Defining Identity as a Service According to the CSA (Cloud Security Alliance), Identity as a Service (IDaaS) refers to the management of identities in the cloud, apart from the applications and providers that use them. IDaaS is an extremely broad term, including services for software, platform and infrastructure services in both the private and public [...]
Identity and access management is covered in Domain 12 of the Cloud Security Alliance (CSA) Guide to the CCSK examination. An organization’s identity and access management (IAM) strategy may be a key factor during its move into the cloud. There are four main IAM functions that are integral for operations management in the cloud: Identity [...]
The CSA (Cloud Security Alliance) report, “Top Threats to Cloud Computing” was released in March 2010 to assist organizations interested in moving to the cloud make informed decisions and be aware of potential risks. The research presented in the CSA report is meant to be applied within the context of an organization’s mission, rewards, risks [...]
In February 2011, Mozy announced the discontinuation of its unlimited backup service. Currently, clients are required to pay fees proportionate to the amount of data they store with the company. Around the same time, Flickr, a photo-sharing website accidentally deleted the account of one of its users containing over 4,000 photos. These incidents call into question the reliability versus the value of cloud storage services.
In this article, the baked-in and bolted-on approaches to secure architecture are examined, especially in light of recent standards pushing for a baked-in approach to cloud security. The article also discusses the recently-announced Cloud First Policy, developed by the US federal government to ensure that baked-in security is a requirement of its agencies and departments.