Public Cloud Security Considerations
While moving resources from the datacenter to a public cloud can be appealing from the cost perspective, the ability to leverage cloud computing essential characteristics such as elasticity and shared resources, there are key security challenges that must be addressed in order to make this transition more effective and secure. This curation will guide you over the some resources that can be used to better understand what those security concerns are, what must be done in order to address those concerns and how to perform this transition in a secure manner.
07 Mar 2014
Cloud Computing Security Considerations
This paper provides a high-level discussion of the fundamental challenges and benefits of cloud computing security, and raises some of the questions that cloud service providers and organizations using cloud services need to consider when evaluating a new move, or expansion of existing services, to the cloud. This document presumes that the reader is familiar with the core concepts of cloud computing and basic principles of cloud security. It is not the goal of this paper to provide all the answers to the questions of security in the cloud or to provide an exhaustive framework for cloud security.
Cloud basics: Security in the cloud
Cloud computing may seem risky because you cannot secure its perimeter—where are a cloud’s boundaries? In addition, many government agencies must comply with regulatory statutes, such as the Health Insurance Portability and Accountability Act (HIPAA), the Sarbanes–Oxley Act of 2002 (SOX), and the Federal Information Security Management Act (FISMA). Yet your organization can move forward even while security standards are being defined. This paper has core considerations for Cloud Computing adoption in the Government space.
Security Guidance for Critical Areas of Focus in Cloud Computing (V3)
This guide, created by Cloud Security Alliance delivers actionable, best practice based on how to enable business to transition to cloud services while mitigating risk. This is a vendor agnostic approach that has a collection of facts and opinions gathered from many industry experts worldwide.
Privacy in the Public Cloud: The Office 365 Approach
This white paper examines Microsoft's broad approach to privacy governance and describes how these principles and processes have been applied to our latest cloud-based productivity service, Office 365. Because Microsoft recognizes that privacy and security are major concerns for cloud customers, we developed our latest cloud-based productivity service, Office 365, from the ground up with strong data protection in mind.
Office 365 mapping of CSA Security, Compliance and Privacy Cloud Control Matrix requirements
The Cloud Security Alliance published the Cloud Control Matrix, to support consumers in the evaluation of cloud services and to identify questions prudent to have answered before moving to cloud services. In response to this publication, Microsoft has created this document to outline how we meet the suggested principals and mapped them to the International Standards Organization (ISO) 27001:2005 and ISO 27002. With this standardized response we would like to empower customers with in-depth information to evaluate different offerings in the market place today.
Trends in Cloud Computing Cloud Security Readiness Tool
This report is the result of information collected in the Cloud Security Readiness Tool (CSRT). The CSRT is a brief survey that seeks information about the maturity level of an organization’s current on-premises IT infrastructure. Organizations can use the CSRT to better understand their systems, processes, policies, and practices. They can also improve their current IT state, learn about relevant industry regulations, and receive guidance on how to evaluate different cloud options. This report analyzes data that was collected in the six-month period between October 2012 and March 2013. The data consists of answers provided by people who used the CSRT. Approximately 5700 anonymized responses to the CSRT’s 27 questions were received from around the world.
Data Classification for Cloud Readiness
This paper outlines the risks and issues that can be mitigated to ensure a smoother transition to a cloud service. It also considers technologies such as encryption, rights management, and data loss prevention solutions and how their implementation has evolved in the cloud era. The paper’s appendix also identifies some of the top data classification regulations and compliance requirements that are currently relevant.