Data Masking

Data masking obscures sensitive fields — by shuffling, substituting, or redacting — so non-production or lower-trust users cannot see real values. CCSP uses it to protect PII in test and analytics environments.

All CCSP Terms

Shared Responsibility Model

The shared responsibility model divides security duties between the cloud provider and the customer, with the split shifting across IaaS, PaaS, and SaaS.

IaaS, PaaS, SaaS

IaaS, PaaS, SaaS are the three core cloud service models, delivering infrastructure, a development platform, or complete applications respectively.

Cloud Deployment Models

Cloud deployment models — public, private, hybrid, and community — describe who owns and can access a cloud environment.

Cloud Data Lifecycle

The cloud data lifecycle is the six phases data moves through: create, store, use, share, archive, and destroy.

Tokenization

Tokenization replaces sensitive data with a non-sensitive surrogate token that has no exploitable meaning, keeping the real value in a separate secured vault.

Data Masking

Data masking obscures sensitive fields — by shuffling, substituting, or redacting — so non-production or lower-trust users cannot see real values.

Key Management

Key management is the secure generation, distribution, rotation, storage, and destruction of cryptographic keys.

IRM

Information Rights Management (IRM) attaches persistent, policy-based access controls to a file so restrictions travel with the data wherever it goes.

Management Plane

The management plane is the administrative interface — APIs and consoles — used to configure and control cloud infrastructure.

Hypervisor Security

Hypervisor security protects the virtualization layer that hosts guest VMs, guarding against escape attacks and cross-tenant compromise.

BCDR

Business Continuity and Disaster Recovery (BCDR) planning keeps cloud-hosted services running and recoverable through disruptions.

OWASP Top 10

The OWASP Top 10 is a widely used list of the most critical web-application security risks, such as injection and broken access control.

Secrets Management

Secrets management securely stores and distributes credentials, API keys, and tokens so they are never hard-coded into cloud applications.

SOC Reports

SOC Reports (SOC 1, SOC 2, and SOC 3) are independent audit attestations that describe and validate a service provider's controls.

eDiscovery

eDiscovery is the identification, collection, and production of electronically stored information for legal proceedings, which is complicated in multi-tenant cloud environments.