Friday, October 4, 2019

New tutorial discuss how to enhance cloud app security

Recently, I wrote a new tutorial as part of the IBM Cloud solution tutorials. Have you already developed and deployed an application on IBM Cloud? Then, may be, you followed the introductory tutorial on how to apply end-to-end security to an application. Following "security by design," you are now starting to look into the design of a new application, or perhaps you need to adapt an older application to new security requirements. If that is the case, the new tutorial on how to enhance the security of your deployed application is exactly right for you.

An existing solution is extended for enhanced security

Isolate resources

One of the fundamental principles of cloud computing is the sharing of resources. This could be the sharing of a machine—applications from many users running on the same computer—or just sharing the data center and parts of the infrastructure.
In the new tutorial, you'll learn how you can isolate runtime environments, network traffic, and stored data to increase application security. Some options include the use of dedicated resources or virtual private clouds.

Hyper-protect your data

Almost all services on IBM Cloud that store data use encryption to protect the data against unauthorized access. When using database services or object storage, by default, the encryption key is system-generated. You can increase data protection by controlling the encryption keys. IBM Key Protect and Hyper Protect Crypto Services help you provision encrypted keys for storage services as well as apps.

In the new tutorial, you learn how to control and even bring your own encryption keys. You also find out about the LinuxONE-based Hyper Protect services on IBM Cloud. They provide an extra layer of protection and the highest level of isolation.

Evaluate and monitor app security

Events related to IBM Cloud account activities—such as logging in or provisioning a service—are logged to Activity Tracker with LogDNA. In the tutorial, you learn how to enhance your app to send security or audit messages and integrate them across the stack. Use security advisors and set up notifications to stay ahead and informed.

Get started with the tutorial

The tutorial on how to enhance security of your deployed application is part of the IBM Cloud solution tutorials. It helps you learn about enhanced data encryption options, isolate your application runtime for extended security, and use activity logs and security advisors to evaluate app security.

If you have feedback, suggestions, or questions about this post, please reach out to me on Twitter (@data_henrik) or LinkedIn.