Identity and Access Management

Should Developers Have Root Access to Production? The Devops Bandana Maturity Model

Quora question - Develpors Access to ProductionA  few days ago, @IAmOnDemand (a.k.a. “Newvem Community Editor”) sent me a short email including this Quora question. This caught my attention, and led me to place a huge background thread (I call it “unconscious thinking”) about it. Two days later, I got a reasonable answer, leading to this article.

How to Set Access Control (IAM) for a Glacier Vault

How to Create and Manage IAM user Keys and Signing Certificates

SaaS as a Security Hazard: The Google Apps Example

As the borderline between a web site and an application blurs, so does the division between the enterprise IT and the internet. More and more enterprises adapt core applications which are provided as a service over the Internet. Until recently those where limited to vertical applications such as for sales automation and for recruiting, both of which have already suffered major security issues that compromises customer data.

Google software push has led to enterprise adaption of general purpose cloud services including office tools, mail and knowledge management, which presents an entirely new risk level. In this presentation we will discuss the security risks of SaaS (Software as a service) and review past incidents on such services. We will than dissect the security implications of using Google Apps as an example for a SaaS and create a checklist of things to examine in a SaaS offering before subscribing to ensure that it provides sufficient security. Lastly we will discuss the solutions offered by Google as well as 3rd party solutions.

Newvem partnered with IGT to generate a series of events under the theme “The Cloud Management Forum”. Those slides were presented on the session:  Cloud Security Management meetup. This presentation brought you by Ofer Shezaf Information Security Visionary and Evangelist, HP Software.

Keywords: Cloud Security, Enterprise IT, Google Apps, HP, Cloud Security Risks, SaaS, Cloud Adoption, Cloud Security Management, Compliance, PCI, SOX, SAS 70, ISO, Permissions, Authentication, Authorization

How to Manage AWS IAM Roles

How to Separate Key-Pair Authentication for Individual User

How to Create or Modify IAM User Group

How to Manage IAM Security Policies

IAM How-to: Setup IAM Administrator Group

Amazon AWS IAM – Several Tips and Practices

The cloud presents many security management challenges. Ensuring compliance, identity management, and other security best practices can be a challenging task. AWS Identity and Access Management (IAM) is one of the tools that can be used to mitigate the risks associated with these challenges. In this article, I will discuss a few of the high points of IAM, including the different options and limitations that this AWS service brings together with its fascinating capabilities.

Many cloud computing users strive to apply security best practices to their cloud computing strategies. One of the best components that Amazon offers to manage security in their cloud computing service is their IAM mechanism, which allows an account owner to create users and manage their permissions within an AWS account.