Cloud Identity and Security Best Practices

One of our major program areas is Cloud Identity and Security Best Practices (CloudIDsec).

Here is our Linkedin social community for this, and the practice will shortly be underpinned by a new Kantara Initiative working group of the same name that I’m currently launching.

As the name suggests this practice is focused on the intersection between federated identity systems and Cloud Computing security, and a perfect example to introduce the domain is this recent press release from NASA, about their use of ‘PIV’ technologies to secure their move to Google apps.

By securing the user authentication process to Cloud apps like Google they are putting in place one key foundation for ensuring ultra-robust Cloud Security, demonstrating one part of the relationship between the Cloud and Identity Management.

It also demonstrates healthy portions of political compliance too. By adopting Google they are demonstrating progress against their Cloud First requirements, and simultaneously doing the same for this Whitehouse directive requiring agencies to begin accepting signin credentials from external sites.

This blog from Anil John explains how agencies can build an associated audit process into their PMO for assessing the security levels of these mechanisms.

Furthermore there is OMB M-11-11, which is a Whitehouse memo increasing the pressure to be implementing the HSPD-12 program, the Homeland Security Presidential Directive 12. This calls for use of identity technologies to better secure government systems, most notably ‘PIV’ (Personal Identity Verification) smartcards and associated key developments like PIV interoperability.

Where all this overlaps with Cloud Best Practices is that these systems are a common component for each of the Business Use Cases, each one asks for the same capability as the NASA Google apps project, and so CloudIDsec will define the associated solution elements.

Related Stories

Leave a comment

Alternatively

This will only be used to quickly provide signup information and will not allow us to post to your account or appear on your timeline.