www.xorlogics.com
Open in
urlscan Pro
66.96.144.191
Public Scan
Submitted URL: https://t.co/fBPCQ3Ke8H
Effective URL: http://www.xorlogics.com/2021/04/26/5-top-recommendations-for-public-cloud-protection/
Submission: On April 03 via api from US — Scanned from DE
Effective URL: http://www.xorlogics.com/2021/04/26/5-top-recommendations-for-public-cloud-protection/
Submission: On April 03 via api from US — Scanned from DE
Form analysis 2 forms found in the DOM
GET https://www.xorlogics.com/
<form method="get" id="searchform" action="https://www.xorlogics.com/">
<label for="s" class="assistive-text">Search</label>
<input type="text" class="field" name="s" id="s" placeholder="Search">
<input type="submit" class="submit" name="submit" id="searchsubmit" value="Search">
</form>Name: mc-embedded-subscribe-form — POST //xorlogics.us2.list-manage.com/subscribe/post?u=f882c1f32205898dc5e50bb17&id=c259989e1f
<form action="//xorlogics.us2.list-manage.com/subscribe/post?u=f882c1f32205898dc5e50bb17&id=c259989e1f" method="post" id="mc-embedded-subscribe-form" name="mc-embedded-subscribe-form" class="validate" target="_blank" novalidate="novalidate">
<div id="mc_embed_signup_scroll">
<div class="mc-field-group">
<input type="email" name="EMAIL" class="newsle_eminput" placeholder="Please enter your email..." id="mce-EMAIL" required="required" aria-required="true">
<input type="submit" value="Sign Up" name="subscribe" id="mc-embedded-subscribe" class="input_submit">
</div>
<div style="clear:both"></div>
</div>
<div style="clear:both"></div>
</form>Text Content
* * * * * * BE: +32 (0) 261316 43 * Inquiry Menu * Home * About Us * Services * Web Applications * Big Data * Cloud Computing * Mobile Solutions * Portfolio * Blog * Careers * Contacts * * Search 5 TOP RECOMMENDATIONS FOR PUBLIC CLOUD PROTECTION Home / Blog / 5 Top Recommendations for Public Cloud Protection 5 TOP RECOMMENDATIONS FOR PUBLIC CLOUD PROTECTION * 26 April 2021 * by: Aisha Javed * in: BlogPost * Tags: #cloud2021, #CLOUDADOPTION, #CLOUDCOMPUTING, #CloudComputingThreats, #dropbox, #googleapps, #office365, #PublicCloud, #PublicCloudProtection, cloudSecurity, CSA, Malware, Paas, Saas * note: no comments Public cloud storage provides virtually unlimited capacity to users on-demand, accessible via the web, in a free or paid per use capacity. The most prominent examples of public cloud storage are Google Apps, Office 365, file sharing applications such as Dropbox, and so on. From a legal perspective, security aspects of cloud storage especially arise with regard to data protection regulations. Data protection law is focused on the protection of the data of individuals, their right to storing, processing, and use. In data protection law, particularly relevant roles are the data subject, it’s the one who needs to be protected, the controller aka cloud user, the processor means the cloud application provider, and the subcontractor of the processor which is the cloud storage provider. As Increasingly, hackers are gaining access to the public cloud resources of businesses and organizations due to the careless handling of the keys access of authorized users, companies must know how to protect sensitive information contained in scripts or configuration files by carefully planning the security and privacy aspects of cloud computing solutions before engaging them. Here below are the top 5 recommendations for public cloud users to protect their data from misuse: * Understand the public cloud computing environment offered by the cloud provider The responsibilities of both the organization and the cloud provider vary depending on the service model. Organizations using cloud services must understand their responsibilities over the public computing environment and the implications for security and privacy. The cloud provider support and investment in data security or privacy should be verified before any collaboration. If you understand well enough the policies, procedures, and technical controls used by a cloud provider you can calculate the security and privacy risks involved. By having a complete picture of the protection provided by the security and privacy controls, organizations can improve the ability to assess and manage risk accurately, including mitigating risk by employing appropriate techniques and procedures for the continuous monitoring of the security state of the system. * Evaluate your organizational security and privacy requirements A public cloud provider’s security package isn’t custom-made specifically for an organization’s security and privacy needs. Therefore, from a risk perspective, organizations must be well informed if their selected public cloud computing solution is configurable, deployable, and manageable to meet their security, privacy, and other requirements. Organizations can also have negotiated agreements about security and privacy details, such as the vetting of employees, data ownership and exit rights, breach notification, data encryption, tracking and reporting service effectiveness, compliance with laws and regulations, etc. With the growing number of cloud providers and the range of services from which to choose, organizations must pay attention when selecting and moving functions to the cloud. * Ensure that the client-side computing environment meets organizational security and privacy requirements for cloud computing Cloud computing encompasses both a server and a client-side. Services from different cloud providers, as well as cloud-based applications developed by the organization, can impose more exciting demands