What is Cloud Security: 15 Essential Cloud Security Terms
Blog Article Published: 12/01/2023
Cloud computing is a model for enabling on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal effort. A cloud can consist of nearly any computing resources, ranging from processors and memory to networks, storage, and higher level resources like databases and applications.
Cloud security refers to the cybersecurity policies, procedures, and technologies designed to secure cloud environments. Read on to review 15 essential terms you should know related to cloud security.
“On-premises” is the opposite of “in the cloud.” This is a method of installing and running software on the user’s own computers and resources, rather than from a remote server or cloud.
2. Cloud Migration
Cloud migration is the movement of applications and infrastructure from a physical data center to a cloud environment.
3. Digital Transformation
Digital transformation is the process of adopting new digital technologies and business models, such as cloud computing, with the goal of improving revenue, efficiency, or other business objectives.
A control is a safeguard or countermeasure that helps manage risk, including policies, procedures, guidelines, practices, or organizational structures. Controls can be of an administrative, technical, management, or legal nature.
5. Control Framework
A control framework is a set of practices, procedures, and technical security measures designed to help organizations fulfill their responsibilities. The primary purpose is to prevent financial and informational losses within an organization, while ensuring regulatory compliance.
6. Cloud Governance
Cloud Governance encompasses the policies, processes, and internal controls that define an organization’s relationship to cloud computing. This includes structures, leadership, and other mechanisms for management.
7. Self Assessment
A self assessment is a process that involves the owner/user performing an analysis of risk or compliance themselves, rather than by a third party.
8. Public Cloud
A public cloud is a cloud infrastructure that is provisioned for open use by the general public. It may be owned, managed, and operated by a business, academic, or government organization. The physical hardware exists on the premises of the cloud provider.
9. Private Cloud
A private cloud is a cloud infrastructure that is provisioned for exclusive use by a single customer or organization. It may be owned, managed, and operated by the same organization, a third party, or some combination of them, and it may exist on or off-premises.
10. Hybrid Cloud
A hybrid cloud is a computing environment made up of some combination of public cloud, private cloud, and on-premises infrastructure.
11. Infrastructure-as-a-Service (IaaS)
IaaS is a type of cloud service that offers access to a resource pool of fundamental computing infrastructure, such as compute, network, or storage.
12. Platform-as-a-Service (PaaS)
Paas is a type of cloud service that abstracts and provides development or application platforms, such as databases, file storage, or even proprietary application processing. With PaaS, you don’t manage the underlying servers, networks, or other infrastructure.
13. Software-as-a-Service (SaaS)
SaaS is a type of cloud service where a full application is managed and hosted by the provider. Consumers access it with a web browser, mobile app, or a lightweight client app.
14. Shared Responsibility Model
The shared responsibility model is the concept that the cloud customer and the cloud service provider have varying responsibilities depending on the cloud service level in effect. Defining the line between customer and provider responsibilities is imperative for reducing risk.
15. Maturity Model
A maturity model is a model representing the stages of development of an organization, starting from an immature state and evolving through several maturity levels, in order to benchmark current capabilities and identify goals for improvement.
CSA’s Cloud 101 page provides more resources and information to help you get started on your cloud security journey.
Trending This Week
#1 What are the Most Common Cloud Computing Service Delivery Models?
#2 How ChatGPT Can be Used in Cybersecurity
#3 Understanding Identity and Access Management IAM and Authorization Management
#4 Is PQC Broken Already? Implications of the Successful Break of a NIST Finalist
#5 101 Guide on Cloud Security Architecture for Enterprises
Sign up to receive CSA's latest blogs
This list receives 1-2 emails a month.