Verizon Wireless was just one of the latest companies to fall victim to a security breach.
The security firm, Kromtech Security and their researchers were able to access documents labeled confidential in an unsecured Amazon Web Services (AWS) S3 Storage bucket.
Security is always a top issue for companies when they move to a cloud storage solution like AWS. And the more complex the system, the more likely you are to have inadvertent breaches due to user error. Not every breach is a hack, as Verizon has found with this most recent event.
The more complex the system, the more likely you are to leave a user in confusion about how to ensure the security of their information. So what features should a user look for?
Transparency
Does the solution provide full transparency into all the features and layers of the hosted environment including:
- Dedicated Virtual Firewalls/Routers
- IP addressing on all components
- DNS Management
- Dedicated VPNs per customer
- IP Reputation logs on both internal and external traffic
Ease-of-Use
There are a few questions you need to ask of your potential cloud services provider.
- How easy is the solution to use, especially for your non-IT staff?
- Does it include a simple dashboard with clearly labeled menu items?
- Can you tell if a document is stored “privately” or “publicly” at a single glance?
- What type of training/post sales support does the provider offer?
Security
And the issue of the day: Security. Although the Verizon breach was not an issue of the inherent security built into the platform, but rather of a user error that mislabeled documents as public instead of private. This is not necessarily a security issue, but one of ease of use, but security is still a hot button issue so you need to know what security processes are built into the platform.
- Dedicated VLANs
- Perimeter Security (Dedicated Virtual Firewall)
- Network Security
- Site-to-site VPN (IPSec)
- Hosted Private Cloud Network Isolation
- Encrypted Traffic
- IP Reputation Filtering
- Windows Defender with Server OS 2016
- Storage encryption to make sure drivers are destroyed properly
- Discuss multi factor authentication to access cloud orchestration platform, dinManage
- Antivirus and malware
- Inventory and configuration
- IP Filtering
- Monitoring and login
- Penetration testing
- Vulnerability scanning
- Dedicated isolated VLANs
Why dinCloud?
When you chose a cloud services provider, you want to be sure the solution meets your business needs. dinCloud’s award winning solution provides all of the above features as well as a very easy to use console, dinManage, that removes all of the complexity of setting up your solution for your end users. Beyond this, dinCloud provides superior post sales support to help you get your solution set up the best possible way for your business. Contact us today to see a demo of our cloud solutions and dinManage console.