Cloud computing tests the limit of security operations and infrastructure from various perspectives. Let us examine what is different about Cloud Security and identify what are existing threats and what are the new areas that we should be concerned about.
Figure 1 Foundation Security Controls for IBM Cloud Reference Model
Managing datacenter identities (Identity and access Management) is one of the top-most security concerns and we discussed how to handle the same in my previous post. I’ll discuss how to handle the virtualization related threats in my next post.
Meanwhile let me know your comments on this reference model. Do you think these set of controls are comprehensive. Do you see any areas not covered from a cloud security perspective? If so, just add it as comment to this post and let us discuss.