Michael Cobb writes: You've successfully migrated your organization's selected applications and data into the cloud, and everyone has said what a great job you've done. But you and I both know the task of maintaining the security of these apps and data has only just begun. In this tip, I'll review which technologies and processes must be initiated, monitored and secured after a cloud computing implementation or initiative is up and running.
IAM
Cloud computing turns us all into remote workers, which makes identity
and access management (IAM) one of the key challenges after a cloud
computing move. It is important to have robust lifecycle management
regarding users and user access so that user accounts, credentials and
access rights are always relevant and up to date, including disabling
an account when an employee leaves. Also look to initiate an IAM
strategy that can make full use of federated identity management, which
enables users to securely access data or systems across autonomous
security domains.
More specifically, consider introducing single sign-on (SSO) for enterprise applications and leveraging this architecture to simplify cloud provider implementations. A move to the cloud will appear far more seamless to your users if they are already used to SSO, and it'll make managing trust across different types of cloud services less onerous. You will also have logged baseline data to help you monitor and gauge changes due to cloud activity.
A SSO product should use one of the common standards for implementing federation, such as Security Assertion Markup Language (SAML) and Liberty Alliance ID-FF. These standards extend existing access and identity policies from the internal network beyond the firewall and out to the cloud, while still enforcing the appropriate authentication strength mandated by your information protection and data classification policies...
Read the complete article in SearchSecurity.com.
