Scribd Logo
Upload

Welcome to Scribd!

  • Cloud Security

    Uploaded by

    Velan G
    27 views5 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    27 views5 pages

    Cloud Security

    Uploaded by

    Velan G

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 5

    Cloud Security Standard

    Cloud Security Standard :

     For identifying and responding to network threats, refers to security


    standards and organizational norms.

     Furthermore, a cloud security framework lays out the policies, tools,


    configurations, and procedures that must be followed to keep a cloud
    platform secure. 

    1. ISO-27001:
    Any Organization that has sensitive information can benefit from
    ISO 27001 implementation. ISO-27001 contains a specification for an
    Information Security Management System(ISMS).
    2. ISO-27017:

     ISO-27017 is a security standard established for cloud service providers and


    consumers with the goal of reducing the risk of a security incident in the cloud.

     In addition, it is also a standard for cloud-based organizations that helps with


    control recommendations and implementation. 

    3. ISO-27018:

     This standard relates to the protection of personally identifiable information


    (PII) in public clouds acting as PII processors.
     You should consider compliance against this standard if you are a SaaS
    provider processing PII.
    4. General Data Protection Regulation (GDPR)
     Data protection and privacy regulation for the European Union. 
     You need to consider this if you store or process any personal data of European
    Union citizens.
     It is essential to consider that any market or company collaborating with the EU is
    subject to its rule.

    5. Payment Card Industry Data Security Standard (PCI DSS)


     Payment Card Industry Data Security Standard is a security of information that only
    applies to the organization that handles significant card schemes.
     Specific to Organisations handling cardholder information.
     This standard provides baseline technical and operations requirements for protecting
    cardholder data.
    6. System and Organisation Controls (SOC) Reporting :
     SOC (System and Organization Controls) reporting gives inclusive assurance
    (SOC 1, SOC 2, SOC 2+ and SOC 3) to users about transparency and trust issues
    on risk management.
     SOC reports provide suggestions to improvise on some specific areas and
    identify gaps that are lagging with potential.

    7. Health Insurance Portability and Accountability Act (HIPAA) :


     Health Insurance Portability and Accountability Act (HIPAA)  is the United
    States constitution that facilitates security services to safeguard medical
    information and maintain data privacy. 

    You might also like