Security

The security in “Bring Your Enterprise on Cloud” topic is a very hug job. But it’s implementation is not impossible. This topic is based on the related links.

The conceptual check list for security is as follows

Enterprise Infrastructure Security

1. Network security
2. Data encryption
3. Key and secret management
4. Identity & Access Management
5. Duty segregation
6. Least Privileges
7. Zero trust
8. Defense in depth
9. Platform policies
10. Vulnerability check/management
11. Compliance Monitoring

Enterprise Application Security

1. Database
2. Storage
3. Container image registry
4. Container service
5. Kubernetes service
6. Serverless functions
7. App Service
8. Queue services
9. Event services
10. Cache services
11. Load balancers
12. CDN services
13. VMs
14. VM Disks

Approach

These are the topics, which must be considered in “Bring Your Enterprise on Cloud” topic. In the following links I’ll provide an exact check list based on cloud provider.

To make the job easier it’s better to go through the conceptual check list in a layered way as demonstrated in the sample below. This can help to do the job Agile.

Layer 1: We explain how should be e.g. the network.

Layer 2: We explain how we can have e.g. a resilient network (we decide which platform service or a 3th party service or tool can to realize it)

Layer 3: We explain how we can have e.g. a high available network (we decide which platform service or a 3th party service or tool can to realize it)

Layer 4: We can add layers if we need more

Related links

• Microsoft Well-Architectured Framework
• AWS Well-Architectured Framework