Here is a list of some of the most important risks of operating in the cloud today:
- Loss of governance
- Data protection
- st Service provider lock-in
- Compliance risks
- e-Discovery and litigation support
- Management interface compromise
- Network management failure
- Isolation Failure
- Insecure/incomplete data deletion
- Malicious insider
A risk-based approach is the only way to assess a cloud computing deployment decision.
Establish detective and preventive controls specific to each cloud deployment model:
- SaaS - Browser patching, endpoint security, access reports
- PaaS – Browser patching, hardening, endpoint security, access reports and vulnerability scanning
- IaaS – VPN, configuration and patch management, host IDS/IPS, VirtSec appliance, access reports, vulnerability scanning, logging & event management
Identity management is a key area of preventive control focus for all service models.For more information on how Team Aujas is assisting clients with Security Risks in the Cloud please email me at karl.kispert@aujas.com
