Search Results

Cloud computing is the provision of on-demand computing services such as software, operating system, processing power, storage and other hardware resource over the internet or Network. Cloud computing is a model of enabling global, appropriate, on-demand netw...

There are four main cloud deployment models that differ pointedly and for which most of the companies select: a public, private, hybrid and a community. Public cloud A public cloud is a type of computing in which a service provider makes resources available ...

There are many different types of cloud services, each involving different types of technology and assets. We give an overview below, we use this model later to indicate the different contribution of clients and cloud service provider.  Infrastructure as a ...

Facilities are the basic IT resources which underlies all types of cloud services (IaaS, PaaS, and SaaS),network, housing, cooling, and power.

Organization are the human resources, the processes and the policies and procedures that maintain the facilities and support the delivery of services. Management of the Provider’s human resources is largely out of the control of the Customer. The Customer’s d...

The Datacenter should be above Tier 3 to implement the cloud infrastructure and it is mandatory to follow the standards and procedures. The main differences between cloud service categories relate to how control is shared between Customer and Provider, which ...

Asset management and monitoring are processes and it needs to be regulated as per ISO 27001 and cloud security alliance standards.In the case of cloud computing, many resources and assets are managed and monitored by the provider, but the customers might need ...

Below security measures needs to be considered in the cloud environment. Physical Security Network and Infrastructure Security (Systems, Hosts and Network) Application and DB Security Security and Compliance Information Security Software Security Secu...

Cloud service provider must enforce the physical security as per the ISO27001 controls and it must be implemented and followed in a professional manner and the detailed control mapping is mentioned in the Annex A. In a cloud environment, Individual entity env...

Cloud service provider must enforce the network security as per the ISO27001 controls and it must be implemented and followed in a professional manner and the detailed control mapping is mentioned in the Annex A. Cloud service provider must ensure the network...

Environments where organizations’ data is stored in the same instance of the database managementsystems data store.

Proactive testing, identification and mitigation of vulnerabilities are an important part of achieving and maintaining compliance ISO 27001 and cloud security alliance standards that utilize cloud services and systems. Cloud service provider must ensure that ...

IT governance by the cloud service provider is a significant concern for a cloud service customer, then customers are advised to establish whether a provider complies with one or more of these governance and management standards. Cloud service customers must ...

 Incident response Customers need to be notified when an issue, incident, or breach has occurred and the impact to environment or to their data. Issues, incidents and data breaches should be communicated by the Provider to all affected Customers in a timely m...

Cloud service provider must develop an organizational requirement for business continuity plans (BCP), fault tolerance, high availability and disaster recovery (DR) controls apply to the Customer’s outsourced environments as they do for Customer managed facili...

This below table represents the responsibilities of the Cloud Service Provider (CSP) and End User (EU) in the Cloud Security as per the ISO27001:2013 Standard, and Cloud Security Standard.*CSP – Cloud Service Provider*EU – End User ISO 27001:2013 ...

Purpose The purpose of the Software Architecture Guidelines document is to provide a comprehensive and standardized framework for designing, implementing, and maintaining software architectures across all government institutions under the oversight of the Rwa...

Software architecture decisions for government agencies should be driven by a set of fundamental principles that ensure the development of robust, reliable, and sustainable software solutions. These principles form the foundation for creating architectures tha...

Key concepts and components of software architecture Software architecture serves as the blueprint for structuring and organizing software systems. It encompasses several key concepts and components that define how the system functions as a whole: Components...

Unique considerations specific to government agencies When designing software architectures for government agencies, certain considerations are paramount due to the sensitive nature of governmental operations and the need for compliance: Regulatory Complia...