Data segregation is the process and controls that ensure data is segregated in a multi-tenant environment so each tenant has access to his and only his data
Cloud Controls Matrix (CCM) Data
Physical | Network | Compute | App | Data |
---|---|---|---|---|
True | True | True | True | True |
Corp Gov Relevance |
---|
False |
SaaS | PaaS | IaaS |
---|---|---|
True | True | True |
Service Provider | Tenant / Consumer |
---|---|
True | False |
COBIT 4.1 | HIPAA / HITECH Act | ISO/IEC 27001-2005 |
---|---|---|
DS5.7 | A.10.1.4 |
NIST SP800-53 R3 | FedRAMP (Final 2012) Low Impact | FedRAMP (Final 2012) Moderate Impact | PCI DSS v2.0 |
---|---|---|---|
SC-2 | NIST SP 800-53 R3 SC-2 | 6.4.1 |
BITS Shared Assessments SIG v6.0 | BITS Shared Assessments SIG v5.0 | GAPP (Aug 2009) |
---|---|---|
I.2.7.1, I.2.20, I.2.17, I.2.22.2, I.2.22.4, I.2.22.10-14, H.1.1 | B.1 | 1.2.6 |
Jericho Forum | NERC CIP |
---|---|
Commandment #1 |
Consensus Assessments Initiative Questionnaire (CAIQ) Data
COBIT | HIPAA | ISO27001 | SP800_53 |
---|---|---|---|
COBIT 4.1 DS5.7 | A.10.1.4 | NIST SP800-53 R3 SC-2 |
FedRAMP | PCI_DSS | BITS | GAPP |
---|---|---|---|
NIST SP800-53 R3 SC-2 | PCI DSS v2.0 6.4.1 | AUP v5.0 B.1 SIG v6.0: I.2.7.1, I.2.20, I.2.17,I.2.22.2, I.2.22.4,I.2.22.10-14, H.1.1 | GAPP Ref 1.2.6 |
SaaS | PaaS | IaaS |
---|---|---|
True | True | True |
SP | CUST |
---|---|
True | True |