Cloud Security Fundamentals
January 14th, 2019
Security Training Architect II in Content
The cloud has brought about tons of innovation and features. One thing often forgotten about during implementation is security. This course is designed around introducing the prospective student to many of the cloud concepts and how to secure those through use of tools available to them.
About the Course
Welcome to our Cloud Security Fundamentals course. This course is designed to help students get a basic understanding of key security functions and how to successfully navigate a cloud environment. I am excited to have you here! When you're ready, mark this video complete and let's get started!
About the Author
Welcome to our Cloud Security Fundamentals course! Your instructor for this course is Justin Mitchell. In this video, he'll introduce himself and talk a little about his credentials in the Cybersecurity field.
Cloud Service Agreements
This video lesson is designed to introduce the students to the two components of the Cloud Service Agreement: The Acceptable Use policy (AUP) and the Service Level Agreement (SLA). These will both be important concepts to understand as we work through the remainder of the course.
Roles and Responsibilities
This video lesson is designed to demonstrate the different roles and responsibilities that a Cloud Service Provider and a cloud customer within the different service offerings available to them.
The Role of Formal Configuration Management and Inventory Systems
Configuration and Inventory Management take on interesting differences in a cloud environment vs in an on-premise solution. This video lesson takes aim at understanding the role that these two processes play in securing our environments.
Securing Innovative Technologies
Many cloud solutions allow us the ability to be much more innovative in the technology suites that we employ. One of these innovative technologies is containers. This video lesson is designed to show how containers help increase the security of an application or system.
Machine Learning and Analytics
Machine learning and analytics allow our organizations to adequately predict future iterations in an effort to make strategic business decisions. These can also be useful tools for cybersecurity professionals to employ to make strategic security decisions. This lesson is focused on how this technology can be used to do so.
Security Functions in a Cloud Environment
Identity and Access Management
Identity and Access Management (IAM) plays a huge role in securing our systems and applications. In this video lesson, we look at some of the key differences between IAM in an on-premise solution vs in a cloud environment.
Quarantining and Containing Cloud Servers
Quarantining and Containing incidents in a cloud environment is a much different process than in a traditional, on-premise environment. In this lesson, we cover some of the concepts associated with quarantining and containment.
Understanding Cloud Disaster Recovery Procedures
There are several techniques that can be used for Disaster Recovery in the cloud. This video lesson was designed to indroduce the student to some of the DR concepts, as well as to discuss some of the advantages and disadvantages of these cloud solutions.
Practical Security Application Locations
One question that we see asked quite often is "where should security appliances be located in a cloud solution?" This video lesson addresses that very issue!
Maintaining GRC in Cloud Environments
Maintaining a Risk-Based Approach in a Cloud Environment
One of the keys to successfully manage security plans and programs is through the successful implementation of GRC (Governance, Risk Management, and Compliance), and in order to successfully manage GRC, we must maintain a risk-based approach for our programs. This video lesson is dedicated to introducing the student to the six steps of the Risk Management Framework provided by NIST and how to maintain those steps in a cloud environment. See link for NIST Special Publication 800-53: https://nvlpubs.nist.gov/nistpubs/specialpublications/nist.sp.800-53r4.pdf
Maintaining Regulatory Compliance
This video lesson is designed around helping the student understand how to maintain regulatory compliance (a must for certain industries) in a cloud environment. Note: regulations vary by country
Today's Relations Between Security and Compliance
A major point of contention today is the "We're compliant, so we must be secure" argument. This video lesson discusses the relationship between compliance and security in today's technologically-advanced environments.