Managing New Information Security Boundaries as a Cloud Service Provider

Practical ISMS Principles for ISO 27001


Cloud service providers now handle massive amounts of data – not only for themselves, but also on behalf of numerous other enterprises and organizations. Information security takes on an extra dimension as logically separate customers share the same physical resources.

This poses a dual challenge for each cloud service provider (CSP). The CSP must define a security boundary that shows which security actions and functions are undertaken by the provider, and which ones are the duty of the customer. It must also manage the additional security aspects of cloud computing multitenancy, a security risk for one customer can affect another customer in the same cloud.

This white paper gives an overview of these cloud computing security issues, emphasizing those that concern cloud service providers. It outlines in practical steps an approach to achieve certifiable security as a CSP.


Download the E-Guide