Open In App

Role of Vulnerability, Patch and Configuration Management in Cloud Security

Last Updated : 09 Dec, 2022
Improve
Improve
Like Article
Like
Save
Share
Report

Pre-requisite:- Cloud Computing and Cloud Based Services

The ability of malware or cracker to remotely find and change the vulnerabilities of infrastructure components is a major threat to cloud services. In public platform as a service and public infrastructure as a delivery model the vulnerability and configuration management are at greater risk because the customer is responsible for managing all that. In a cloud computing environment, the customer is responsible for sharing the lowest or highest common denominator of security with all tenants in a multi-tenant virtual environment.

Hence, The customer should understand his responsibility for security management, also the cloud service platforms should be more transparent with the customer about operations in their cloud security and help customers in understanding the functions of security management.

The infrastructure and configuration of virtual private clouds are managed by the cloud service providers, so they should provide end-to-end security.

Security Vulnerability Management:

To reduce risk from published technical vulnerabilities.

  1. It is an essential threat management element in protecting network devices, hosts, and applications against vulnerability attacks.
  2. Many organizations have a vulnerability management process that includes the scanning of systems connected to their network on a routine basis so that they can analyze the risk of vulnerabilities of the organization.

Hence, The vulnerability management of the cloud infrastructure (network, hosts, applications, and storage devices) is the responsibility of both the customers and the cloud service providers.

Security Configuration Management:

  1. It is another essential threat management element in protecting network devices and hosts from unknown users that might exploit any weakness in configuration.
  2. Security management configuration is a subset of IT configuration management and it is closely related to vulnerability management programs.
  3. There should be a means for protection against the configuration of hosts, networks, and applications as in some cases they may monitor or have access to critical systems and configuration of database files including Operating system configuration, firewall policies, etc.
  4. The System as a Service(SaaS), and Platform as a Service(PaaS) providers are responsible for the configuration management of their platform’s customers.

Security Patch Management:

  1. It plays a vital role in threat management as it protects the network from unauthorized users that may exploit a known vulnerability.
  2. It makes the organization less severe risk of insider or outsider threats. Hence, System as a Service(SaaS) providers should routinely assess new vulnerabilities and patch them in the firmware and software on all systems.
  3. The Scope of patch management is in the order of SaaS, PaaS, and Iaas from low to high relevance which means the customers of the SaaS environment do not have patch management duties, but the PaaS customers are responsible for patching applications on the Paas platform. While the IaaS customers are responsible for managing patches of the operating system, applications, and database installed and operated on the IaaS platform.

Like Article
Suggest improvement
Next
System configuration management - Software Engineering
Share your thoughts in the comments

Similar Reads

Microsoft Azure - Patch Management Update Summary Status
Public Cloud vs Private Cloud vs Hybrid Cloud
Identity and Access Management (IAM) vs Security Information and Event Management (SIEM)
Cloud Management in Cloud Computing
Microsoft Azure - VMs Patch Update Summary by Installation Status
Advantages and Disadvantages of Cloud Security
Difference Between Multi-Cloud and Hybrid Cloud
Cloud Security Standards
What is GCP (Google Cloud Platform) Security?
Google Cloud Platform - Data Security in BigQuery
author
aditya191251015002
Article Tags :
We use cookies to ensure you have the best browsing experience on our website. By using our site, you acknowledge that you have read and understood our Cookie Policy & Privacy Policy
Lightbox