Cloud computing security

Cloud computing security continues to be one of the biggest concerns and challenges for enterprises. Learn various best practices related to encryption, authorization and identity management to protect cloud infrastructure, data, applications and more. Evaluate various cloud provider-native and third-party security tools to protect critical workloads.

Top Stories

Quiz 01 Nov 2022
Quiz yourself on cloud computing basics

To grasp a technology, it's best to start with the basics. Take this brief cloud computing quiz to gauge your knowledge of providers, deployment models and other 101-level topics. Continue Reading
Answer 18 Oct 2022
What is data separation and why is it important in the cloud?

Some enterprises avoid the public cloud due to its multi-tenant nature and data security concerns. Learn what data separation is and how it can keep your data safe. Continue Reading

Tip 18 Jan 2022

Cloud-native security architecture principles and controls

Building a sound cloud security framework is challenging, and it's even more so when implementing a cloud-native architecture. Here are steps you can take to make the job easier. Continue Reading
Tip 14 Dec 2021

Popular security best practices for hybrid cloud

Combining a public cloud and an on-premises environment creates unfamiliar security challenges. Learn the main security issues in hybrid cloud and the ways to combat them. Continue Reading
Tip 24 Nov 2021

9 cloud migration security considerations and challenges

Cloud migration may seem daunting to security teams. Follow these essential practices to safely and successfully migrate infrastructure and applications. Continue Reading
Tip 17 Nov 2021

How to use Google's workload identity federation with AWS

Cloud admins struggle to share data between cloud providers. Here are the steps to create a federated identity in Google Cloud, connecting it to AWS in a secure way. Continue Reading
Tip 09 Nov 2021

How to overcome 3 multi-tenancy security issues

Explore three major multi-tenancy security challenges and how to fix them, including lack of visibility, privilege overallocation and poor data security management. Continue Reading
Tip 05 Nov 2021

Best practices for endpoint security in the cloud

As the proliferation of cloud services continues, IT teams should revisit -- and potentially revamp -- their endpoint protection strategies. Continue Reading
Tip 15 Sep 2021

Operational strategies for isolation in cloud computing

While it's inevitable that certain cloud-hosted applications will share resources, the vulnerabilities these connections expose make isolation strategies an absolute necessity. Continue Reading
Tip 13 Sep 2021

All about cloud-native application protection platforms

The cloud-native application protection platform, or CNAPP, is the latest in a slew of cloud security acronyms. Learn what it is and why the concept should stick around. Continue Reading
Tip 07 Sep 2021

Compare AWS Cloudtrail vs. Config for resource monitoring

When your IT team needs more detailed info about resource activity in AWS, they have options. See how AWS Cloudtrail and Config resource monitoring tools compare. Continue Reading
Tutorial 30 Aug 2021

Step-by-step guide on how to create an IAM user in AWS

Learn how to make an AWS IAM user and assign an access policy to the user with a few commands. This detailed tutorial includes screenshots to guide you through the steps. Continue Reading
Tip 11 Aug 2021

Cloud-native security benefits and use cases

'Cloud native' has described applications and services for years, but its place in security is less clear. Get insight into cloud-native security from expert Dave Shackleford. Continue Reading
Tip 20 Jul 2021

4 best practices for big data security in cloud computing

When dealing with vast amounts of data in the cloud, enterprises need to be proactive with security. Don't wait for a threat to happen; apply these best practices first. Continue Reading
Tip 12 Jul 2021

3 AWS container security best practices

Security is crucial for container-based applications. Learn how to protect AWS container environments with best practices for ECS, EKS and the extension for on-premises deployments. Continue Reading
Quiz 01 Jul 2021

Get Azure Fundamentals exam practice with this quick quiz

Getting officially certified in MS Azure Fundamentals is a career-booster. This 12-question quiz will help assess your readiness for this key professional exam. Continue Reading
Tip 08 Jun 2021

How to create Amazon EC2 security groups

Before setting up security groups for AWS resources, review rules, requirements and potential missteps. Follow these steps to properly configure security groups for EC2 instances. Continue Reading
Tip 02 Jun 2021

An introduction to AWS IAM best practices

Follow this AWS IAM overview to better understand Amazon's core access management service. Implement these tips to get the most out of this foundational security service. Continue Reading
Quiz 16 Apr 2021

Ready to be a GCP architect? Try this quiz and see

This 10-question quiz, drawn from a new GCP certified professional cloud architect prep guide, helps identify your strengths and weaknesses to improve your odds of passing the exam. Continue Reading
Tip 31 Mar 2021

A breakdown of core AWS identity services

Given the wide range of organizations that use AWS to power their applications, it's important to understand the options AWS offers to manage access to application components. Continue Reading
Tip 29 Mar 2021

