SecaaS Implementation Guidance - Cloud Security Alliance

10. 2.1 High-Level Benefits of Cloud-Based BC/DR vs. Traditional Approaches . ..... no best practices to follow when developing or assessing security services in an ..... CSP will host infrastructure at the consumer's site to manage monitoring, ..... keys for a web application session that expire after a specified period only need ...

Download PDF

PNG for Designers

Comment

1MB Sizes 2 Downloads 254 Views

Report

Viewer

Transcript

SecaaS Implementation Guidance

Category 9 // Business Continuity / Disaster Recovery September 2012

CLOUD SECURITY ALLIANCE SecaaS Implementation Guidance, Category 9: Business Continuity/Disaster Recovery

© 2012 Cloud Security Alliance All rights reserved. You may download, store, display on your computer, view, print, and link to the Cloud Security Alliance Security as a Service Implementation Guidance at http://www.cloudsecurityalliance.org, subject to the following: (a) the Guidance may be used solely for your personal, informational, non-commercial use; (b) the Guidance may not be modified or altered in any way; (c) the Guidance may not be redistributed; and (d) the trademark, copyright or other notices may not be removed. You may quote portions of the Guidance as permitted by the Fair Use provisions of the United States Copyright Act, provided that you attribute the portions to the Cloud Security Alliance Security as a Service Implementation Guidance Version 1.0 (2012).

© Copyright 2012, Cloud Security Alliance. All rights reserved.

2

CLOUD SECURITY ALLIANCE SecaaS Implementation Guidance, Category 9: Business Continuity/Disaster Recovery

Contents Foreword ....................................................................................................................................................................5 Letter from the Co-Chairs...........................................................................................................................................6 Acknowledgments ......................................................................................................................................................7 1.0 Introduction..........................................................................................................................................................8 1.1 Intended Audience ...........................................................................................................................................8 1.2 Scope ................................................................................................................................................................9 2.0 Requirements Addressed .................................................................................................................................. 10 2.1 High-Level Benefits of Cloud-Based BC/DR vs. Traditional Approaches ....................................................... 10 3.0 Implementation Considerations and Concerns................................................................................................. 12 3.1 Considerations............................................................................................................................................... 12 3.1.1 BC/DR Service Level Agreements (SLAs)................................................................................................. 12 3.1.2 Services Already Hosted in the Cloud..................................................................................................... 12 3.1.3 In-house “Traditional” Non-Cloud Services............................................................................................ 13 3.2 Concerns........................................................................................................................................................ 13 4.0 Implementation................................................................................................................................................. 15 4.1 Architecture Overview................................................................................................................................... 15 4.1.1 Services Already Hosted in the Cloud..................................................................................................... 15 4.1.2 In-House/Traditional Non-Cloud Services ...........................................................................................

Encryption - Cloud Security Alliance

45 Views

Share

Encryption - Cloud Security Alliance

36 Views

Share

Download (pdf) - Cloud Security Alliance

42 Views

Share

Info Sheet - Cloud Security Alliance

42 Views

Share

"Get Off of My Cloud": Cloud Credential ... - Cloud Security Alliance

38 Views

Share

Cloud Security Guidance IBM Recommendations - IBM Redbooks

72 Views

Share

quick guide to the - Cloud Security Alliance

36 Views

Share

The Notorious Nine - Cloud Security Alliance

23 Views

Share

SDP Specification 1.0 - Cloud Security Alliance

34 Views

Share

About the Cloud Security Alliance (CSA)

50 Views

Share

The Treacherous 12 - Cloud Security Alliance

25 Views

Share

About the Cloud Security Alliance (CSA)

