Cloud Security Strategies, GDPR, and Vendor Lock-In

Subscribe To Read This Insight

By Dan Shey | 3Q 2019 | IN-5552


Cloud Vendor Security Strategies: Identity Access Management Services


While there are many cloud security products, such as Alibaba’s Attacker Intrusion Detection, Azure Sphere for Internet of Things (IoT), IBM Cloud App ID, and Oracle’s User & Entity Behavior Analytics (UEBA), a core security service of any cloud provider is Identity and Access Management (IAM). IAM provides authentication and access controls to ensure the proper people gain access to cloud services and from which the baseline for other security services can be formed.

The main debate here is about the use of a core, authoritative directory service to authenticate access to a wide range of networks and services, as opposed to a third party called Directory-as-a-Service (DaaS) that can extend vendor identities to a wide range of Information Technology (IT) services. The former approach has been adopted by Microsoft Azure, while the latter is used by Google, Huawei, and many others.

The security risks of both arrangements need to be carefully considered by prospective end users. In the case of a core, authorita…

You must be a subscriber to view this ABI Insight.
To find out more about subscribing contact a representative about purchasing options.