Cloud Computing Strategies for the CIO-
How to build a cloud service provider inventory
Struggling with rogue cloud usage? Ed Moyle explains how and why a cloud service provider inventory can help manage multiple cloud service providers.
-
To develop secure cloud apps, treat them like Web apps
Expert Dave Shackleford details how to build cloud applications based on typical Web app security flaws and cloud provider tools and platforms.
-
Cloud application inventory tracking: Pros and cons
Brien Posey discusses the pros and cons of application inventory tracking in the cloud, and advises enterprises on what to track in the cloud and why.
-
Choosing a SaaS vulnerability management provider
Cloud-based vulnerability scanning is gaining market share. Learn how to decide if these services are a good fit for you and how to choose a provider.
-
Side-channel attacks in the cloud: A cause for concern?
Expert Dave Shackleford analyzes the likelihood and effects of cross-VM side channel attacks in the cloud and offers mitigations for concerned users.
-
How international laws govern data privacy in the cloud
What level of data privacy exists in the global cloud? Expert Francoise Gilbert compares international data privacy laws with the Patriot Act.
-
How cloud consoles help cloud security management
Ajay Kumar explains what cloud management consoles are and how they can help enterprises keep cloud systems and data secure.
-
How to spot rogue cloud services with existing tools
Existing security tools and business relationships are often the best methods for monitoring cloud services to spot rogue clouds in the enterprise.
-
Prepare for new patching hurdles in cloud environments
Expert Dave Shackleford discusses how patch management differs in a cloud environment and provides tips for dealing with new patching obstacles.
-
NIST 7904 first look: Addressing cloud geolocation
The new NIST cloud security proof-of-concept implementation details how to manage workloads based on cloud geolocation data.
-
Choosing the right cloud-based DR service
What considerations should be made when adopting a cloud-based disaster recovery service? Expert Dave Shackleford provides guidance.
-
Developing a cloud SLA: Key security issues
Organizations need to cover key risk areas when writing cloud provider service level agreements.
-
Cloud logging: Experts assess the options
Expert Dave Shackleford considers a variety of options for logging in the cloud and determines which choice works best for enterprises.
-
Post-implementation virtualization security issues
Security pros must be aware of complications that can develop after a virtualization deployment.
-
Cloud management platforms key for cloud security
A new breed of tools eases the complexities of managing cloud infrastructures, including security.
-
Incident management challenges in the cloud
Identifying security incidents in cloud environments isn't easy, but there are steps companies can take to ease the process.
-
An examination of PaaS security challenges
Organizations need to consider the security implications associated with data location, privileged access and a distributed architecture in the PaaS model.
-
Best practices for email Security as a Service
Cloud-based email security services offer many advantages, but to avoid problems organizations must follow best practices when evaluating providers.
-
Challenges in cloud security monitoring
Security monitoring in the cloud is complicated. In this tip, Ed Moyle explains issues to watch out for and provides guidance for cloud security monitoring.
-
Exploiting weaknesses in cloud password hashes
Password cracking tools demonstrate the weakness of passwords for securing cloud services.
-
How enterprises can self-manage private cloud security
Expert Dave Shackleford details how enterprises can increasingly manage their own cloud security controls with private virtual cloud offerings.
-
PCI SSC doc highlights how to achieve cloud compliance
Ed Moyle examines highlights of the recently released PCI SSC information supplement that offers new details on achieving PCI compliance in the cloud.
-
Assessing the security of cloud service provider APIs
The CSA says cloud API security is a top threat to cloud environments. Expert Dave Shackleford explains how to assess the security of providers' APIs.
-
Implementing a standards-based cloud risk assessment
Learn how to how to choose, develop and begin implementing a standards-based framework for enterprise cloud computing risk assessments.