Cloud Compute Security
"World of Cloud Security"
Cloud Computing Defintion
NIST defines Cloud Computing as having these five characteristics: On-Demand Self-Service, Broad Network Access, Resource Pooling, Rapid Elasticity and Measured Service.
Cloud Computing Definition
The Definition of Cloud Computing, per the CSA means: significant scalability, flexibility and cost-efficiency can all be achieved through the adoption of cloud-based solutions.
Cloud Security Alliance
The Cloud Security Alliance (CSA) is a not-for-profit organization with a mission to “promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing.
CSA - Security Guidance - Critical Areas of Focus
CSA promotes implementing best practices for security assurance in cloud computing and has delivered a practical, actionable roadmap for
organizations seeking to adopt the cloud paradigm.
The 14 Cloud Domains Discussed in "The Security Guidance for Critical Areas of Focus in Cloud Computing v4.0"
CSA - Managing Security Service
This document provides easy-to-understand guidance to cloud customers on how to design, deploy, and operate a secure cloud service with respect to different cloud service models.
Cloud Control Matrix - (CCM)
The CCM, provides fundamental security principles to guide cloud vendors and to assist prospective cloud customers in assessing the overall security risk of a cloud provider.
The Methodology for the Mapping of the Cloud Controls Matrix includes a controls mapping methodology, the identification of gaps between two frameworks, the creation of a mapping work package, naming references, and project management guidelines.
CAIQ
The Consensus Assessments Initiative Questionnaire v3.0.1 (CAIQ) is based upon the CCM and provides a set of Yes/No questions a cloud consumer and cloud auditor to ask of a cloud provider to ascertain their compliance to the Cloud Controls Matrix.
CSA Security, Trust & Assurance Registry (STAR)
CSA STAR encompasses key principles of transparency, rigorous auditing, and harmonization of standards. The STAR program provides indications of best practices and validation of security posture of cloud offerings.
GDPR Resource Center
The General Data Protection Regulation goes into force - May 18, 2018. The regulation will apply to all industries across the European Union. The Cloud Security Alliance (CSA) has prepared various tools and resources to help both enterprises and cloud service providers comply with the regulation
questions or comments please contact: 'jay@jdavis.tech'