It seems that it is an eternity ago – and it is. Pretty much three years ago, Doug Cavit and me published a paper called the Cloud Computing Security Considerations. Even though it is three years, the paper is still worth reading as the content still applies. What we basically said was, that if you . . . → Read More: The Directory in the Cloud?
Sorry, I did not blog for quite a while.
When looking at the Cloud, one of the key challenges to address – in my opinion – is how to manage the identity of the different users. If you have to add an additional identity to all the logons you already have, the Cloud will . . . → Read More: Office 365 Single Sign-On with AD FS 2.0 whitepaper
A long title but this was the title of the official press statement yesterday. Compliance is always a key question in the public cloud space. Therefore it is very important for us that we now achieved three things:
Office 365 is compliant with EU Model Clauses, Data Processing Agreements and ISO 27001 among other standards. . . . → Read More: Office 365 Becomes First and Only Major Cloud Productivity Service to Comply With Leading EU and U.S. Standards for Data Protection and Security
This is a very interesting development. Encryption generally would solve a lot of problems around data sovereignty. So, encrypting the data, keeping the key and moving the data to the public cloud could basically address a lot of the risks. Today, it comes with a high price as the data which resides encrypted in the . . . → Read More: Searchable Encryption for the Cloud–soon?
A very good overview over the way we run Microsoft’s Cloud. The interesting thing is – if you look at the video – that most customers are still running their datacenters on generation 1-2, which means that the efficiency (labor as well as energy) we can deliver is significantly higher – not talking of our . . . → Read More: Video on Microsoft’s Datacenter
You heard about the launch of Office365 recently and I hope you read the blog post on the application of the Cloud Computing Security Considerations to the private. cloud. If not, here it is: Security Considerations in a Private Cloud
To complete the series now, we released an additional paper on how these considerations can . . . → Read More: Cloud Security in Office365
I am talking a lot about Cloud Security. There are a few observations I made:
Even though a lot of people are talking about the Cloud, there is still not too much knowledge about it. What is a private Cloud versus a public Cloud? What is Infrastructure as a Service, Platform as a Service, Application . . . → Read More: Security Considerations in a Private Cloud
To me, one of the benefits of moving to the Cloud is security – obviously besides availability and costs.
Recent incidents made me doubt:
Amazon not only having significant downtime but in the same time losing customer data. Sony’s game network being significantly compromised.
This is definitely not to blame them but I was heavily . . . → Read More: Cloud computing providers: Clueless about security?
Great progress on our Cloud: Our BPOF-Federal solution has received FISMA certification and accreditation: BPOS-Federal & FISMA
Yes, we really have it for BPOS-F
The longer the more I see articles and posts that claim that security could actually improve if you migrate to the Cloud. And the longer the more I am a firm believer of these statements. It is not about forgetting best practices and just handing over everything to the Cloud provider. It is about adapting your practices to the new reality. . . . → Read More: Quit Worrying About Cloud Security?