Nov 06 2023

Cloud security guidance

Category: Cloud computingdisc7 @ 9:52 am

How to choose, configure and use cloud services securely.

If you want to store and process data in the cloud, or use cloud platforms to build and host your own services, this guidance will help you do so securely.

Cloud usage continues to grow steadily, both in volume and the type of services being built and hosted in it. In fact, cloud is usually the preferred option when organisations procure new IT services, as reflected in the UK government’s Cloud First Policy.

Against this background, it’s essential that new services are chosen and built in a way which reflects their security needs.


Who is this guidance for?

All organisations can use this guidance to navigate the sometimes confusing array of technologies which make up ‘the cloud’, and the management models which underpin their use.

More particularly:

Note:

Individuals looking for advice about how to use online services securely should refer to our Cyber Aware advice on staying secure online.


This collection contains

Introduction to cloud security

Defining some common terms, and providing background on the various sections of this guide.

Understanding cloud services

Cloud services can be seen from a number of perspectives. This section considers:

  • service models and deployment models
  • the ‘shared responsibility model’ used by many cloud providers to handle day-to-day management of security
  • two specific security techniques; separation and cryptography

Choosing a cloud provider

The cloud security principles and how to use them, along with our lightweight security framework and some vendor responses to the principles.

Using cloud services securely

Some actions that customers of cloud services will need to take. This includes advice for cloud platforms and software as a service (SaaS), and those looking to lift and shift into the cloud.

Next page

Introduction to cloud security

https://www.ncsc.gov.uk/collection/cloud

Practical Cloud Security: A Guide for Secure Design and Deployment 

InfoSec tools | InfoSec services | InfoSec books | Follow our blog | DISC llc is listed on The vCISO Directory

Tags: cloud security

Leave a Reply