2.21 Policy Controls for Privacy and Data Protection

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with

Already have an account? Sign In »

12 hours 48 minutes
Video Transcription
I just referenced the administrative controls. Administrative controls were so important. Don't ever underestimate the value of good, strong administrative controls. But I do also want to mention, of course, technical requirements for privacy and protecting data. And again,
show me in the service level agreement, how we're handling these elements. Right? So how are the data objects created? How are they moved from one location? What's deletion?
Talk to me about your virtual machines, which you're hyper visor. How do you protect it? How do you maintain the ends? Are they moved from system to system and again, same is with administrative controls. I'm not going to read all these to you. But again,
you know, we've looked at security concerns and we said, Hey, a lot of these securities concerns we looked at earlier.
We're just generic security concerns for networking. Well, these elements are specific to the cloud. The service level agreements would sort of orchestration. Anytime you see orchestration, they mean automation. So what sort of orchestrated processes are in the class? You know, what is my CSP use?
Orchestration could be good and bad, right?
You know, we remove that human element, but we also remove human judgment.
Single sign on we think about again going back to identity and access management. So ultimately, these air just some technical controls thes go hand in hand with the administrative controls.
Up Next
Certified Cloud Security Professional (CCSP)

This Certified Cloud Security Professional (CCSP) certification course covers topics across six domains, to ensure the candidate has a wide range of competencies and is capable in the assessment and implementation of cloud service solutions.

Instructed By