“Security Monitoring of Public Cloud Assets” paper is up on the Gartner site – go and grab it there. Abstract follows below:
“Cloud computing is changing the way enterprises use IT. Security requirements and security monitoring, in particular, often lag behind. This research looks at approaches and architectures for security monitoring of public cloud assets, deployed by enterprises at cloud services providers.”
Here are a few (and I mean it – ONLY a few) fun quotes:
- “Security monitoring lags behind other security features at cloud providers. In addition, security monitoring is also lagging and is less developed than operational performance monitoring in the same environments”
- “… the ultimate responsibility for securing and monitoring the cloud environment sits with a customer, and not with the provider”
- “The overriding challenge with monitoring related to public cloud computing models is about the boundaries of control”
- “From the architectural point of view, cloud migration will push enterprises closer to application security monitoring, because full infrastructure monitoring will either be impossible or too complex and incomplete.”
If you don’t have a subscription, please enjoy my blog posts from the same research project:
- Cloud Security Monitoring: The “Who” Question
- Is Cloud Secure? WTFC!
- Cloud Security Monitoring: IaaS Conundrum
- Cloud Security Monitoring for IaaS, PaaS, SaaS
- More On Security Monitoring of Public Cloud Assets
- Cloud Security Monitoring!
- Cloud IS Different: So Monitoring Must Be Different?
- Many Faces of Application Security Monitoring