Cloud Security

In this course, students will learn how to:

• Analyze, manage and implement security for public and private clouds
• Establish data integrity and privacy in the cloud to manage risk
• Maintain platform security and protect data confidentiality
• Protect networks, operating systems and applications within various cloud deployments
• Achieve organizational cybersecurity compliance with effective cloud governance

Who Should Attend
Anyone involved in security aspects of cloud computing who has knowledge of Cloud Computing or equivalent experience.

Cloud Computing Essentials

• Cloud computing service models: Software as a Service (SaaS), Platform as a Service (PaaS), Infrastructure as a Service (IaaS)
• Public
• Private
• Virtual Private
• Hybrid
• Establishing cybersecurity fundamentals

Risk Analysis and Division of Responsibility
Managing risks in the cloud

• Dividing operational responsibility and visibility
• Retaining information security accountability
• Managing user authentication and authorization

Negotiating security requirements with vendors

• Identifying needed security measures
• Establishing a service-level agreement (SLA)
• Ensuring SLAs meet security requirements

Securing the Cloud Infrastructure
Securing the platform

• Restricting network access through security groups
• Configuring platform-specific user access control
• Integrating cloud authentication/authorization systems

Compartmentalizing access to protect data confidentiality and availability

• Securing data in motion and data at rest
• Identifying your security perimeter
• Designing resilient cloud architectures

Operating System and Network Security
Locking down cloud servers

• Scanning for and patching vulnerabilities
• Controlling and verifying configuration management

Leveraging provider-specific security options

• Defining security groups to control access
• Filtering traffic by port number
• Benefiting from the provider’s built-in security
• Protecting archived data

Achieving Security in a Private Cloud
Taking full responsibility for cybersecurity

• Managing the risks of public clouds
• Identifying and assigning security tasks in each SPI service model: SaaS, PaaS, IaaS

Selecting the appropriate product

• Comparing product-specific security features
• Organizational implementation requirements

Virtual Private Cloud (VPC)

• Simulating a private cloud in a public environment
• Google Secure Data Connector
• Amazon VPC

The hybrid cloud alternative

• Connecting on-premises data with cloud applications
• Securely bridging with VPC
• Expanding capacity to meet business surges

Meeting Compliance Requirements
Managing cloud governance

• Retaining responsibility for the accuracy of the data
• Verifying integrity in stored and transmitted data
• Demonstrating due care and due diligence

Assuring compliance with government certification and accreditation regulations

• HIPAA
• Sarbanes-Oxley
• Data Protection Act
• PCI DSS
• Following standards for auditing information systems
• Negotiating third-party provider audits

Preparing for Disaster Recovery
Implementing a plan to sustain availability

• Distributing data across the cloud to ensure availability and performance
• Addressing data portability and interoperability for a change in cloud providers

Exploiting the cloud for disaster recovery options

• Achieving cost-effective recovery time objectives
• Employing a strategy of redundancy to better resist DoS