This article was first published on Medium. You can take a look at it here.
Introduction
Cloud computing has been a popular buzzword in recent y...
For further actions, you may consider blocking this person and/or reporting abuse
Excellent introduction Aditi, thanks!
If people want to dig a little deeper, particularly where standards compliance is concerned, then all major cloud vendors provide a 'shared responsibility' matrix, detailing which bits of the stack they will actually be auditable for, and what's left for you, eg: for PCI-DSS on Azure: microsoft.com/en-us/trustcenter/co...
I would also recommend a visit to the Cloud Security Alliance, and their excellent cloud controls matrix document:
cloudsecurityalliance.org/artifact...
Interestingly our PCI-DSS assessor is not at all keen on putting services into a truly public cloud (distributed shared infrastructure), as it's very difficult to draw a boundary and declare physically what's within the card holder data environment (CDE) and what's not: discussion continues...
Very nice post, relevant to all security engineers/devsecops people. Thanks Aditi!
Thanks much for the helpful insight. Ramping up on cloud computing right now! Read similar news about cloud computing and more here : heliossolutions.co/cloud-computing/