Respective tool or service for all Cloud Computing Field:

Cloud Application, Server and Network Security — Resources about tools and services used to protect applications, servers or networks facilitated by cloud computing.Dome9 — Resources about Dome 9, a solution that provides network security policy management and automation services for entire cloud environments, and a set of tools including visualization, firewall management, file integrity monitoring, dynamic access leases, configuration monitoring, and more.

Qualys — Resources about Qualys, a cloud security platform that offers a suite of compliance and IT security solutions such as asset discovery, network security, compliance monitoring, and more.

ZScaler — Resources about ZScaler, a cloud security platform built as a security stack enabling secure transformation to the cloud. Services include: advanced threat protection, branch transformation, mobile security, and more.

Netskope — Resources about Netskope, a cloud services company offering solutions such as a Cloud Access Security Broker (CASB), cloud malware and threat protection, cloud storage security, DLP, encryption, and more.

Akamai Cloud Security Solutions — Resources about Akamai Cloud Security Solutions, a set of tools aimed at protecting websites/applications from data theft and downtime, and at stopping major DDos and web application attacks. The solutions are build on the Akamai Intelligent Platform™ and include infrastructure and website protection.

Check Point Cloud Security — Resources about Check Point cloud security, a set of security services and solutions for the public and private cloud that can be easily extended to any cloud environment. Solutions include: threat protection, mobile security, endpoint security, next generation firewalls, and security management.

TripWire PureCloud Enterprise — Resources about TripWire PureCloud Enterprise, a cloud security platform that provides a solution to help discover and assess areas of a network that are hard to reach. The solution includes assurance for third parties, network perimeter scanning, and unified reporting.

Alert Logic Cloud Defender — Resources about Alert Logic Cloud Defender, a managed cloud security solution for IT infrastructure. The solution allows network/system/application security monitoring for the infrastructure, and offers centralized security management, threat detection, rapid deployment, and more.

BetterCloud — Resources about BetterCloud, a suite of cloud security solutions and tools for IT organizations. Solutions are built specificallty for SaaS applications and include: user lifecycle management, IT/security automation, data discovery, and more.

IBM Cloud Security Enforcer — Resources about IBM Cloud Security Enforcer, a SaaS cloud security solution designed to help organizations deploy new services on the cloud. The solution includes cloud discovery, Identity/access management, user analytics, and more.

iSheriff Cloud Security — Resources about iSheriff Cloud Security, a SaaS security platform offering web, endpoint, and email security solutions, including malware protection, data leakage prevention, archiving, multi-platform support, and compliance enforcement solutions.

Cisco Cloud Web Security — Resources about Cisco Cloud Web Security, a proxy-based cloud security solution for distributed enterprise organizations. The solution offers user protection and protection against web attacks using Cisco's threat intelligence and threat defense services.

Cloud Antivirus and Threats Prevention — Resources about cloud antivirus, a solution in which antivirus processes are conducted on cloud servers instead of a user's PC, and threat prevention, the practice of preventing systems (mainly in IT organizations) from being infected by viruses or protecting the systems from cyber attacks.McAfee Cloud Secure — Resources about MCAfee Cloud Secure, a set of security solutions that help organizations to move services to the cloud. These solutions allow the organization to use their security and access policies, without needing to adopt each vendor's practices. Solutions include: data protection, web security, database/data center security, and more.

Panda Cloud Security — Resources about Panda cloud security, an antivirus cloud-based solution for enterprise organizations. The solution offers endpoint protection, meaning all workstations (Windows/Mac/Linux) and all devices and systems are protected.

Cloud Identity and Access Management Tools — Resources about cloud identity and access management tools, which are tools used for facilitating the management of electronic identities.Centrify — Resources about Centrify, an identity platform that offers protection from compromised credentials scenarios and simple and secure access to cloud applications. Solutions include: Identity as a Service (IDaaS), cloud application user provisioning, identity service automation, and more.

SkyHigh Cloud Access Security — Resources about SkyHigh, a security platform for cloud services, offering a Cloud Access Security Broker (CASB). Solutions/features include: visibility into cloud usage and risk, threat protection, compliance enforcement, and data security.

Cloud Data and CDN Security Tools — Resources about cloud data and Content Delivery Network (CDN) security tools, which are tools used to protect data stored on cloud servers, and user-related data used for CDN functions (such as geolocation or content delivery server data).Proofpoint — Resources about Proofpoint, a security-as-a-service platform that uses technologies like machine learning and Big Data analytics to protect against cyber attacks. Additional solutions include: email security/encryption, data loss prevention, electronic discovery, and more.

