At the top of many IT group’s list of concerns lie security, compliance and internal process governance – both in static data centers and in dynamic clouds. Indeed, governance should not be overlooked. And, as they say in many security circles, the best measure of successful security is silence. Although the discussion around governance in the cloud has evolved, many organizations still struggle with questions such as:
Which apps should we deploy to public clouds?
When and where should cloud environments be encrypted?
Who has access to cloud-based applications and infrastructure?
Which firewall rules should apply?
How do security rules differ from app to app based on the application’s lifecycle phase?