Cloud Security Alliance Defends Cloud With Software Defined Perimeter
The industry consortium launches a new initiative to make the cloud the delivery model for IT security.While many see security as being a barrier to cloud adoption, the Cloud Security Alliance has a very different viewpoint. The CSA sees the cloud as being the technology platform that could extend and improve security across the IT landscape. Junaid Islam, founder and CTO of Vidder and a member of the CSA, told eWEEK that the new Software Defined Perimeter (SDP) initiative is all about using the cloud as a way to protect application infrastructure. Islam explained that the CSA is working as an "honest broker" to put together the best practices and guidance that will constitute the SDP as a new framework for IT security. The result, he added, is expected to be a standard that can be implemented by any cloud service provider without any license fees. Bob Flores, former CTO of the CIA and currently the CEO of Applicology, is helping to lead the SDP effort for the CSA. Flores told eWEEK that his hope with the SDP is that it gets fully integrated into cloud platforms. "The hope is that, from a security perspective, once companies get used to using a standard security framework in one cloud, when they move to another cloud the same kind of security services will be available," Flores said.
The type of services that the SDP will aim to provide includes cloud-based authentication and security configuration capabilities. Multiple vendors today, including Cloudflare, Incapsula and Akamai, already offer cloud-based security services to customers. What the CSA is aiming to do with the SDP is expand the scope of the security controls that are available in the cloud, Islam said.