on the client, which may have implications for security and privacy that need to be taken into consideration. Because of their practical use, web browsers are a key element for client-side access to cloud computing services. Clients may also run a small lightweight application on the desktop and mobile devices to access services. The numerous available plug-ins and extensions for Web browsers are well-known for their security problems. Many browser add-ons also do not provide automatic updates, increasing the persistence of any existing vulnerabilities. Having a backdoor Trojan, keystroke logger, or another type of malware running on a client device undermines the security and privacy of public cloud services as well as other Internet-facing public services accessed. As part of the overall cloud computing security architecture, organizations should review existing security and privacy measures and employ additional ones, if necessary, to secure the client-side. * ID and rights management: Identity and authorization management is a major part of access control. A cloud service provider should make these secure using suitable organizational, personnel, and technical measures. If not done correctly, hackers can easily find these unprotected keys and gain direct access to the exposed cloud environment they use for data theft, account takeover, and resource exploitation. The damage can reach 4-5 digit amounts per day. For this reason, all Cloud Computing platforms should support identity management. The basis for this support can be either that a service provider supplies the customer with an ID management system themselves, or that they supply interfaces to external identity providers. * Early detection is crucial There are those who believe the attackers have already “won,” and thus choose to implement a detection and remediation approach. However, with complete awareness of your environment, a prevention attitude is indeed possible. Therefore, the final step is to implement that monitors any activity for potentially harmful behavior. Implementing detection measures that look for correlate and warn against potentially malicious behavioral indicators will help detect hackers early enough before they can do more damage. Applying application-specific threat prevention policies to allowed application flows is a key step in adhering to a prevention philosophy. Application-specific threat prevention policies can block known threats, including vulnerability exploits, malware, and malware-generated command-and-control traffic. Organizations are using the public cloud to achieve more efficient time to market and improve the overall business. However, when executives create business strategies, cloud technologies and cloud service providers (CSP) must be considered. Developing a good roadmap and checklist for due diligence when evaluating technologies and CSPs is essential for the greatest chance of success. An organization that hurries to choose CSPs without a case study, exposes itself to commercial, financial, technical, legal, and compliance risks that jeopardize its success. Sources : * CSA : Top Threats Working Group The Treacherous 12 * Secureworks: Cloud Security Guide: Platforms, Threats, and Solutions * CNIL : Recommendations for companies planning to use Cloud computing services SHARE THIS ARTICLE * * * * * ← Previous Article Next Article→ SITE ARCHIVES * March 2022 (4) * February 2022 (4) * January 2022 (5) * December 2021 (4) * November 2021 (4) * October 2021 (4) * September 2021 (4) * August 2021 (4) * July 2021 (4) * June 2021 (4) * May 2021 (4) * April 2021 (4) * March 2021 (5) * February 2021 (4) * January 2021 (4) * December 2020 (4) * November 2020 (4) * October 2020 (4) * September 2020 (4) * August 2020 (4) * July 2020 (4) * June 2020 (4) * May 2020 (4) * April 2020 (4) * March 2020 (4) * February 2020 (4) * January 2020 (4) * December 2019 (5) * November 2019 (4) * October 2019 (4) * September 2019 (4) * August 2019 (4) * July 2019 (5) * June 2019 (3) * May 2019 (4) * April 2019 (4) * March 2019 (4) * February 2019 (4) * January 2019 (4) * December 2018 (4) * November 2018 (3) * October 2018 (4) * September 2018 (4) * August 2018 (4) * July 2018 (4) * June 2018 (4) * May 2018 (4) * April 2018 (5) * March 2018 (4) * February 2018 (4) * January 2018 (5) * December 2017 (4) * November 2017 (4) * October 2017 (5) * September 2017 (5) * August 2017 (4) * July 2017 (4) * June 2017 (4) * May 2017 (7) * April 2017 (4) * March 2017 (4) * February 2017 (4) * January 2017 (5) * December 2016 (4) * November 2016 (4) * October 2016 (4) * September 2016 (4) * August 2016 (4) * July 2016 (4) * June 2016 (4) * May 2016 (5) * April 2016 (4) * March 2016 (6) * February 2016 (1) TAG CLOUD #CLOUDCOMPUTING AI Automation BigData Big Data Cloud Computing Gartner GDPR IoT Xorlogics NEED HELP? CALL US: +32 (0) 261316 43 Sign up to Xorlogics Newsletter ABOUT US * Home * About Us * Blog * Site map SERVICES * Enterprise Development * Cloud Computing * Mobile Application Development * Mobile Solutions TAGS CLOUD #CLOUDCOMPUTING AI Automation BigData Big Data Cloud Computing Gartner GDPR IoT Xorlogics CONTACTS Xorlogics BVBA, Avenue Louise 54, 1050 Brussels, Belgium. Phone: +32 (0) 2 613 16 43 Mail: info@xorlogics.com * * * * * Copyright © 2017 Xorlogics - All rights reserved. Scroll Cheap Tents On Trucks Bird Watching Wildlife Photography Outdoor Hunting Camouflage 2 to 3 Person Hide Pop UP Tent Pop Up Play Dinosaur Tent for Kids Realistic Design Kids Tent Indoor Games House Toys House For Children