A while back, Caleb Tennis wrote a terrific set of blog posts about some of the security practices we use at CloudBees:
- Securing the Cloud: Part 1 - Managing Credentials
- Securing the Cloud: Part 2 - Managing Security Around Remote Login and Development
- Securing the Cloud: Part 3 - Credentials and Password Policies
Platform as a Service changes the level at which you interact with underlying infrastructure resources, so it necessitates a reexamination of your existing practices. For example, operations that would previously be performed by a sysadmin are, within the PaaS, performed by services. The security of those services, and the way in which you and the PaaS provider operate them must be considered. If you are attempting to implement a private PaaS yourself, you will need to consider many of the solutions used by CloudBees already in our full service PaaS offering. Whether you're using CloudBees and looking for more details about our security procedures, or you're considering going some other PaaS route, PaaS brings new variables to the equation that you should be considering.
-- Steven G. Harris
Senior VP of Products
Steven G. Harris is senior vice president of products at CloudBees. Prior to joining CloudBees, Steve led the Java server business and was involved in the Java EE JCP at Oracle for over 10 years.
Stay up to date
We'll never share your email address and you can opt out at any time, we promise.