Part three of my three part series on Cloud Security Standards is available on the Intel blog (Part 1, Part 2, Part 3)
Part 1 examines four Identity and Access Anti-Patterns that occur regularly with enterprises moving to Cloud include:
- Low/no access control - we'll see if it works and add security later
- Replicating user accounts - copying enterprise directory in full or extract to Cloud Provider
- Copying credentials - copying or hardcoding credentials to Cloud based services
- “Trusted” proxy - Gateway is a pass through lacking support for security standards and services
Part 2 looks at how SAML, oauth and other standards help enterprises retain control of user management whilst leveraging Cloud services. Part 3 looks at how XACML can be used to close out some of the gnarlier Anti-Patterns through improved integration and granular, dynamic authorization.