HPE has identified the five key capabilities necessary for securing a hybrid cloud environment: Data-centric security: Protecting data is the core of security and compliance controls. Data needs to be secured at rest, in motion and while in use. It should maintain an index with a searchable data format after it is protected and the encryption should be multi-layered. Dynamic infrastructure hardening: Just like on-premises machines, the cloud infrastructure needs to be updated and hardened […]
control objectives
2 posts
In May 2011, the American Institute of Certified Public Accountants issued a new set of guidelines known as Service Organisation Controls-2 (SOC-2) report, which outlines criteria for the security, availability, processing integrity, privacy and confidentiality of a service organisation’s systems and processes. Organisations that outsource functions, not relevant to financial statements, can request an SOC-2 report to assure themselves that they have requisite controls in place. The report is similar to the older SAS 70 […]