A few days ago, @IAmOnDemand (a.k.a. “Newvem Community Editor”) sent me a short email including this Quora question. This caught my attention, and led me to place a huge background thread (I call it “unconscious thinking”) about it. Two days later, I got a reasonable answer, leading to this article.
As the borderline between a web site and an application blurs, so does the division between the enterprise IT and the internet. More and more enterprises adapt core applications which are provided as a service over the Internet. Until recently those where limited to vertical applications such as salesforce.com for sales automation and monster.com for recruiting, both of which have already suffered major security issues that compromises customer data.
Google software push has led to enterprise adaption of general purpose cloud services including office tools, mail and knowledge management, which presents an entirely new risk level. In this presentation we will discuss the security risks of SaaS (Software as a service) and review past incidents on such services. We will than dissect the security implications of using Google Apps as an example for a SaaS and create a checklist of things to examine in a SaaS offering before subscribing to ensure that it provides sufficient security. Lastly we will discuss the solutions offered by Google as well as 3rd party solutions.
Newvem partnered with IGT to generate a series of events under the theme “The Cloud Management Forum”. Those slides were presented on the session: Cloud Security Management meetup. This presentation brought you by Ofer Shezaf Information Security Visionary and Evangelist, HP Software.
Keywords: Cloud Security, Enterprise IT, Google Apps, HP, Cloud Security Risks, SaaS, Cloud Adoption, Cloud Security Management, Compliance, PCI, SOX, SAS 70, ISO, Permissions, Authentication, Authorization
The cloud presents many security management challenges. Ensuring compliance, identity management, and other security best practices can be a challenging task. AWS Identity and Access Management (IAM) is one of the tools that can be used to mitigate the risks associated with these challenges. In this article, I will discuss a few of the high points of IAM, including the different options and limitations that this AWS service brings together with its fascinating capabilities.
Many cloud computing users strive to apply security best practices to their cloud computing strategies. One of the best components that Amazon offers to manage security in their cloud computing service is their IAM mechanism, which allows an account owner to create users and manage their permissions within an AWS account.
