Cloud 101CircleEventsBlog
Missed CSA's Cyber Monday sale? You can still get 50% off the CCSK + CCZT Exam & Training Bundle and Token Bundle with raincheck code 'rcdoubledip24'

Cloud Security Best Practices from the Cloud Security Alliance

Published 04/23/2022

Cloud Security Best Practices from the Cloud Security Alliance
Written by Nicole Krenz, Web Marketing Specialist, CSA.


Cloud is becoming the backend for all forms of computing and is the foundation for the information security industry. It’s a model for enabling convenient and on-demand network access to a shared pool of computing resources that can be rapidly provisioned and released with minimal management effort or service provider interaction.

When moving to the cloud, it’s important to remember that cloud security is distinct from traditional on-premises security, and a new set of best practices must be implemented.


Why Use the Cloud?

Cloud computing offers tremendous benefits in agility, resiliency, and economy. Organizations can move faster (since they don’t have to purchase and provision hardware, and everything is software defined), reduce downtime (thanks to inherent elasticity and other cloud characteristics), and save money (due to reduced capital expenses and better demand and capacity matching).


Security Best Practices for Cloud Computing

The 12 domains within the CSA Security Guidance for Critical Areas of Focus in Cloud Computing promote best practices developed by CSA for providing security assurance within cloud computing utilizing a practical, actionable roadmap. The CSA Security Guidance is built on dedicated research and public participation, incorporating advances in cloud, security, and supporting technologies. Here are the 12 domains of cloud security best practices that you should be considering:


1. Cloud Computing Concepts & Architectures

Define cloud computing and understand the baseline terminology, controls, deployment, and architectural models.


2. Cloud Governance

Understand the role of security and how enterprise governance helps align the strategic, tactical, and operational capabilities of information and technology with the business objectives.


3. Risk, Audit, & Compliance

Understand cloud security, risk, audit, and compliance; evaluate cloud service providers; and establish cloud risk registries.


4. Organization Management

Manage your entire cloud footprint, including securing and validating service provider deployments.


5. Identity & Access Management

Understand how Identity and Access Management works between an organization and cloud providers or between cloud providers and services.


6. Security Monitoring

Understand the unique security monitoring challenges and solutions for cloud environments, including the distinct aspects of cloud telemetry, management plane logs, service and resource logs, and the integration of advanced monitoring tools.


7. Infrastructure & Networking

Manage the overall infrastructure footprint and network security and understand the CSP's infrastructure security responsibilities.


8. Cloud Workload Security

Understand the related set of software and data units that are deployable on some type of infrastructure or platform.


9. Data Security

Address the complexities of data security in the cloud with essential strategies, tools, and practices that protect data in transit and at rest.


10. Application Security

Understand the unique challenges and opportunities presented by application security in the cloud environment from the initial design phase to ongoing maintenance.


11. Incident Response & Resilience

Explain best practices for cloud incident response and resilience.


12. Related Technologies & Strategies

Understand the foundational concepts of Zero Trust and Artificial Intelligence security.

Dive deeper into each of these critical areas of cloud security here.



Updated on 7/15/24 to align with Security Guidance v5.

Share this content on your favorite social network today!