DZone
Cloud Zone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
  • Refcardz
  • Trend Reports
  • Webinars
  • Zones
  • |
    • Agile
    • AI
    • Big Data
    • Cloud
    • Database
    • DevOps
    • Integration
    • IoT
    • Java
    • Microservices
    • Open Source
    • Performance
    • Security
    • Web Dev
DZone > Cloud Zone > Why it’s Critical to Foster a Relationship With Your Cloud Provider [Video]

Why it’s Critical to Foster a Relationship With Your Cloud Provider [Video]

When it comes to security, the human factor is still critical. To make sure your cloud provider is in your corner and the relationship is transparent, don't just talk. Have a conversation.

David Spark user avatar by
David Spark
·
Sep. 03, 16 · Cloud Zone · Opinion
Like (2)
Save
Tweet
3.35K Views

Join the DZone community and get the full member experience.

Join For Free

If you want better security in the cloud, “develop a relationship with the security team at the cloud provider,” said Craig Rosen, CISO, AppDynamics in our conversation at the 2016 Black Hat conference in Las Vegas.

Surprisingly, many organizations don’t spend the time to do just that. But if you talk with the provider’s cloud security team as to what you want, then they’ll be able to help you achieve your security goals.

“Don’t just throw the book at them. Don’t just say, ‘Here’s my 200-page security addendum’ and hold a hard line. Have a conversation,” advised Rosen.

That conversation should focus initially on transparency. You want to know what the provider is giving you in the way of APIs, certifications, encryption, and keys. What’s in the contract, and what’s not in the contract? Then ask them, what more can they do?

If you throw the book at them, it’s just checking the box, said Rosen.

That’s a faux sense of maybe compliance, but it’s not security.

What Rosen advises is to look more at intent with cloud companies and understand that there are going to be gaps, there are going to be risks. But if the cloud provider wants to work with you, that’s a strong sign you’ll have a more secure environment.

With regard to transparency, cloud providers need to open up with respect to APIs, said Rosen. That’s the best way cloud consumers can gain visibility. And if there could be standardization across those APIs, that would be tremendously helpful for anyone using cloud services.

Cloud IT

Published at DZone with permission of David Spark. See the original article here.

Opinions expressed by DZone contributors are their own.

Popular on DZone

  • How Many GPUs Should Your Deep Learning Workstation Have?
  • Get Started With Cloud-Native Decision Automation on Quarkus
  • How a Low-Code API Platform Delivers Developer Productivity
  • Implementing One and Two Way SSL (Mutual Authentication) for MuleSoft Application

Comments

Cloud Partner Resources

X

ABOUT US

  • About DZone
  • Send feedback
  • Careers
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • MVB Program
  • Become a Contributor
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 600 Park Offices Drive
  • Suite 300
  • Durham, NC 27709
  • support@dzone.com
  • +1 (919) 678-0300

Let's be friends:

DZone.com is powered by 

AnswerHub logo