Cloud Security Control

What Does Cloud Security Control Mean?

A cloud security control is a set of directives that protects the confidentiality, integrity and availability (CIA) of digital information in a public, private or hybrid cloud architecture.

Advertisements

The purpose of a cloud security control is to minimize vulnerabilities and reduce the operational and reputational risks associated with using public cloud services. It is a broad term that consists of the all measures, practices and guidelines that must be implemented to ensure the safety of data in transit, data in use and data at rest.

Techopedia Explains Cloud Security Control

The Cloud Security Alliance (CSA) has created a matrix designed to help prospective cloud customers evaluate how much effort, time and money a particular provider puts on security. The Cloud Control Matrix addresses deterrent controls, preventive controls, detective controls and corrective controls.

Preventative controls are used to strengthen and protect the provider's infrastructure from known vulnerabilities in the cloud. To protect data in use, for example, the Confidential Computing Consortium recommends a hardware-based approach to cybersecurity that allows data to stay encrypted while it is being processed in memory. This approach, which is called confidential computing, provides an additional layer of security for organizations that process sensitive or regulated data in the cloud.

Detective controls are used to identify an attack as it occurs and limit its impact. This type of control includes log management, log analysis and automated alerts. Honeypots and intrusion detection systems (IDSes) both support detective controls.

Corrective controls are used to reverse the impact of an incident after it has occurred and minimize operational and reputational risk. This type of control supports measures taken to restore resources and repair damage.

Security controls can also be classified as either being operational, management or physical. Physical controls include the use of security tokens, while management controls can prevent users from being able to connect to the network with thumb drives.

Operational controls combine physical controls with management controls to create policy that details and enforces what type of cyber activity is permitted and/or prohibited.

Advertisements

Related Terms

Latest Cloud Computing Terms

Related Reading

Margaret Rouse

Margaret Rouse is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical, business audience. Over the past twenty years her explanations have appeared on TechTarget websites and she's been cited as an authority in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine and Discovery Magazine.Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages. If you have a suggestion for a new definition or how to improve a technical explanation, please email Margaret or contact her…