<div>
There's this SOC 2 certification : is this more relevant than ISO27001/017/018<br />
in terms of &nbsp;&quot;non co-mingling of tenants data&quot;?
</div>


<div>
<div class="content wysiwyg-content">
By &quot;no co-mingling of tenants data&quot;, what are the things we look out<br />
for in a cloud and a cloud service provider (CSP)?<br />
<br />
a) encryption of database or the VM sits in an encrypted storage?<br />
b) tenants' VMs can't reach each other, ie there' s microsegmentation<br />
&nbsp; &nbsp; or sort of 'virtual firewall' that blocks a tenant's VM from reaching<br />
&nbsp; &nbsp; to or being reached by another tenant's VM?<br />
c) backups are encrypted?<br />
d) CSP is certified ISO 27017/018 or PCI-DSS or ?<br />
e) or the CSP has to be on private or hybrid cloud? <br />
f) &nbsp;or the CSP can offer a dedicated hypervisor to a tenant<br />
&nbsp; &nbsp; or a 'special storage' to ensure <br />
&nbsp; &nbsp;... pls correct me or add on ...<br />
<br />
Does AWS meet the above criteria?
</div>
</div>


By "no co-mingling of tenants data", what are the things we look out
for in a cloud and a cloud service provider (CSP)?

a) encryption of database or the VM sits in an encrypted storage?
b) tenants' VMs can't reach each other, ie there' s microsegmentation
    or sort of 'virtual firewall' that blocks a tenant's VM from reaching
    to or being reached by another tenant's VM?
c) backups are encrypted?
d) CSP is certified ISO 27017/018 or PCI-DSS or ?
e) or the CSP has to be on private or hybrid cloud? 
f)  or the CSP can offer a dedicated hypervisor to a tenant
    or a 'special storage' to ensure 
   ... pls correct me or add on ...

Does AWS meet the above criteria?

how to qualify for 'No co-mingling of tenants data' in cloud

Encryption is the process of encoding messages or information in such a way that only authorized parties can read it. In an encryption scheme, the intended communication information or message, referred to as plaintext, is encrypted using an encryption algorithm, generating ciphertext that can only be read if decrypted. For technical reasons, an encryption scheme usually uses a pseudo-random encryption key generated by an algorithm. An authorized recipient can easily decrypt the message with the key provided by the originator to recipients, but not to unauthorized interceptors.

Encryption

Virtualization is the act of creating a virtual (rather than actual) version of something, including (but not limited to) a virtual computer hardware platform, operating system (OS), storage device, or computer network resources. Virtualization is usually the creation of a system that executes separate from the underlying hardware resources, or the creation of an entire desktop for systems located elsewhere, similar to thin clients.

Virtualization

VMware, a software company founded in 1998,  was one of the first commercially successful companies to offer x86 virtualization. The storage company EMC purchased VMware in 1994. Dell Technologies acquired EMC in 2016. VMware’s parent company is now Dell Technologies.

VMware has many software products that run on desktops, Microsoft Windows, Linux, and macOS, which allows the virtualizing of the x86 architecture.  Its enterprise software hypervisor for servers, VMware vSphere Hypervisor (ESXi), is a bare-metal hypervisor that runs directly on the server hardware and does not require an additional underlying operating system.

VMware

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.