Guide to Cloud Security Concepts

The constant growth of technologies, strategies and new vendors poses an additional challenge for cloud security. This guide helps you understand the core concepts of cloud security, from people and processes to the technologies at each of the layers needed to ensure your cloud security strategy keeps up with the pace of change.

Key findings

  • Cloud security architecture and cloud security architect roles are key to the success of cloud computing initiatives because the cloud requires a different set of security design principles, processes and technologies.
  • Cloud risk assessment must be automated to keep pace with business needs.
  • Tier 1 cloud providers are usually the more secure starting points for workloads of all types.
  • Many companies have adopted a multicloud strategy, which necessitates the use of third-party security tools for consistent policy and governance across a multicloud landscape.
  • End users are increasingly consuming hundreds of software as a service applications and multiple infrastructure as a service offerings, and are building new services using platform as a service technologies. Cloud security initiatives must therefore take account of the various cloud “form factors” used by many organizations.