Editor's note
Companies are putting more critical data into the cloud, which means a cloud breach is likely to be more destructive than ever.
Secure cloud computing is central to business success today, so we've gathered in this guide our experts' thoughts on the nature of the threat and how to counter it. The guide includes detailed examinations of particular approaches and products that help keep cloud defenses high -- or control the damage should a breach occur.
Security professionals in companies that use cloud and care about security must continually rethink and retool strategy and security tools and services. Use this collection of expert guidance to learn how best to secure cloud computing.
1Attackers target cloud with classic methods and new exploits
Because companies are increasingly putting valuable assets in the cloud, hackers are intensifying their attacks on that target. Attackers have new exploits, but they're also using tried-and-true methods at a higher rate -- like phishing emails -- in their efforts to break into company clouds. Learn what threats you need to watch out for now.
-
Article
Domain fronting: Why cloud providers are concerned about it
Domain fronting is a popular way to bypass censorship controls, but cloud providers like AWS and Google have outlawed its use. Expert Michael Cobb explains why. Read Now
-
Article
Eclypsium: Bare-metal cloud servers vulnerable to firmware attacks
Eclypsium found IBM SoftLayer cloud services are vulnerable to what it calls Cloudborne, which allows threat actors to make small, but potentially deadly firmware changes. Read Now
-
Article
How unsecured Firebase databases put critical data at risk
Unsecured Google Firebase databases are similar to misconfigured AWS S3 buckets, but there are key differences. Expert Rob Shapland discusses the risks of unsecured cloud databases. Read Now
-
Article
The problems with cloud-based email security
Cloud-based email security can be challenging for enterprises to achieve. Learn what makes it a challenge and how to secure email in the cloud from expert Dave Shackleford. Read Now
2Latest tools and tactics deliver secure cloud computing
The threats abound, but approaches to locking cloud up tight are also evolving. This section provides focused advice -- such as how to best secure virtual machines or set up a honeypot -- but it also offers more broad-based advice, such as how to put a zero-trust strategy into place.
-
Article
4 steps to ensure virtual machine security in cloud computing
Enterprises are now operating in a cloud-virtual world. Understanding four steps to ensure virtual machine security in cloud computing environments is crucial. Read Now
-
Article
6 questions to ask before evaluating secure web gateways
Learn which six questions can help an organization identify its web security and business needs and its readiness to implement a secure web gateway. Read Now
-
Article
The benefits of using a cloud honeypot for threat intelligence
A cloud honeypot can help enterprises gather threat intelligence. Expert Frank Siemons explains why a cloud-based honeypot deployment is preferable to a traditional one. Read Now
3How to gain visibility and better protect cloud assets
Visibility into cloud infrastructures and apps has always been an issue when it comes to the cloud, but it's essential for secure cloud computing. Learn how to tackle perennial issues like shadow IT, and identify and employ the most effective tools to keep cloud-based assets safe.
-
Article
How to build a strong cloud network security strategy
Building a secure network in the cloud is different from securing a traditional network. Learn what the main differences are and how to establish cloud networking security. Read Now
-
Article
Protect your enterprise against shadow IT in the cloud
More technologies than ever are available to people now that the cloud is so pervasive, and, as a result, shadow IT has become a problem. Expert Michael Cobb explains what to do. Read Now
-
Article
How to deploy deep packet inspection in the cloud
Despite privacy concerns about deep packet inspection, it can help improve cloud network security for enterprises. Expert Frank Siemons explains how to avoid potential pitfalls. Read Now
-
Article
How infrastructure as code tools improve visibility
Visibility into cloud infrastructures and applications is important for data security. Learn how to maintain that visibility while using infrastructure as code tools. Read Now
4What CASBs and managed services offer the security-minded
Secure cloud computing can be a tricky goal to achieve, and the idea of hiring a skilled partner may be a smart move. This section is a goldmine, including information on the key features to look for in a private cloud provider and on how edge computing is affecting cloud service providers -- with a quick guide to Google's wide array of cloud security tools, to boot.
-
Article
How to block public access for AWS S3 bucket security
AWS S3 buckets leaked millions of files, including sensitive data, by enabling public access. Learn how to block public access with expert David Shackleford. Read Now
-
Article
4 considerations for choosing a private cloud provider
Key features to look for from a private cloud provider include interoperability, scalability and how familiar admins are with the provider's technology. Read Now
-
Blog
Even big cloud providers are embracing edge computing
Edge computing is attracting a lot of attention these days, even from cloud providers that have previously said 'everything will go to the cloud.' Read Now