When utilizing cloud computing, it is necessary to maintain and prove compliance. Issues relating to examining how cloud computing impacts compliance with internal security policies, as well as other compliance needs (regulatory, legislative, and otherwise), are covered in this section. This domain contains guidelines for demonstrating compliance during an audit.
On-demand self-service. Customers have the option to unilaterally (i.e., independently, without requesting permission) provide computer capabilities such server time and network storage. These can be done automatically and without the need for human interaction with a service provider (or, in the case of business networks, an IT department).
The cloud provider is in charge of securing the underlying infrastructure and virtualization technologies from external attack or internal misuse. This entails employing patched and up-to-date hypervisors that are appropriately setup and supported with processes to keep them safe over time.
Infrastructure security is the foundation for functioning securely in the cloud. "Infrastructure" refers to the glue of computers and networks upon which we build everything.
Big data is defined as high-volume, high-velocity, and/or high-variety information assets that necessitate cost-effective, novel types of information processing to allow improved insight, decision making, and process automation.
DevOps is a recent application development approach and philosophy that focuses on application development and deployment automation. DevOps brings up several options for security to improve code hardening, change management, and production application security, as well as to improve overall security operations.
Platform as a Service (PaaS) abstracts and offers development or application platforms, including databases, application platforms (e.g., a location to run Python, PHP, or other code), file storage and collaboration, or even proprietary application processing (such as machine learning, big data processing, or direct API access to features of a full SaaS application). The primary distinction is that you do not handle the underlying servers, networks, or other infrastructure with PaaS.
