Incident handling on cloud computing

Each person with access to the University's computing resources is responsible for their appropriate use and by their use agrees to comply with all applicable University, School, and departmental policies and regulations. University Information Security Policies Policy on Acceptable Use of Electronic Resources - often referred to as the Acceptable Use Policy or AUP, defines the boundaries of acceptable use of limited University electronic resources, including computers, networks, electronic mail services and electronic information sources.

Incident handling on cloud computing

From the very beginning of the cloud computing era, security has been the biggest concern among enterprises that are considering the public cloud.

For many organizations, the idea of storing data or running applications on infrastructure that they do not manage seems inherently insecure. CloudPassage's Cloud Security report found that 53 percent of those surveyed listed "general security risks" as one of their biggest cloud adoption barriers, making it the biggest obstacle to the cloud.

In addition, 91 percent of those surveyed were either "moderately concerned" or "very concerned" about cloud security. However, those concerns may not be well-founded.

Understand your shared responsibility model

Only 9 percent of those surveyed by CloudPassage said that their organizations had actually experienced a cloud-related security incident. And Gartner predicts, "Throughpublic cloud infrastructure as a service IaaS workloads will suffer at least 60 percent fewer security incidents than those in traditional data centers.

Most organizations, even the very largest, simply cannot duplicate those efforts. As a result, many security experts are quick to say that the public cloud is more secure than private data centers.

However, surveys continue to show that people still worry about cloud security.

Incident handling on cloud computing

Part of the problem may be that business and IT leaders still do not completely understand the benefits and risks of cloud computing. Experts say that enterprises can increase the security of their public cloud deployments by following best practices and deploying the right cloud security technologies.

According to Gartner, "Bythe 60 percent of enterprises that implement appropriate cloud visibility and control tools will experience one-third fewer security failures. Understand your shared responsibility model In a private data center, the enterprise is solely responsible for all security issues.

But in the public cloud, things are much more complicated. While the buck ultimately stops with the customer, the cloud provider assumes responsibility for some aspects of IT security. Cloud and security professionals refer to this as a "shared responsibility model.

The chart below offers a good overview of how public cloud vendors in general and Microsoft in particular approach this shared responsibility. Microsoft Developer website Enterprises that are considering using a particular cloud vendor should review that vendor's policies about shared security responsibility to make sure they understand who is handling the various aspects of security.

That can help prevent misunderstandings — and the possibly of security incidents that occur as a result of a particular security need falling through the cracks. Ask your cloud provider detailed security questions Along the same lines, organizations should ask their public cloud vendors detailed questions about the security measures they have in place.

It is easy to assume that the leading vendors have security handled, but security methods and procedures do vary from one vendor to another. Some cloud providers have taken steps to have their security certified by various organizations, while others have not.

That could impact an organization's choice of cloud vendor — particularly for sensitive workloads or for organizations with strict compliance requirements. While one vendor may be the best choice for mission-critical applications or personally identifiable customer data, another vendor may be the better choice for less-sensitive workloads.

Deploy an identity and access management solution In the CloudPassage survey, respondents said the two biggest security threats to public clouds were unauthorized access 53 percent and hijacking of accounts 44 percent. Both of these threats can be mitigated by deploying a high-quality identity and access management IAM solution.

Experts recommend that organizations look for an IAM solution that allows them to define and enforce access policies. It should also have role-based permission capabilities.

And multi-factor authentication can reduce the risk of unauthorized people gaining access to sensitive information, even if they manage to steal usernames and passwords.

In addition, organizations may want to look for an IAM solution that works across their internal data centers as well as their cloud deployments.

Incident handling on cloud computing

This can simplify authentication for end users, as well as making it easier for security staff to ensure that they are enforcing policies across all of their IT environments. Train your staff As attackers become more sophisticated, phishing and spear-phishing attacks seem to be succeeding with more frequency.

In order to prevent hackers from getting passwords for cloud computing services, organizations need to train all of their workers in how to spot dangerous emails, how to select a strong password and how to avoid putting the company at risk.

In addition, employees need to understand the inherent risk of shadow IT. At most organizations, it's all too easy for staff to circumvent IT and start using a service like Dropbox or AWS without the IT department's knowledge.

Enterprises need to explain why this practice is dangerous and hammer home the potential consequences for the organization — and for the employee's career. Organizations also need to invest in training for their security staff.

The threat landscape shifts on a daily basis, and IT security professionals can only keep up if they are constantly learning about the newest threats and potential countermeasures. Establish and enforce cloud security policies Organizations need to have written guidelines that specify who can use cloud services, how they can use them, and which data can be stored in the cloud.A Journey from JNDI/LDAP Manipulation to Remote Code Execution Dream Land.

JNDI (Java Naming and Directory Interface) is a Java API that allows clients . Incident handling in the cloud Toolset, Document for students September Page ii About ENISA The European Union Agency for Network and Information Security (ENISA) is a centre of network and.

In this report we analyse how cloud providers, customers in critical sectors, and government authorities can set up cloud security incident reporting schemes. Incident Reporting for Cloud Computing — ENISA.

As the open source movement reaches the two-decade milestone, thoughts turn to the movement's achievements and future goals. Discover how commercial cloud services can meet your needs for a flexible, scalable, and efficient cloud solution.

If you are a DOD component interested in acquiring a cloud service hosted either internally (DOD) or externally (commercial), review the DOD Cloud Service Catalog.

Publications. NIST develops and maintains an extensive collection of standards, guidelines, recommendations, and research on the security and privacy of information and information systems.

Towards incident handling in the cloud