Essential Guide

Enterprise cloud security best practices for locking down your cloud

A comprehensive collection of articles, videos and more, hand-picked by our editors

An introduction to cloud computing security certifications

Experts Ed Tittel and Mary Kyle examine the growing number of cloud computing security certifications, both vendor-neutral and vendor-specific.

Cloud computing continues to be a hot-button topic for companies looking to reduce the total cost of ownership for server and end-user computers while offering automated expansion of computing capacity and better management of virtualized environments. Information security is likewise a hot topic, what with numerous well-publicized security breaches among corporations, universities and government agencies weighing on IT professionals...

and C-level executives alike nowadays.

At the intersection of these two popular IT topics lies the emerging field of cloud computing security certifications. As an increasing number of information security and IT operations professionals shift their careers toward cloud computing, a small but growing number of certifications have emerged in the cloud computing area of information security, divided between vendor-specific certifications and vendor-neutral certifications.

This guide, an addendum to SearchSecurity's IT security certifications guide, examines the available cloud security certifications that can translate to better career opportunities -- and a higher salary -- for you as cloud security best practices and certifications continue to expand and mature. This guide has been updated to reflect two notable changes in the cloud certification landscape, the first of which is the removal of CA's AppLogic Professional certification, which has been discontinued. CA is no longer offering AppLogic certifications as the product is scheduled for end of life this June. In addition, Symantec in January discontinued the Symantec Certified Professional-Cloud Security (SCP-CS) certification as well as its Symantec Cloud Security Essentials (SCSE) course, citing a lack of adoption.

Cloud security certifications (sorted alphabetically)

Cloud certification level

Vendor-specific

Vendor-neutral

Foundational

 

 

Certificate of Cloud Security Knowledge (CCSK)

 

X

Certified Cloud Security Specialist (CCSS)

 

X

EXIN Certified Integrator Secure Cloud Services (CISCS)

X

 

Intermediate

 

 

Professional Cloud Security Manager (PCSM)

 

X

VMware Certified Advanced Professional-Cloud Infrastructure Design (VCAP-CID)

X

 

Advanced

 

 

IBM Certified Solution Architect-Cloud Computing Infrastructure (CSA-CCI)

X

 

Salesforce.com Certified Technical Architect (SCTA)

X

 

Certificate of Cloud Security Knowledge (CCSK)

Certification level: Foundational
Certification type: Vendor-neutral

The CCSK certification was established by the Cloud Security Alliance as a foundation of cloud security knowledge for newcomers to the cloud computing arena. The CCSK provides a solid foundation of cloud security essential knowledge as well as best practices gleaned from those who have blazed this trail before you. What better way to learn what to do than by learning what you should NOT do in the cloud? All kidding aside, the specificity of the exam and that it is designed and taught by some of the industry's leading cloud security experts indicates that the CCSK is the already becoming the industry's foremost vendor-neutral cloud security certification. Note that the CCSK certification is available in both English and Spanish Two training courses are currently available: CCSK-Foundation for entry level training and CCSK-Plus for additional hands-on experience.

SearchCloudSecurity has partnered with the Cloud Security Alliance to offer members nine free online classes to prepare for the CCSK exam. Sample questions for each of the various domains (Cloud Architecture, Virtualization, Security as a Service, Governance and Enterprise Risk, e-Discovery and so forth) are available as well from CSA.

Source: CSA Education -- CCSK

Certified Cloud Security Specialist (CCSS)

Certification level: Foundational
Certification type: Vendor-neutral

The CCSS certification offered by Arcitura subsidiary CloudSchool.com includes excellent foundational knowledge of cloud technologies as well as three modules specifically covering cloud security content. Arcitura/CloudSchool.com offers self-study kits through its website as well as instructor-led training classes for most of the required CCSS modules. In order to successfully acquire the CCSS certification, each candidate must successfully pass five exams:

  • Fundamental Cloud Computing
  • Cloud Technology Concepts
  • Fundamental Cloud Security
  • Advanced Cloud Security
  • Cloud Security Lab

The required CCSS training courses are available now, but testing for the CCSS is still under development. When finalized and commercially available, CCSS testing will be conducted by Prometric. The CCSS exam is targeted for release in March 2015.

