One of the more common criticisms of cloud computing is that the available authentication mechanisms are weaker than those available to more traditional deployments. Today's announcement by Google that it will now support a form of two-factor authentication for it's Google Apps service is a welcome rebuttal to such criticisms:
http://googleenterprise.blogspot.com/2010/09/more-secure-cloud-for-millions-of.html
Whilst I'm on this topic I should also point out that Amazon Web Services have been offering multi-factor authentication functionality since late 2009 via the use of Gemalto tokens which generate one-time codes - details available here:
http://aws.amazon.com/mfa/
Of course, what you don't want to end up with is a scenario where you have to carry multiple devices (phones, tokens etc) capable of generating security tokens for each cloud service you deploy. One way around this would be to consider the use of SAML and a single authentication provider for all of your cloud services. Take a look at the CRYPTOCard Managed Authentication Service - you may like what you see!
https://www.cryptocard.com/mas/index.php?option=com_content&view=article&id=39&Itemid=2
And as none of my blog posts seem to be complete without a link out to more of my ramblings, you may be interested in what a number of luminaries (and me) have to say about value added cloud services over at:
http://www.computerweekly.com/Articles/2010/09/06/242626/Security-think-tank-Value-added-cloud-security-services.htm
Monday, 20 September 2010
Subscribe to:
Posts (Atom)
