Skip to main content
0 Results Found
              Back To Results

                Cloud Security

                What is Cloud Security?

                A definition of cloud security begins with defining cloud computing. An industry accepted resource used to define cloud computing derives from the U.S. Department of Commerce – National Institute of Standards and Technology (NIST). NIST defines cloud computing as “a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction” (NIST Special Publication 800-145).

                The five essential characteristics of cloud computing:

                1. On-demand self-service
                2. Broad network access
                3. Resource pooling
                4. Rapid elasticity
                5. Measured service

                The three service models of cloud computing include:

                1. Software as a Service (SaaS)
                2. Platform as a Service (PaaS)
                3. Infrastructure as a Service (IaaS)

                Finally, the four deployment models for cloud computing include:

                1. Private
                2. Public
                3. Hybrid
                4. Community

                Where Does Cloud Security Start and End?

                Cloud security is the ecosystem of policies, standards, processes, controls, and technologies that aim to secure cloud computing resources - the networks, data, applications, and services - as described in NIST SP-800-145. With so many stakeholders within this ecosystem, a consensus on best practices for cloud security will take more time to mature. Cloud security will mean something different to each organization depending on their cloud strategy. Even if cloud service customers comply with every single standard around cloud security - and there are many - it does not eliminate all risk when interacting with cloud service providers.

                Building an Effective RFP to Select a Cloud MSSP

                Whether you are issuing a less formal Request for Information (RFI) document or a fully-structured Request for Proposal (RFP) document, there are many considerations to ensure you select the right Managed Security Services Provider (MSSP) for Cloud Security. Clear expectations up front help ensure that objectives and criteria are fully addressed and documented by candidates. Secureworks provides a free and useful template from which to start the MSSP selection process.

                Read the White Paper
                Cloud Security

                Securely Migrating to the Cloud

                Organizations migrating application workloads to the public cloud face multiple alternatives, ranging from simple application like-for-like migration to refactoring to complete replacement with a native cloud solution. Although optimal migration strategies vary according to organizational objectives and application criteria, effective cloud security is a constant requirement. Migration to cloud computing is an ideal opportunity to reassess your IT architecture and recalibrate your security framework. Security is a primary goal of migration success and must be factored in up front and not bolted on at the end.

                Read More
                Cloud Security is a Shared Responsibility Model

                The Cloud represents a shared security responsibility model whereby that responsibility is split between the Cloud Service Provider (CSP) and the cloud service customer. For organizations moving some or all of their applications and data to the cloud, acceptance of this model clears the way to more thoughtful consideration for how security can and should be architected – from the ground up.

                Secureworks provides clear recommendations for securing applications and data in the cloud and focuses on security in third-party cloud Infrastructure-as-a-Service (IaaS) environments, the different stages of organizations’ deployments, and how security is shared between the Cloud Service Provider (CSP) and you as the cloud service customer.

                Protecting Critical Data in the Cloud

                Sharing responsibility for security in the cloud means there is now someone else in your threat analysis and response chain. As a result, you need to make sure that the cloud service providers you trust are accounted for in your security program. Even though they may have great security for the infrastructure they provide, you still have responsibility for everything above the hypervisor, or above the operating system, depending on what you are buying from the provider. Watch this video to take away some insight on protecting your critical data in the cloud.

                Talk with our cybersecurity experts
                +1 877 838 7947
                Close Modal
                Close Modal