About
RiskPundit

RiskPundit

Opinions about information security from a risk management perspective

Cloud Provider security requirements

29. January 2012 · Comments Off on Cloud Provider security requirements · Categories: blog · Tags: cloud security

Grok Computer Security: I’ll tell you what I want, what I really, really want from a Cloud Provider.

Micheal Berman, the CTO of Catbird, summarizes his cloud provider requirements. For security, he is looking for:

Auditing: network and management
Control: policy and assurance
Metrics: continuous and interoperable

Are these capabilities to be provided by the cloud provider or should the enterprise adopt a solution it can use across multiple cloud providers? What about compatibility with private cloud deployments?

Search:

Tweets by @riskpundit

Recent Posts

Evolution of Network Intrusion Detection
Cybersecurity Architecture in Transition to Address Incident Detection and Response
The evolution of SIEM
Jumping to conclusions about the Target breach
Prioritizing Vulnerability Remediation – CVSS vs. Threat Intelligence

Archives

Tags

Apple application security bank fraud botnets breach breaches C&C cloud security Command & Control compliance Damballa DNS Facebook FireEye Firesheep funds transfer fraud Gartner Google Heartland Payment Systems HIPAA identity theft information technology iPhone IT Security IT Security 2.0 Koobface malware Microsoft next-generation firewall Palo Alto Networks PCI DSS phishing Positive Control Model privacy risk Risk management SANS 20 Critical Controls security security management SIEM Social Engineering social networking Stuxnet Web 2.0 Zeus

Meta

Log in
Entries feed
Comments feed
WordPress.org

© 2024 RiskPundit. All rights reserved.

Design by picomol. Powered by WordPress.