Operating in the Cloud – Sunny with a Chance of RISK!

Here is a list of some of the most important risks of operating in the cloud today: 

• Loss of governance
• Data protection
• Service provider lock-in
• Compliance risks
• e-Discovery and litigation support
• Management interface compromise
• Network management failure
• Isolation Failure
• Insecure/incomplete data deletion
• Malicious insider

A risk-based approach is the only way to assess a cloud computing deployment decision.

Establish detective and preventive controls specific to each cloud deployment model:

• SaaS – Browser patching, endpoint security, access reports
• PaaS – Browser patching, hardening, endpoint security, access reports and vulnerability scanning
• IaaS – VPN, configuration and patch management, host IDS/IPS, VirtSec appliance, access reports, vulnerability scanning, logging & event management

Identity management is a key area of preventive control focus for all service models.For more information on how Team Aujas is assisting clients with Security Risks in the Cloud please email me at karl.kispert@aujas.com

Advertisements

January 4, 2011 - Posted by Aujas US | Cloud Security, Data Losss Prevention, Enterprise Security, IT security | Cloud computing, Computer security, Security