Security

The security in “Bring Your Enterprise on Cloud” topic is a very hug job. But it’s implementation is not impossible. This topic is based on the related links.

The conceptual check list for security is as follows

Enterprise Infrastructure Security

  1. Network security
  2. Data encryption
  3. Key and secret management
  4. Identity & Access Management
  5. Duty segregation
  6. Least Privileges
  7. Zero trust
  8. Defense in depth
  9. Platform policies
  10. Vulnerability check/management
  11. Compliance Monitoring

Enterprise Application Security

  1. Database
  2. Storage
  3. Container image registry
  4. Container service
  5. Kubernetes service
  6. Serverless functions
  7. App Service
  8. Queue services
  9. Event services
  10. Cache services
  11. Load balancers
  12. CDN services
  13. VMs
  14. VM Disks

Approach

These are the topics, which must be considered in “Bring Your Enterprise on Cloud” topic. In the following links I’ll provide an exact check list based on cloud provider.

To make the job easier it’s better to go through the conceptual check list in a layered way as demonstrated in the sample below. This can help to do the job Agile.

Layer 1: We explain how should be e.g. the network.

Layer 2: We explain how we can have e.g. a resilient network (we decide which platform service or a 3th party service or tool can to realize it)

Layer 3: We explain how we can have e.g. a high available network (we decide which platform service or a 3th party service or tool can to realize it)

Layer 4: We can add layers if we need more

Network

Resilient

High Available

Key/ Secret management

Resilient

High Available

Identity & Access Management

Resilient

High Available

Related links

Published by parisamoosavinezhad

- Software Engineer - Software Architect - Software and database specialist - Cloud solution architect

One thought on “Security

  1. I think the following items have to be considered in the enterprise infratructure security: security principels, Ransomeware on cloud, patch management, Technical states, pentesting, Security of information and events

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: