RightScale Blog

Cloud Management Blog
Cloud Management Blog

Security

Automating Cloud Security

Posted by Tony Spataro   Ι   September 26, 2013 0 comments
For many enterprises, the move to cloud computing raises security concerns, but when applications and infrastructure are architected with attention to security, cloud platforms can be just as secure as those on-premises.Read more

Cloud Strategists See Enterprises Gaining Confidence with Security

Posted by Phil Cox   Ι   August 19, 2013 0 comments
Early adopters of the cloud computing model had to fight the perception that no Infrastructure-as-a-Service (IaaS) provider could be as security-conscious as their own organizations. Over the last several years, as public cloud providers have gotten better about communicating their security features, that view has changed, according to the cloud strategists we talked with. For most organizations...Read more

20 Ways to Fine-Tune Your Cloud Environment

Posted by Brian Adler   Ι   August 14, 2013 0 comments
A regular tune-up can help any enterprise improve its cloud operations and potentially save money. Here are 20 simple tips that can help you save money, improve server utilization, improve cloud security and availability, and otherwise optimize your cloud infrastructure.Read more

Achieving Code Compliance in an Agile Environment

Posted by Phil Cox   Ι   July 17, 2013 1 comment
Cloud computing, DevOps, and agile methodologies often go hand-in-hand to help developers create applications quickly to meet business demands. As organizations move critical business applications to the cloud, compliance with security policies, regulations, and internal engineering standards becomes more important. How can you maintain the benefits that come with cloud, DevOps, and agile...Read more

HIPAA in Public Cloud: The Rules Have Been Set

Posted by Phil Cox   Ι   July 03, 2013 1 comment
The U.S. Department of Health and Human Services' (HHS) Omnibus Rule finalizes all the former interim rules for Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health (HITECH) compliance. There are a number of changes and exceptions that organizations need to consider before enforcement begins on September 23, so we've broken...Read more

RightScale Compute: PCI-Compliant Apps in the Public Cloud

Posted by Phil Cox   Ι   April 11, 2013 0 comments
PCI compliance in the public cloud is a growing topic of concern and interest. Some people claim one can be a PCI-compliant merchant using a public IaaS cloud, while others say that's impossible. I am a former Qualified Security Assessor (QSA) and have participated in multiple PCI working groups, and I'm firmly in the former camp. PCI compliance in the cloud is possible, but the hardest part is...Read more

AWS CloudHSM: Why You’ll Want It and What to Watch Out For

Posted by Phil Cox   Ι   March 28, 2013 0 comments
Security has been one of the top challenges in every survey on cloud computing in the last five years. Yet public cloud providers have continued to beef up their security offerings, and not everyone realizes how far providers have come in providing tools that enable customers to follow security best practices . This week AWS took a giant step forward to address a major cloud security challenge...Read more

Security Monitoring In Public IaaS: How We Do It at RightScale

Posted by Phil Cox   Ι   January 24, 2013 2 comments
In my experience helping RightScale customers who are at varying points in the cloud adoption spectrum from investigating IaaS to launching a POC to already using IaaS for production applications, I see quite a bit of confusion about how to actually “do” security in the cloud, particularly in IaaS. And the sheer volume of vendor cloud washing and sales FUD that is being perpetuated makes it even...Read more

RightScale Enterprise Security Features Unleashed

Posted by Phil Cox   Ι   August 08, 2012 0 comments
We have been busy this summer working on a number of security- and governance-related features for our Enterprise Edition customers, who are typically large organizations that have well-defined internal user identity and compliance structures. With the latest RightScale release , we have improved or added on to the following features: Managed SSH Login Single Sign-On with SAML API-Based...Read more

PCI Compliance in the Public IaaS Cloud: How I Did It

Posted by Phil Cox   Ι   July 24, 2012 12 comments
Over the past few years, I have heard many folks assert that one can be a PCI-compliant merchant using public IaaS cloud, and I have heard just as many state that it's not possible. In retrospect, I have found most of them - including myself - to be misinformed. After gaining more firsthand experience, I feel confident telling you where I sit at this state in the game on the question: “Can I be...Read more

Pages

Subscribe to RSS - Security