Source: CloudSchool.com Certified Cloud Security Specialist

EXIN Certified Integrator Secure Cloud Services (CISCS)

Certification level: Foundational
Certification type: Vendor-neutral

CISCS certification from EXIN is not purely dedicated to cloud security, though it does offer a well-rounded foundational overview of cloud concepts and relevant information security topics. The advantage to this approach is that participants learn not only cloud security concepts and best practices, but they also learn how cloud security fits into an overall cloud strategy. CISCS certification consists of three modules that must be mastered in order to pass the certification exam:

  • IT Service Management (or ITIL Foundation)
  • Information Security
  • Cloud Computing

The EXIN IT Service Management and ITIL modules are based on ISO/IEC 20000; either module can be replaced by Microsoft Operations Framework (MOF). EXIN offers CISCS testing through both Prometric and Pearson VUE exam centers.

Source: EXIN Certified Integrator Secure Cloud Services

IBM Certified Solution Architect-Cloud Computing Infrastructure (CSA-CCI)

Certification level: Advanced
Certification type: Vendor-specific

The IBM CSA-CCI certification track requires mastery of the following cloud-related principles:

  • Cloud computing basics
  • IBM Cloud Computing principles
  • IBM Cloud Computing design concepts
  • Implementing IBM Cloud Computing
  • Types of clouds and as-a-service offerings
  • Cloud infrastructure technologies, including cloud security
  • Addressing security in a cloud computing environment
  • Knowledge of the IBM Cloud Computing offerings, including provisioning, storage, security, monitoring and hypervisors
  • Knowledge of IBM Cloud Management principles including Operation Mode, Service Delivery and Service Management

Not surprisingly, this certification makes the most sense for security pros who are (or need to be) versed in security of cloud systems built on IBM infrastructure. Those seeking this certification must be adequately versed in how products from Big Blue's Tivoli, WebSphere and CloudBurst brands work to not only facilitate enterprise cloud computing but also to secure it.

Source: IBM Professional Certification Program

Professional Cloud Security Manager (PCSM)

Certification level: Intermediate
Certification type: Vendor-neutral

The Cloud Credential Council (CCC), based in Palo Alto, Calif., offers several cloud-related credentials that address the business, development and technology side of cloud creation and administration, but only the Professional Cloud Security Manager focuses entirely on security. The PCSM identifies individuals who are well versed in key cloud computing security concepts, threats and challenges, reference models and standards, physical security, virtualization management, IT governance and risk management, and much more.

Although the certification has no prerequisites, the CCC recommends that candidates first achieve the Cloud Technology Associate certification or an equivalent. A three-day training course is available through CCC-accredited training partners but is not required.

Source: Cloud Credential Council Professional Cloud Security Manager

Salesforce.com Certified Technical Architect (SCTA)

Certification level: Advanced
Certification type: Vendor-specific

Salesforce.com is one of the pioneers of cloud computing, specifically the Software-as-a-Service (SaaS) movement. The SCTA certification is geared toward architects and designers who want to certify their knowledge and expertise for designing scalable and secure applications on the Salesforce.com cloud platform. In order to pass the SCTA exam, participants must demonstrate mastery of cloud application design principles, application-level security considerations (to ensure secure communications between Salesforce.com and third-party apps) and best practices for deploying applications via Salesforce.com. Obviously, this is a highly specific certification and best for individuals whose organizations either have invested heavily in Salesforce.com, or those who intend to specialize in implementing and securing Salesforce.com infrastructures.

Obtaining the credential involves three parts: a self-evaluation, a multiple-choice written exam, and a review board presentation. Each step must be completed before candidates may move on to the next phase of the credentialing process. The review board meets only at designated times, which are published on the Salesforce.com website.

Source: Salesforce.com Certification Architects Track

VMware Certified Advanced Professional-Cloud Infrastructure Design (VCAP-CID)

Certification level: Intermediate
Certification type: Vendor-specific

VMware has become a leading provider of software for cloud computing infrastructure, virtual desktops and cloud management. Its early entry into cloud computing software has given VMware a corresponding head start in the vendor-specific cloud certification market. The VCAP-CID certification includes best practices for cloud design considerations, security, metering, compliance and availability. Note that there are other variants of the VMware Certified Advanced Professional certification that might also be beneficial to the aspiring -- or even the experienced -- cloud computing professional.

Source: VMware Certified Advanced Professional-Cloud Infrastructure Design (VCAP-CID)

Next Steps

Learn more about how valuable security certifications can be.

This was first published in January 2015

PRO+

Content

Find more PRO+ content and other member only offers, here.

Essential Guide

Enterprise cloud security best practices for locking down your cloud

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchSecurity

SearchCloudComputing

SearchAWS

SearchCloudApplications

SearchServerVirtualization

SearchVMware

ComputerWeekly

Close