   Building your comprehensive cloud security checklist

Building your comprehensive cloud security checklist

  • Posted on:November 13, 2013
  • Posted in:Cloud, Security
  • Posted by:
    Jennifer Hanniman
0

Leading up to AWS re:Invent 2013, I have been blogging about a hot topic – what should be on your cloud security checklist to cover off your security responsibilities when deploying in the cloud. To date, I have covered operating system and network security, data and application security, as well as the key optimizations to ensure security becomes part of your cloud architecture and operations (not a hindrance).

The final piece of the checklist – flexible options to buy and deploy

As I know you are all very well aware of, a great security solution will not only be able to address technical and operational requirements, it will also align to your buying and deployment preferences.

Here are some of the comments we have heard from customers about security solutions focused on their responsibilities on AWS deployments:

  • “If I prefer to buy service offerings vs. software, I want the same for security.”
  • “I’m used to a pay-as-you-go model, billed on a monthly basis for my AWS environment. I want the same for security.”
  • “As environment prices change, I expect security to remain a relatively stable percentage of my overall investment.”

The ability to fit your security solution to your buying and deployment preferences is the last – but definitely not the least – important requirement to add to your security checklist.

So, drum roll please… here’s the entire cloud security checklist:

For your operating systems, network, apps and data deployed on AWS, you need:

  • Continuous web application scanning to detect vulnerabilities
  • Boot and data volume encryption with external key management to protect data at rest and keep control of the keys
  • SSL certificates to protect data-in-motion with encryption
  • Intrusion Prevention with virtual patching to protect against vulnerabilities even before you patch
  • Host-based bi-directional firewall to prevent unauthorized outbound communication – with logging and alerting capabilities to make it easier to manage
  • File integrity monitoring to catch unauthorized system component changes
  • Anti-malware with web reputation to protect against viruses and malicious URLs 

 

To ensure that security optimized for securing deployments on AWS is easy to buy, deploy and manage, look for:

  • Automated recommendations that fit your security policies to your instances to reduce effort to deploy
  • The ability to leverage security policies across your hybrid environment to avoid duplicate effort
  • Instant-on security to apply policies automatically as you scale your instances up and down
  •  Instant-on security to apply policies automatically as you scale your instances up and down
  • The ability to automatically match the appropriate security policy to your instances
  •  Integration leading with cloud management tools like Chef, Puppet, and AWS OpsWorks to further embed security into operational processes
  • Dashboards, reports and alerts to provide real-time visibility into your environments and enable you to focus on what is important
  • Flexible billing aligned to cloud purchasing models (upfront, pay-as-you-go) and deployment (software or service) options to match your deployment and investment preferences

 

With the show in full swing, I hope you are having as great a time as I am! I am really enjoying hearing all the innovative uses of cloud environments and have had some fantastic discussions on how to architect with security in mind.

I hope to meet you at the show – drop by our booth (#607), or join in our sessions TrendMicro.com/AWS – I would love to chat more about how Trend Micro can help you meet your security responsibilities in the cloud. I also encourage you to join our Twitter chat tomorrow at 1 p.m. PST with any questions you have regarding AWS using the hashtag #TrendTalk.

Related posts:

  1. What you need to make security part of your cloud operations
  2. What security capabilities do you need in the cloud? It’s a matter of controls
  3. Do you have your security checklist for deploying on the cloud?
  4. Arming yourself with a cloud security checklist that covers your apps and data

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Cloud-based Email Threats Capitalized on Chaos of COVID-19
  • Detected Cyber Threats Rose 20% to Exceed 62.6 Billion in 2020
  • Trend Micro Recognized on CRN Security 100 List
  • Trend Micro Reports Solid Results for Q4 and Fiscal Year 2020
  • Connected Cars Technology Vulnerable to Cyber Attacks
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.