Many companies today are purchasing IaaS as an extension or replacement of their internal data centers and the Infrastructure team is given the task of offering the internal customers a PaaS for their hosted applications. The question of how to secure the data remains uppermost in the minds of CISOs and now even CIOs. For the security professional - it gives a green field in which to architect the utopia of The Perfect Design. When coupled with Operational reality, a more realistic, scalable and simple design is required. I present here a design for the security of an IaaS Cloud offering which offers a risk based approach to deploying different levels of control by application classification.
