Download Publication
![Cloud OS Security Specification v2.0](https://cloudsecurityalliance.org/rails/active_storage/representations/redirect/eyJfcmFpbHMiOnsiZGF0YSI6MzcyNywicHVyIjoiYmxvYl9pZCJ9fQ==--2fd00626e1d96407d12367b31d7b2d7578184333/eyJfcmFpbHMiOnsiZGF0YSI6eyJmb3JtYXQiOiJqcGciLCJyZXNpemVfdG9fbGltaXQiOlsyMjUsMzAwXX0sInB1ciI6InZhcmlhdGlvbiJ9fQ==--e48aa05a8204ba7d961654dcf72210dd50cd7522/Cloud-OS-Security-Specification-v2.0-Thumbnail.jpg)
Cloud OS Security Specification v2.0
Release Date: 10/14/2020
Working Group: Cloud Component Specifications
- Adjusted document structure to be more in line with logical architecture. Corresponding contents in version 1 are also moved / combined / removed according to the structure adjustment.
- New requirements added in view of cloud security technology developments, including micro segmentation, hardware-based encryption, VM High availability, backup & recovery capability, key management service, cloud bastion host.
- Several requirements are improved and revised to be more precise and instructive, such as the processing / saving of sensitive information, identity management and log functions.
Download this Resource
Prefer to access this resource without an account? Download it now.
Sponsor
Related Resources
Acknowledgements
![Srinivas Tatipamula](/rails/active_storage/representations/redirect/eyJfcmFpbHMiOnsiZGF0YSI6MTgwMzksInB1ciI6ImJsb2JfaWQifX0=--daccadf468e306b63dd0c12477af7500b431342a/eyJfcmFpbHMiOnsiZGF0YSI6eyJmb3JtYXQiOiJwbmciLCJhdXRvX29yaWVudCI6dHJ1ZSwicm90YXRlIjowLCJncmF2aXR5IjoiY2VudGVyIiwicmVzaXplIjoiMTgweDI0MF4iLCJiYWNrZ3JvdW5kIjoibm9uZSJ9LCJwdXIiOiJ2YXJpYXRpb24ifX0=--eb486f3f6b5873e5a4f4e10b34324e47d456ee46/man.png)
Srinivas Tatipamula
Principal Security Advisor, Fairfax
C-CISO|CISSP|CISA|AWS CSS|AWS CSA|CDPSE|CISM|CGEIT|CRISC|ISO 27000LA|CCSK|ITIL-F|PMP|Bachelor of Economics (Hons)|Bachelor of Law| MS in Digital Forensics
Overall 30 plus years in IT and over 18 years in Cyber Security
Publications:
1. Cloud Security Alliance Internet of Things (IoT) Working Group IoT Security Controls Guide Version Published March 2019
2. CSA IoT Controls Matrix March 2019
3. ...
![Srinivas Tatipamula](/rails/active_storage/representations/redirect/eyJfcmFpbHMiOnsiZGF0YSI6MTgwMzksInB1ciI6ImJsb2JfaWQifX0=--daccadf468e306b63dd0c12477af7500b431342a/eyJfcmFpbHMiOnsiZGF0YSI6eyJmb3JtYXQiOiJwbmciLCJhdXRvX29yaWVudCI6dHJ1ZSwicm90YXRlIjowLCJncmF2aXR5IjoiY2VudGVyIiwicmVzaXplIjoiMTgweDI0MF4iLCJiYWNrZ3JvdW5kIjoibm9uZSJ9LCJwdXIiOiJ2YXJpYXRpb24ifX0=--eb486f3f6b5873e5a4f4e10b34324e47d456ee46/man.png)
Srinivas Tatipamula
Principal Security Advisor, Fairfax
C-CISO|CISSP|CISA|AWS CSS|AWS CSA|CDPSE|CISM|CGEIT|CRISC|ISO 27000LA|CCSK|ITIL-F|PMP|Bachelor of Economics (Hons)|Bachelor of Law| MS in Digital Forensics
Overall 30 plus years in IT and over 18 years in Cyber Security
Publications:
1. Cloud Security Alliance Internet of Things (IoT) Working Group IoT Security Controls Guide Version Published March 2019
2. CSA IoT Controls Matrix March 2019
3. ...
![Xiaoyu Ge](/rails/active_storage/representations/redirect/eyJfcmFpbHMiOnsiZGF0YSI6MTI0MSwicHVyIjoiYmxvYl9pZCJ9fQ==--5300e9676233af8e48643be1d170f79476e2e2db/eyJfcmFpbHMiOnsiZGF0YSI6eyJmb3JtYXQiOiJqcGciLCJhdXRvX29yaWVudCI6dHJ1ZSwicm90YXRlIjowLCJncmF2aXR5IjoiY2VudGVyIiwicmVzaXplIjoiMTgweDI0MF4iLCJiYWNrZ3JvdW5kIjoibm9uZSJ9LCJwdXIiOiJ2YXJpYXRpb24ifX0=--ce1f0b273c14895214513c640abe6c284218f1db/xiaoyu-ge.jpg)
Xiaoyu Ge
Senior Security Standards Manager of Huawei IT
Xiaoyu Ge is the Senior Security Standards Manager of Huawei IT Product Line which include cloud computing, big data, storage, and server products and services. He is also active as security expert in SDOs, He is the ISO/IEC JTC1 SC27 WG expert of China Nation Body, he is the rapporteur of several SC27 project such as “Requirements for establishing roots of trust for virtualized environment”. He participated in CSA several years ago, he is ...
