How to keep applications secure in a private cloud

Security is a key area of application performance and delivery

Many organisations are considering the best methods for building and managing their private cloud deployments, with private cloud adoption rising from 63% to 77% over the last year.

As private clouds increasingly host mission-critical production applications, security increasingly comes into focus as a key part of application performance and delivery.

Network and application security concerns in a private cloud are largely the same as those faced by enterprises in traditional data centres and in the public cloud. Organisations confront web application threats, issues of identity and access management, mitigation of distributed denial-of-service (DDoS) attacks and SSL and encryption concerns in their efforts to secure their applications and ensure that private data remains private.

Web application firewall

When considering implementing a private cloud architecture, organisations must deploy advanced network firewall services, including a solution that can control traffic using basic criteria such as IP address, port and protocol, as well as advanced principles such as HTTP protocol validation, geographical location or endpoint reputation. In addition, a robust WAF can provide comprehensive tools to identify web application threats, block malicious traffic and offer outbound data loss prevention services.

Identity & access management

Managing identity and access in a cloud computing environment with an increasingly distributed mobile workforce becomes more complex every day. Enterprises require a solution that provides advanced authentication services, such as two-factor tokens, CAPTCHA, or geographical restrictions as well as client certificate checking and endpoint inspection. In addition, many organisations consider deploying SAML identity provider services to provide an architecturally sound single sign-on (SSO) solution throughout the enterprise.

DoS & DDoS

With more and more sites facing multiple denial-of-service (DoS) attacks each year, DoS mitigation services are a necessity for most enterprises running private clouds. A strong solution provides proactive bot defence as well as application-layer DoS detection and mitigation.

SSL

Finally, in the contemporary business world, Secure Sockets Layer (SSL) is everywhere. Analysts predict that encrypted traffic will jump to nearly 64% of all North American online traffic in 2016, up from just 29% in 2015. Enterprises must ensure security with a strong SSL solution that provides decryption, traffic inspection and re-encryption, as well as optimise performance by offloading of computationally intensive SSL workloads from compute node resources.

Featured Resources

Four cyber security essentials that your board of directors wants to know

The insights to help you deliver what they need

Download now

Data: A resource much too valuable to leave unprotected

Protect your data to protect your company

Download now

Improving cyber security for remote working

13 recommendations for security from any location

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

Recommended

Sopra Steria cyber attack costs to hit €50 million
Security

Sopra Steria cyber attack costs to hit €50 million

26 Nov 2020
Sophos warns customers of potential data leak
Security

Sophos warns customers of potential data leak

26 Nov 2020
Weekly threat roundup: VMware, GitHub, Facebook, and MobileIron
Security

Weekly threat roundup: VMware, GitHub, Facebook, and MobileIron

26 Nov 2020
Egregor ransomware could take up where Maze left off
Security

Egregor ransomware could take up where Maze left off

26 Nov 2020

Most Popular

80% of cyber professionals say the Computer Misuse Act is working against them
Security

80% of cyber professionals say the Computer Misuse Act is working against them

20 Nov 2020
Cisco acquires container security startup Banzai Cloud
Security

Cisco acquires container security startup Banzai Cloud

18 Nov 2020
350,000 Spotify users hacked in credential stuffing attack
Security

350,000 Spotify users hacked in credential stuffing attack

24 Nov 2020