- This line was added.
- This line was removed.
- Formatting was changed.
This site presents thousands of resources from around the world on Cloud Security - the practice of protecting data, applications, infrastructure and human interactions facilitated by cloud computing.
Cloud Security Overview
Cloud computing enables users to store and process data in a distributed architecture. Broadly defined, there are several cloud computing models: IaaS (Infrastructure as a Service, e.g. Amazon EC2), PaaS (Platform as a Service, e.g. Heroku), SaaS (Software as a Service, e.g. SalesForce), private cloud (e.g. OpenStack), and also virtualization technology which is the underlying infrastructure of most cloud computing systems (e.g. VMware).
Each of these models has unique security issues. In the public cloud models (IaaS, PaaS and SaaS) there are security issues faced by the cloud provider, vs. other security concerns that are the responsibility of the organization using the cloud service. In private cloud models, security concerns are all in-house, but there is increased complexity due to the virtualized and distributed infrastructure. Virtualization introduces an additional computing layer which must be properly configured, managed and secured. Security concerns are a key driver of IT decisions to move to the public cloud, adopt a public cloud or stay with traditional infrastructure.
Security concerns can also be segmented by cloud provider. There is a growing literature on security concerns and best practices for major public cloud providers (IaaS and PaaS) - Amazon Web Services, Azure, Google Cloud Platform, RackSpace, Heroku, HP Cloud, EngineYard and more - and private cloud platforms like OpenStack.
Cloud Security Technology and Tools
Traditional security technology and tools are used to secure cloud infrastructure and services, but they are not enough due to the increased environment complexity and new types of risks. The following are technologies specially developed to secure the cloud: cloud firewalls, Cloud Access Security Brokers (CASB), cloud data encryption tools, cloud access control, cloud application security, cloud backup and recovery tools, and modern configuration management tools.
A large number of software vendors and solution providers provide one or more of the above technologies to help secure the cloud, the following are a few examples:
- Cloud application, server and network security tools: Dome9, Netskope, ZScaler
- Cloud Antivirus and Threat Prevention: McAfee Cloud Secure, Symantec Web Security.cloud, BitDefender
- Cloud Identity and Access Management Tools: Okta, Centrify, SkyHigh
- Cloud Data and CDN Security Tools: Proofpoint, CipherCloud, Vormetric
- Cloud Monitoring Tools: AppDynamics, NewRelic, Boundary
About this Wiki
- Cloud Security Practices and Education: best practices, SecOps, compliance, data security, disaster recovery, cloud security training.
- Common threats to cloud applications and services: data breaches, data loss, account hijacking, API vulnerabilities, DDoS, and more.
- AWS Security: Security for AWS platforms and products, AWS monitoring, secure access and SSH, AWS compliance, and more.
- Windows Azure Security: Azure security-related products, security for Azure platforms, Azure security best practices, compliance and more.
- Cloud Security Technologies: Cloud firewall, CASB, cloud access control and more.
- List of Cloud Security Tools and Services: Vendors providing cloud application, server and network security; antivirus and threat prevention, cloud identity and access management, cloud data and CDN, and cloud monitoring.
On this Page
Further on this page you will find a selection of resources covering important aspects of cloud security in general. To drill down into specific topics within cloud security, jump to Further Reading at the bottom.
General Security Concerns
Cloud Security Principles
Risks and Threats
Security Techniques and Solutions
Legal and Government