9 hours 48 minutes
just a couple of quick things to be considerate of when you're talking about deploying acts in the cloud. Really misconception about cloud deployment is we're doing the same stuff we do on Prem, but we're just doing it to a larger scale. That's not always the case,
right? So we have to look at her applications on at my app basis
configuration, maybe much more complex when you're opening up this environment to a cloud based situation, you know, even just going with access right from the different devices. If you think about all the different devices we have to support
for Internet or cloud based access,
as opposed to a local access on my domain, where I control which which systems are gonna be accessing the data, right? Just think about all the operating systems, all the types of devices. I have to create an application that will scale to a watch versus somebody with a 35 inch monitor,
right? There's a lot of complexity that goes into making sure the displays problem, something that basic,
so things don't just scale up or scale down there. A lot of considerations once we take and transmit this to the cloud
learning her from the new environments. Let me tell you what we're seeing more and more is wishing security breaches
at cloud service providers, and I anticipate that's going to increase because we're over looking elements, elements of an environment that's new, clueless. The rush to get to the cloud sometimes comes with the misconception off. They'll deal with all the issues, and that's not the case.
We have a lot to learn in working in the cloud environment. And let me tell you,
when we say a lot to learn, that means messing stuff up and having to fix it, having to deal with the repercussions, learning from it and being better next time. Hopefully, that's not the way we learn, but a lot of times it is
lack of standardization.
The problem in our field is when a vendor gets a really good idea. They like to keep it to themselves, and they have proprietary applications that storm proprietary formats that have proprietary AP eyes. And that makes things very that makes communications between a standard based service much more complex.
That's another issue to consider
multi tendency. Always and then we have to think about third party administrators were communicating with an application that's hosted on another system, whether that's by a separate vendor or cloud service provider or you know any where in between. So we have all of these issues
that make deploying APS in the cloud more challenging.
These are just considerations that we have to think about, and we have to make sure that we've used proper risk analysis in addressing these ideas. You know, if we're talking about threat modeling or risk modeling, each of these represents a potential risk.
Certified Cloud Security Professional (CCSP)
This Certified Cloud Security Professional (CCSP) certification course covers topics across six domains, to ensure the candidate has a wide range of competencies and is capable in the assessment and implementation of cloud service solutions.