In this edition of the Google+ Office Hours Hangout, we talked about some of first steps to achieve security in the cloud. While security is a topic that deserves weeks of discussion, we wanted to give a quick overview on some of the basic practices. If you have any other questions about securing your solutions in the cloud, check out Wayne Walls’s security post as part of his Pillars of Cloudiness and feel free to give us a call at Rackspace and ask for a Launch Manager. Here are some of the highlights from last week’s Hangout – and you can scroll to the bottom to watch the Hangout in its entirety.
- One of the most elementary steps that you can take for security in the cloud, but one that reaps many rewards, is using strong passwords. If you are using either “p@ssw0rd” or “abc123” as your password, I implore you to stop reading this post right now and go and change it to something stronger. The best practice is to have strong, unique passwords for any site or server that you log into.
- Be sure to keep your cloud control panel password secret so other users cannot create and deploy new servers without your permission. Once you have your account password set, you then need to think about the passwords on the servers themselves. When you create a new Cloud Server, Rackspace provides you with a root user and password. The best practice is to immediately create new users in order to have a more secure situation.
- Drew Cox told us about Dome9, a company that provides granular tools to better secure your server and provide time-limited access to individual users. The best part is that Dome9 is a Rackspace Cloud Tools partner and there is a free tier that Rackspace customers can use!
- We want to encourage you to make sure that you take the basic steps to secure applications that are run on the web. Install the latest updates and patches to help prevent your web server from getting exploited and used as part of the bot net.
Again, while not an exhaustive list, these are some basic steps to get you started with security on the cloud. We’d love for you to come Hangout with us later this week, Thursday at 1:00 p.m. CST, when we will talk about another Pillar of Cloudiness: Agility (you can get a head start by checking out this blog post on agility). For more information, stay tuned to the Rackspace Google+ page!