Shared Responsibility for Cloud Platform Oversight

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
12 hours 57 minutes
Difficulty
Intermediate
CEU/CPE
13
Video Transcription
00:01
>> Now, we're going to also talk about some of
00:01
the shared responsibility for Cloud platform oversight.
00:01
These are instances where the Cloud provider
00:01
and the customer may need
00:01
to coordinate and do some more information sharing.
00:01
In this lesson, we want to talk about
00:01
coordination between the customer and the provider,
00:01
and what is necessary to maintain security,
00:01
talk about the key areas of coordination in the Cloud,
00:01
and then one of
00:01
the important aspects of this is really to focus on
00:01
the balance between providing
00:01
the customer access and the need to coordinate.
00:01
Writers really shouldn't be granting customers anymore
00:01
access than they truly need
00:01
to meet their business objectives.
00:01
The main instance where providers and
00:01
customers may coordinate is when it comes to testing.
00:01
Both writers and customers
00:01
may have their own same solution,
00:01
and also when there are issues related to
00:01
a potential security incident or suspicious activity
00:01
the provider may provide the customer with some
00:01
of its logs or data to help them
00:01
in their incident response
00:01
or their investigation to ensure that they are able
00:01
to mitigate a breach if they have
00:01
one or confirm the network activity is normal.
00:01
Another important aspect of
00:01
the testing that goes on is that Cloud providers will
00:01
often enable a certain amount of access to audit
00:01
reformed logs and configuration settings on resources.
00:01
However, they really want to limit the customers access
00:01
because the customer relationship of
00:01
using this to configure and understand
00:01
their network and tune up
00:01
their own defensive capabilities based on
00:01
the baseline network performance
00:01
and logs that they are able to see.
00:01
Important consideration is that
00:01
if you're a customer and you're frustrated with
00:01
your hosting provider related to
00:01
how much visibility you're
00:01
given to tune your own environment,
00:01
you should consider, well,
00:01
this provider as being
00:01
a responsible steward of
00:01
their environments and really making
00:01
sure that the available information
00:01
to anyone is kept at a minimum,
00:01
any information or reconnaissance on
00:01
how the Cloud provider system is set up.
00:01
What things are running on it really
00:01
provide inside information to any would-be attacker.
00:01
Another area where the customer and collaborator
00:01
may coordinate is when it comes
00:01
>> to data loss prevention.
00:01
>> The provider may need to help
00:01
the customer expressly design their solution and
00:01
ensure that it's tested and
00:01
working appropriately to enable
00:01
the appropriate intellectual protection
00:01
for data going in and out of their environment.
00:01
Good question. Why should too much access
00:01
to Cloud provider data,
00:01
logs, or environment be concerning to a Cloud customer?
00:01
One, the amount of data could
00:01
overwhelm the customer's system.
00:01
The customer may not be able to effectively test
00:01
because of difficulty prioritizing data elements.
00:01
Three, if the provider allows
00:01
generous access to one customer,
00:01
it may be doing the same with
00:01
other customers and making the platform less secure.
00:01
If you said number three, you got it.
00:01
Really the customer should only have
00:01
as much access as necessary to test their system,
00:01
makes sure that they have
00:01
effective instant response monitoring,
00:01
and then implement any data loss prevention system
00:01
that they want to have in their environment.
00:01
Anything else really degrade
00:01
the potential security of the Cloud environment.
00:01
In summary, we talked about the key areas where
00:01
coordination between the customer
00:01
and the provider is appropriate.
00:01
Testing, data loss prevention,
00:01
incident response, and threat investigation.
00:01
Then we also talked about the balance
00:01
between coordination and maintaining security.
00:01
Just the right amount of access
00:01
>> to help the customer meet
00:01
>> their business objectives and
00:01
maintain security, nothing more.
00:01
I will see you in the next lesson.
Up Next