Previous article in series – IaaS: Hypervisor Security Provisioning tools and VM templates are exposed to different attacks that attempt to create new unauthorized VMs or patch the VM templates to infect the other VMs that will be cloned from this template. These new categories of security threats are a result of the new, complex,…
Month: May 2021
IaaS: Hypervisor Security
Previous article in series – Cloud Computing: Shared Security Model The hypervisor acts as the abstraction layer that provides the management functions for required hardware resources among VMs. Virtual machine attacks: Active VMs are vulnerable to all traditional attacks that can affect physical servers. Once a VM is compromised, it may be able to attack…
Cloud Computing: Shared Security Model
In cloud computing, security is a shared responsibility between the CSP and the customer. The service model will dictate the general responsibilities, but specifics will also vary based on the actual service being consumed. Security Considerations for Infrastructure as a Service (IaaS) Within IaaS, a key emphasis and focus must be placed on the various…
ISO/IEC 27017: Information Security Controls for Cloud Computing
ISO/IEC 27017:2015 gives guidelines for information security controls applicable to the provision and use of cloud services by providing: Additional implementation guidance for relevant controls specified in ISO/IEC 27002 Additional controls with implementation guidance that specifically relate to cloud services. This standard provides enhanced controls for cloud service providers and cloud service customers and should…
The Prevent-Detect-Recover Cycle
The essence of IT governance is in the selection and application of security controls that adequately protect organizational data while simultaneously minimizing operational friction or disruption. The continuum of security controls extends over three classes or categories: Management (administrative) controls: Policies, standards, processes, procedures, and guidelines set by corporate administrative entities (e.g., executive- and/or mid-level…
Governance, Risk Management, and Compliance (GRC)
An approach commonly known as governance, risk management, and compliance (GRC) has evolved to analyze risks and manage mitigation in alignment with business and compliance objectives. Governance ensures the business focuses on core activities, clarifies who in the organization has the authority to make decisions, determines accountability for actions and responsibility for outcomes, and addresses…
Cloud Security
Security on the Cloud doesn’t change drastically from what we have been doing traditionally in our own datacenters. We still need to address: Confidentiality: Confidentiality begins when people, doing their jobs, have a “need to know” to gain access to sensitive resources. Confidentiality is usually provided using the principle of least privilege, which means that…
Cloud Economics
Share on facebook Share on twitter Share on linkedin Share on email Cloud computing is often referred to as a technology or even a commodity. However, it is actually a paradigm shift in the business and economic models for provisioning and consuming information technology that can lead to a significant cost savings. These cost savings…
Cloud Computing Shared Considerations
Also referred to as cross-cutting aspects, cloud computing shared consideration items are addressed below. Security Security of cloud data and applications is a responsibility that is shared between the cloud service provider and the cloud service consumer. An easy way to portray the responsibility boundary is that: The CSP has responsibility for “security of the…
QuickGuide: Use AWS Polly on Windows 10 to synthesize speech from text
Step 1 – Install Python on Windows laptop/desktop Open cmd and type python3 and press enter If you don’t have Python installed already, it will take you to Windows Store, click on Get Prep for Polly execution Step 2 – Create dummy polly.py Step 3 – Execute polly.py and play speech.mp3 Successful execution of the…