Posts

What are the following measures are taken for compliance assessment to ensure the security and accountability of data and applications in the cloud services:

  The following measures are taken for compliance assessment to ensure the security and accountability of data and applications in the cloud services: Matching the security requirements of the organization with the security capabilities of the cloud service provider Analyzing the security policies of the cloud service provider along with a history of transparency and security-related practices Proper understanding of the technical aspects of data and traffic flow Proper understanding and documentation of the roles and responsibilities of the cloud service provider Understanding of the certifications and compliances that can be leveraged from the cloud service provider

Short note on Communications as a Service (CaaS).

Image
 COMMUNICATION-AS-A-SERVICE (CAAS) Communications as a Service (CaaS) is a single vendor's outsourced enterprise communications solution. Voice over IP (VoIP or Internet telephony), instant messaging (IM), collaboration, and videoconference programs employing fixed and mobile devices are examples of such communications. CaaS has evolved in the same way as Software as a Service has (SaaS). The CaaS provider is in charge of all hardware and software administration and provides assured Quality of Service (QoS). CaaS enables enterprises to choose to install communication devices and modes on an as-needed, pay-as-you-go basis. This method avoids the high initial investment and continuous costs associated with a system whose capacity may frequently exceed or fall short of current demand. CaaS provides flexibility and expandability that small and medium-sized businesses may not be able to afford otherwise, allowing for the addition of devices, modes, or coverage on demand. If required, th

Short note on Network-As-A-Service (NAAS).

Image
 NETWORK-AS-A-SERVICE (NAAS) Over the last two decades or more, traditional networking topologies have prescribed that the network hub be built around a single place, such as a data center or a company's headquarters building. This s holds the majority of the computing, storage, communications, and security equipment, and it is where corporate applications are generally housed. Traffic from branch offices and other remote sites is o routed through this hub before being sent to other destinations, including the cloud. Though such a mechanism has been standard practice for many years, it no longer fits the way many businesses function today. For starters, there has been a significant shift to the cloud. Enterprise programs that drive t business are increasingly housed in cloud platforms like Amazon Web Services or Microsoft Azure, ee as proprietary apps or as SaaS programs like Office 365 and Salesforce. Businesses frequently employ various cloud systems. Employees are increasingly m

Short note on Federated Identity Management (FIDM) and OpenID.

Image
 FEDERATED IDENTITY MANAGEMENT (FIDM) The term FIDM refers to the technologies and protocols that allow a user to package security credentials across security domains. It uses Security Markup Language (SAML) to bundle a user's security credentials, as seen in the figure below: OpenID OpenID allows users to utilize a single account to log in to several websites. OpenID is supported by corporations such as Google, Yahoo!, Flickr, and WordPress.com, etc. Benefits of OpenID Increased site conversation rates Access to greater user profile content Fewer problems with lost passwords Ease of content integration into social networking sites Such IDaaS solutions provide a range of identity and access management services such as: Single Sign-On (SSO) functionality through the cloud  Federated Identity Management for Access  Governance Password Management

What are five key capabilities are required to make enterprise IDaaS solutions possible:

 Five key capabilities are required to make enterprise IDaaS solutions possible:  1. Single Sign-on (SSO):  With SSO, employees, partners, and customers have simple, quick, and secure access to all SaaS, mobile, and enterprise apps with a single login utilizing corporate credentials.  2. Multi-factor Authentication (MFA):  Adaptive authentication methods-options to scale up as risk grows depending on scenario changes, user behavior, or application sensitivity are common in MFA. 3. Access Security:  Access security is policy-based access control for apps and APIs that goes beyond SSO to improve security.  4. Directory:  While most organizations choose to link IDaaS with their current user databases, a cloud directory may be used, particularly to assist customers and/or partners.  5. Provisioning:  User data is synchronized with online and corporate apps via SCIM support and connection with on-premises provisioning.

Explain Single Sign-On (SSO) and working of SSO.

Image
 Single Sign-On (SSO) An authentication procedure in a client/server connection in which the user, or client, enters one name and password and has access to several applications or resources inside a business. When going from one application to another, 'Single Sign On' eliminates the need for the user to enter additional authentications. Companies increasingly utilize Single Sign-On software to overcome the problem of utilizing separate username and password combinations for multiple servers. This software allows the user to log in only once and control access to other systems. As indicated in the picture below, SSO uses a single authentication server to manage numerous accesses to other services. The following steps describe how Single Sign-On software works:  The user logs into the authentication server using a username and password. The authentication server returns the user's ticket. The user sends the ticket to the intranet server. The intranet server sends the ticket

Short note on Identity as a Service (IDaaS).

 IDENTITY-AS-A-SERVICE (IDAAS) Identity as a Service (IDaaS) is a third-party authentication infrastructure that is designed, hosted, and maintained by a service provider. IDaaS may be thought of as a cloud-based single sign-on (SSO). A business IDaaS is often acquired as a subscription-based managed service. A cloud service provider may also charge a subscription to host apps and give users role-based access to certain programs or even full virtualized desktops via a secure portal. Employees at a corporation must log in to the system to execute numerous duties. These systems may be hosted on a local server or in the cloud.  The following are some of the issues that an employee may encounter: Keeping track of various login and password combinations for accessing many servers.  When an employee quits the organization, it is necessary to disable all of that user's accounts. To address the aforementioned issues, a new technology called Identity-as-a-Service evolved (IDaaS). As a digit