Insights Portal
\ Cloud Computing
April 19, 2018 | Account Provisioning
By Aaron Turner, IANS Faculty
The good news for cloud identity management? Authentication standards are solid. The bad news? Authorization standards are nowhere near as mature. In this Ask-an-Expert written response, IANS Faculty Aaron Turner details the many challenges in cloud provisioning and recommends focusing on making role-based access control (RBAC) as efficient as possible.
Read More »
April 4, 2018 | Cloud Network and Host Controls
By Dave Shackleford, IANS Faculty
As organizations continue to move services and computing assets into cloud service provider environments, the need for adequate security controls grows as well. In this quarterly research report, IANS Faculty Dave Shackleford updates IANS’ clients on the new developments occurring in the cloud security arena.
Read More »
March 26, 2018 | Incident Response Planning
By Kevin Beaver, IANS Faculty
Incident response (IR) is never easy, but responding quickly and effectively to an incident when key evidence is housed and managed by a cloud vendor can be even more difficult. This checklist steps through the process of creating effective, efficient IR in the cloud.
Read More »
March 22, 2018 | Cloud Network and Host Controls
By Dave Shackleford, IANS Faculty
For security teams, choosing security controls in the cloud can be daunting at best, and incredibly frustrating at worst. This tool is designed to help security teams make decisions on which solutions and controls make the most sense when moving workloads into IaaS environments.
Read More »
March 21, 2018 | Incident Response Planning
By Kevin Beaver, IANS Faculty
Incident response is never easy, but responding quickly and effectively to an incident when key evidence is housed and managed by a cloud vendor can be even more difficult. In this report, IANS Faculty Kevin Beaver steps you through the process of putting the right pieces in place to ensure your cloud incident response is effective and efficient.
Read More »
March 7, 2018 | Cloud Network and Host Controls
By Dave Shackleford, IANS Faculty
When is it ok to use a cloud provider’s security controls – and when isn’t it? In this report, IANS Faculty Dave Shackleford details the latest security offerings from the likes of Amazon, Azure and Google, explains what works well and what’s still missing, and offers some good rules of thumb for deciding when to trust the security controls offered by your cloud provider.
Read More »
February 15, 2018 | DevOps Organization and Strategy
By Dave Shackleford, IANS Faculty
While many organizations are deploying containers for all kinds of applications, few fully understand - and implement - strong container security today. In this Ask-an-Expert live interaction, IANS Faculty Dave Shackleford recommends ways to secure the underlying platform and ensure the integrity of repositories, in addition to other best practices.
Read More »
February 12, 2018 | Cloud Network and Host Controls
By Aaron Turner, IANS Faculty
Migrating to an infrastructure-as-a-service (IaaS) platform like Microsoft Azure requires a re-think of security tools and practices. In this Ask-an-Expert written response, IANS Faculty Aaron Turner recommends a careful review of key Microsoft documentation and starting small to ensure the move goes smoothly.
Read More »
January 30, 2018 | Encryption, Digital Signatures, Certificates, Tokenization
By Steve Coplan, IANS Faculty
Moving to the cloud is fraught with critical decisions, not the least of which is key management. in this Ask-an-Expert written response, IANS Faculty Steve Coplan explains the challenges in implementing strong cloud key management and provides an overview of cloud service provider and partner offerings, as well as newer as-a-service options.
Read More »
January 11, 2018 | Cloud Application and Data Controls
By George Gerchow, IANS Faculty
Moving from a traditional Windows environment to Office 365 in the cloud requires quite a bit of planning and forethought. In this Ask-an-Expert written response, IANS Faculty George Gerchow recommends leveraging the security extras in Microsoft's E5 licenses, as well as using third-party authentication and a CASB tool to ensure the migration is fast and secure.
Read More »