Cloud is the most recent popular expression over the globe. Associations are running in for overhauling their business stages from heritage frameworks to cloud since cloud biological system can give progressed investigation to current methods like Machine Learning, Artificial Intelligence, Data Analytics and so forth. It is likewise a versatile, adaptable and financially savvy arrangement which can give speedy and simple access. There have been a great deal of hypotheses identified with cloud security.

The present information driven business world requests adaptability as far as accessibility and openness of information crosswise over various stages. As cloud framework can be shared among different clients, information availability in the cloud is a worry. Associations utilize a few innovations and various stages like the general population, private and half breed cloud which can make it hard to screen information, recognize abnormalities and control unapproved get to. Presently, presumed cloud merchants like Google, Microsoft and AWS have tackled these issues by executing access control components. Be that as it may, some fundamental glitches must be painstakingly taken care of during cloud executions.

HERE ARE FEW SECURITY THREATS THAT NEED TO BE CONSIDERED WHILE MOVING TO THE CLOUD:

Data Leakage:

The outpouring of secret business-basic data out of your reason is known as Data Leakage. Information Leakage can happen

• During the transfer of data from on-premise to cloud and vice versa
• During the transfer of data from one data center to another data center of the Cloud provider over the public internet
• Unauthorized physical access to data at the Cloud providers datacenter
• Data access by other tenants in the shared infrastructure environment
• Cyber-attack by hackers who find vulnerabilities in cloud services

Data loss:

Data loss in business can occur because of

• Physical infrastructure failure — Disk failure, data center failure, disk damage etc.
• Mismanagement of data (Loss of encryption keys etc.) at the cloud provider’s end.

Service unavailability:

• Cloud Managed services going down and impacting business

Verifying the cloud environment is vital to spare business-basic data, for example, corporate and client information. Any misfortune in information can unfavorably influence the association’s notoriety with substantial punishments. Thus, executing fitting controls, for example, information encryption, information covering, information ingestion security, get to control, confirmation and approval, get to hub security, firewall establishment and so forth can guarantee information secrecy and honesty, along these lines verifying your cloud biological system successfully. It is basic to guarantee ideal checks while relocating the information, to discover a verified establishment of your cutting edge information stage.

Various Categories of Security

1. Web security

2. Data Loss Prevention(DLP)

3. Email Security

4. Network Security

Security Certifications

There are various certifications that authenticate and ensure Security:

1. ISO 27001

2. ISO 27017

3. ISO 27018

4. PC IDSS

5. FEDRAMP

Network Security means to ensure data confidentiality and involving the authorization of access to data in a network, which is controlled by the network administrator. It also ensures proper access to the data.

Various types of Network Security:

1. Virtual Private Network(VPN): Virtual private network that extends a private network across the public network, and it enables users to send the data and receive the data across over a shared or public networks and as if their computing devices were directly connected to the private network.

Types of VPN

1. WAN VPN: It is used for the Branch Offices.

2. Access VPN: It can be used for Roaming users.

3. Extranet VPNs: It is mainly used by the suppliers, Branch Office.

2. Virtual Private Cloud ( VPC): VPN is a virtual network you have when you’re not having a network – it behaves just like a “private network” only it’s virtual. VPC is same as: a virtual “private cloud” it behaves like a private cloud. The user can get all the benefits of it.

3. Firewall: A Firewall is a network security system that monitors and controls the incoming as well as outgoing network traffic and this can be done by allowing or restricting specific ports.

4. IP Restriction: IP restriction is a feature of cloud security. This is used to limit access to specific IP addresses.

Different IP Address Classes:

1. Class A: Class A is the First octet in the network position. Class A address is used for a network which is having more than 65,536 hosts.
2. Class B: Class B is the First two octets in the Network position. Class A address is used for a network which is lies between 256 and 65,536 hosts. communications while
3. Class C: Class C is the First three octets in the Network Position. Class B address is used for a network which is less than 254 hosts.

Network Firewall:

Network Firewall is to eliminate the occurrence of unwanted network communications while allowing all legitimate communication to flow freely.

1. Router / Bridge Based Firewall

2. Computer-based Network Firewall