Securing Applications in the Cloud
Source: Hewlett-Packard (HP)
Application software running on or being developed for cloud computing platforms presents different security challenges depending on the delivery model of that particular platform. The first question a CISO must answer is whether it's appropriate to migrate or design an application to run on a cloud computing platform and the second question is what type of cloud platform is most appropriate. For application security, the answer to each of these questions has two implications: what security controls must the application provide over and above the controls inherent in the cloud platform and how must an enterprise's secure development lifecycle change to accommodate cloud computing? Both answers must be continually re-evaluated as the application is maintained and enhanced over time.