New Research Published: CSA Software-Defined Perimeter for the Cloud

February 13, 2017 |
CSA Logo

I’m pleased to announce the availability of the newest Cloud Security Alliance (CSA) security research exploring how the Software-Defined Perimeter (SDP) can be applied to Infrastructure-as-a-Service environments.

Cloud adoption has soared over the past few years, and yet recent surveys indicate that security is still a concern. In one Cloud Security Alliance survey, over 67% of respondents indicated that an inability to enforce corporate security standards represents a barrier to cloud adoption, while 61% noted that compliance concerns pose a barrier.

To address this, over the last 10 months, I’ve worked alongside the CSA’s Software Defined Perimeter Working Group to establish a clear sense of the security challenges facing IaaS enterprise users. This research outlines the problems that arise from combining native IaaS access controls with traditional network security tools, and demonstrates how SDP can solve these problems across various use cases.

Software Defined Perimeter IaaS Research How to apply SDP to IaaS including requirements, benefits and use cases

It’s quickly becoming widely understood that SDP is the preferred new way to securely deploy services. Leading analyst firms are pointing to SDP as a strong alternative to traditional network security solutions. And enterprises have recognized that SDP can address their concerns about adopting cloud, but the Software-Defined Perimeter approach is still relatively unknown to many. Read ‘Why a Software Defined Perimeter for more information’.

How a Software-Defined Perimeter Applies to IaaS Environments

Photo of Jason Garbis of Cryptzone Presents at 2017 CSA Summit

Jason Garbis of Cryptzone Presents at 2017 CSA Summit.

We’ve spent the time and effort, in partnership with other SDP practitioners and with our knowledge and experience, to create this new security research outlining how Software-Defined Perimeter applies to IaaS environments.

Security for IaaS is particularly interesting, because it’s a responsibility that’s shared between enterprises and cloud providers, and because IaaS has different (and in some ways more challenging) user access and security requirements than traditional on-premises systems. Our new research focuses on how SDP can be applied to Infrastructure-as-a-Service environments, and explores the following use cases:

    • Secure Access by Developers into IaaS Environment
    • Secure Business User Access to Internal Corporate Application Services
    • Secure Admin Access To Public Facing Services
    • Updating User Access When New Server Instances Are Created
    • Hardware Management Plane Access for Service Provider
    • Controlling Access Across Multiple Enterprise Accounts

Get the Software Defined Perimeter Research

This research is now available and we look forward to getting your feedback. You can join us on the SDP Basecamp site to collaborate.

Software Defined Perimeter IaaS Research How to apply SDP to IaaS including requirements, benefits and use cases

Now that this research is published, we’re just beginning work on version two of the SDP specification. Please join us on Basecamp if you’re interesting in contributing or learning more about that project as well.

Thanks to all the people who commented and contributed to this research over the past 10 months.

Back to Blog Home

Jason Garbis

Vice President of Products, Cryptzone
Jason Garbis is Vice President of Products for Cryptzone, where he's responsible for the company's product strategy and product management. Garbis has over 25 years of experience with technology vendors, including roles in engineering , professional services, product management, and marketing. Jason joined Cryptzone from RSA, and holds a CISSP certification.

Leave a Reply

Your email address will not be published. Required fields are marked *