[Full-disclosure] Whitepaper: Assessing Cloud Node Security

[Context IS - Disclosure <disclosure@xxxxxxxxxxxxxxx>]

Context Information Security have released a whitepaper on Assessing Cloud Node 
Security.

Synopsis:
Some major Cloud providers currently expose their clients’ data to the risk of 
compromise as a result of serious flaws in the implementation of their 
technologies. This is the key finding of a major new survey of the security of 
Cloud nodes completed by Context Information Security.

The growing trend in migrating systems to use Cloud infrastructure to take 
advantage of the cost savings and flexibility that this form of IT provision 
can offer has caused concern within the security community, because this 
virtual and dynamic environment creates a new threat landscape.

This whitepaper is the result of research undertaken by Context into the 
technical risks associated with Cloud computing infrastructure nodes. Context 
rented a range of Cloud nodes currently offered by the major providers and 
performed a review of their security, including the limitations imposed by 
providers on the types of technical security testing allowed to be performed.

The methodology, results, challenges and recommended mitigations are detailed 
in this whitepaper, which sets out best practices for securing Cloud nodes as 
an end user and will help end users to assess and reduce any associated risk to 
their systems. Information about the general security issues discovered in 
actual Cloud nodes has also been fed back to the providers to enable them to 
resolve these issues. 

Read the whitepaper in full at:
http://www.contextis.co.uk/resources/white-papers/assessing-cloud-node-security/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/