Focusing on IaaS security

The Cloud Security Alliance (CSA) has announced the formation of a new SDP for Infrastructure as a Service (IaaS) initiative. In addition, the SDP working group is hosting its fourth Hackathon throughout the RSA Conference, with a top prize of $10,000 available to the first participant to either access or disrupt a cloud-based mission critical application.

  • 8 years ago Posted in
Enterprises are rapidly embracing IaaS platforms, and many have made the strategic decision to quickly shift new development and production into these environments. While bringing many benefits, this change also brings with it many security, compliance, and business efficiency challenges – specifically around granting, controlling, and reporting on which users can access which systems and services across a network. Traditional security tools are unable to cope with the speed, scale, and complexity of this new, dynamic world, especially if organizations embrace dynamic release systems such as DevOps. As a result, security teams are unfortunately encountering familiar problems in their IaaS environments, including an inability to keep pace with a dynamic environment, users with over privileged network access, and an inability to easily perform compliance reporting. Cloud service providers are facing similar challenges with IaaS management access.
“Adopting a Software-Defined Perimeter approach can solve these problems, and enable secure, efficient, dynamic, and precise control of user access to IaaS environments,” said Kurt Glazemakers, Cryptzone CTO  and technical lead for the SDP for IaaS initiative. “With this initiative, we hope to demonstrate how an SDP can better protect IaaS services for enterprise usage, and deliver uniform, seamless protection of on-premises and IaaS resources.”
“The SDP approach allows enterprises to embrace the dynamic nature of IaaS without compromising security or compliance,” said Luciano ‘J.R.’ Santos, Executive Vice President of Research for the CSA. “By understanding and leveraging an SDP model, organizations can then enable hybrid or multi-platform clouds by abstracting provider-specific configurations, and leveraging consistent policies, identity stores, and processes across their environments.”
Goals of the Initiative include:
  • Documenting specific security, compliance, and architecture challenges that arise from enterprise adoption of IaaS
  • Exploring how an SDP solution can solve these problems
  • Providing architectural and deployment guidelines and best practices for secure IaaS, including the impact of DevOps initiatives
  • Influencing the SDP specification to address IaaS-specific requirements
Planned deliverables include:
  • Analysis and taxonomy of IaaS-specific security, network, identity, and compliance challenges
  • Explanation of how an SDP architecture can address these challenges
  • Deployment scenarios and use cases that examine aspects such as network configuration, identity management, authentication, and security groups
Predictive maintenance and forecasting for security and failures will be a growing area for MSPs...
Venafi has published the findings of its latest research report: The Impact of Machine Identities...
Arctic Wolf to enhance its Security Operations Aurora Platform with best-in-class endpoint...
Nearly 50% of organisations have experienced a security breach in the last two years.
New study by Splunk shows that a significant number of UK CISOs are stressed, tired, and aren’t...
HP Wolf Security Study highlights cybersecurity challenges facing organizations across the...
Internal test shows estimated scanning speeds of 75,000 backups within 60 seconds.
Deployment allows Korea Hydro and Nuclear Plant (KHNP) to leverage quantum-safe MACsec technology...