Cloud Networking and Cloud Security Go Hand in Hand

According to VMWare,

“Cloud networking is a type of infrastructure where network capabilities and resources are available on-demand through a third-party service provider that hosts them on a cloud platform. The network resources can include virtual routers, firewalls, and bandwidth and network management software, with other tools and functions becoming available as required. Companies can either use cloud networking resources to manage an in-house network or use the resources completely in the cloud.”

There are three common types of cloud networking services:

1. Software as a Service (SaaS) – A type of software delivery and licensing option that allows you to access software on the cloud via a subscription, rather than having to install a program on a local computer. Examples of SaaS tools include Google Apps, Slack, Docusign, and Salesforce.

2. Platform as a Service (PaaS) – A cloud networking model in which a third-party provider delivers application development tools to users via the internet. PaaS providers hosts the tools in their own infrastructure. Examples of PaaS tools include AWS Elastic Beanstalk, Windows Azure, and Heroku.

3. Infrastructure as a Service (IaaS) – Online services that provide computing resources in a virtual environment. IaaS services include data storage, virtualization, servers, and networking. Examples of IaaS services include Amazon Web Services, DigitalOcean, and Microsoft Azure. OpenVPN Access Server is available on many IaaS platforms.

Cloud networking is a rapidly growing market that continues to expand in capabilities while simplifying adoption. Within your organization, you may use the cloud for running software, saving files, hosting databases and more. And you are not alone in your cloud adoption. New stats paint a picture of how the business landscape is being redefined by cloud networking.

According to surveys conducted by International Data Corporation and International Data Group:

• 90% of companies currently utilize the cloud for workload.
• Cloud data centers will process 94% of workloads in 2021.
• The United States spent $124.6 billion on the public cloud market in 2019.
• The global cloud market is expected to reach $623.3 billion by 2023.
• Cloud security and privacy are the two leading hindrances for cloud adoption.

Just about everybody is on the cloud. Now the question is: how do you protecting your sensitive data hosted in the cloud? Cloud security is only as effective as your IT environments, and you must set the right IT security policies in the cloud infrastructure.

Cloud security tips:

Here are some best practices we suggest implementing:

• Require multi-factor authentication to access all cloud-based solutions. Passwords, in general, are not overly effective and are quickly becoming obsolete. Multi-factor authentication (especially those that utilize biometric authentication such as fingerprint scanners or facial recognition software) are much more secure. A cybercriminal might be able to figure out a password, but it will prove much more challenging for them to secure the second step of the authentication — whether that be an additional code, or a biometric aspect. The harder you make it for hackers, the more likely they are to leave you alone and move on to an easier target.
• Keep permissions appropriate and updated. Only grant access only to what employees need for their jobs. Don’t grant global rights. And as soon as job roles change or an employee leaves the company, change and revoke rights. Remember: the fewer people that have access to something, the less likely it is to be inadvertently breached.
• Train your people. Phishing attacks are responsible for a large percentage of breaches. Too many employees are unable to differentiate between legitimate emails and scams — and they are likely to download malicious attachments or click on dangerous links, just because they don’t know any better. This causes huge issues for businesses, and can only be stopped by teaching employees how to recognize these scams and not fall prey.
• Protect user credentials for remote workers through VPNs. Make sure your users don’t allow hackers to steal their usernames and passwords to cloud services by requiring the added protection of VPN when they connect via public Wi-Fi.

Cloud networking had redefined the business landscape, and is quickly becoming the new normal — it increases efficiency, helps improve cash flow, and offers plenty of other benefits. But savvy business leaders must make sure their cloud is secure by implementing the right policies. Update your cybersecurity to support this new world, but make sure you are still protected and defended.

Cloud security in action

DevSquad is a company that specializes in providing tailor-made and innovative on-demand software. They handle a wide range of projects — from computer vision to industrial printers, and from product prototyping to regression testing. Although headquartered in Utah, the company’s remote workforce connects from all over. The company needed a solution to provide its team with secure ways to connect to corporate servers and client servers, as well as essential resources within the private cloud.

OpenVPN Access Server provided DevSquad with an easy way to keep the company’s remote workforce connected. The company downloaded Access Server on AWS using Terraform, which made it easy for DevSquad to implement. OpenVPN Access Server was launched on an Amazon Machine Image (AMI) within their Virtual Private Cloud (VPC). Remote employees can connect to the VPN and gain access to network resources within the VPC — and Devsquad can protect their cloud networking services within their VPC without granting public access.

To meet their access control and end-point authorization needs, DevSquad enabled two-factor authentication (2FA) for all of their clients and employees. By implementing 2FA, attackers are less likely to successfully impersonate employees or clients to gain access to devices and networks containing sensitive business resources. OpenVPN Access Server allows DevSquad to take care of business securely and effectively, with a much lower risk of network intrusion.

Cloud networking security with OpenVPN

As more organizations depend on cloud networking for essential business functions, use of single sign-on (SSO encryption), identity federation, and the growth of Identity-as-a-Service (IDaaS) offerings are becoming more important than ever — and companies are rethinking their identity management architecture.

Google Cloud's adoption of secure LDAP for its Cloud Identity service has made it possible to use Cloud Identity for user authentication by traditional network systems like VPN servers.

To configure OpenVPN Access Server with Google Secure LDAP, you need to be running OpenVPN Access Server 2.5.3 or greater. You must also have already downloaded the LDAP client certificate and private key from the Google Admin console, and ensure a basic VPN configuration has been created.

If you have not already created a basic VPN configuration, you’ll need to run the OpenVPN Access Server setup wizard to create a basic VPN server setup before beginning the configuration.

Specific configuration instructions can be found here:

Directions for Configuring Google Secure LDAP With OpenVPN Access Server.