Building a secure workstation to manage your cloud services
A Shared responsibility journey requires that you consider how you use the cloud. A while back I discussed the need to make sure you understand the responsibility you share with your cloud provider and consider that in cloud your responsibility to mange your services changes based on the cloud model your considering. IaaS, and PaaS you need to look at protecting network, and applications, which requires that you build with SDL in mind. In all services you need to ensure you design and implement good authentication, and authorization. This can at times be as simple as enabling 2FA. In the blogs I've published I've noted that the device you use to connect to your services also needs to be designed and configured correctly. This includes your development workstations, and administrative clients. This is essential since there is very little guarantee that the device you use is already owned, and managed by an hacker. If your lucky they will only mess with your workstation