Time
8 hours 33 minutes
Difficulty
Intermediate
CEU/CPE
9

Video Transcription

00:00
Hello, Siberians. Welcome to this. Listen on. Introduction to Cloud Security
00:05
This is part off the is that 500 Microsoft Azure security technologist Cuss
00:14
quick information on what will be covering in this lesson.
00:17
We have a single objective on that is to introduce you to the shared security responsibility model that Azure uses. Let's get into this
00:29
So the face and that is a well except that security principle that recognizes that there is no silver bullet insecurity.
00:39
What that means is that there is no single solution to solve all problems. The Vander Magic fuse
00:46
for security, Toby, effective. We need a holistic approach that covers all off this layers off a solutions by environment.
00:57
It's nice to cover the data layer applications, layer computes, networking,
01:03
perimeter policies and access and physical security.
01:08
So when we talk about as your security,
01:11
the first thing to understand is this concept of shared responsibility on what this means is that we're not responsible for managing every aspect off our environment. In hasher,
01:25
however,
01:26
it is critical to understand on be very clay on what our security responsibilities are as the cloud customer.
01:36
Now the diagram. But you're looking at on the screen is one that is published by Microsoft. I'll leave the link as part of the supplementary materials
01:46
well, wherever you see blue in this diagram that represents our security responsibilities as the cloud customer. While the great represent Microsoft's responsibilities as a cloud provider,
02:01
one of the fees that you can see it clearly on the screen
02:06
is that the godless off the cloud model the way using
02:09
infrastructure as a service platform. As a service, our software as a service, we are never with doubt security responsibility. We always have a security responsibility to fulfill.
02:24
Another thing that I like to point out to people is wherever you see blue on the screen with godless off the model that you're using
02:34
if you do not have any strategy to protect yourself in those area, what it means is that you're not fulfilling a key security responsibility. That a cloud provider in this case, Microsoft, expected to for few on what that also means
02:52
is that in the area where you see blue that you do not have a strategy,
02:55
you're living yourself exposed to try it on to attack in those areas
03:02
wanted often also like to point out
03:05
is that the pending on the cloud model the way using others cloud service type the way using security responsibility varies.
03:15
For example, if where you've been virtual missions in Hajer,
03:21
which bullfight infrastructure of the service, Microsoft will be responsible for helping to secure the physical network. The physical storage virtualization platform on Die includes updating the federalization host.
03:34
But however, we need to take care of securing our virtual network when it's taking off. Securing the public endpoint, which I get way into our veteran machines on. We needs to take responsibility for updates and the guest or prison systems off a virtual machine
03:52
so we can see that our security responsibilities varies if we use them platform services, infrastructure services or software as a service type services.
04:01
If we're using platform services like as your storage or as your have service, what I want to emphasize East, that's do not think that because you're using this managed services, you do not have a responsibility. We always have a responsibility. It off a few when the council security.
04:18
So here are some supplemental materials that can help you to father your studies on what we've discussed in this lesson
04:28
in this lesson. We covered the following
04:30
shared security responsibility model on what that means.
04:36
Thanks very much for watching this video on. I'll see you in the next lesson.

Up Next

AZ-500: Microsoft Azure Security Technologies

In the AZ-500 Microsoft Azure Security Technologies training, students will learn the skills that are needed to pass the AZ-500 certification exam. All exam topics are covered as well as exam preparation strategies and hands-on practice.

Instructed By

Instructor Profile Image
David Okeyode
Cloud Security Architect
Instructor