Focusing on IaaS security

The Cloud Security Alliance (CSA) has announced the formation of a new SDP for Infrastructure as a Service (IaaS) initiative. In addition, the SDP working group is hosting its fourth Hackathon throughout the RSA Conference, with a top prize of $10,000 available to the first participant to either access or disrupt a cloud-based mission critical application.

  • 8 years ago Posted in
Enterprises are rapidly embracing IaaS platforms, and many have made the strategic decision to quickly shift new development and production into these environments. While bringing many benefits, this change also brings with it many security, compliance, and business efficiency challenges – specifically around granting, controlling, and reporting on which users can access which systems and services across a network. Traditional security tools are unable to cope with the speed, scale, and complexity of this new, dynamic world, especially if organizations embrace dynamic release systems such as DevOps. As a result, security teams are unfortunately encountering familiar problems in their IaaS environments, including an inability to keep pace with a dynamic environment, users with over privileged network access, and an inability to easily perform compliance reporting. Cloud service providers are facing similar challenges with IaaS management access.
“Adopting a Software-Defined Perimeter approach can solve these problems, and enable secure, efficient, dynamic, and precise control of user access to IaaS environments,” said Kurt Glazemakers, Cryptzone CTO  and technical lead for the SDP for IaaS initiative. “With this initiative, we hope to demonstrate how an SDP can better protect IaaS services for enterprise usage, and deliver uniform, seamless protection of on-premises and IaaS resources.”
“The SDP approach allows enterprises to embrace the dynamic nature of IaaS without compromising security or compliance,” said Luciano ‘J.R.’ Santos, Executive Vice President of Research for the CSA. “By understanding and leveraging an SDP model, organizations can then enable hybrid or multi-platform clouds by abstracting provider-specific configurations, and leveraging consistent policies, identity stores, and processes across their environments.”
Goals of the Initiative include:
  • Documenting specific security, compliance, and architecture challenges that arise from enterprise adoption of IaaS
  • Exploring how an SDP solution can solve these problems
  • Providing architectural and deployment guidelines and best practices for secure IaaS, including the impact of DevOps initiatives
  • Influencing the SDP specification to address IaaS-specific requirements
Planned deliverables include:
  • Analysis and taxonomy of IaaS-specific security, network, identity, and compliance challenges
  • Explanation of how an SDP architecture can address these challenges
  • Deployment scenarios and use cases that examine aspects such as network configuration, identity management, authentication, and security groups
On average, only 48% of digital initiatives meet or exceed business outcome targets, according to...
Falcon platform will deliver complete protection against identity-based attacks across hybrid cloud...
95% of UK businesses said they were negatively impacted by supply chain cyber breaches within the...
Acquisition of leading DSPM company will bolster Proofpoint’s human-centric security platform...
NTT DATA’s new Managed Detection & Response service powered by Palo Alto Networks Cortex XSIAM...
SPG is enhancing its cybersecurity capabilities in a new partnership with Saviynt, a leading...
Graylog has unveiled significant security advancements to drive smarter, faster, and more...
Datadog has published its new report, the State of Cloud Security 2024. The report found that...