1.27 Auditing/Accountability and Account Deprovisioning

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with

Already have an account? Sign In »

12 hours 48 minutes
Video Transcription
then the next area we have is auditing and accountability. We want to be able to match an action to a subject again. This is identity driven. So if I have multiple people sharing the same identity, I don't really have the ability to hold folks accountable. Now we'll spend more time talking about the function of
But ultimately, you know when when we talk about with cloud Service is and how we're responsible for the identity piece. You know, the account provisioning piece, how we manage access to the data, and again we'll get more in depth into that a little bit. We've also got a look at auditing.
There may be a differ. A certain degree of auditing
that comes is the responsibility of the cloud service provider that tends to be more hardware in performance based when we're looking at who's gaining access to the resource is from our organization. Is the access control happening properly? Ah, lot of times that falls on us,
so we want to make sure that auditing and accountability
is expressly documented and that we're gonna be able to have a set of records at any point in time that we need to trace that.
All right, So what we have here, we have a count provisioning.
Then we have identified authenticate, authorize
auditing and what's left. The only thing that's really left is a count de provisioning, right? And we're using the same AP eyes Reason S p m l or skim
in orderto automate industry. Mind that process again. The days of HR calling the I T department saying, Hey, Kelly hander hands no longer with the company, Can you remove their account
and then the i T department taking three days to do that because of workload or whatever reason. Then we've got three days where this user has an account on the network, or HR forgets to call. Or there's some, you know, dropped link in the process. We were moving from the HR database,
and that removes them from
directory service is it removes them from the database that our applications air used. So really,
streamlining provisioning and D provisioning is where we have to focus.
All right, that wraps up our identity and access management peace. And in just a moment we'll move into virtual ization
Up Next
Certified Cloud Security Professional (CCSP)

This Certified Cloud Security Professional (CCSP) certification course covers topics across six domains, to ensure the candidate has a wide range of competencies and is capable in the assessment and implementation of cloud service solutions.

Instructed By