Vaultive — Resources about Vaultive, a cloud security platform used to protect organizations' sensitive data that is offered as a software-as-a-service. Solutions include: cloud data security, data residency and industry compliance, and unauthorized disclosure protection.

CipherCloud — Resources about CipherCloud, a full-scale enterprise cloud security platform that offers a Cloud Access Security Broker (CASB) and solutions such as encryption, malware detection, key management, monitoring, and compliance.

Vormetric — Resources about Vormetric, a cloud/data security platform for the enterprise used for compliance and for streamlining migration to a cloud environment.

Intralinks — Resources about Intralinks, an enterprise collaboration software used to protect virtual data rooms and document sharing. Solutions include: SharePoint and ECM externalization, removable media and USB replacement, secure collaboration, and more.

MobileIron Cloud — Resources about MobileIron Cloud, a scalable cloud-based enterprise mobility management (EMM) solution that offers mobile application and device security. Features include a cloud-based management console, policy distribution, secure file access, and more.

SafeNet (Gemalto) — Resources about Gemalto SafeNet, a suite of cloud security solutions that allow organizations to control virtual environments and to perform cloud deployment securely. Solutions include: cloud/virtual data center migration, securing cloud-based applications, encryption, securing cryptographic keys, secure data transmission, and more.

CDNetworks — Resources about CDNetworks cloud security solutions, which offer website and application protection together with optimal performance. Solutions/features include: secure application access, cloud DDoS protection, regulatory compliance, and more.

Cloud Monitoring — Resources about cloud monitoring, a process that includes monitoring, management and review of workflows or processes of an IT asset or infrastructure that is cloud-based. Cloud monitoring aims to make sure that the relevant cloud platform is performing properly.

Hi Deeksha

You may not be surprised to learn that there is no easy answer to this question. There is much more to security than just CIA and the use of different algorithms to provide security for each aspect. We live in an environment in which it is estimated that over 200,000 new vulnerabilities are developed globally every day. You could use exceptionally secure algorithms for each of your requirements, but this would not guarantee your security. Why would this be so? The business process of any organisation comprises a combination of people, process and technology. People are generally considered to be the weakest link of any security system. Whether through stupidity, or for malicious reasons, people can completely destroy the security of the most secure system through their actions. Corporate process are often extremely well document, but are frequently considerably out of date. Relying on such process documentation can also be counter-productive for security. And, of course, the technology itself can also give rise to problems. The cloud service provider policies might well show extremely high levels of concern for client security, through thorough training and vetting of staff, but there are often occasions where this concern will not be applied so rigorously to sub-contractors or temporary staff.

So how could you go about ensuring your cloud datacenter is secure? There remains an unsatisfied challenge in cloud computing - namely the lack of ability to ensure a proper audit trail and forensic evidence can be secured in cloud. Cloud, by its very nature, is transient. You can spool up instances at will, and shut them down when you no longer require them, thus saving cost. However, if you fail to guard your audit trail and your forensic data properly, once the instance is shut down, this vital data is lost forever. Most cloud based systems rely on a database back end. From a security perspective, a database is very similar to a spreadsheet. With a spreadsheet, you can add new cells at will, add columns, carry out subtractions and a host of other computations. You can change the contents of cells at will, and apart from steps in current memory, there is no record retained of how the final spreadsheet came to have the contents of the cells that it has. In other words, there is no audit trail. The same can be true of a database. You can add new records, modify existing records, and delete records at will. There is no audit trail by default. And there is no forensic trail by default either. Worse, in cloud, it is easy to delete, or modify the audit trail and the forensic trail once an attacker gets in to the system. Indeed, this is the primary goal of the attacker, so that they will not be caught.

On this point alone, most cloud systems would fail the test. Because if you do not have a proper audit trail, and cannot guarantee the retention of full forensic evidence, you cannot guarantee your cloud datacenter is secure. There is only one way to ensure you have a proper audit trail and forensic record - you need to save the required data into an immutable database on a different system, with no public access and exceptionally tight access controls. This, of coure, only provides you with what you need after an attack. But at least you would have it, which would be a huge improvement on what you would otherwise have. What you do require is vigilance, on an ongoing basis to allow you to pick up when an attack has taken place. There are not many companies who have such a luxury.

I hope that gives you plenty of food for thought.

Regards

Bob