Map the security workload to the appropriate cloud delivery model and hosting models under consideration.
Now that you understand the importance of your asset, you can evaluate the risks associated with various deployment models.
Are you considering a private, public, or hybrid cloud delivery model? For a private cloud, will your deployment be: o On-premises? o Off-premises with a dedicated or shared infrastructure? For hybrid models, where will the various components, functions, and data reside? How will you mitigate risk within the cloud delivery model? What are the specific requirements for handling regulated data?
Determine whether the available services are capable of meeting your requirements for handling data, especially for compliance purposes. Map the data flow, especially for public or hybrid cloud providers.
At this point, you need to understand your risk tolerance for the workload. If you have a cloud service provider in mind, you can conduct a more detailed risk assessment.
You need to know how data moves in and out of the cloud. For specific deployment options, you should understand how data will flow between your organization, the cloud services, and any customers (or other areas).
Can the provider continue to deliver protection as the workload continues to evolve?
Intel IT Center Planning Guide | Cloud Security