From the course: CCSP Cert Prep: 2 Data Security
Cloud data lifecycle
From the course: CCSP Cert Prep: 2 Data Security
Cloud data lifecycle
- [Instructor] The Cloud Security Alliance uses a six stage lifecycle to describe the way that data exists in the cloud. This model is a helpful way to understand the stages that data moves through in an organization and it's also covered on the CCSP exam. In the first stage of the lifecycle, create, the organization generates new data, either directly in a cloud or in an on-premises system that will eventually move to the cloud. The create stage also includes modifications that are made to existing data. From there, the second stage of the lifecycle is store. In this stage, the organization places the data into one or more storage systems. In the case of cloud storage, this can it be either block storage or object storage. In the next stage, use, active use of data takes place. Users and systems view and process data in the use stage. In the fourth stage, share, data is made available to other people through one or more sharing mechanisms. This might include providing customers with a link to a file, modifying access control so that other employees can view the data or similar actions. When data is no longer being actively used, it moves to the fifth stage, archive. In the archive stage, data is retained in long-term storage where it may not be immediately accessible, but it can be restored to active use if necessary. Then, in the final stage of the lifecycle, data is eventually destroyed when it's no longer needed. This destruction should take place using a secure disposal method. Now while the Cloud Security Alliance does describe this process as a lifecycle, it's important to note that the stages of the lifecycle are not always followed in order and not all of them occur for every piece of data. For example, it is possible to create new data in memory, use it there and then destroy it without ever storing it in a repository. Similarly, data might be permanently retained in active storage and never reach the archive or destroy stages. However, the CSA lifecycle is still a useful model for understanding the different stages of data life. As you explore the ways that data moves back and forth between your organization and the cloud and between cloud providers, you should develop maps of your data flows. These data flow maps show where your organization's data is stored, processed and transmitted and they provide you with an excellent tool for ensuring that you have appropriate security controls in place throughout the data lifecycle.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.