33 Views

Share

quick guide to the - Cloud Security Alliance

42 Views

Share

CSA Survey Results - Cloud Security Alliance

26 Views

Share

The Notorious Nine - Cloud Security Alliance

32 Views

Share

SDP Specification 1.0 - Cloud Security Alliance

29 Views

Share

The Notorious Nine - Cloud Security Alliance

25 Views

Share

Software Defined Perimeter - Cloud Security Alliance

32 Views

Share

Cloud Computing Market Maturity 201 2 - Cloud Security Alliance

27 Views

Share

CSA Survey Results - Cloud Security Alliance

40 Views

Share

Cloud Usage: Risks and Opportunities Report - Cloud Security Alliance

41 Views

Share

Cloud Computing Market Maturity 201 2 - Cloud Security Alliance

26 Views

Share

Top Threats Cloud Computing V1.0 - Cloud Security Alliance

37 Views

Share

eCONSENT: IMPLEMENTATION GUIDANCE - TransCelerate

106 Views

Share

Recommend Documents

Encryption - Cloud Security Alliance

10. 2.1.1 Data Availability. ..... providing guidance for best practices in Cloud Computing Security. ..... for browser-to-web host and host-to-host communication.

Encryption - Cloud Security Alliance

Download (pdf) - Cloud Security Alliance

Info Sheet - Cloud Security Alliance

"Get Off of My Cloud": Cloud Credential ... - Cloud Security Alliance

Feb 3, 2012 - Email Address & Password ... Risks to Creators of Public or Shared AMIs. Failure to properly .... Cloud Computing Models and Vulnerabilities:.

Cloud Security Guidance IBM Recommendations - IBM Redbooks

quick guide to the - Cloud Security Alliance

The Notorious Nine - Cloud Security Alliance

Cloud Computing Top Threats in 2013 ... CLOUD SECURITY ALLIANCE The Notorious Nine: Cloud Computing Top Threats ..... Kendall Scoboria, Graphic Designer ... from the University of North Carolina, the University of Wisconsin and RSA.

SDP Specification 1.0 - Cloud Security Alliance

CLOUD SECURITY ALLIANCE SDP Specification 1.0, April 2014 ...... If this is an Internet of Things application, the list may be static or be based on the.

About the Cloud Security Alliance (CSA)

The Treacherous 12 - Cloud Security Alliance

Feb 1, 2016 - Methodology. In creating The Treacherous 12 - Cloud Computing Top Threats in 2016, the CSA Top Threats Working Group conducted research in two ..... parts of the development lifecycle. ..... products and related services rely on access

About the Cloud Security Alliance (CSA)

quick guide to the - Cloud Security Alliance

the IT services of the company, and thus, the security capabilities necessary to ... technology environments shifting to one where solutions span the internet across .... Protection Services secure Server, End-Point, Network and Application.

CSA Survey Results - Cloud Security Alliance

Jul 9, 2013 - very important task of measuring the effective of these intelligence programs to other ... the Snowden Incident make your company more or.

The Notorious Nine - Cloud Security Alliance

CLOUD SECURITY ALLIANCE The Notorious Nine: Cloud Computing Top Threats ...... personal data are considered forms of data breaches and would require .... worse, since cloud providers often bill clients based on the compute cycles and.

SDP Specification 1.0 - Cloud Security Alliance

The Notorious Nine - Cloud Security Alliance

CLOUD SECURITY ALLIANCE The Notorious Nine: Cloud Computing Top Threats in 2013. The permanent .... 10. 4.0 Top Threat: Insecure Interfaces and APIs . ..... application-level DoS attacks take advantage of vulnerabilities in web servers,.

Software Defined Perimeter - Cloud Security Alliance

Cloud Computing Market Maturity 201 2 - Cloud Security Alliance

CSA Survey Results - Cloud Security Alliance

Jul 9, 2013 - telecommunications and Internet providers via secret court orders as specified by the Patriot Act. The ... results to be indicative of anything more than what CSA members feel ... 56% less likely to use US-based cloud providers.

Cloud Usage: Risks and Opportunities Report - Cloud Security Alliance

Cloud Computing Market Maturity 201 2 - Cloud Security Alliance

Top Threats Cloud Computing V1.0 - Cloud Security Alliance

quickly become the industry standard catalogue of best practices to secure Cloud ... host customer information of very low sensitivity, while others represent mission critical business .... http://www.microsoft.com/technet/security/Bulletin/MS10-.

eCONSENT: IMPLEMENTATION GUIDANCE - TransCelerate