Cloud Computing IT Security Control Objectives

Download Free Cloud Computing IT Security Control Objectives

Asset management, access control

Data protection/segregation/encryption
To provide logical segregation of CSP customers’ data
To enable customer classification of sensitive data
To enable protection of data commensurate with risk and defined information classifications

Information systems acquisition, development, and maintenance

Encryption standards
To enable encryption of sensitive data using consistent mechanisms
To enable access to current and archived data regardless of which keys were used for encryption

Communications and operations management

Logging
To securely provide audit logs of relevant actions (e.g., user activity, configuration changes) for internal or external review
To periodically review higher-risk audit events with appropriate action taken where required

Access control
Authentication to the cloud
To provide authentication mechanisms commensurate with the associated risk
To strictly limit CSP administrative access to customer data, including IT and customer
support personnel

Compliance
Monitoring/compliance function
To provide ongoing monitoring of compliance with policies, procedures, and standards
To provide proactive risk identification and mitigation

Additional Key Management Control Objectives
Where encryption is used, effective key management controls are critically important to help ensure the confidentiality and availability of sensitive data. Here are the relevant key management control objectives..

Key management

Key generation practices
Cryptographic keys are generated in accordance with industry standards, including:
Random or pseudorandom number generation
Prime number generation
Key generation algorithms
Hardware and software components
References to the key generation procedural documentation

Key storage, backup, and recovery practices
Asymmetric private keys and symmetric keys remain secret and their integrity and authenticity are retained, including:
Key separation mechanisms
Hardware and software components
References to key storage, backup, and recovery procedures
Business continuity management documentation

Key distribution practices
Secrecy of asymmetric private keys, symmetric keys, and keying material, and the integrity and authenticity of all keys and keying material, are maintained during key distribution, including:
Initial key distribution processes
Subsequent key replacement processes
Key synchronization mechanisms
References to the key distribution procedural documentation

Compliance
Monitoring/compliance function
To provide ongoing monitoring of compliance with policies, procedures, and standards
To provide proactive risk identification and mitigation

Additional Key Management Control Objectives
Where encryption is used, effective key management controls are critically important to help ensure the confidentiality and availability of sensitive data. Here are the relevant key management control objectives..

Key use practices
Cryptographic keys are used only for their intended purpose, including:
Business applications
Key separation mechanisms
Related crypto-periods
References to the business and system description documentation

Key destruction and archival practices
All active instances of cryptographic keys are properly erased (destroyed) at the end of their designated crypto-periods and archived keys are handled appropriately, including:
Controls to maintain confidentiality, integrity, and authenticity
Mechanisms to prevent an archived key from being reinstalled
Inclusion of references to the business and system documentation

Cryptographic hardware life cycle practices
Access to cryptographic hardware is limited to properly authorized individuals, and the hardware is functioning properly. The description should include:
Controls for the device life cycle (e.g., shipping, inventory controls, installation, initialization, repair, and de-installation)
References to device documentation (e.g., product specifications, users’ manual) and certification (e.g., FIPS 140)

Certificate life cycle management
Subscribers are properly identified and authenticated, and certificate request information is accurate and complete.
Certificates are generated and issued securely and accurately.
Upon issuance, complete and accurate certificates are available to subscribers and relying parties.
Certificates are revoked based on authorized and validated certificate revocation requests.
Certificates and certificate chains are properly verified.
Initialization, distribution, usage, and termination of portable tokens (e.g., smart cards) are properly managed