Glenna/WeeklyMeet-2015-09-03

From neicext
Jump to navigation Jump to search

Agenda

Meeting 3rd of September at 09:00-10:00CEST

Present: Dan, Uwe, Ole

Absent: Daniel

Channels: Google Hangouts: https://plus.google.com/hangouts/_/g4g5nyl5glc66wqgbqk4yjvb4ua

Live minutes at: https://docs.google.com/document/d/1Bj6I7osw0P_I14GiNlesqBA2ARIRXMOytBxLPmAsFJY/edit

1. Review of last meeting

2. Action points - progress & issues

AP Daniel: cloud Security AP Dan Uwe cloud images repositories

3. Todays topics - issues to discuss:

Daniels findings:

1. ENISA (European Union Agency for Network and Information Security)- the agency has important resources in Cloud Computing Security for SME and Governmental organizations. https://www.enisa.europa.eu/activities/Resilience-and-CIIP/cloud-computing

2. CSA (Cloud Security Alliance) with detailed information on cloud security standards and research works https://cloudsecurityalliance.org/

3. Amazon WebServices (AWS): has detailed and important information on cloud security https://aws.amazon.com/security/ 

    The AWS also lists its Compliance with different standards like

ISO9001, ISO27001 and EU Data 

    Protection Directives. This can give us a pointer on which

standards to focus on for compliance.

4. Datatilsynet Norway: it's an organization responsible for data privacy in Norway and has brief information on Cloud Service Security, but it is not well detailed. www.datatilsynet.no

Minutes:

  • Dan:how to handle cloud images you want to distribute? how keep them secure enough?
  • Uwe:put cloud image repository behind SAML
  • restrict images to open source software
  • store images on ftp server

4. Any other business


5. Next meeting

Retrieved from "https://wiki.neic.no/w/ext/index.php?title=Glenna/WeeklyMeet-2015-09-03&oldid=3914"