Jun 25

Cloud Security and Privacy – Threats & Mitigations

By admin Sessions Comments Off on Cloud Security and Privacy – Threats & Mitigations

Discuss various security and privacy threats faced by cloud applications (IaaS, PaaS and SaaS) and highlight solutions developers and architects need to be aware of.

IaaS: As a user of IaaS (Amazon, Rackspace, GoGrid, Cloud) you would need to consider following aspects:  Network Level, Host Level, Application Level, Data Access and Storage.
Threats : Infrastructure Abuse, Malicious Insiders, Virtualization vulnerabilities

PaaS: As user of PaaS (Azure, Salesforce, GAE), you would need to consider: Code vulnerabilities, Data Storage and Access
Threats : Insecure Interfaces and APIS, Data Leakage

SaaS: Finally as a user of a service online (SaaS) may be you are least exposed but here other concerns become relevant:  Privacy, Sharing / Privacy Controls, Identity and Access management, Authentication & Authorization/SSO/OAuth
Threats: Account/Service Hijacking, Phishing, Data Loss, Reliability
Continue reading »

Jun 22

Cloud Computing: Making the right choice

By admin Sessions Comments Off on Cloud Computing: Making the right choice

The concept of cloud computing is quickly scaling the chasm between hype and reality. Cloud Computing is rapidly becoming popular amongst enterprises that realize the benefits of shared infrastructure, lowered costs and minimal management overheads. But not all organizations and applications may benefit from a cloud computing platform. A legacy application ported in a native fashion to a cloud computing platform may not utilize any of the platform’s USPs at all. More importantly, wrong choice of platform can be disastrous. Deciding the optimal cloud vendor or platform for your requirements is a complex task.
Continue reading »

preload preload preload