Getting Started with Cloud Security

Index

• Introduction
• Fundamentals
• Security Basics
• Compliance
• Conclusion

Introduction

Cloud security isn’t something you can just point to and say, “I know this and that, so I know cloud security.” Like the entire security domain, it consists of multiple components that form its foundation. In this post, I’ll do my best to provide a starting point to help you navigate this vast field.

Fundamentals

Before diving into cloud security, as the name suggests, you first need a solid understanding of the cloud itself. But even before that, I believe you should be familiar with these key concepts:

• IaaS, or infrastructure as a service, is on-demand access to cloud-hosted physical and virtual servers, storage and networking—the backend IT infrastructure for running applications and workloads in the cloud.

• PaaS, or platform as a service, is on-demand access to a complete, ready-to-use, cloud-hosted platform for developing, running, maintaining and managing applications.

• SaaS, or software as a service, is on-demand access to ready-to-use, cloud-hosted application software.

Use the embedded links to explore these topics further, IBM provides some of the best videos and articles on the subject. Once you’re comfortable with these concepts, we can move on to understanding the cloud itself. There are multiple cloud platforms in the market but based on the market share they have, we’ll priortize the learning

Looking at market share, it’s smart to focus on AWS, Azure, and Google Cloud (GCP). Some might say that’s too much for beginners, but who gives a shit? You’re not going to stay a beginner forever. Better to start now and not get overwhelmed. 😉

• AWS : Architecture : Deep-Dive
• Azure : Deep-Dive
• Google Cloud, or GCP : Architecture : Deep-Dive

Next, you’ll need to understand how Identity and Access Management (IAM) works. Within IAM, you’ll come across Role-Based Access Control (RBAC) and Zero Trust both essential concepts in cloud security. These topics are covered in the deep-dive of each cloud platform, but if you skipped those, here are some great resources to catch up, here is a one you can try or try this, IAM principles remain fairly similar across all cloud platforms, so once you get the hang of it, transitioning between providers becomes easier.

To wrap up this section, the last key concept is Deployment Models, which you can explore here.

Security Basics

In the cloud, there are principles and models, a lot of them. But to get started, you only need to focus on a couple of key ones:

• Shared Responsibility Model
• CIA Triad : Confidentiality, Integrity and Availability (this includes more interesting stuff as well, just a little format stuff)

Data security in the cloud ensures that your data is protected from unauthorized access, breaches, and leaks. Two major concepts in data security are encryption and key management. However, when it comes to the cloud, things get more granular.

Each cloud platform provides its own key management service to handle encryption keys securely, such as AWS KMS, Azure Key Vault and Google Cloud KMS.

These services ensure that encryption keys are managed securely and efficiently, reducing the risk of unauthorized access to sensitive data.

Like any other aspect of security, nothing is complete without logs, monitoring, and security systems, and the cloud is no exception. Each cloud platform has its own logging and monitoring services. Some key examples include :

• CloudTrail
• Security Hub
• GuardDuty
• SIEM
• SCC
• Defender for Cloud
• CSPM
• Secrets Management
• Code Signing
• SAST/DAST

Compliance

Compliance plays a major role in any infrastructure. It helps build customer trust by ensuring that the vendor follows a predefined set of security guidelines to protect data. These standards are updated periodically, so it’s always a good idea to do a quick Google search to find the latest official and free documentation for learning.

Some key compliance frameworks include:

• SOC 2
• HIPAA
• ISO 27001
• NIST
• CIS Benchmarks

Organizations use Cloud Security Posture Management (CSPM) tools to maintain compliance and ensure configurations align with security best practices. However, compliance alone isn’t enough, concepts like Zero Trust, Least Privilege, and other security best practices also play a crucial role in keeping cloud environments secure.

Conclusion

As you’ve seen, many sub-services are involved in keeping infrastructure and applications running in the cloud. The only way to identify vulnerabilities is by following best practices, particularly in areas like misconfigurations and exposed data.

Like everything else in security, cloud security is an ever-evolving field. Every month, new services emerge, along with new ways to misconfigure them, making entire systems vulnerable. This means continuous learning is essential.

To stay ahead, it’s highly recommended to deep dive into specific cloud platforms, ensuring a strong understanding of security configurations and their behaviors within each platform.

Share with 

 

Discussions 

 

Write me your valuable feedback!