5 bad practices that lead to insecure APIs in cloud computing

API security often feels complicated. However, your IT team will go a long way in securing its services if it avoids these common pitfalls in API design and implementation. Continue Reading
Tip 19 Mar 2021

Top 5 cloud storage security issues and how to contain them

A handful of major cloud storage security issues, such as insufficient access controls and compliance, remain. Learn how to successfully address them with guidance from IT experts. Continue Reading
Answer 18 Mar 2021

Compare Azure Firewall vs. NSGs for network security

Traffic to and from resources needs proper security to protect data, but the wrong tool could leave you vulnerable. Explore these two services to find the right level of protection. Continue Reading
Feature 16 Mar 2021

The complete Secure Access Service Edge (SASE) guide

SASE helps organizations manage and secure external traffic. But is it the best choice for your environment? Find out how to buy, deploy and manage SASE in this adoption guide. Continue Reading
Guest Post 26 Feb 2021

Dispelling 4 of the top cloud security myths today

Booz Allen's Jimmy Pham and Brad Beaulieu dispel four major cloud security myths, exploring why staying in the cloud rather than returning to on premises may be the more secure option. Continue Reading
Tip 09 Feb 2021

6 cloud vulnerabilities that can cripple your environment

Enterprises can be devastated by security-related weaknesses or flaws in their cloud environments. Find out where you are most vulnerable before an attacker comes knocking. Continue Reading
Tip 02 Feb 2021

Top 11 cloud security challenges and how to combat them

Before jumping feet-first into the cloud, understand the new and continuing top cloud security challenges your organization is likely to face -- and how to mitigate them. Continue Reading
Tip 22 Jan 2021

How to create a cloud security policy, step by step

Read up on the components of a cloud security policy, what policies cover and why your organization needs them, and download a handy template to get the process started. Continue Reading
Tip 12 Jan 2021

6 SaaS security best practices to protect applications

Use these SaaS security best practices to ensure your users' and organization's SaaS use stays as protected as the rest of your enterprise applications. Continue Reading
Tip 06 Jan 2021

Organize a cloud IAM team to secure software-defined assets

Building a cloud IAM team with the necessary technical expertise and soft skills is key to securely managing IAM in complex cloud environments. Continue Reading
Guest Post 11 Dec 2020

Cloud security: The building blocks of a secure foundation

Before going ahead with digital transformation, ensure your organization has created its cloud security strategy to ensure that moving to the cloud doesn't create vulnerabilities. Continue Reading
Feature 28 Aug 2020

Chart an Azure administrator certification path

Advance your career as an IT administrator with Azure certifications. Review the requirements and exams associated with Azure administrator roles with this guide. Continue Reading
Tip 06 Aug 2020

Overcome common cloud backup security issues in remote work

Your cloud backup and storage usage may be on the rise. Make sure you take the necessary security precautions detailed here to keep your data protected. Continue Reading
Quiz 29 Jul 2020

Cloud security quiz: Application security best practices

Think you know all there is to know about securing apps in the cloud? Test your grasp of cloud application security best practices with this quiz. Continue Reading
Tip 27 Jul 2020

Cloud workload protection platform security benefits, features

VMs and cloud environments make the task of protecting workloads more difficult than ever. Can a cloud workload protection platform help your organization solve the problem? Continue Reading
Tip 09 Jul 2020

Enhance your cloud threat protection with 5 tools, and more

Explore the best tools and tactics; you'll need the most effective arsenal available to counteract the attackers gunning for your cloud-based workloads and apps. Continue Reading
Tip 24 Jun 2020

Establish S3 bucket security with proper access control

Misconfigured S3 buckets can put your sensitive data at risk. Learn to configure secure S3 buckets and block public access with this guide. Continue Reading
Feature 28 May 2020

10 open source cloud security tools to know

While cloud providers offer native security tools, there also are plenty of useful open source options. Here's a sample of open source tools for cloud security. Continue Reading
Quiz 20 May 2020

Use these CCSK practice questions to prep for the exam

Virtualization and container security are key topics in the Certificate of Cloud Security Knowledge credential. Test your knowledge with these CCSK practice questions. Continue Reading
Feature 20 May 2020

CCSK cert guide author's insights into cloud security credential

The author of a Certificate of Cloud Security Knowledge exam guide offers insights into certifications, top considerations for those pursuing the CCSK and more. Continue Reading
Answer 14 May 2020

How do I store secrets in AWS so they don't appear in my code?

