securing applications running on cloud

 

Security holds a paramount priority when we build a new web-based product or architecture. It is literally everything in the IT world. Let’s take a sneak peak on how we can secure applications on cloud.

Note – The cloud that is discussed in this article is AWS (Amazon Web Services).


Let’s say you’ve begun building an architecture in the AWS cloud which runs your web application. And you are happy with the downtime, performance and costs. Are we done now?

As the header states about security, you know by now my answer will be No – such an easy guess!!! 

NOW LET US START SECURING THE INSTANCE THAT HOLDS OUR WEB APPLICATION AND THE RESPECTIVE DATABASES –

  1. Firstly, always consider building your own Virtual Private Cloud (VPC), with your custom security groups, routing table and subnets. The security groups in here acts as a firewall for all the services inside this VPC.
  2. Secondly, consider having two subnets. One should be private, which should only have access to the internet through a NAT Gateway and the other should be public, which has a direct access to the internet.
  3. Plan your load balancers and NAT gateways in the public subnet – these services doesn’t have your application running on them. And on the load balancers you have security groups in there, which will act as a firewall for the requests through the load balancers.
  4. Now, all the services which have your application and its data must be in the private subnet dot.
  5. Even on the instances and on your Databases you can set a security group; this is a firewall for the respective instance and database.
  6. For enhancing the security, one could consider using a WAF (Web Application Firewall) outside the VPC, after the route53.

These are a few steps one can follow to secure their applications in the cloud and it’s to be noted that there exists better ways according to the architecture your application is running on.

Leave a Comment