Download Publication

The rise of cloud computing as an ever-evolving technology brings with it a number of opportunities and challenges. Cloud is now becoming the back end for all forms of computing, including the ubiquitous Internet of Things. Cloud computing is the foundation for the information security industry. New ways of organizing compute, such as containerization and DevOps are inseparable from cloud and accelerating our revolution. With this document, we aim to provide both guidance and inspiration to support business goals while managing and mitigating the risks associated with the adoption of cloud computing technology. 

The Cloud Security Alliance promotes implementing best practices for providing security assurance within the domain of cloud computing and has delivered a practical, actionable roadmap for organizations seeking to adopt the cloud paradigm. The fourth version of the Security Guidance for Critical Areas of Focus in Cloud Computing is built on previous iterations of the security guidance, dedicated research, and public participation from the Cloud Security Alliance members, working groups, and the industry experts within our community. This version incorporates advances in cloud, security, and supporting technologies; reflects on real-world cloud security practices; integrates the latest Cloud Security Alliance research projects; and offers guidance for related technologies.

Related Certificates & Training | Cloud Controls Matrix

Key Takeaways

• Cloud Computing Concepts and Architectures
• Governance and Enterprise Risk Management
• Legal Issues, Contracts and Electronic Discovery
• Compliance and Audit Management
• Information Governance
• Management Plane and Business Continuity
• Infrastructure Security
• Virtualization and Containers
• Incident Response
• Application Security
• Data Security and Encryption
• Identity, Entitlement and Access Management
• Security as a Service
• Related Cloud Technologies