Cloud 101CircleEventsBlog

Download Publication

Cloud Octagon Model
Cloud Octagon Model

Cloud Octagon Model

Release Date: 06/24/2019

In this document CSA provides an approach to assess risk in SaaS cloud computing. The Cloud Octagon Model stems from an approach conceptualized and implemented by the Cloud Security Group within the Technology & Engineering department, Corporate Information Security Office (CISO), ABN AMRO Bank NV (Netherlands). It counts such aspects as procurement, IT governance, architecture, development and engineering, service providers, risk processes, data classification, and country. The model provides practical guidance and structure to all involved risk parties in order to keep pace with rapid changes in privacy and data protection laws and regulations, and changes in technology and its security implications. The model aims to:
  • reduce risks associated with cloud computing;
  • improve the effectiveness of the cloud risk team;
  • improve manageability of the solution; and
  • improve security.

Download this Resource

Prefer to access this resource without an account? Download it now.

CSA CCM v4.0 Addendum - IBM Cloud Framework for Financial Services v1.1.0
CSA CCM v4.0 Addendum - IBM Cloud Framework for...
SaaS Governance Best Practices for Cloud Customers
SaaS Governance Best Practices for Cloud Customers
Third-Party Vendor Risk Management in Healthcare
Third-Party Vendor Risk Management in Healthcare
What Are the 5 Key Areas of Cloud Security
What Are the 5 Key Areas of Cloud Security
Published: 05/30/2023
The Top Five Challenges of Zero Trust Security
The Top Five Challenges of Zero Trust Security
Published: 05/24/2023
Why Hybrid Cloud Computing Makes Sense for the Healthcare Industry
Why Hybrid Cloud Computing Makes Sense for the Healthcare Industry
Published: 05/18/2023
Responding to Insider Risk is Hard. Here Are 4 Things You Need to Do.
Responding to Insider Risk is Hard. Here Are 4 Things You Need to Do.
Published: 05/11/2023
How to Fortify Your Salesforce Ecosystem Security
How to Fortify Your Salesforce Ecosystem Security
June 20 | TBD
Zero Trust & Cloud Security Meetup + Mission Critical Summit On Demand
Zero Trust & Cloud Security Meetup + Mission Critical Summit On Demand
July 11 | Online

Acknowledgements

Michael Roza
Michael Roza
Risk, Audit, Control, and Compliance Professional

Michael Roza

Risk, Audit, Control, and Compliance Professional

Since 2012 Michael has contributed to over 85 CSA projects completed by CSA's Internet of Things, Zero Trust/Software-Defined Perimeter, Top Threats, Cloud Control Matrix, Containers/Microservices, DevSecOps, and other working groups. He has also served as co-chair of CSA's Enterprise Architecture, Top Threats, and Security-as-a-Service working groups while also serving as the Standards Liaison Officer for IoT, ICS, EA, SECaaS, and Cloud Ke...

Read more

Jim De Haas
Jim De Haas
Cloud Security Expert

Jim De Haas

Cloud Security Expert

Seasoned security professional with a demonstrated history of working on critical, complex and highly available banking applications. A technology enthusiast, who enjoys collaborating with cross-functional teams. A strong communicator who can evangelize security across the organisation. Specialised in Cloud Security (Both AWS and Azure), IT Security, training DevOps engineers in security topics and making security understandable to non-secu...

Read more

Cheyenne Seur Headshot Missing
Cheyenne Seur

Cheyenne Seur

This person does not have a biography listed with CSA.

Timo Muller Headshot Missing
Timo Muller

Timo Muller

This person does not have a biography listed with CSA.

Biswajt Behera Headshot Missing
Biswajt Behera

Biswajt Behera

This person does not have a biography listed with CSA.

Alok Saxena Headshot Missing
Alok Saxena

Alok Saxena

This person does not have a biography listed with CSA.

Are you a research volunteer? Request to have your profile displayed on the website here.

Interested in helping develop research with CSA?

Related Certificates & Training