Director, IT Security Risk and Compliance, Fortinet Inc., California, USA.
World Journal of Advanced Research and Reviews, 2025, 26(02), 2165-2171
Article DOI: 10.30574/wjarr.2025.26.2.1904
Received on 14 April 2025; revised on 11 May 2025; accepted on 13 May 2025
Cloud computing has revolutionized how businesses deploy and scale IT infrastructure. However, this shift introduces significant security challenges that require well-architected security techniques across the cloud ecosystem. This paper presents comprehensive techniques to ensure confidentiality, integrity, and availability of data and systems in cloud environments. Covered topics include data encryption, secure storage, key management, logging and monitoring, virtual private cloud (VPC) security, container security, DAST and SAST scanning, baseline imaging, configuration management, and change control practices. These are mapped to CSA's Cloud Controls Matrix (CCM) and CAIQ v4.0 domains to demonstrate holistic cloud risk management. Real-world examples, missteps, and best practices are discussed
Cloud Security; Data Encryption; CSA; CAIQ; Cloud Controls Matrix; Zero Trust; Compliance
Preview Article PDF
Vivek Madan. Cloud security in practice: A technical guide to confidentiality, integrity, and availability at scale. World Journal of Advanced Research and Reviews, 2025, 26(02), 2165-2171. Article DOI: https://doi.org/10.30574/wjarr.2025.26.2.1904.
Copyright © 2025 Author(s) retain the copyright of this article. This article is published under the terms of the Creative Commons Attribution Liscense 4.0