top of page

The Most Important Cloud Security Terms (A Running List)

Application Programming Interface (API)- software interface that allows for cloud applications to communicate with each other. Examples: Twitter bot, Google Maps, Facebook, etc.

Availability- the assurance that infrastructure will be available whenever a consumer needs it, as well as the measure of time for it to become available again in times of inoperability.

AWS- Amazon Web Services is the widest used and broadly catering cloud service platform in the world. Created in 2007, AWS has grown to serve numerous clients with their cloud computing services, databases, software tools, APIs, etc. all accessed over the cloud. AWS offers additional services in data storage, machine learning, data analytics, IoT, and more. Learn more about AWS.

Azure- Azure was introduced by Microsoft in 2010 as an alternative cloud platform to AWS. It provides a similar range of cloud-computing services, specializing in PaaS and IaaS offerings. Similar to AWS, Azure is dominant in computing, enhancing data-driven performance, data management and databases, and networking. Learn more about Microsoft Azure.

Cloud Computing- enabling access to a shared pool of computing resources on a pay-as-you-go basis. Involves services such as broad network access, rapid elasticity, on-demand self-service, resource pooling, SaaS, PaaS, Iaas, cloud models (public, private, hybrid, community), etc. It is the delivery of computing services over the cloud (software, servers, databases, analytics, AI, etc.)

Cloud Security- the policies, procedures, applications, and controls used to protect infrastructures, services, and data on the cloud. Many of the requirements of cloud security match those of basic IT security, but the main distinction is to prevent internal and external threats to the cloud.

Cloud Security as a service (SecaaS)- providing cloud security services from the cloud to customers’ cloud infrastructures or software. Cloud security providers usually cater solutions in intrusion management, encryption, web security, e-mail security, data loss prevention, identity and access management, network security, etc. to better one’s cloud environment.

Cloud service provider- a person, organization, or any entity that provides a service available for payment or subscription to users. Cloud service providers are the ones who control and manage the cloud infrastructure. Example: Amazon, Microsoft, and Google are the world’s dominant cloud providers.

Cloud service consumer- a person or organization who uses the services provided from cloud providers.

The Cloud- The Cloud is described in numerous ways; as a group of servers that are accessed over the Internet. The on-demand software services provided by companies such as Microsoft, Google, Amazon, etc. or the availability, elasticity, and broad network access of IoT devices. Overall, the cloud can be many things, but the simplest explanation is to call it

an abstract collection of remote servers in which individuals, businesses, and large organizations are able to store data, share information, and complete a variety of performance-enhancing over the Internet.

Community cloud- a cloud infrastructure environment with restricted access to the external public, but resources within the cloud are shared with other organizations with similar requirements. Organizations sharing a community cloud usually do so in order to exchange data with each other. Example: Many organizations belonging to the healthcare industry use a community cloud to ease the sharing of information.

Containers- containers in cloud computing are executable parts of software embedded in application code. They are able to run anywhere on a desktop or the cloud, and are predominantly used to build small, fast, and portable, blocks of software packages. Containers are useful for managing and deploying applications, acting as a reliable form of operating system virtualization. Learn more about cloud containers.

DevOps- DevOps or “Development Operations” is a team of software and application developers that specialize in delivering applications in a faster time frame for the org.

Docker- a cloud computing tool that is used to automate application deployment and to manage cloud containers. Predominantly a tool for developers working on applications, docker allow applications to still operate while they are being moved to different platforms on the cloud. Docker software is made up of 3 major components: Software, Objects, and Registry. Learn more about the Docker tool.

Hybrid cloud- combination of public, private, or community cloud infrastructures Particularly useful for smaller businesses with needs in load balancing data. Each infrastructure inside of a hybrid cloud remains separate from the other, but is included under the organization’s same “cloud umbrella”. For example: With a hybrid cloud, an organization is able to place their sensitive data in a private section while hosting their less sensitive data in a public section of the cloud.

Hypervisor- programming software that allows for full virtualization. A hypervisor handles every input and output requested from the operating system to the hardware, as well as creates and runs the virtual machines supporting a cloud environment. With a hypervisor, one host can run multiple guest VMs and containers to run on a single server.

Examples: VirtualBox, VMware Hypervisor (ESXi), Microsoft Hyper-V, Citrix XenServer

“Bare-metal” hypervisor- “Type 1” hypervisor term for describing the absence of software between the hypervisor and hardware. Acts like a lightweight operating system running directly on top of the hardware.

