Include:
Tech
Cybersecurity
Business Strategy
Channel Insights
Stay Connected
Acer America
Acer America Corp. is a computer manufacturer of business and consumer PCs, notebooks, ultrabooks, projectors, servers, and storage products.

Location

333 West San Carlos Street
San Jose, California 95110
United States

WWW: acer.com

ChannelPro Network Awards

hello 2
hello 3

Press Releases

September 14, 2021 | ChannelPro

Latest Research from Cloud Security Alliance Offers Guidance on Designing Serverless Architecture, Adopting Cloud-Native Key Management Systems

Documents offer road maps to those looking to implement new systems within their organizations

The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, today released two sets of guidance from its research working groups. The first, How to Design a Secure Serverless Architecture, offers specific security best practices for implementing applications on a serverless platform along with recommended controls application owners should adopt. Recommendations for Adopting a Cloud-Native Key Management System (KMS), meanwhile, provides project and program managers, among others, with general guidance for choosing, planning, and deploying a cloud-native KMS.

“Adopting a cloud-native KMS doesn’t need to be more complicated than the adoption of a public cloud service”

Tweet this

Written by CSA’s Serverless Working Group, How to Design a Secure Serverless Architecture [URL] provides application developers and architects, security and risk management professionals, and others involved in administering and securing systems with a set of best practices and recommendations for securing serverless applications. While it offers an extensive overview of a variety of threats, rather than detailing the more generic, cloud-related security aspects, the document focuses on the application owner and the threats facing applications on a serverless platform, specifically those aspects that change as a result of moving to a serverless service.

“IT organizations in nearly every industry are feeling pressure to quickly deliver value, get ahead of the competition, and provide customers with new experiences. Serverless platforms allow application teams to deliver value quickly, without having to manage the infrastructure the application runs on. As this movement gains steam, we can expect to see a proliferation of serverless platforms and more high-value applications being run on these platforms. Security concerns on serverless platforms are only going to grow, and organizations need to understand how to best protect themselves,” said Aradhna Chetal, one of the paper’s co-authors and co-chair of the Serverless Working Group.

Recommendations for Adopting a Cloud-Native Key Management System (KMS), which was written by the Cloud Key Management Working Group, addresses the technical, operational, legal, regulatory, and financial aspects of leveraging a cloud-native KMS, with the goal of optimizing business outcomes, including agility, cost, and compliance. It’s envisioned that the program or project manager will refer to the guidance as they lead their organization through the lifecycle stages covered within the document.

“Adopting a cloud-native KMS doesn’t need to be more complicated than the adoption of a public cloud service,” said Paul Rich, co-chair of the Cloud Key Management Working Group and a co-author of the paper. “However, because a KMS is often a core utility, its adoption warrants the same treatment you would apply to directory and other identity services. Like all information systems, it’s important to have the necessary talent available and give them sufficient time and guidance, all of which will go a long way toward successful adoption.”

The Cloud Key Management Working Group aims to facilitate the standards for seamless integration between cloud service providers and key broker services. Those interested in participating in future research and initiatives involving cloud key management are invited to join the working group.

The Serverless Working Group seeks to develop best practices to help organizations looking to run their business with a serverless business model. Individuals interested in becoming involved in future serverless research and initiatives are invited to join the working group.

Download How to Design a Secure Serverless Architecture and Recommendations for Adopting a Cloud-Native Key Management System now.

About Cloud Security Alliance

The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, training, certification, events, and products. CSA’s activities, knowledge, and extensive network benefit the entire community impacted by cloud — from providers and customers to governments, entrepreneurs, and the assurance industry — and provide a forum through which different parties can work together to create and maintain a trusted cloud ecosystem. For further information, visit us at www.cloudsecurityalliance.org, and follow us on Twitter @cloudsa.

Contacts

Media Contacts
Kari Walker for the CSA
kari@zagcommunications.com


Editor’s Choice

MSP360 Bolsters Managed Backup Solution With Full Sharepoint Backup and Restore, Object Lock, and More

March 25, 2024 |

MSP360 CEO Brian Helwig details the latest improvements in its managed backup solutions and teases some new opportunities down the road for its partners in an exclusive ChannelPro interview.

Peer to Peer: Aurora’s Philip de Souza shares his secrets to creating a successful MSSP

March 19, 2024 | Philip de Souza

“It’s important that we understand when it comes to this whole MSP world that it’s all about the customer.”

Evolving State AI Regulations: Best Practices for Mitigating Risk

March 14, 2024 | Anurag Lal

While AI technologies can unlock tremendous business value, they also have potential risks.


Related News

Growing the MSP

Explore ChannelPro

Events

Reach Our Audience