Security Basics and Fundamentals

The cloud provider or an organization which maintains their own datacenter should follow some sort of countermeasures such as creating an action, a device, a procedure or a technique to reduce or minimize the security threats caused by the vulnerabilities. This can be achieved by eliminating or preventing it. Corrective and preventive actions should be implemented to minimize the harm caused by the attack. Below are some of the key security considerations or countermeasures that can be implemented in datacenter to secure the IT systems and the information stored in the systems.

Security by Design

• Principle of least privilege – Only grant access to system that is needed for its function.

• Perform code reviews in regular intervals

• Unit Testing

• Plan for Defense in Depth

• Design infrastructure to fail secure 

• Record audit trails and store the logs securely

• Disclosure of vulnerabilities to security & operations team so that they can take appropriate actions.

Security Architecture

Security architecture is the design artifacts which describes how the security controls or countermeasure are related and incorporated with the IT architecture. These security controls will maintain the systems integrity, availability, confidentiality, accountability and assurance services. Some of the important security controls are NIST controls and CIS hardening controls.

Security Measures

Adequate security measures and processes such as threat prevention, detection and response processes has to be implemented to obtain the required security levels. Some of the security measure are

• User account access controls

• Firewalls 

• Access Control Lists (ACLs)

• Intrusion Detection System (IDS)

Vulnerability Management

• It is the process of identifying and mitigating the vulnerabilities that are found in networks, software’s and firmware’s.

• Tools are available to regularly scan the vulnerabilities which analyzes a system with known vulnerabilities in the public internet.

• Third party security organizations can also run regular penetration tests against the systems to identify the vulnerabilities.

• Identified vulnerabilities has to be remediated or mitigated by implementing additional security policies or processes based on the critical of the vulnerabilities.

Hardware Protection Mechanisms

Hardware in the datacenter or in office locations has to be secured, hardware based or assisted computer security also provides an additional security on top of software security. Below are some of hardware security measures that can be implemented

• Disabling the usage of USB dongles or pendrives

• Firmware upgrades and patches

• Using Trusted Platform modules (TPMs)

• Implementing computer case intrusion Detection system to generate alerts

• Drive Locks to prevent unauthorized physical access to the drives

• Disabling peripheral devices like security cameras, GPS, removable storage etc which are not in use.

• Enabling bio-metric validation and multi factor authentication on mobile phones to connect access control systems etc

See: Hardware Components in the Datacenter

Regular Security Training for Employees

• Employees are widely considered as the weakest link from the security perspective and it is estimated that more than 90% of security incidents and breaches are caused due to human error.

• Some common human errors are poor password management, the inability to recognize misleading URLs and to identify fake websites, dangerous email attachments and saving user id and passwords of bank websites.

• These threats pose high risk for the company and as well as to the employees personally and these threats can be mitigated by the Multi factor authentications.

Organizations need to conduct security awareness training’s in regular intervals to prevent these potential security threats as well as be in compliance with regulatory and industry mandates.