To secure a cloud environment, IT teams must keep their application's secrets under wraps. Learn how AWS users can keep sensitive information out of their code with tools like Secrets Manager. Continue Reading
Tip 30 Apr 2020

Watch out for these 5 hybrid cloud security challenges

Protect your hybrid cloud environment against these five common security vulnerabilities. Avoid the risks with established strategies and public cloud tools. Continue Reading
Tip 17 Apr 2020

Boost cloud storage performance for your work-from-home workforce

Optimizing cloud storage security and performance are key to transitioning to a 100% remote workforce. Learn best practices to follow as your organization responds to COVID-19. Continue Reading
Tip 06 Apr 2020

SASE identity policies enhance security and access control

Will the Secure Access Service Edge model be the next big thing in network security? Learn how SASE's expanded definition of identity is fundamental to this emerging access model. Continue Reading
Tip 30 Mar 2020

How to protect and manage Azure Pipelines secrets with Key Vault

Follow along with this Azure Key Vault tutorial to securely manage passwords and other sensitive information in an Azure DevOps pipeline. Continue Reading
Tip 25 Feb 2020

Tackle identity management in the cloud with AaaS or IDaaS

Has your organization considered outsourcing cloud identity management? Learn more about the benefits of AaaS, aka IDaaS, and what to consider before settling on a particular service. Continue Reading
Tip 07 Feb 2020

Maintain multi-cloud security parity with these practices

Establish consistent security measures across distributed environments. Automate configuration management and increase monitoring and training to reduce multi-cloud vulnerabilities. Continue Reading
Feature 21 Jan 2020

Understanding the CSA Cloud Controls Matrix and CSA CAIQ

Uncover how the CSA Cloud Controls Matrix and CSA CAIQ can be used to assess cloud providers' controls and risk models, ensure cloud compliance and more. Continue Reading
Tip 02 Jan 2020

5 steps to a secure cloud control plane

A locked-down cloud control plane is integral to maintaining cloud security, especially in multi-cloud environments. Here are five steps to a secure cloud control plane. Continue Reading
Opinion 23 Dec 2019

Shared responsibility model transparency boosts cloud security

The shared responsibility model delineates where company and CSP security responsibilities start and end. This is critical not only for compliance, but also the big security picture. Continue Reading
News 19 Dec 2019

Hybrid, cost management cloud trends to continue in 2020

Hybrid and multi-cloud approaches evolved in 2019, cost management efforts rose and deployment options vied for dominance. Those trends are all likely to continue through 2020. Continue Reading
Tip 19 Dec 2019

Learn some key cloud workload protection best practices

Learn key practices to protect cloud workloads whether using VMs, endpoints or containers. And don't forget to consider the best means for building a fruitful feedback loop. Continue Reading
Tip 19 Dec 2019

What cloud workload security tools and controls work best?

Read on to learn how to build a cloud security model that allows your team to embed controls and monitor deployment without getting in the way of business processes. Continue Reading
Tip 02 Dec 2019

How to evaluate CASB tools for multi-cloud deployments

When it comes to evaluating CASB tools, it's essential to be an informed customer. Identify your organization's usage and security goals to get the context you need before you buy. Continue Reading
Feature 14 Nov 2019

AWS SysOps certification exam guide outlines admin responsibility

In this book excerpt from "AWS Certified SysOps Administrator Associate All-in-One Exam Guide," review the best practices for OS and application security on AWS. Continue Reading
Feature 13 Nov 2019

Benefits of using Azure Security Center for security assessments

Author Yuri Diogenes discusses how Azure Security Center helps admins achieve full cloud visibility, conduct security assessments and prevent potential breaches. Continue Reading
Feature 12 Nov 2019

Use Azure Security Center to conduct a security posture assessment

In this excerpt from Chapter 4 of Microsoft Azure Security Center, the authors outline how to use the software to determine and improve your enterprise's cloud security posture. Continue Reading
Tip 06 Nov 2019

Risks of container escape vulnerabilities and how to counter them

Container escape vulnerabilities create new challenges for security and risk management teams. Learn more about container escapes and how to prevent exploitation. Continue Reading
Tip 23 Sep 2019

Enterprises want more cloud transparency

Cloud providers have improved the visibility into their platforms, but enterprises still need more information about what goes on behind the scenes. Continue Reading
Opinion 09 Sep 2019

Prepare for cloud security and shared responsibility

Organizations that move to the cloud must prepare to adapt their security playbooks. Learn how AWS' shared responsibility model complicates cloud security. Continue Reading
Tip 06 Sep 2019

How to build and maintain a multi-cloud security strategy

When using multiple cloud service providers, it's critical to consider your enterprise's cloud scope and the specifics of each cloud service to maintain security. Continue Reading
Tip 22 Aug 2019

Use modern cloud security best practices

Enterprises still worry about the security of cloud and if migrating will put data at risk. Explore modern methods, technologies and tools that help strengthen cloud environments. Continue Reading
Tip 26 Jul 2019

