continuous compliance is our third and final cloud governance pillar
in this module will be covering the concepts within the continuous compliance cycle prevention, detection, reporting and remediation.
Maintaining an organization's security posture is now a shared responsibility between the organization and their cloud provider.
This is a major departure for those accustomed to securing and defending a private data center.
However, in almost all cases, ah, higher level of security can be achieved by migrating to the cloud. But the ways and means of securing your position in the cloud differs based on cloud service provider and requires a high degree of automation.
One aspect to consider when establishing security controls in the cloud is any major compliance regime or security posture that any of your cloud environments need to operate in.
Published standards such as nest cysts, fed ramp or HIPPA, just to name a few,
provide organizations with a prescriptive set of controls and practices to ensure proper protection in a relevant environment.
While these compliance regimes ensure a organization has the guy
well, these compliance regimes ensure a organization has the guidelines for a specific control or industry.
They don't account for the hundreds of other possible cloud security best practices that are ever evolving and expanding.
Now you might be asking yourself by now I understand the need for compliance. But what about this continuous aspect?
Great question. You
not Unlike the overall structure of cloud lifecycle management, continuous compliance is best applied to organisations and scale as a cycle itself.
Compliance starts with prevention making sure that all the right guardrails are in place from day one.
From there, some form of detection is required to measure changes and our drift from this initial state of compliance
from here. Any detected drift must be reported in a robust yet simple manner.
And finally, as you might expect, remediation of these detective changes helps close the cycle of continuous compliance.
Let me show you how we accomplish this within our own platform. iCloud tamer
for prevention, we again use the organizational chart and the pathways of inheritance. It builds to visualize your security posture in the cloud across commercial government and secure regions.
The order chart offers an easy to understand method for viewing in assigning cloud resource is policies and templates.
Once these policies are in place on organizational unit,
all subsequent new or existing accounts at or below that unit will inherit the policies associated with it.
Not only this, but a user can make a single change to an existing policy or at a new policy that will flow down the Orc chart to hundreds or thousands of cloud accounts or subscriptions. Putting the policy enforced within minutes.
This single point of change management Congrats Lee. Reduce Response times to security incidents.
This approach allows organizations to easily define rules to enable a well managed cloud infrastructure that's both secure and cost optimized.
It consolidates many of the ad hoc scripts that organizations have custom built into a lightweight and flexible capability. With unified metrics and reporting
at Cloud tamer. Our platform will also detect any deviation or drift from the desired configuration. Re mediate issues, automatically notify the required stakeholders and log these actions for analysis. All findings air sento are compliance dashboard for reporting intermediation.
The compliance dashboard also accommodates pulling and findings from other security focus tools for a consolidated view.
To summarize continuous compliance is a critical component of cloud governance that helps further automate and protect your cloud environments from risk
establishing a cycle of prevention, detection reporting in remediation allows large organizations to remain compliant and secure while still offering adaptability, so it's not to stifle forward progress or innovation.