Cloud Security Considerations

00:00

Hey, everyone, welcome back to the course in this video. We're just gonna talk about some of the security considerations you need to keep in mind around the clouds. Jill Resilience being the first one here, Does the cloud provider offer enough security services? Protect your data. And then also where are their data centers located? Do they have them spread out across the world? Are they in a single country?

00:19

What happens if

00:21

a data center goes down? Well, I still have access to my data. Will roll over to another location. Um, what happens if there's like a major natural disaster someplace? So let's say that a cloud provider, for example, only has one data center, and it's on a tropical island. And then here comes a big tsunami, which, if you don't know what that is, it's just a big

00:40

amount of water. Just think of a large volume of water. Big wave essentially,

00:44

and that comes and knocks out everything out because they only have the one location. So you need to think through. If one area goes down, one part of the world goes down. Can I still access my data? What about data isolation? So, for example, if there's there's a lot of malware attacks out there, right? And so

01:00

maybe we need to think through. Should we have an offline copy of our data? The answer is yes. Right. In most cases,

01:04

you should have an offline copy of the data. Also using multiple cloud providers storing that data in multiple spots. Yes, there is a cost to that. However,

01:14

isn't it more expensive if all your systems are shut down because of ransomware? Right, So you can't actually function. Function generally is a business. So that's why we talk about data isolation. Having a copy that is isolated from an individual cloud environment encryption. Right. So encrypting that data at rest as well as in transit. If we don't encrypt the data,

01:33

then it's pretty easy for an adversary to grab that data.

01:36

Or the data could be just exposed out there on the web to anyone. What about monitoring? What are those users doing right? What are they doing with our data? So, after we put the data in the cloud What what are our users? What kind of actions are they taking? And we wanna make sure that we're monitoring that right And checking for malicious activity passwords. We wanna make sure we have a good password policy

01:56

requiring that our users toe have strong passwords,

01:59

use things like multi factor authentication as well.

02:01

So make sure they're strong, complex and even cloud providers, generally speaking, will make sure that

02:07

passwords were using when we create user accounts do have to be strong and complex. Vulnerability management. So many cloud service providers do poor perform their own vulnerability management in their environments. So see if you can get access to the report, check the reports, see what kind of vulnerabilities there are. Uh, if you have deployed things like custom web applications, then

02:28

you wanna make sure that you're performing

02:30

vulnerability assessments on your own applications. You've created

02:32

alert, so alerts give us visibility. Right. So we wanna make sure we have visibility on DSI. What kind of reports to cloud provider gives us right? So can we use a tool like a same tool and integrated and centralize it? So, for example, Splunk has a *** cloud version, right?

02:49

So then we can ingest all that data and make sense of it and get real visibility across what's happening on our network as well as our applications.

02:57

And also making sure we got things like an incident response plan is well for the cloud.

03:01

So quick. Quick question here. Security considerations in the cloud include what

03:06

vulnerability management alerts or geo resilience?

03:09

All right, pretty easy question here. The answer is actually all of them, right? It it does include vulnerability management alerts, geo resilience, things like patch management alerts and reporting an incident response plans.