The Top Four PaaS Security Questions You Aren’t Asking

When thinking about doing business in the cloud, security is always top of mind. As cloud technology matures and its adoption becomes more mainstream, security concerns about cloud-based software and data are shifting from shrill panic to practical embrace. When working through security issues in any cloud environment, including a Platform-as-a-Service (PaaS) environment, one thing is clear—it must be done carefully and deliberately.

Michael Benedict, VP and GM of Progress Pacific, lays the foundation for security standards in his paper, “Best Practices for PaaS.” Benedict addresses the top four PaaS Security Questions every company should be asking their security organization when adopting a PaaS environment:

1. Who owns the code and the data?
2. Is your IT department separating dev/test/run tasks or are you playing “Shadow IT”?
3. Are security duties being segregated or is an “off the books” IT approach in place, which can resemble a formula for fraud?
4. How does your PaaS provider handle a breach, and how will a security incident affect your application small or large scale?

Find out about these and other important security questions you need to know in Benedict’s white paper, where he provides a framework for considering the top security concerns when moving part or all of your application development projects onto PaaS.

Continue reading...