Huawei and Cloud Security Alliance have jointly released the cloud security service management guide at the CSA APAC 2018 .The guide was released by Dr. Chen Kai, Technical Director Cyber Security and User Privacy Protection Business Management Dept. of Huawei Products & Solutions.
Security has always been a major concern for enterprises to deploy services on the cloud. From the cloud customers’ perspective, it is still somewhat lacking in best practices on how to secure their cloud services. The availability of such guidelines can be especially helpful for small and medium enterprises (SMEs) that constantly face shortages of professional security manpower. With this in mind, Huawei collaborated with the CSA CSSM WG to jointly develop the “Guideline on Effectively Managing Security Service in the Cloud” that applies to various cloud deployment models, from private, public, hybrid to community cloud
The Guideline provides an easy-to-understand guidance for cloud customers:
- How to design, deploy, and operate a secure cloud service with respect to different cloud service models, namely IaaS, PaaS, and SaaS, helping them ensure the secure running of service systems.
- Cloud customers can clearly understand security responsibilities of their own and of CSPs.
- The Guideline provides guidance for CSPs in building cloud platform security assurance systems which can also be used by cloud service security integrators.
- The third-party security service providers that play important roles in securing cloud services, these providers can leverage on the Guideline to better fit their services to CSPs or cloud customers.
Since 2016, Huawei has planned, designed, and constructed more than 200 cloud security projects for 38 carriers worldwide, and has completed pre-integration and pre-verification of multi-vendor cloud security solutions in Cloud Open Labs. In cooperation with CSA, Huawei has developed the best practices and guidelines for cloud service security by combining the rich practices of Huawei’s services with CSA’s standards and ecosystem. It is hoped that this effort can better understanding the cloud security responsibilities from both customers and CSPs, and create a more immaculate cloud security ecosystem.
(Image Courtesy: www.smbnation.com)