Community Cloud Deployments Risks
Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Already have an account? Sign In »
Time
12 hours 57 minutes
Difficulty
Intermediate
CEU/CPE
13
Video Transcription
00:00
>> We talked about some of the benefits
00:00
>> and limitations of using the community cloud.
00:00
>> But now, let's talk about some of the risks
00:00
that come with Community Cloud deployments.
00:00
In this lesson, we're really going to describe
00:00
>> some of the primary threats
00:00
>> to the community cloud,
00:00
>> convey the significance of howthese threats
00:00
>> affect Community Cloud deploying models,
00:00
>> and also talk about how to prioritize
00:00
>> the impact of these threats
00:00
and what mitigation strategies, if any,
00:00
>> can be employed when using
00:00
>> Community Cloud environments.
00:00
>> Let's talk about the risks.
00:00
>> We've talked about this diagram
00:00
>> here over the left.
00:00
>> Remember that Community Cloud
00:00
>> is where a variety of organizations
00:00
>> that share a centralized mission or purpose
00:00
>> using a shared cloud infrastructure together.
00:00
Now, the benefit of the Community Cloud
00:00
>> is there is some benefit in terms
00:00
>> of resiliency are dependent
00:00
>> on one particular cloud provider
00:00
>> to maintain the cloud,
00:00
>> each organization may play their own role
00:00
>> or provide shared infrastructure
00:00
>> in supporting the community cloud.
00:00
>> Now, this benefit of improve
00:00
resiliency because with one node
00:00
and the Community Cloud goes down,
00:00
it doesn't bring the whole cloud down for its members.
00:00
However, this decentralization
00:00
>> also introduces some of the greatest risks
00:00
>> that are involved in the community cloud.
00:00
>> The first one we're going to talk about
00:00
>> is performance monitoring.
00:00
>> In a typical cloud scenario,
00:00
there's one centralized place
00:00
where they're able to monitor
00:00
the performance of the applications
00:00
>> and the infrastructure.
00:00
>> However, Community Cloud,
00:00
>> because it's decentralized,
00:00
>> the performance monitoring and coordination
00:00
>> becomes a little more difficult.
00:00
>> Then this is also true of security monitoring.
00:00
There isn't necessarily one clear view
00:00
>> of what's going on across the Community Cloud
00:00
>> when a security concern comes up,
00:00
>> and that can make it difficult to address
00:00
>> and assess potential incidents
00:00
>> that occur in the community cloud.
00:00
>> The same theme of decentralization
00:00
>> applies to other security concerns with the Cloud.
00:00
>> Access control.
00:00
>> With all these different applications
00:00
>> that may be hosted by different
00:00
>> Community Cloud members,
00:00
>> there isn't really necessarily
00:00
>> a centralized policy and procedure
00:00
>> when it comes to access control,
00:00
>> and it's very difficult for any individual member
00:00
>> to know whether the members
00:00
>> of the community are being good stewards
00:00
>> and really enforcing access control
00:00
>> to the extent that they should in the environment.
00:00
>> That also applies to configuration management.
00:00
There isn't a centralized way
00:00
>> of setting the tone for how configuration
00:00
>> should be done across the cloud.
00:00
>> Now, that is true in most cases,
00:00
but not necessarily every case,
00:00
especially some of those cloud examples
00:00
that we referenced in the past module
00:00
>> about the federal cloud or the government cloud.
00:00
>> Those members of federal government agencies
00:00
>> participate in the cloud because there is
00:00
>> a consistent security standard
00:00
>> and they can utilize the resources in the Cloud
00:00
>> knowing that there's a consistent
00:00
>> approved way that security is enforced.
00:00
>> That may not be the case
00:00
>> for other Community Clouds
00:00
>> and really should be considered
00:00
>> when joining a Cloud,
00:00
>> leveraging the resources,
00:00
>> and making sure that your organization,
00:00
>> if you are a part of a Community Cloud,
00:00
is communicating your standards
00:00
>> and enforcing those standards
00:00
>> within your organization when it comes to
00:00
>> access management, security monitoring,
00:00
>> and configuration of your system.
00:00
>> Quiz question.
00:00
>> Which of the following risk is most central
00:00
>> to Community Cloud deployments?
00:00
>> First, free-riding on the shared cost
00:00
>> of infrastructure.
00:00
>> Two, resiliency;
00:00
>> or three decentralized administration.
00:00
>> If you said decentralized administration,
00:00
>> you are correct.
00:00
>> As we said, that's one of the benefits
00:00
>> of the cloud in terms of resiliency,
00:00
>> but it is also one of the biggest problems
00:00
>> when it comes to maintaining the security of the cloud.
00:00
>> Let's summarize.
00:00
>> We talked about some of the common risks
00:00
>> when using a Community Cloud deployments
00:00
>> as also important security considerations
00:00
>> if your business or you think you're going
00:00
>> to participate in a Community Cloud environment.
00:00
>> I'll see you in the next lesson.
Up Next
Instructed By
Similar Content
