be protected against tampering and eavesdropping Asset protection and resilience - Data, and the assets that store/protect it, should be protected appropriately Separation between consumers - To prevent one compromised consumer from affecting the service of another Governance framework - To direct their overall approach to the management of the service and information Operational security - Processes and procedures need to be in place to ensure the operational security of the service Personnel security - Security service provider staff should be subject to personnel security screening Secure development - Services should be designed and developed to identify and mitigate threats to their security Supply chain security - The supply chain should support all of the security principles that the service Secure consumer management - Consumers should be provided with the tools required securely manage their service Identity and authentication - Access should be constrained to the authorised and authenticated users External interface protection - All external or less trusted interfaces of the service should have appropriate protections Secure service administration - All methods used by the service administrators should mitigate risk of exploitation Audit information provision to consumers -To help consumers monitor access to their service and their data Secure use of the service by the consumer - Consumers need to be trained and comply with guidance for use of cloud https://bit.ly/cloud-security-principles
jystewart
sansantech
ken5scal
tacck
gumamon
shonansurvivors
recruitengineers
rrreeeyyy
lycorp_recruit_jp
kazushi_ohata
kazuhitotakahashi
kakehashi
kenjikondobai
lauravandoore
jrom
cassininazir
geeforr
mraible
mongodb
swwweet
aki_iinuma
danielanewman
tammyeverts
phodgson
jmmastey
