Continuing with our series, we’ve identified user management and authentication as our first security peril.
Internally, the application had only trusted users. Often, internal authentication services, such as, LDAP and Microsoft Active Directory, are based on protected internal databases and used for secure user access and logging of user traffic.
The challenge here is if there has not yet been any user management, solid and secure user management has to be developed and used on the cloud. However, if the application continues using the current authentication services, the challenge is whether the user’s credentials should be replicated and made available on the cloud—if so, how can this be done in a secure way? Or should the user access management on the cloud ask in a secure way (i.e. through a VPN tunnel) the internal authentication databases? Therefore, the user’s credential database does not leave the secure enterprise infrastructure, but the communication with it has to be secure.
Stay tuned for more security perils…
Follow the discussion on Twitter @hyperguard.