Chapter 10: Engaging with Cloud Providers

In previous chapters, we have covered cloud infrastructure fundamentals, common threats in cloud environments, and how to handle compliance and regulation. This chapter will cover fundamental steps prior to working with cloud services, such as engaging with cloud providers.

In the traditional data center, we control everything – from physical to logical security controls. To get assurance when working with cloud providers, there are several options, such as the following:

Conduct a risk assessment prior to engaging with a cloud provider – one good option is to review SOC2 Type 2 reports (what controls the cloud provider has set and how effective they are).
Have a good contract that clearly sets the ...

Get Cloud Security Handbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Cloud Security Handbook by Eyal Estrin

Chapter 10: Engaging with Cloud Providers

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly