When evaluating providers' strength in dealing with cloud computing security issues, examine controls on all access routes to data, according to John Overbaugh, the expert speaker in this SearchSOA.com podcast. Rather than being closed off from the world, data on the cloud is usually accessed by applications, administrators, users and others. To mitigate cloud computing security issues, Overbaugh advised enterprise architects and CIOs to put data access management and security at the top of their cloud evaluation lists.
There are pros and cons to the single sign-on (SSO) capabilities being offered by many cloud providers, largely in response to customer demand, said Overbaugh, Caliber Security Partners' managing director of security services. The single sign-on process enables session and/or user authentication so that one user of any type can access multiple cloud applications by logging in just once. Just doing one login is a big convenience for users in companies utilizing multiple cloud platforms and applications. Unfortunately, SSO brings security risks. For example, deleting a user in the single sign-on process calls for cautious tracking of the permissions that user has.
Overbaugh offers tips on assessing a cloud provider's data transit security measures in this podcast. He covers use of protocols, which set up rules for managing the security of a message transmission, drilling down into Secure Sockets Layer (SSL) and its spin-off Transport Layer Security (TLS).
This is part three in a three-part series on cloud computing security issues with John Overbaugh. In the first podcast, Overbaugh discussed the value of using a structured approach to reducing cloud security risks. In part two, he shed light on cloud security issues in the Software, Platform and Infrastructure models.
Jan Stafford plans and oversees strategy and operations for TechTarget's Application Development Media Group. She has covered the computer industry for the last 20-plus years, writing about everything from personal computers to operating systems to server virtualization to application development.