Cloud security myths


Our support engineer Anna Beletskaya says at her article about common security myths

http://betanews.com/2015/07/24/cloud-security-myths-busted/

The benefits of cloud are vast and significant. Cloud enables rapid deployment, provisioning, and scaling of IT resources and data.        It also shortens development time, reduces waste, and lowers costs. But despite increasing cloud adoption rates, some companies still do not rush to move its workloads and applications to the cloud due to some common myths and delusions that are more fluff than fact.

When organizations are considering moving to the cloud one of the first questions asked is, “Is it secure?” It’s a reasonable question, since there have been a lot of fears and doubts circulating across the industry around this point – particularly with some high profile breaches in 2014. While security is always a priority when it comes to business, several of these concerns are much more bark than bite. So, let’s demystify those concerns and give peace of mind for organizations looking to move forward with a transition to the cloud.



1. Cloud Environments Are Easier to Attack

Two identical servers have the same potential vulnerability risk level, no matter if they’re located in your company’s private data center or within a cloud provider’s data center. The data protection’s level relies less on the machines and more on the security state of each data center environment. At this point, many companies store their most valuable data in private clouds that they protect and maintain on their own. But if you are managing a few in-house IT resources of a small company, an external provider likely has more security expertise than you do.

So the clouds aren’t easier to attack, since the vulnerability depends on the security posture of the data center itself, which is provided by various security tools and methods.

2. Customers in the same cloud can attack each other.

Within a public cloud, multiple tenants share processing, storage, and other computing services within a cloud services provider’s data centers. It might make you imagine that it’s easy for one tenant to steal another tenant’s data due to the concept of shared resources. But in fact, virtualization provides strong partitions between tenants within the data center, so that they’re effectively isolated from each other. Unless your data center is owned by a competitor that would love to snitch your data, it’s very unlikely you’ll become an intended attack victim by a fellow customer.

3. You can’t control where your data resides in the cloud. 

Data residency is a key concern, and many countries’ regulations do not allow exporting of personal data or its storage to another country. Knowing where your data resides requires transparency from your provider. You should also know where your data travels and how it is protected either at rest or over transition. This myth can be easily addressed by choosing a global cloud service provider, which provides secure cloud hosting solutions and operates data centers in multiple countries.

Putting your cloud fears aside will allow you to see the benefits of cloud solutions – such as lower costs, smarter resources usage, and expanded capacity. You just need to rely on a trustworthy cloud solutions provider, such as PlexHosted LLC, which delivers the security and data protection level, that will satisfy your requirements, and can provide you with fully managed secure private cloud or a separate tenant within the public cloud.

How To – SharePoint Server 2016 Installation and Deployment

Today I would like to share some information regarding the upcoming SharePoint Server 2016. This article describes initial investments made in installation and deployment of SharePoint Server 2016 from Microsoft Ignite in Chicago.

1. Hardware Requirements
Installation with the minimum recommended services.

Pic-1

Test installation running all available services

Pic-2

2. Operating System Requirements
SharePoint Server 2016 is supported on Windows Server 2012 R2 and Windows Server Technical Preview.

3. Database requirements
SharePoint Server 2016 requires SQL Server 2014 for its databases, also it will support SQL Server 2016.
For additional information on SQL Server 2016 see also http://www.microsoft.com/en-us/server-cloud/products/sql-server-2016/.

4. .NET Framework requirements
According to Microsoft starting from January 13, 2016, .NET Framework 4.5.2 will be the minimum supported version of .NET Framework 4.x.
For SharePoint 16 based on Windows Server 2012 R2 you will need .NET Framework 4.5.2 version.
For SharePoint 16 based on Windows Server Technical Preview “Threshold” you will need .NET Framework 4.6 Preview version. This version comes with Windows Server Technical Preview “Threshold”.

5. Prerequisites
SharePoint Server 2016 prerequisites are the same as for SharePoint Server 2013. Prerequisites can be installed manually or with the Prerequisite Installer, similar as for SharePoint Server 2013.
Here is the full list of SharePoint Server 2016 prerequisites:
– Application Server Role, Web Server (IIS) Role
– Microsoft SQL Server 2012 Native Client
– Microsoft ODBC Driver 11 for SQL Server
– Microsoft Sync Framework Runtime v1.0 SP1 (x64)
– Windows Server AppFabric 1.1
– Cumulative Update Package 1 for Microsoft AppFabric 1.1 for Windows Server (KB2671763)
– Microsoft Identity Extensions
– Microsoft Information Protection and Control Client
– Microsoft WCF Data Services 5.0
– Microsoft WCF Data Services 5.6
– Microsoft .NET Framework 4.5.2
– Update for Microsoft .NET Framework to disable RC4 in Transport Layer Security (KB2898850)
– Visual C++ Redistributable Package for Visual Studio 2013

6. MinRole (v1) Overview
MinRole is one of the new infrastructure advancements in SharePoint Server 2016. MinRole is designed to transform guidance into code, simplifying deployment and scale with SharePoint ensuring a request is served end-to-end by the receiving server based on the origination of the request (I.e. end user or batch processing) and role of the destination server.
In previous versions of SharePoint, servers’ role was only defined by what services were provisioned and its placement in a SharePoint Farm topology.

MinRole simplifies on-premises server farm deployments, and reduces the unit of scale to simplify capacity planning while providing predictable performance characteristics through enabling selective provisioning of SharePoint server roles based on position and function within a topology.

Pic-3

MinRole enables an administrator to select the appropriate server role for a specific server when provisioning SharePoint Server 2016 based on predefined configurations:
Role №1 – Single Server Farm
Provisions all services on the server for a single server deployment. This role is provided for evaluation and development purposes.
Role №2 – Application
Services the backend jobs or the requests triggered by backend jobs, optimized for high throughput.
Role №3 – Web Front End
Services end user requests, optimized for low latency.
Role №4 – Search
Reserved for Search services.
Role №5 – Distributed Cache
Services distributed cache for the farm. Optionally, the server assigned to this role can load balance end user requests among the web front ends.
Role №6 – Special Load
Reserved for services to be isolated from other services, I.e. 3rd party, PerformancePoint, etc.

Also MinRole adds a new command line parameter, “localserverrole”, that can be used to specify the role that should be assigned to a specific server when configuring SharePoint Products and Technologies. Also MinRole can be instrumented through the PSConfig GUI.

7. Upgrade and Migration
SharePoint Server 2016 will support upgrade from SharePoint Server 2013. To upgrade from SharePoint Server 2013 to SharePoint Server 2016, you can use the database-attach method to upgrade.
As for site collections provisioned in backward compatible SharePoint 2010 (14) mode, they must be upgraded to 2013 prior to upgrading to SharePoint Server 2016.