The Cloud Security Alliance uses a six-stage lifecycle to describe the way that data exists in the cloud. In this video, Mike Chapple explains the lifecycle phases of create, store, use, share, archive, and destroy.
- [Instructor] The Cloud Security Alliance uses a six stage lifecycle to describe the way that data exists in the cloud. This model is a helpful way to understand the stages that data moves through in an organization and it's also covered on the CCSP exam. In the first stage of the lifecycle, create, the organization generates new data, either directly in the cloud or in an on-premises system that will eventually move to the cloud. The create stage also includes modifications to existing data. From there, the second stage of the lifecycle is store. In this stage, the organization places the data into one or more storage systems. In the case of cloud storage, this may be block storage or object storage. The next stage, use, is where active use of the data takes place. Users and systems view and process data in this stage. In the fourth stage, share, the data is made available to other people through one or more sharing mechanisms. This might include providing customers with a link to a file, modifying access controls so that other employees can view it, or similar actions. When the data is no longer being actively used, it moves to the fifth stage, archive. In this stage, data is retained in long term storage, where it is not immediately accessible but can be restored to active use if necessary. And in the final stage of the lifecycle, data is eventually destroyed when it is no longer needed. This destruction should take place using a secure disposal method. While the Cloud Security Alliance does describe this as a lifecycle, it's important to note that the stages of the lifecycle are not always followed in order and not all of them occur for every piece of data. For example, it is possible to create new data in memory, use it there, and then destroy it, without ever storing it in a repository. Similarly, data might be permanently retained in active storage, and never reach the archive or destroy stages. However, the CSA lifecycle is a still useful model for understanding the different stages of data life.
- Block storage types
- Cloud storage security threats
- Encryption basics
- Choosing encryption algorithms
- Key management
- Public key infrastructure (PKI)
- Creating and revoking digital signatures
- Securing common protocols
- Data protection
- Information management
- Information rights management
- Logging security events
- Continuous security monitoring