Posts

Cloud Security Principle 8: Supply chain security

Cloud services often rely upon third party products and services. Consequently, if this…

Read more
/by

Risk management and risk analysis in practice

What is risk? Risk is the impact of uncertainty on people or organisations. Risks…

Read more
/by

Risk management introduction

Risk management is about managing the impact of uncertainty on people or organisations….

Read more
/by

Cloud Security Principle 13: Audit information for users

Goals You should be: aware of the audit information that will be provided…

Read more
/by

Cloud Security Principle 11: External interface protection

If some of the interfaces exposed are private (such as management interfaces) then…

Read more
/by

Cloud Security Principle 9: Secure user management

The aspects to consider are: Authentication of users to management interfaces and support…

Read more
/by

Cloud Security Principle 5: Operational security

There are four elements to consider: Configuration and change management – you should ensure…

Read more
/by

Cloud Security Principle 3: Separation between users

Factors affecting user separation include: where the separation controls are implemented – this…

Read more
/by

Implementing the Cloud Security Principles

For each of the 14 principles, we answer three questions: 1.   What is the…

Read more
/by