Hello Dimitrios I hate to take the easy way out, but I would suggest checking out the CSA (Cloud Security Alliance) guidance, they have a lot of good reference materials: https://cloudsecurityalliance.org/
Their latest guidance has become a bit bloated IMHO, but it is still very good. To state the obvious, if security matters, you need to design your implementations as if they are running on untrustworthy hardware. Because they are. Control your own crypto, manage your own keys, instrument and monitor, firewall like mad, etc. Jack On Mon, Mar 4, 2013 at 12:00 PM, Dimitrios Kapsalis <[email protected]> wrote: > Hi All, > > I'm looking for any resources you may be able to provide regarding assessing > cloud multi-tenancy environments. I understand that many of the controls > tested when assessing a data center, network, or application would still > apply, however is there anything to keep in mind? > > Regards. > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com -- ______________________________________ Jack Daniel, Reluctant CISSP http://twitter.com/jack_daniel http://www.linkedin.com/in/jackadaniel http://blog.uncommonsensesecurity.com _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
