Windows Azure Security Essentials – Part 2/N – Cloud Threats and how Windows Azure handle them

   One of the very important part of security is to know you threats, and in Cloud it’s important to know what threads are different from the On-premise environments, and those are: Traditional threats, like: Cross-site scripting (XSS), SQL Injection DoS Attacks, network spoofing, DDoS Old threads are mitigated by the system and are responsibilities of the Cloud Vendor Patching is automated and instances are moved to secure systems Cloud resiliency improves failover across a service Also some of the existing threads are expanded, like: Data privacy such as location and segregation Abuse of privilege access by admins So new … Continue reading Windows Azure Security Essentials – Part 2/N – Cloud Threats and how Windows Azure handle them

Windows Azure Security Essentials – Part 1/N – Security Overview

   Security is one of the very important parts of Cloud Computing, since we are in a completely new environment that the ones we are used to. When using Cloud Computing “The Platform is managed for us” rather, the “Us managing our platform”.     Another thing that is completely different between the On-Premise and the Platform as a Service Model, is because instead of having full control of the platform (Physical/Network/Host/Application and Data), we are really only controlling the Data and the Application, since the rest is the responsibility of our vendor, in the Windows Azure Service Platform case this … Continue reading Windows Azure Security Essentials – Part 1/N – Security Overview