Identity & Access Management for Cloud Applications

If you have a SaaS offering, fundamentally, you need to adopt a security posture that is much more stringent than that for on-premise applications. This includes user life cycle management, identity and authentication services, authorization to use key features and log management for audit and compliance.
Here is a conceptual cloud security architecture from the Cloud Security Alliance.

This gives a great overview of the potential points of concern for any CISO.
To read more about how to secure your applications or design secure applications in the cloud, head over to their website, and take a look at the research resources they offer.

No comments:

Post a Comment