Part I – Physical and Physical Controls
Cloud design is key to the performance and scalability of cloud preparation. Any deviation or abbreviation in the original definition, if you build the house of ideals in the sand. This is a very complete subject, but I will try to summarize as much as possible in this short article. Some points will be addressed in future articles on risk management in the cloud. Feel free to email me for every detail you need.
Once you’ve determined that you need a cloud in your organization and set the scope and goals, you determine the design structure on which your material and cloud planning is based. Exaggeration and underestimation are two of the problems I have seen in many architectural plans. All the costly … underestimated errors: if the design and capacity estimate are lower than what you currently need or need in the future … Such an error leads to an “approach Evolutionary “… whose operation was unknown Optimized in the real world Many CIO enthusiasts who have money to spend, but with very short schedules, make the mistake of overvaluation: they buy much more than necessary even after three years, or they make the infrastructure very complex (it looks good that on paper) of each use of the product. The obvious solution for an effective structure is to use a workshop approach with the hope of having an external professional organization that already has the know-how and the knowledge base.
To better define the risk zones, the Cloud Security architecture has been divided into two distinct sections:
In terms of physical location, you can choose to configure a new data center for the cloud infrastructure or include the cloud infrastructure in your existing data center. The basic methods and concepts are identical when configuring the data center. Depending on the sensitivity of the cloud, the risk of duplication may increase and it is possible to develop a fully protected level 3 data center with guns, electrified barriers, infrared televisions, biometric access control, etc. Financial resources and context of the organization, its operational needs and its long-term vision. I will not be able to follow this innovative path and limit myself to logical and administrative risks.
Because of the logical and administrative risks, the traditional process of configuring in the cloud is relatively simple and easy to understand. Let’s see some details in these areas.
II.Lógica and administrative.
Personally, I personally establish the controls in this section as intrinsic (internal systems) and extrinsic (external system). The internal controls are listed below … Extrinsic is described in the following article.
Identity Management (IM)
This indicates who can access the cloud. A very unstable domain of cloud security management … For beginners:
Make sure that an active instant message is implemented, taking into account how many people can connect to the system. Consider future growth for the next 1-3-5 years.
· Ensure interoperability with other systems: identity providers or third worlds.
• Ensure that sufficient identity files are kept for very short entries and 3 to 5 years in accordance with ALS and regulatory requirements.
· Do not make the age mistake by reusing the identities and personal files of users who previously used the system. This will ensure that you are not prosecuted
Make sure your IM system can perform binary authentication if needed.
· SSL-based access, while limited in functionality and resources, provides the everyday user with a high level of comfort.
Last, but not least, remember that one of the key features of the cloud is “custom resources.” Therefore, it is possible that a particular user does not wish to register a person during a start-up period of the resource / system. Make sure instant messaging can handle these requests efficiently.