Welcome to the fourth version of the Cloud Security Alliance’s Security Guidance for Critical Areas of Focus in Cloud Computing. Built on previous iterations of the security guidance, dedicated research, public participation from the Cloud Security Alliance members, working groups, and the industry experts within our community. This version incorporates advances in cloud, security, and supporting technologies, reflects on real-world cloud security practices, integrates the latest Cloud Security Alliance research projects, and offers guidance for related technologies.
It is generally recommended that information security controls be selected and implemented according and in proportion to the risks, typically by assessing the threats, vulnerabilities and impacts. Cloud security concerns can be grouped in various ways; Gartner named seven  while the Cloud Security Alliance identified fourteen areas of concern.   Cloud Access Security Brokers (CASB) are software that sits between cloud service users and cloud applications to monitor all activity and enforce security policies.