Content tagged with: security
Cloud-hosted services have many advantages, but commonly-deployed cloud architectures have a number of weaknesses when it comes to data management. In particular, when a third party has direct access to your data, that third party becomes an attractive target both for malicious attack and for lawful access via subpoenas served to the third party alone. Additionally, your data becomes subject to the operational security and retention policies of that third party.
Bringing VMs (virtual machines) onto the cloud has become increasingly popular. Recent years have seen great advancements in both cloud computing and virtualization. On one hand there is the ability to pool various resources to provide software-as-a-service, infrastructure-as-a-service and platform-as-a-service. At its most basic, this is what describes cloud computing. On the other hand, we have virtual machines that provide agility, flexibility, and scalability to the cloud resources by allowing the vendors to copy, move, and manipulate their VMs at will.
AccelOps announced findings from its recent survey of 176 IT security professionals conducted online and at the RSA Conference 2013. While 65 percent of respondents’ organizations are using cloud services today, only 46 percent have moved mission-critical applications and data outside the enterprise. Significant inhibitors remain in ensuring effective cloud security and 39 percent of respondents believe that their existing SIEM and infrastructure monitoring tools are not acceptable to support their cloud security and regulatory compliance requirements.
Cloud computing has specific security challenges as multi-tenancy and virtualization features create risks due to sharing of physical resources among potential untrusted tenant. Heterogeneity of services also requires different degrees of granularity in access control mechanisms. This article discusses a distributed architecture based on principles from security management and software engineering to address cloud computing’s security challenges.
Single sign-on (SSO) allows companies to enforce access control policies across multiple applications in a consistent manner. In this article, Kunal Mittal discusses core concepts of how single sign-on can be extended from your enterprise to the cloud. Multiple mechanisms can be used to achieve SSO between traditional applications running in the data center and the SaaS applications.
Today’s challenge is making the organization understand how the new technology impacts it’s business models, revenue streams, and compliance across borders. This talk focus on the business challenges, risks and non-technical aspects of choosing the right cloud provider.
When building modern applications, you have many security options. How do you authenticate, how do you authorize? How do you manage access to resources on behalf of your users? Do you have to integrate with corporate security systems, or do you want to support web identities like a Google ID? Which protocols do your customers support? How do you provision new users and grant access?
When deadlines loom, you sacrifice security features in order to move the application more quickly into production. This reaction often results in a substandard application. A more proactive solution is to establish a Software as a Service (SaaS)-oriented web application vulnerability mitigation policy that anticipates application trouble spots and contains several pre-configured solutions to repair them.
Cloud Computing dominates the headlines these days but like most paradigm changes this introduces new risks and new opportunities for us to consider. Some deep technical research has gone into the underlying technologies (like Virtualization) but to some extent this serves only to muddy the waters when considering the overall threat landscape. This talk attempt to separate fact from fiction while walking through several real-world attacks on the cloud. The talk will focus both on attacks against the cloud and on using these platforms as attack tools for general Internet …
Developers have developed applications for IaaS (Amazon AWS, Rackspace, etc) and PaaS (Azure, Google App Engine, Cloud Foundry) Cloud platforms. These platforms provide basic security features including support for authentication, DoS attack mitigation, firewall policy management, logging, basic user and profile management but security concerns continue to be the number one barrier for enterprise cloud adoption. This article introduces the basic principles and patterns that should guide a cloud security architecture.