Posts

Cloud Security Principle 9: Secure user management

The aspects to consider are: Authentication of users to management interfaces and support…

Read more
/by

Cloud Security Principle 7: Secure development

Goals You should be confident that: New and evolving threats are reviewed and…

Read more
/by

Risk management principles

The following security risk management principles are applicable to how people and organisations…

Read more
/by

Cloud Security Principle 14: Secure use of the service

The extent of your responsibility will vary depending on the deployment models of…

Read more
/by

Cloud Security Principle 12: Secure service administration

The design, implementation and management of administration systems should follow enterprise good practice, whilst recognising…

Read more
/by

Cloud Security Principle 10: Identity and authentication

Weak authentication to these interfaces may enable unauthorised access to your systems, resulting…

Read more
/by

Cloud Security Principle 8: Supply chain security

Cloud services often rely upon third party products and services. Consequently, if this…

Read more
/by

Cloud Security Principle 5: Operational security

There are four elements to consider: Configuration and change management – you should ensure…

Read more
/by

Cloud Security Principle 3: Separation between users

Factors affecting user separation include: where the separation controls are implemented – this…

Read more
/by

Implementing the Cloud Security Principles

For each of the 14 principles, we answer three questions: 1.   What is the…

Read more
/by