Your browser has JavaScript turned off.
You must turn it on to proceed.










NORS -- CSRIC Best Practices Result

CSRIC Best Practices Result

Detailed Information for the Best Practice: 9-8-8649

Number 9-8-8649
Priority Important
Description General: Service Providers should classify their cloud service against one of the defined industry cloud service architecture models (e.g., software as a service [SaaS], platform as a service [PaaS] or infrastructure as a service [IaaS]) and the deployment model being utilized (e.g., private cloud, community cloud, public cloud or hybrid cloud) to determine the general “security” posture of the specific cloud service, how it relates to asset’s assurance and security protection requirements, and define the needed security architecture to mitigate security risks.
Network Type(s) Cable; Wireless
Industry Role(s) Service Provider; Network Operator
Keyword(s) Cyber Security;Intrusion Detection;Network Operations;
Reference/Comments NIST 800-53 revision 3: Recommended Security Controls for Federal Information Systems and Organizations security control catalogue. Cloud Security Alliance: Security Guidance for Critical Areas of Focus in Cloud Computing V2.1