Hosted hypervisor- “Type 2” hypervisor is a virtual machine manager that has the software installed on the existing operating system.

Infrastructure As A Service (IaaS)- storage, networking, and other computing resources provided to customers over the provider’s cloud. Instead of managing and controlling their own infrastructure, customers pay to use a cloud provider’s resources, usually in the form of Virtual Machines (VMs), virtualized hardware, and operating systems. Examples of IaaS cloud providers: Amazon Elastic Compute Cloud (Amazon EC2), Microsoft Windows Azure, Google Compute Engine (GCE).

Kubernetes- an open-source container orientation system that automates the processes of launching, maintaining, and scaling applications. Focuses on expanding the scale of operations for an organization’s application ability and clustering multiple hosts (VMs) together on the cloud. (Originally developed by Google engineers.) Learn more about Kubernetes.

Lambda- AWS Lambda is a “bread and butter” tool for running any code virtually to test an application without requiring a server (“server less”). It is useful for providing the flexibility and scale to test code at varying capacities, processing data before presenting to machine learning algorithms, and for building cross-communication among multiple applications. Learn more about Lambda AWS features.

Migration- process of moving data, applications, and other important business items to a cloud environment for improved organizational operations. There are numerous strategies for moving operations to the cloud, as well as determining how much cloud infrastructure is needed for a company.

PaaS- customers pay to use a platform in which to run their applications on over the cloud. A PaaS includes software building blocks (containers) which applications can be run in the cloud environment, as well as number of tools for programming, developing, and deploying applications. Examples of PaaS: AWS Elastic Beanstalk, Windows Azure, Heroic, Google App Engine, etc.

Private cloud- a cloud infrastructure environment with restricted access. Only internal parties of an organization are allowed access to cloud resources, usually achieved either through a VPN (Virtual Private Network) or the organization’s intranet (private Internet network). A private cloud offers tighter controls over data storage, which could achieve more advanced security.

Public cloud- a cloud infrastructure environment that is made available to the general public. Applications, storage, and other cloud supplies are available over the Internet, but may only be accessed by using a secure Internet Protocol. The public cloud model is usually employed by organizations wishing to offer their cloud services to users for a pay-as-you-go fee or subscription.

Resource pooling- term used to describe the way in which the resources of cloud providers are “pooled”, being able to serve numerous clients at once with a range of scalable cloud services catering to each consumer’s provisional needs. Often described as a “multi-tenant-model”, in which a simple software instance and its infrastructure is able to support and serve multiple customers at once.

Reliability- measure of probability that the cloud delivers the services it is designed to deliver to the satisfaction of the consumer. A.K.A the service is available, it delivers what it is supposed to deliver, and functions the way it is supposed to function.

Resiliency- resiliency in relation the cloud means being able to forsee technological difficulties and planning for business operations (business continuity) to go on in case of such disruptions.

SecOps- SecOps or “Security Operations” is a team of security professionals integrated with IT operations. SecOps specializes in finding and responding to security issues related to the IT operations of an organization.

Security as a service- type of SaaS that packages security services for customer organizations. Delivered from security providers whose main goal is to lessen the security responsibilities of the customer organization.

Service model- service alternatives available on the cloud. the three main service models recommended by NIST SP 800-145 include SaaS, IaaS, and PaaS.

Serverless- term for describing cloud computing applications that do not require a server to operate.

Software As A Service (SaaS)- application software that is accessible to customers from the cloud, usually for a subscription-based payment. Cloud providers will host the software on their cloud infrastructure and deliver the software to customers over the Internet. Examples of SaaS: Salesforce, Microsoft 365, Cisco WebEx, Slack, Gmail, Docusign, etc.

Web Application Firewall (WAF)- a specialized firewall designed to protection web applications and APIs from attacks. It analyzes incoming traffic, filtering, monitoring, and blocking malicious http or https traffic in an effort to prevent unauthorized information coming to or leaving the web application.

Web Application & API Protection (WAAP)- similar to a firewall, a WAAP is a specialized security tool to protect web applications and APIs (Application Interfaces). A WAAP is placed between the outer edge of a network and the public-facing side of the web application. It is an evolution of the WAF (Web Application Firewall) and analyzes incoming traffic.


bottom of page