Cloud Security Alliance and Palo Alto Networks Release Security Considerations for Private vs. Public Clouds

By 
Jun 17, 2015
2 minutes
3 views
Cloud Computing
Data Center
Cloud Security Alliance
CSA
data center
Guest post
private cloud
public cloud

By Larry Hughes, Research Analyst, Cloud Security Alliance

Cloud computing has the potential to enhance collaboration, agility, scale and availability, and provides opportunities for cost reduction through optimized and efficient computing.   The cloud trend presents a momentous opportunity to revisit not only how we think about computing, but also how we think about information security.

The Cloud Security Alliance (CSA) recently teamed up with Palo Alto Networks to produce a new whitepaper titled, "Security Considerations for Private vs. Public Clouds."  For purposes of definition, a public cloud deployment occurs when a cloud’s entire infrastructure is owned, operated and physically housed by an independent Cloud Service Provider.  A private cloud deployment consists of a cloud’s entire infrastructure (e.g., servers, storage, network) owned, operated and physically housed by the tenant business itself, generally managed by its own IT infrastructure organization. 

While the title of the paper implies a primary focus on security, we took the opportunity to expand the conversation and incorporate a wider set of considerations including:

  • Business and legal topics, including contracts, service level agreements, roles and responsibilities, and compliance and auditing. We touch on the importance of establishing principal business and legal feasibility early on in the process, before investing too much in technical requirements.
  • Physical and virtual attack surface considerations including a look at vulnerabilities that are accessible to would-be attackers.
  • Operational issues, including data migration, change management, logging, monitoring and measuring and incident management and recovery and the roles they play in determining which cloud deployment makes the most sense for an organization.

Cloud security is one of the most critical considerations, regardless of whether the deployment is public vs. private. But security is not black and white and no two companies looking to deploy a cloud infrastructure do so for exactly the same reasons. Wise organizations will take the long view and invest in security accordingly. As Thomas Edison once said, “Opportunity is missed by most people because it is dressed in overalls and looks like work.”

On Tuesday, June 23, Matt Keil, Palo Alto Networks Director of Product Marketing for Data Center, and I will be hosting a webinar to discuss the white paper in-depth and look at security considerations for public and private clouds.  For more information and to register for the webinar, click here.

For more information on CSA, please visit https://cloudsecurityalliance.org.

 

 

Related Blogs

Our library of online content is here to help you learn more, no matter what format you prefer or which topic interests you most.

Cloud Computing, Events, Products and Services

The Epic Cloud Security Event: Welcome Salim Ismail!

Cloud Computing, Events

Join Us February 6 for The Epic Cloud Security Event!

Cloud Computing, Cloud Network Security

Zero Trust for Applications: Verifying Access Between Workloads

Cloud Computing, Products and Services

Panorama Is Now Available On Public Cloud

Cloud Computing, Products and Services

Automating Cloud Security with Ansible and Palo Alto Networks

Cloud Computing, Firewall, Products and Services

Terraform Provider for PAN-OS Now Available

Subscribe to the Newsletter!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.

Get the latest news, invites to events, and threat alerts

Popular Resources

Legal Notices

Popular Links