Cloud Computing Compliance, Audit and Data Governance

Learn how to maintain cloud computing compliance with government regulations and industry standards when moving IT operations and applications to a cloud environment. Also learn... More about Cloud Computing Compliance, Audit and Data Governance

Recent Definitions

• FedRAMP 3PAO (third-party assessment organization)

  - A 3PAO is an organization that has been certified to help cloud service providers and government agenc...

• Trusted Cloud Initiative

  - The Trusted Cloud Initiative is a program of the Cloud Security Alliance industry group created to help cloud service providers develop indus...

• Soc 3 (Service Organization Control 3)

  - A Service Organization Control 3 (Soc 3) report outlines information related to a service organization’s internal contro...

Highlights

• Can self-managed cloud security controls ease enterprise concerns?

• How to use PCI SSC supplement to achieve PCI compliance in the cloud

• Cloud API security risks: How to assess cloud service provider APIs

More Cloud Computing Compliance, Audit and Data Governance Topics

• Cloud Compliance: Federal Regulations and Industry Regulations

• Cloud Computing Frameworks and Standards

• Cloud Computing SLAs and Legal Issues

• PCI DSS Requirements for Cloud Computing

• Evaluating Cloud Computing Providers

• Cloud Computing Security Issues: Incident Response - Data Breach Prevention

Security in the Cloud: Cloud Computing Architecture

Before purchasing or building cloud systems and services, learn the cloud computing security considerations and challenges involved the various cloud computing architecture mode... More about Security in the Cloud: Cloud Computing Architecture

Recent Definitions

• homomorphic encryption

  - Homomorphic encryption is the conversion of data into ciphertext that can be analyzed and worked with as if it were still in its original form. ...

• cloud bursting

  - Cloud bursting is an application deployment model in which an application runs in a private cloud or data center and bursts into a public cloud when the dem...

• cloud computing

  - A cloud service has three distinct characteristics that differentiate it from traditional hosting. It is sold on demand, typically by the minute or the ho...

Highlights

• Can self-managed cloud security controls ease enterprise concerns?

• Enterprise cloud services: Who's responsible?

• CSA offers new initiatives to address SMB cloud security issues

More Security in the Cloud: Cloud Computing Architecture Topics

• Hybrid and Private Cloud Computing Security

• Cloud Computing Infrastructure as a Service (IaaS) Security

• Cloud Computing Platform as a Service (PaaS) Security

• Cloud Computing Software as a Service (SaaS) Security

• Public Cloud Computing Security

Cloud Security Management and Cloud Operations Security

As your organization moves its infrastructure, applications and data into the cloud, security operations such as network security, vulnerability management, data protection and ... More about Cloud Security Management and Cloud Operations Security

Recent Definitions

• information-centric security

  - Information-centric security is an approach to information security paradigm that emphasizes the security of the information itself rat...

• ENISA (European Network and Information Security Agency)

  - The European Network and Information Security Agency (ENISA) is a European Union (EU) agency ...

• SPI model (SaaS, PaaS, IaaS)

  - SPI is an acronym for the most common cloud computing service models, Software as a Service, Platform as a Service and Infrastructure a...

Highlights

• Enterprise cloud services: Who's responsible?

• Gartner forecasts rising interest in cloud-based security services

• How to develop cloud applications based on Web app security lessons

More Cloud Security Management and Cloud Operations Security Topics

• Legacy Application Modernization for the Cloud

• Cloud Security Services: Cloud-Based Vulnerability Scanning and Antivirus

• Cloud Network Security Trends and Tactics

• Cloud Provisioning and Cloud Identity Management Issues

• Cloud Data Storage, Encryption and Data Protection Best Practices

• Cloud Patch Management and Cloud Configuration Management

Cloud Computing Virtualization: Secure Multitenancy - Hypervisor Protection

Virtualization is at the core of any cloud computing initiative, regardless of delivery model or deployment method. Service providers, or internal enterprise private cloud manag... More about Cloud Computing Virtualization: Secure Multitenancy - Hypervisor Protection

Recent Definitions

• Cloudburst VM escape

  - Cloudburst VM (virtual machine) escape is an exploit method, credited to research firm Kostya Kortchinsky Immunity Inc., that takes advantage of IB...

• hypervisor security

  - Hypervisor security is the process of ensuring the hypervisor, the software that enables virtualization, is secure throughout its life cycle, includ...

• AV storm

  - An AV storm is the performance degradation that occurs when antivirus software simultaneously scans multiple virtual machines (VMs) on a single physical host. 

Highlights

• For a secure cloud infrastructure, match strategy to environment

• Security, cloud monitoring tools viewed as cloud adoption barriers

• Cross-VM side-channel attacks: How to defend cloud infrastructures