Over on the Intel Cloud Access 360 blog I have series on Understanding Cloud Security standards. In part one, I looked at Cloud Security Anti-Patterns. The four Anti-Patterns that occur regularly with enterprises moving to Cloud include:
- Low/no access control - we'll see if it works and add security later
- Replicating user accounts - copying enterprise directory in full or extract to Cloud Provider
- Copying credentials - copying or hardcoding credentials to Cloud based services
- “Trusted” proxy - Gateway is a pass through lacking support for security standards and services
In part 2, I look at how security standards like SAML, Oauth and OpenID help enterprises mitigate the common Anti-Patterns.
Comments