CASB tools evolve to meet broader set of cloud security needs

When choosing a CASB, enterprises face two primary options: a stand-alone service from a third party or a bundled tool set from some of the large cloud providers. It's important to pick your flavor wisely. Continue Reading
Tip 22 Jul 2019

Conduct cloud security training across the business

A well-educated staff is one of the best tools in the fight against security breaches. Consider these tips to prepare your employees for the risks in the cloud. Continue Reading
News 25 Jun 2019

Oracle layoffs hit Dyn team's sales, marketing staffs

Oracle Dyn cuts sales and marketing jobs as Oracle plans to end some Dyn services in 2020. The layoffs come amid other Oracle downsizing as the vendor moves toward the cloud. Continue Reading
Guide 30 May 2019

How best to secure cloud computing in this critical era

Achieving cloud security today demands you continually update your strategy, policy, tactics and tools. This collection of expert advice helps keep your cloud defenses well-tuned. Continue Reading
Tip 28 May 2019

AI presents new cloud security challenges when building apps

AI and machine learning technologies can broaden an application's capabilities, but they can also open an enterprise to new threats. Continue Reading
News 16 May 2019

ZombieLoad: More side channel attacks put Intel chips at risk

Another set of side channel vulnerabilities were discovered in Intel chips. Security researchers explain the risks posed by the flaws and offer advice on mitigation steps. Continue Reading
News 08 Feb 2019

Google eyes confidential computing to buff cloud security cred

Google Cloud Platform's Asylo open source project could one day boost confidential computing efforts, but for now it mainly serves to boost Google's security bona fides. Continue Reading
Tip 26 Dec 2018

Secure data in the cloud with encryption and access controls

Enterprises can't rely on their IaaS provider to protect sensitive information in the cloud. Implement these data security techniques to mitigate potential risks. Continue Reading
Tip 31 Oct 2018

Properly configure resources to reduce cloud security threats

Misconfigured cloud resources can quickly open the door to IT risks. Be mindful of access controls, and don't brush off your cloud provider's recommended security practices. Continue Reading
Blog Post 29 Oct 2018

Three events that spooked cloud admins in 2018

So far this year, outages, security breaches and GDPR compliance have haunted cloud admins in the enterprise. Take a closer peek at each of these three big scares. Continue Reading
Tip 16 Aug 2018

Establish a data classification model for cloud encryption

Not all data requires the same level of encryption. Use data classification to gauge your security needs, including for workloads that span on-premises and cloud environments. Continue Reading
Tip 26 Jun 2018

Bolster multi-cloud security with these data privacy tips

Data privacy is always a top priority for enterprise IT teams. And those with a multi-cloud model should adopt a mix of security techniques -- from erasure coding to encryption. Continue Reading
Feature 28 Mar 2018

With more providers, security issues in cloud computing rise

We hear a lot about the pros and cons of a multi-cloud strategy, but a surprising number of organizations don't think they need to worry about it. They do. Continue Reading
Tip 21 Mar 2018

Human error still poses a significant cloud security risk

Even with the most sophisticated cloud security tools in play, human error -- both from end users and IT teams -- can open up your enterprise to numerous kinds of attacks. Continue Reading
Feature 07 Sep 2017

Cloud backup systems are a good bet in ransomware fight

Because it's important to protect your backups against ransomware, a cloud backup system is a strong option. Critically, cloud backups are off the network. Continue Reading
Blog Post 20 Mar 2017

Awareness of shared-responsibility model is critical to cloud success

When companies move to the cloud, it's paramount that they know where the provider's security role ends and where the customer's begins. The shared-responsibility model is one of the fundamental ... Continue Reading
Tutorial 28 Nov 2016

Security issues in cloud computing

While the cloud may be flexible and cost-efficient, a lack of data safeguards and compliance standards makes security the largest hurdle to leap. Continue Reading
Tip 12 Jul 2016

Tips and tools to manage Azure roles, access controls

Azure Resource Manager has a complete, but complex, set of role-based access controls that let admins create policies to manage who can access Azure cloud services. Continue Reading
Feature 20 Nov 2014

Cloud data security comes with hefty price tag

As attacks on IT systems with sensitive data continue, cloud security becomes a top concern. Users won't find the best security practices on a clearance rack. Continue Reading
News 25 Jul 2014

Trio of new VMware vCHS features revealed

VMware intends to disclose availability of three major services for vCHS next month -- welcome additions for VMware cloud customers. But industry watchers say the company needs to add much more to compete against AWS, Google and Microsoft. Continue Reading
Answer 27 Jun 2014

Protecting cloud networks against DDoS and DoS attacks

DDoS and DoS attacks are simple to implement but more difficult to prevent. How can these attacks on cloud services be avoided? Continue Reading
Tip 25 Feb 2013

Security considerations for IaaS cloud

Learn about the necessary security considerations for IaaS cloud environments. Continue Reading