3. Data protection is a crucial
security issue for most organizations. Before
moving into the cloud, cloud users need to
clearly identify data objects to be protected
and classify data based on their implication
on security, and then define the security
policy for data protection as well as the policy
enforcement mechanisms.
4. The basic security services for
information security include assurance of
data Confidentiality, Integrity, and Availability
(CIA). In Cloud Computing, the issue of data
security becomes more complicated because
of the intrinsic cloud characteristics. Before
potential cloud users are able to safely move
their applications/data to the cloud, a suit of
security services would be in place
5. This service protects data from
malicious modification. When having
outsource their data to remote cloud servers,
cloud users must have a way to check
whether or not their data at rest or in transit
are intact.
6. Cloud application security (a.k.a.
cloud app security) is a system of policies,
processes, and controls that enable
enterprises to protect applications and data
in collaborative cloud environments. Cloud
solutions are ubiquitous in modern
enterprises.
7. Authentication, authorization,
encryption, logging, and application security
testing are all examples of application
security features. Developers can also use
code to reduce security flaws in applications.
8. Its final goal is to improve security
practices and, through that, to find, fix and
preferably prevent security issues within
applications. It encompasses the whole
application life cycle from requirements
analysis, design, implementation, verification
as well as maintenance.
9. What Does an Application Security
Architect Do? An application security architect
is required to design and manage IT systems
and programs and analyze and troubleshoot
issues related to security and access.
10. Virtualized security, or security
virtualization, refers to security solutions that
are software-based and designed to work
within a virtualized IT environment. This
differs from traditional, hardware-based
network security, which is static and runs on
devices such as traditional firewalls, routers,
and switches.
11. Users can choose from two different
types of virtual machines—process VMs and
system VMs: A process virtual machine allows
a single process to run as an application on a
host machine, providing a platform-
independent programming environment by
masking the information of the underlying
hardware or operating system.