Cloud Security Controls

Andre Camillo, CISSP
10 min readNov 19, 2021
Photo by Ross Sneddon on Unsplash

Let’s face it, security for Cloud services is a complex matter. A fitting puzzle to be solved in a slow and patient manner.

The many Different Cloud Models (IaaS/PaaS/SaaS) and the many more security solutions for “Cloud” is a topic that is often confusing.

Speaking to customers and colleagues, explaining what layers we’re protecting with solution X or Y can lead to misinterpretations of expectations and capabilities.

I wrote this up to address how these different (yet intrinsically connected) subjects, connect:

  • What Cloud services we’re protecting
  • What Data needs to be protected
  • What Controls can be set in this service

I like to organize thoughts and knowledge by connecting things — as Soren Kierkegaard — a philosopher — said:

Life can only be understood backwards; but it must be lived forwards.

I would in turn state that:

Technology can only be understood by looking deep into it, but it must be coveyed simply.

Sometimes the best way to try and figure it all out is to break the topic down in small pieces, and this is what I’m doing in this article, touching on Cloud Security.

--

--

Andre Camillo, CISSP
Andre Camillo, CISSP

Written by Andre Camillo, CISSP

Cloud, AI and Cyber Security tech, Career, Growth Mindset. Find my Discord &more: https://linktr.ee/acamillo . Architect @Crowdstrike. Opinions are mine!

No responses yet