CISO Guide: Explaining every cloud cybersecurity terms you need to know

Complementing our eBook, Your guide to The Cloud, Conor Mckenna's practical cloud technology glossary demystifies the jargon and acronyms we see everywhere.

Got your head in the cloud?

If you are reading this, you certainly haven’t got your head in the clouds. But cloud technology can be difficult to get your head around. It's a complex subject with countless terms and acronyms floating through the air.

At its simplest, ‘the cloud’ is a network of remote data servers accessed via the internet. But what does this mean in practice? And what do terms like Software as a Service or Managed hosting mean?

To make working with the cloud and its various technology subcategories easier and quicker to navigate, we have put together this ’jargon busting’ glossary of common cloud technology terms and acronyms.

We have also included some top security tips to help you ensure that your use of the cloud is secure and your data is protected.

Cloud applications

A cloud application is software that enables users to access the cloud through the internet.

Cloud computing

Cloud computing refers to the storage of files, data and applications on a remote server with a ‘cloud provider’, rather than on your own systems. It gives users on-demand access to computer system resources – most commonly data storage and computing power –without the need for direct, active management by you. The term is generally used to describe data centres available over the internet.

Security tip:
Create a process for employees if they believe sensitive data stored in the cloud has been compromised. This could be a document informing employees of steps to take in various compromised data situations.

Cloud hosting

Cloud hosting is where websites, applications or services are hosted and accessed via the internet, rather than being deployed on a single server. This brings increased flexibility and scalability compared to a single physical server hosting solution.

Security tip:
Deploy Multi-Factor Authentication (MFA) – A traditional username and password combination is often insufficient to protect user accounts. Stealing these credentials is one of the main ways cybercriminals gain access to your online business data and applications. MFA is an inexpensive and effective way to prevent cybercriminals from gaining access to your cloud applications.

Cloud platform

This term refers to the operating environment and hardware of a server in an internet-based data centre. A cloud platform allows organisations to create, test and build cloud-based applications, and store, back up, and recover data.

Data centre

A data centre is a network of servers used for the remote storage, processing, and distribution of large amounts of data. Data centres can be geographically vast, with the average size coming in at 100,000 square feet.

Some of the world’s largest data centres can contain tens of thousands of IT devices and require more than 100MW of power – enough to power around 80,000 US households (US DOE, 2020).

Managed hosting

Managed hosting is an IT service model that enables a customer to rent dedicated hardware from the provider. The management services usually include:

• Updates and patches
• 24/7/365 support
• Network and hardware management
• Basic security measures
• Server performance monitoring

Managed Service Provider (MSP)

The role of a MSP is to deliver network, application, infrastructure, and security services. They provide ongoing support and active administration on your premises, in the MSP data centre (hosting), or in a third-party data centre.

Security tip:
Establish a backup plan — it’s important to determine the frequency of backups. Establish a timeframe to restore files and applications to minimise negative impacts on your operations.

Platform as a Service (PaaS)

PaaS provides developers with a cloud-hosted environment that can be used to build and test customised applications. PaaS simplifies things for developers as they essentially ‘rent’ the framework, and all backend management is taken care of behind the scenes.
Examples of PaaS include Microsoft Azure and Google App Engine.

Infrastructure as a Service (IaaS)

IaaS is a cloud-based infrastructure that provides users with a pay-as-you-go service for resources such as storage and networking.

Security tip:
Manage and assign privileges — ensure your IaaS provider allows you to create and manage user accounts and assign privileges. The provider should be able to check source IP addresses, prevent users from accessing the portal, and monitor activity to implement and manage your access policy.

Software as a Service (SaaS)

SaaS is a cloud-based service where instead of downloading software directly to your device or network, you access an application via an internet browser. The SaaS model involves third-party software being licensed to users on a subscription basis.

Examples of SaaS include Dropbox, Cisco WebEx, and Google apps such as Gmail, Google Drive and Photos.

Security tip:
Keep everything updated — keeping laptops, phones, software, apps, and plugins up-to-date is a critical aspect of SaaS security. Updates often contain bug fixes that ensure the integrity of software and systems.

Private cloud

Private clouds are cloud environments dedicated solely to your organisation. They usually sit within your firewall.

Security tip:
Choose the right firewall — This can have a significant impact on the security of your private cloud.

Public cloud

A public cloud is where a service provider makes resources available to the public via the internet. The resources vary by provider but usually include storage capabilities, applications, or virtual machines.

Public cloud examples include:

• Microsoft Azure
• Gmail
• Amazon Web Services (AWS)
• Office 365

Security tip:
Controlled access – the location of your stored data is important – but nowhere near as important as who can access it. One of the best things you can do to keep your public cloud data secure is to establish access controls.

So, there it is, our (hopefully) helpful list of the most common cloud technology terms.

If you want to find out more on how to keep your information in the cloud secure, download our Your guide to The Cloud eBook here.