|Creating a team - checklist||
Creating a team- team checklist
See the image:
|The data life cycle||
|ONF and ANF||
An organizational normative framework (ONF) is a framework of so-called containers of application security best practices catalogued and leveraged by the organization and contains at least one or more sub-components known as application normative frameworks (ANFs).
|NIST SP 800-14||
NIST 800-14 provides a baseline that organizations can use to establish and review their IT security programs.
In object storage, files or objects are stored with additional metadata (content type, redundancy required, creation date, and so on). They are not limited to space on a particular volume, and they are accessible via APIs and web interfaces
Cloud data storage process that uses parity bits and encrypted chunks of data.
|CSA STAR program||
The Cloud Security Alliance (CSA) STAR is the industry’s most powerful program for security assurance in the cloud. STAR encompasses key principles of transparency, rigorous auditing, and harmonization of standards. The STAR program provides multiple benefits, including indications of best practices and validation of security posture of cloud offerings.
Level 1: Self-assessment
All or Nothing Transform with Reed-Solomon (AONT-RS) integrates AONT and erasure coding by first encrypting and transforming the information and encryption key into blocks in a way that makes information unrecoverable without using all the blocks.
It then uses an informational dispersal algorithm (IDA) to split the blocks into shares distributed to different cloud storage services (the same as in SSMS).
|Cloud Security Alliance Cloud Controls Matrix||
A security controls framework that provides mapping/cross relationships with the main industry-accepted security standards, regulations, and controls frameworks such as the ISO 27001/27002, ISACA’s COBIT, and PCI-DSS
The CSA CCM (Cloud Controls Matrix) provides fundamental security principles that guide cloud vendors and assist prospective cloud customers in assessing the overall security risk of a cloud provider.
Cloud application management platforms (CAMPs) are a set of specifications designed to ease management of applications, including packaging and deployment across public and private cloud platforms.