4.7 Multitenancy

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with

Already have an account? Sign In »

9 hours 48 minutes
Video Transcription
multi tendency.
Can't say enough about the difficulties of multi tendency about how big a threat
it represents. Other tenants on your server, your same physical device. That's why it keeps coming up and on the exam. I think it's worth a couple of questions. Where is your greatest threat from other tenants? It's the very nature of cloud computing, specifically Public Cloud is that we're gonna have tenants from other environments.
Physical environments gonna be shared. So once again, segmentation and isolation so critical, right? And that's not just the responsibility of the cloud service provider we have to evaluate. What is that? Isolation that's provided and how do we segment and again,
segmentation could be within our environment as well. You know, within my organization, I have to segment out different degrees of data sensitivity, different access, perhaps based on job role or function within the organization. So we have to consider segmentation in isolation.
Third party government. What's the government's at my cloud service provider? And then what's our third party governance within our own organization, right? How do we handle those contracts? Howard S. L. A's reviewed. How are they verified? How are we assured you know their party assurance,
governance, making sure that we have the right goals and that we have the supporting structure in place to accomplish those goals. You can think about governance. Does my cloud service provider have good governance? Do we have good third party governments? Service levels?
I have said service level agreements so many times during this class. As a matter of fact, if there were,
ah, a drinking game going on right now with every time I said S L A. You take a shot of something, you guys would all be smashed, right? I have said service level agreements eight million times,
please. That is not encouraging you to make Cyberia videos a drinking game. I'm just saying, if you did, all right, so we know the importance of service level agreement and are entities that are responsible for third party governments. Their job is to ensure the service level that were provided guaranteed from the provider
meets our internal needs.
Ah, charge back in media ring, making sure that we're paying for what we use no more, no less. That's one of the benefits of the cloud. So that evaluation that review of service is
not necessarily a huge multi tendency, but making sure that we're charged as an individual entity, even on a server that has 15 different clients, right? Making sure that the billing happens properly, that's just another own a multi tenancy considerations.
Up Next
Certified Cloud Security Professional (CCSP)

This Certified Cloud Security Professional (CCSP) certification course covers topics across six domains, to ensure the candidate has a wide range of competencies and is capable in the assessment and implementation of cloud service solutions.

Instructed By