January 31, 2020 David Hallinan Guides, Industry Step Your Vocab Up! – Cloud Security Edition “You gotta talk the talk before you can walk the walk” A key factor in your success as a Product Manager is the ability to insert yourself into any department in your organization and eloquently communicate your thought processes. Time in and time out, we have found that a major hindrance in a PM’s ability to do their job well is being unable to properly speak with their engineering team, specifically. We’ve spent long hours curating a list of terms for our Kloudless SaaS Integration Glossary, and we believe that product managers everywhere can benefit from this extensive list of vocabulary words. So, for the sake of helping you get on the same page as the people you work closely with, we are glad to announce our new monthly blog post, Step Your Vocab Up. On the last Wednesday of each month, we will do our best to help you expand your vocabulary on different aspects of software development to aid in becoming the best product manager, developer, or product lead you can be. So sit back, grab a comfy seat, and let’s jump into the first edition of our new series with a dive into part one of all things Cloud Security! Securing Your Place at the Table As more and more of our important data is held in cloud storage services, the need for secure means of storing that data is necessary. Cloud security has come a long way since its infancy, yet the industry still needs to scramble to stay on top of the latest means of safeguarding its users’ data. So, with the aim of helping you to better understand many of the terms related to cloud security, we’ve got some fresh new definitions to help you out. The following are hand-picked terms from our glossary that we feel are important for any product manager beginning their application’s product roadmap: CASB: A Cloud Access Security Broker (CASB) is a software service created to sit between an organization’s on-premises infrastructure and a cloud provider’s infrastructure. CASB’s are made to monitor all activity and enforce security policies. Click here to read how CASB companies can differentiate themselves in the market with native connectivity. Cloud Infrastructure as a Service: Cloud infrastructure as a service is one of the three main categories of cloud computing services, and are used to provide high-level APIs that dereference various low-level details of underlying network infrastructure like physical computing resources, location, data partitioning, scaling, security, and backup. Data Encryption: The process of using algorithms or ciphers to protect electronic data. HTTPS: Hypertext Transfer Protocol Secure is how websites and APIs communicate securely over the internet by using transport layer encryption security. Identity Governance and Administration: Identity Governance & Administration (IGA) is defined as “the policy-based centralized orchestration of user identity management and access control. Identity governance helps support enterprise IT security and regulatory compliance.” On-Premises: On-premises refers to a type of software that is installed and run from an organization’s in-house server and native computing resources rather than a remote facility, such as the cloud. Click here to understand whether cloud or on-premises deployment is right for you. Pass-Through API: A pass-through API is a security-free API made for requests to quickly be passed to the backend without security checks. Pass-Through APIs must be created with the strict intention of not passing sensitive data through them. SSL: SSL, or Secure Sockets Layer, is a cryptographic protocol that secures traffic on the internet. SSL is the standard security technology for establishing an encrypted link between a web server and a browser. Symmetrical Encryption: Symmetric-key algorithms are used for cryptography, and use the same cryptographic keys for encrypting plaintext and decrypting ciphertext. The keys may be identical or there may be a simple transformation to go between them. Word Up! While this should clear up some of the more popular terms, by no means is this everything you need to know in order to understand everything cloud security. We suggest you dive deeper into each term outlined in this article and research popular opinions on the implementation of each. The more you learn about these important terms, the better off you will be when it comes to orchestrating the building of your product. We’re not done yet, though! We’ve put together a comprehensive list of over 300 terms in our new SaaS Integration Glossary for the sake of keeping you as informed as possible on everything integration related. Head over now to start beefing up your vocabulary!