- Tools & Templates
- Security Jobs
- Data Protection
- Identity & Access
- Business Continuity
- Physical Security
- Security Leadership
CSA releases new IAM guidance
The Cloud Security Alliance says its guidance report on Identity Access Management is the first of 10 components that make up the Defined Categories of Security as a Service (SecaaS) in the cloud environment.
The Cloud Security Alliance (CSA) yesterday unveiled its guidance report on Identity Access Management. It's the first of 10 components that make up the Defined Categories of Security as a Service (SecaaS) in the cloud environment.
This is the latest in a string of reports CSA has been releasing. The others are outlined in the following posts:
The categories were identified by the CSA SecaaS Working Group last year with the goal of defining the best practices in the design, development, assessment and implementation of SecaaS in the cloud environment.
"The IAM Implementation Guidance Report discusses the significant benefits and technical decisions that need to be considered by an organization seeking or considering implementing the IAM component of SecaaS in the cloud," a CSA spokesperson told me by email. "It also includes information on the requirements of secure Identity and Access Management and the tools in use to provide IAM security in the cloud. Ultimately it is meant to serve as a source for best practices in the industry today."
The report outlines the following IAM components:
--Centralized Directory Services
--Access Management Services
--Identity Management Services
--Identity Management Services
--Role-Based Access Control Services
--User Access Certification Services
--Privileged User and Access Management
--Separation of Duties Services
--Identity and Access Reporting Services
The spokesperson said guidance for the remaining nine categories will be released at the CSA Summit at RSA Europe Oct. 8. Categories to be released include: Data Loss Prevention, Web Security, Email Security, Security Assessments, Intrusion Management, Security Information and Event Management (SIEM), Encryption, Business Continuity and Disaster Recovery and Network Security.
Thanks to cloud computing, your business data is everywhere and being accessed by everyone. Making the wrong decision to protect your data can result in high costs, increased risk and executive exposure. View this live webinar on cloud security and the evolving data center, and learn why a data-centric approach to security is the best bet for today's virtual environment.
- Redefine Business Portability
- Prevent Mobile Devices from Loading Dangerous Code
- Expanding Your Security Perimeter: Common Sense for Navigating Today's Threat Landscape
- Fighting Fraud Videos: IBM Intelligent Investigation Manager
- IBM Intelligent Investigation Manager: Online Product Demo
- Webinar: IBM IIM for Fraud, Abuse and Waste in Government
- Thwarting DDoS Attacks with Cloud Defenses
- Data Center Insight: 6 ways to Prevent Mistakes that Have Cost others Millions
- HP & CIO: Making virtualization strategic
- Bridging the IT Gap: A Fresh Approach to Infrastructure Management
- IBM PureFlex and Flex System: Infrastructure for IT Efficiency
- Accelerating Solution Deployment with IBM PureFlex and Flex System