However, identifying threats relies on log and event information – for example, which user is doing what, when and from where – which often spans across enterprise and cloud providers. When it comes to interoperability with hybrid clouds, every vendor or cloud provider has their own way to do logs and currently no standard to exchange log information exists.
Open cloud standards have the potential to change that. With interoperable standards, we could communicate across vendors about suspicious activity and what a suspect user is up to – an API driven approach to collect logs that providers can subscribe and feed information to. This is the kind of security innovation that open standards could make a reality, but simply isn’t feasible in proprietary cloud model.
There is more work to be done, but if we continue to embrace standards, the open cloud ecosystem builds out, innovation is enabled, and security improves as the benefits for user identity, authentication and security intelligence are realized.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.