{"id":43227,"date":"2024-02-20T07:00:40","date_gmt":"2024-02-20T15:00:40","guid":{"rendered":"https:\/\/dhblog.dream.press\/blog\/?p=43227"},"modified":"2025-05-21T20:59:47","modified_gmt":"2025-05-22T03:59:47","slug":"cloud-security-tips","status":"publish","type":"post","link":"https:\/\/www-dev.dreamhost.com\/blog\/cloud-security-tips\/","title":{"rendered":"12 Tips For Keeping Your Files And Data Secure In The Cloud"},"content":{"rendered":"\n

The term \u201ccloud computing\u201d gets thrown around a lot these days. But what does it really mean? Behind the buzzword lies real technologies, like infrastructure-as-a-service (IaaS)<\/a>, that provide scalable on-demand computing, storage, and networking.<\/p>\n\n\n\n

However, migrating to the cloud is like moving your organization into an infinitely scalable yet invisible office tower. 75% of the businesses<\/a> state that over 40% of their data stored in the cloud is sensitive. Neglecting security here leaves a lot of company information vulnerable to threats, like unauthorized access, exploits, and non-compliance.<\/p>\n\n\n\n

The good news is that while \u201cthe cloud\u201d seems ephemeral, with the right foundations and best practices, you can effectively secure IaaS environments.<\/p>\n\n\n\n

In this guide, we’ll share 12 essential tips to lock down security on your unmanaged cloud servers, VMs, containers, storage, and services, benefiting from the fast growth that cloud environments<\/a> offer. Let\u2019s get started.<\/p>\n\n\n\n

1. Disallow Root Password Logins<\/h2>\n\n\n\n

One of the most common methods that attackers use to gain unauthorized access to servers is by brute forcing weak passwords<\/a> for highly privileged accounts like root or administrator.<\/p>\n\n\n\n

To understand why, imagine yourself as a malicious hacker. If your goal is to get into a system and gain access to sensitive data, you would likely start by attempting to brute-force the root password<\/a> (repeatedly trying different passwords until the correct one is found). If the attempt is successful, you gain access to the root account, which has the highest level of system permissions available, allowing complete control over the server.<\/p>\n\n\n\n

The thing with brute force attacks is this: weak passwords can be cracked easily with the right tools\u2014 and even strong passwords can be cracked by a patient, determined hacker.<\/p>\n\n\n\n

What if you completely disable password-based root login and instead rely on SSH key-based authentication as an alternative?<\/b><\/p>\n\n\n\n\n\n

\n\t\n\t\t<\/svg>\n\t\t<\/span>\n\t\t<\/svg>\n\t<\/a>\n

SSH<\/h3>\n

Secure Shell Protocol (SSH) is a cryptographic network protocol for running services securely through an unsecured network.<\/p>\n \n Read More <\/a>\n\n<\/div>\n\n\n\n

This configuration can be found in the \/etc\/ssh\/sshd_config <\/b>file on your Linux server.<\/p>\n\n\n\n

\"Screenshot<\/figure>\n\n\n\n

This is an excellent step in the right direction. SSH keys<\/a> use asymmetric encryption, meaning a private and public key pair – rather than a password – is used to authenticate login attempts.<\/p>\n\n\n\n

You can go a step further and disable root login over SSH to prevent people from attempting brute-force on root. This can be done by changing the PermitRootLogin<\/b> to no in the same file.<\/p>\n\n\n\n

\"callout<\/figure>\n\n\n\n

The private key, as the name implies, is kept privately by the authorized user and stored on their computer. The corresponding public key is then stored on the server associated with that user’s account.<\/p>\n\n\n\n

During the login process, the keys use cryptographic methods to validate the authorized connection without revealing the actual private key. This method effectively protects against brute force attacks since the login cannot be compromised through mere password guessing.<\/p>\n\n\n\n

\n\n\n

Get Content Delivered Straight to Your Inbox<\/h2>

Subscribe now to receive all the latest updates, delivered directly to your inbox.<\/p>

<\/div>