Time
5 hours 31 minutes
Difficulty
Advanced
CEU/CPE
6

Video Description

In this video we discuss physical and environmental controls within the cloud. The purpose of these controls is to protect both equipment and services. Policies and controls governing the protection of physical assets consist of:

  • Temperature and humidity guidelines
  • Cable management
  • Aisle separation and containment
  • MVPC

Policies governing the location of the physical environment are important to mitigate against natural disasters and political unrest. HR policies and controls are also important to manage the behavior of personnel working within the facility.

Video Transcription

00:04
Okay, let's begin with the physical in the environmental design of the facility. So we need to make sure we're protecting the equipment as well. As the service is in the er facility, we need to also consider what h r sort of policies and procedures are there,
00:20
uh, to protect the physical security is well, is the logical security
00:24
how legacy physical security efforts may have been managed in staffed prior to transition to the cloud. So the way we used to operate may very well and affect the way that we currently operate. You may have these leftover policies, procedures, technologies, whatever,
00:42
and then also, it all comes down to money. So
00:45
what are the financial resource is that we have available in order to protect the facility. All right, so when we're talking about physical design, some things we have to consider temperature and humidity guidelines. So with temperature, you want it somewhere around
01:00
70 degrees. You know, give or take a few degrees here and there, based on your needs. I like my data center a little bit cooler.
01:07
Um, humidity, humidity, usually Ah, somewhere around 50%. Um, if if your humidity is too low you're gonna have problems with static electricity. If it's too high, you'll have condensation and rust. A CE faras air management goes, making sure
01:26
that we have positive airflow
01:29
things leave the building rather than come into the building. Also, we want to make sure that we allow for pop proper cooling, so we would wanna have the hot and cold aisles where AH, server isn't pulling in hot air,
01:42
you know? So the, um, Isles from where they're pulling, I should pull from a cold I'll Hopefully that makes sense. Manager cable so that there's good airflow, multi vendor pathway, connective ity, making sure that as multiple vendors are accessing, that we have a streamlined approach
02:02
and then making sure that again, just protecting the physical environment.
02:07
So, first of all, we look at the physical location of cloud security provider. Are they on the same injurious fault? That's probably a bad place to be poor planning. What is the safety of the region, whether
02:22
it's in a high crime area or perhaps in a physical location? Because again these cloud storage providers
02:28
have facilities all over the world, is there an area of unrest? Are their natural disasters is the facility easy to access in the event of an emergency? So we look at those things, as a matter of fact, many of those things we would consider when we're looking to build our own facility.
02:45
All right, now from, um, uh, environmental controls again. Temperature between 64 80 degrees. Like I said, 70 degrees. Usually pretty good. Around 50%. 40% toe, 80% humidity, 80%. You know, uh, up there.
03:04
And, Ah, when we say cable management strategy, making sure that cables are raft cables are labeled cables air not obstructing air flown anyway. And again that I'd get the hot cold. I'll making sure that we're not overheating.
03:23
All right. Now, the security infrastructure of the facility. Lots of good points here making sure that entry points are secure. What are the access control systems? Do we have smart cards? You have to badge in. Is there security guard? Because really, you're going to get the best defense
03:42
having a security guard. They can help prevent piggybacking.
03:46
They can detect and correct any sort of problems. So it's certainly worth a security guard. Access control systems linked with emergency, uh, mitigation So, for instance, if there is a fire, does it automatically contact the fire department to expedite resolution there?
04:04
Um,
04:06
emergency auto release buttons near all access card readers. Motion sensor alarms, you know. And again, it's all about the risk management. Does it warrant this degree of control? But again, if you're looking at an enterprise environment or cloud service provider, these would all be warranted.
04:25
So fire exits Panic bar so that
04:29
people can leave very quickly cc TV being very important so that we can use that as a detective control and for monitoring. Ah, fire suppressants. Ah, Is there an emergency response team in place? Two way radio devices for the security staff.
04:47
All of these air good considerations
04:50
for security infrastructure.

Up Next

ISC2 Certified Cloud Security Professional (CCSP)

This online course will guide you through the contents of the CCSP certification exam. Obtaining your CCSP certification shows that you are a competent, knowledgeable, cloud security specialist who has hands-on experience in the field.

Instructed By

Instructor Profile Image
Kelly Handerhan
Senior Instructor