Assuring Provider Protection
There are four assurance levels with cloud provider protection, from the lowest, bronze, to the highest, platinum, which is equivalent to military security. Managing risks in interacting with cloud providers requires a process to provide an appropriate assurance level. While a cloud provider may support many levels of assurance, it is the cloud subscribers responsibility to evaluate its risk appetite and determine the appropriate level of security required. This evaluation may be done by the cloud subscriber when choosing a particular cloud provider, when selecting a security assurance level, or as part of the negotiation between the cloud subscriber and cloud provider.