![Dez Blanchfield Headshot Missing](/assets/fallback/csa-headshot-7b449f5deff0b8be963d29536d108a63e2ef86ec765da989bb085a7d8c14217c.png)
Dez Blanchfield
![Dez Blanchfield Headshot Missing](/assets/fallback/csa-headshot-7b449f5deff0b8be963d29536d108a63e2ef86ec765da989bb085a7d8c14217c.png)
Dez Blanchfield
![Robert Bolton Headshot Missing](/assets/fallback/csa-headshot-7b449f5deff0b8be963d29536d108a63e2ef86ec765da989bb085a7d8c14217c.png)
Robert Bolton
![Matt Kaufman Headshot Missing](/assets/fallback/csa-headshot-7b449f5deff0b8be963d29536d108a63e2ef86ec765da989bb085a7d8c14217c.png)
Matt Kaufman
![Humayun Khan Headshot Missing](/assets/fallback/csa-headshot-7b449f5deff0b8be963d29536d108a63e2ef86ec765da989bb085a7d8c14217c.png)
Humayun Khan
![Alan Leffingwell Headshot Missing](/assets/fallback/csa-headshot-7b449f5deff0b8be963d29536d108a63e2ef86ec765da989bb085a7d8c14217c.png)
Alan Leffingwell
![Edgar Pimenta](/rails/active_storage/representations/redirect/eyJfcmFpbHMiOnsiZGF0YSI6NTE0NSwicHVyIjoiYmxvYl9pZCJ9fQ==--1e90f08676439ba1f335264ae98facf0a17a1e13/eyJfcmFpbHMiOnsiZGF0YSI6eyJmb3JtYXQiOiJqcGciLCJhdXRvX29yaWVudCI6dHJ1ZSwicm90YXRlIjowLCJncmF2aXR5IjoiY2VudGVyIiwicmVzaXplIjoiMTgweDI0MF4iLCJiYWNrZ3JvdW5kIjoibm9uZSJ9LCJwdXIiOiJ2YXJpYXRpb24ifX0=--ce1f0b273c14895214513c640abe6c284218f1db/bacd50e8.jpg)
Edgar Pimenta
VP of Information Security
Edgar Pimenta is the VP for Information Security at Talkdesk (a Cloud Contact Center) and is responsible for the governance, risk and compliance of information security at Talkdesk. He manages the team that deals with policies, the security education program, the security risk management processes, and data protection among others.
![K.S Reddy Headshot Missing](/assets/fallback/csa-headshot-7b449f5deff0b8be963d29536d108a63e2ef86ec765da989bb085a7d8c14217c.png)
K.S Reddy
![Justin Stoner Headshot Missing](/assets/fallback/csa-headshot-7b449f5deff0b8be963d29536d108a63e2ef86ec765da989bb085a7d8c14217c.png)
Justin Stoner
![Cedric Thibault Headshot Missing](/assets/fallback/csa-headshot-7b449f5deff0b8be963d29536d108a63e2ef86ec765da989bb085a7d8c14217c.png)
Cedric Thibault
![Yu Zhang Headshot Missing](/assets/fallback/csa-headshot-7b449f5deff0b8be963d29536d108a63e2ef86ec765da989bb085a7d8c14217c.png)
Yu Zhang
![Shobharani Jagathpa Headshot Missing](/assets/fallback/csa-headshot-7b449f5deff0b8be963d29536d108a63e2ef86ec765da989bb085a7d8c14217c.png)
Shobharani Jagathpa
![Michael Roza](/rails/active_storage/representations/redirect/eyJfcmFpbHMiOnsiZGF0YSI6Mzc3NCwicHVyIjoiYmxvYl9pZCJ9fQ==--2ee3c93fe3c1fbe44c00209688a02592cb8f251c/eyJfcmFpbHMiOnsiZGF0YSI6eyJmb3JtYXQiOiJqcGciLCJhdXRvX29yaWVudCI6dHJ1ZSwicm90YXRlIjowLCJncmF2aXR5IjoiY2VudGVyIiwicmVzaXplIjoiMTgweDI0MF4iLCJiYWNrZ3JvdW5kIjoibm9uZSJ9LCJwdXIiOiJ2YXJpYXRpb24ifX0=--ce1f0b273c14895214513c640abe6c284218f1db/roza.jpg)
Michael Roza
Risk, Control and Compliance Professional at EVC
Since 2012 Michael has contributed to over 100 CSA projects completed by CSA's Internet of Things, Zero Trust/Software-Defined Perimeter, Top Threats, Cloud Control Matrix, Containers/Microservices, DevSecOps, and other working groups. He has also served as co-chair of CSA's Enterprise Architecture, Top Threats, and Security-as-a-Service working groups while also serving as the Standards Liaison Officer for IoT, ICS, EA, SECaaS, and Cloud K...
![Ekta Mishra](/rails/active_storage/representations/redirect/eyJfcmFpbHMiOnsiZGF0YSI6MTczMTQsInB1ciI6ImJsb2JfaWQifX0=--8908f56f76d30de0ccfcf8cea8e87ae11b721e75/eyJfcmFpbHMiOnsiZGF0YSI6eyJmb3JtYXQiOiJqcGciLCJhdXRvX29yaWVudCI6dHJ1ZSwicm90YXRlIjowLCJncmF2aXR5IjoiY2VudGVyIiwicmVzaXplIjoiMTgweDI0MF4iLCJiYWNrZ3JvdW5kIjoibm9uZSJ9LCJwdXIiOiJ2YXJpYXRpb24ifX0=--ce1f0b273c14895214513c640abe6c284218f1db/CSA_330c.jpg)
Ekta Mishra
Membership Director & Country Manager (India), CSA APAC
![Haojie Zhuang Headshot Missing](/assets/fallback/csa-headshot-7b449f5deff0b8be963d29536d108a63e2ef86ec765da989bb085a7d8c14217c.png)
Haojie Zhuang