059
ENTERPRISE SECURITY BLUEPRINT
APPENDIX
A
Segmentation and security controls for both private and public cloud computing resemble
those used for physical networks (see Servers design pattern above):
Security gateways can be introduced on the physical network to segment the
cloud into multiple distinct clouds that host applications of a given security
characteristic or ownership
Virtual machines (VMs) can move freely within a cloud, but not between
segmented clouds
Within each cloud, virtual security gateways can be integrated into the
hypervisor or executed within their own VM to control interactions between
VMs. Both hypervisor-level and VM-level virtual security gateways can be kept
updated using orchestration APIs to track VMs as they move within the cloud,
enforcing a consistent set of protections
Security software running on the VMs’ hosting applications can provide fine-
grained control for each host as an atomic element
A trusted channel should be used to protect the communication path between
the enterprise and the cloud. The channel can also be used to assess user identity
(e.g., using SAML credentials) based on user authentication credentials
Cloud environments pose unique challenges for data protection because sensitive data may be
processed and stored on multi-tenant systems, as well as retained in VM images and virtual storage
locations that are dormant after a VM moves to another location. In addition, organizations
often need to maintain control over the geographical location of their data. Data Protection
controls can be used to encrypt data to counter data access threats.
