Skip to main content

Compliance in the Cloud Fundamentals

Course

Intro Video

Photo of Justin Mitchell

Justin Mitchell

Training Architect

Length

02:29:38

Difficulty

Beginner

Videos

12

Course Details

One of the largest limiting factors for organizations considering migrating to the cloud is: "How do we maintain regulatory compliance in a cloud environment?" This course is designed to give a brief introduction to some of the tools and techniques the student can use to help answer that very question.

You can find the interactive diagram used in the course right here - https://interactive.linuxacademy.com/diagrams/ComplianceinCloud.html

Syllabus

Compliance in the Cloud

Introduction

About the Author

00:00:28

Lesson Description:

Hi, I'm Justin Mitchell. I've been in the IT field for just over 12 years, with 8 of those years working in Information Security. I'm excited to have you here and look forward to being your guide on your learning adventure. Connect with me on: LinkedIn Via Email Community Slack

About the Course

00:04:19

Lesson Description:

Welcome to our Maintaining Compliance in the Cloud Fundamentals Course. This course is designed around introducing the student to the differences about maintaining compliance in the cloud. It is intended to be 100% vendor-neutral as we discuss these topics. It's important to note that the compliance efforts that I cover in this course are based on US legislation and regulations. Of course, other countries have their own laws, standards and regulations, so the student should take their own country's stance into mind as we cover these topics. You can find the interactive diagram we use right here - https://interactive.linuxacademy.com/diagrams/ComplianceinCloud.html

Compliance Overview

Overview of Regulations

00:14:14

Lesson Description:

To begin our discussions around maintaining regulatory compliance in the cloud, it is vitally important to understand the regulations that we may encounter along our careers. This video lesson is centered around introducing you, the student, to some of the more common regulations. This lesson will focus on the regulations themselves, as well as understanding how certain controls are written within those regulations. NIST Special Publication 800-53

Challenges of Maintaining Compliance in the Cloud

00:15:58

Lesson Description:

As we discuss maintaining compliance, there are certain challenges that an organization may face that are unique to cloud environments. In this video, we'll highlight some of these challenges and discuss possible mitigations help smooth the compliance efforts.

Does Compliance Equal Security?

00:14:12

Lesson Description:

One of the main driving forces of the creation of regulatory and legislative compliance frameworks was to increase the security around certain protected information. This has created an interesting debate about whether maintaining compliance with these frameworks actually ensures data security for the organization. In this lesson, we take a look at this debate to determine how we can marry the two concepts.

Cloud Security Tools and Their Role in Maintaining Compliance

Cloud Identity and Access Management

00:16:51

Lesson Description:

As we discussed in our Overview lesson, Identity and Access management (IAM) plays a pivotal role in maintaining regulatory compliance. In this lesson, let’s take a deeper look at some of the key differences in how IAM is implemented in a cloud solution vs a traditional, on-premise solution. Tom's Netflix Provisioning Video Mentioned in the Lesson

Cloud Disaster Recovery

00:16:10

Lesson Description:

In addition to Identity and Access Management and Intrusion Detection and Prevention Systems, Disaster Recovery efforts is another focal point of maintaining regulatory compliance. Let’s take a look at how cloud solutions can offer solutions to help us maintain compliance, while optimizing performance.

Cloud Intrusion Detection and Prevention Techniques

00:19:42

Lesson Description:

Monitoring for suspicious activities is vital to the increased security and compliance level of any network or system. However, understanding how to work within the cloud environment and with your cloud service provider to ensure these detection and prevention processes are done appropriately is especially important for maintaining compliance in the cloud. In this lesson, we’ll examine how to gather this information as well as discuss some of the key differences between performing these actions in a cloud vs in an on-premise solution.

GRC in the Cloud

GRC Overview

00:18:19

Lesson Description:

One of the keys to successfully manage security plans and programs is through the successful implementation of GRC (Governance, Risk Management, and Compliance), and in order to successfully manage GRC, we must maintain a risk-based approach for our programs in addition to ensuring the controls we select are tailored for maintaining regulatory compliance. In this lesson, we’ll discuss and give a brief overview into the GRC concepts that you’ll need to understand.

GRC's Role in Maintaining Compliance

00:12:59

Lesson Description:

Our previous lesson was focused on giving a brief overview of GRC, but now let’s take a deeper look into how using GRC effectively can have a significant impact on our organization meeting compliance goals.

GRC in the Cloud

00:12:32

Lesson Description:

As we’ve shown, GRC plays an integral role in maintaining our compliance goals. Now, let’s take it a step further and discuss how we can properly leverage GRC to ensure that we are striving to meet our compliance goals in a cloud environment. This lesson will focus on giving you, the student, the knowledge necessary to carry out effective Cloud GRC.

What's Next?

What's Next?

00:03:47

Lesson Description:

We have concluded our course on Maintaining Compliance in the Cloud. Now let's take a look at some other courses that you may be interested in.