Sep 10, 2012
The tremendous scalability, flexibility, and speed of Infrastructure-as-a-Service (IaaS) make it one of the fastest-growing sectors of the cloud computing markets. IaaS providers combine virtualization technologies with massive infrastructure to deliver bandwidth, storage, and CPU power on-demand and with granular control over scale and costs. The potential benefits of hosting applications and workloads on cloud servers are enormous, making cloud servers the de facto norm for a rapidly growing set of use cases.
Security and compliance, however, remain major challenges to adoption of public cloud infrastructure services. Usage agreements and documentation squarely make the user of IaaS, not the provider, responsible for protecting servers, applications and data in the cloud-essentially everything from the virtual machine OS upward in the stack.
It is critical for organizations to understand the issues around securing IaaS environments as they move toward the flexibility, scale, and power of cloud hosting. The first step to understanding the issues is awareness of new exposures, threats, and risks.
This white paper from CloudPassage presents specific details on the most pertinent new risks associated with adoption of cloud IaaS. It is based on real world learning, shared by companies we have worked with, to achieve security and compliance in the cloud. Software companies moving to SaaS business models, growing social media startups and long-established industry bellwethers have contributed to this knowledge.