The report, which was highlighted during the Cloud Security Summit at the RSA conference this week, taps the knowledge of information security experts at 29 enterprises, solutions providers and consulting firms that deal with demanding and complex cloud environments.
Mastering next-gen IT
As Cloud Security Alliance Founder Jim Reavis sees it, cloud services are the next generation of IT that enterprises must master - and it's imperative that companies understand and mitigate security threats that accompany the cloud.
"The objective of this report was to not only identify those threats which are most germane to IT organizations but also help organizations understand how to proactively protect themselves," Reavis said. "This is the first deliverable in our cloud threat research initiative, which will feature regular updates to reflect participation from a greater number of experts and to keep pace with the dynamic nature of new threats."
Cloud computing abuse
The Top Threats to Cloud Computing Report shines a light on vulnerabilities that threaten to hinder cloud service offerings from reaching their full potential. HP and the Cloud Security Alliance warn companies to be aware of the abuse and nefarious use of cloud computing. The report specifically points to the Zeus botnet and InfoStealing Trojan horses as a prime examples of malicious software that has compromised sensitive private resources in cloud environments.
I'll be moderating a panel in San Francisco in conjunction with RSA later this week on the very subject of cloud security with Jeremiah Grossman, founder and Chief Technology Officer of WhiteHat Security; Chris Hoff, Director of Cloud & Virtualization Solutions at Cisco Systems and a Founding Member of the CSA, and Andy Ellis, Chief Security Architect at Akamai Technologies. [Disclosure Akamai is a sponsor of BriefingsDirect podcasts.]
We'll be rebroadcasting the panel "live" with call-in for questions and answer at noon ET on March 31. More details to come.
For now, the RSA-debuted full report is available on the CSA Web site: http://cloudsecurityalliance.org/topthreats/csathreats.v1.0.pdf.
In the 1980s and 1990s, business applications and data were largely confined within and protected by a Local Area Network (LAN). The 2000s introduced a significant change. Download this white paper now to learn why the shift to the cloud is changing how companies think about and manage their IT infrastructure. more
Microsoft moved to the cloud in 2014, and, as a result, Office 365 is taking off. Now, Okta customers are connecting to Office 365 in increasing numbers. This eGuide explains why IT departments should plan and deploy solutions around identity and mobility management in concert with their Office 365 roll out to get maximum user adoption. more
For most companies, Active Directory (AD) or Lightweight Directory Access Protocol (LDAP) play a central role in coordinating identity and access management policies. When on-premise applications are integrated to Active Directory or LDAP, users get the best possible experience. That's why Okta's cloud-based identity and access management service provides a highly useful single integration point. more
With more and more businesses adopting Software-as-a-Service (SaaS) applications, enterprise IT is fundamentally changing. This whitepaper presents the eight biggest Identity and Access Management (IAM) challenges associated with adopting and deploying cloud and SaaS applications, and discusses best practices for addressing each of them. more