Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Security and Compliance Topics Covered in CloudMASTER IT Training


Published on

Cloud computing security and compliance skills continue to be some of the most in-demand tech skills. In this presentation we look at the security and compliance training included in CloudMASTER cloud computing classes.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Security and Compliance Topics Covered in CloudMASTER IT Training

  1. 1. Security and Compliance Topics Covered in CloudMASTER Cloud Computing Classes
  2. 2. When implementing cloud computing solutions, an understanding of cloud security and compliance issues, options, and solutions is essential.
  3. 3. Cloud Security Topics Covered in CloudMASTER Cloud Computing Classes
  4. 4. Classes cover how cloud computing has security threats just like traditional networks.
  5. 5. Common threats discussed in class include: • Hacking • Data Breaches • Data Loss • Traffic Hijacking • Insecure Interfaces / APIs • DDos Attacks • Poor Planning • Shared Technology Risks
  6. 6. Discontinued Services Classes cover a defense in depth approach to implement layers of security to protect your cloud environment.
  7. 7. Security topics include: • Essential Security Practices • Essential Security Tools • FedRAMP Security Standards
  8. 8. Classes cover encryption to protect the confidentiality of data in the cloud.
  9. 9. Encryption topics include: • Encryption Types • Encryption Strengths • Encryption Options
  10. 10. Classes cover encryption key management to securely store, protect and retrieve keys.
  11. 11. Key management topics include: • Key Pairs • Key Pair Scenarios • Key Rotation • Certificate Vendor Selection
  12. 12. Classes cover identity and Account Management (IAM) to provide single sign-on for users.
  13. 13. IAM topics include: • Authentication Requirements • Multi-factor Authentication • Federation for Single Sign On • AWS IAM • Third Party IAM Solutions
  14. 14. Classes cover secure data in transit whether it is internal, or in the cloud.
  15. 15. Classes cover secure data at rest whether it is internal or in the cloud.
  16. 16. Classes cover the impact of security on data portability.
  17. 17. Classes cover the impact of data movement on security.
  18. 18. Discontinued Services Classes cover securing cloud applications as you would with any application.
  19. 19. Application security topics include: • Cloud App Security Fundamentals • Interface and API Security • Secure App Administration • Secure Shell (SSH) Configuration • Securing Heroku Apps wtih GitBash
  20. 20. Classes cover perimeter security to keep your network secure when connecting to the cloud.
  21. 21. Perimeter security topics include: • Firewall • DDoS Detection and Mitigation • Cloud Service Monitoring • Third Party Services
  22. 22. Classes cover defining a process for how to respond to a security event.
  23. 23. Event response topics include: • Types of Security Events • Impact of a Cloud Security Breach • Response Processes and Tools
  24. 24. Compliance Topics Covered in CloudMASTER Cloud Computing Classes
  25. 25. HIPAA Health Insurance Portability and Accountability Act Regulatory Requirements Defined FERPA Federal Education Rights and Privacy Act SCA Stored Communications Act FCRA Fair Credit Reporting Act COPPA Children’s Online Privacy Protection Act SOX Sarbanes-Oxley Act FISMA Federal Information Security Management Act PCI DSS Payment Card Industry Data Security Standard
  26. 26. Classes cover who owns compliance responsibilities during an audit. Yours Providers
  27. 27. Classes cover key strategies to help ensure compliance.
  28. 28. Key strategies topics include: • Provider compliance vetting and comparison • Using hybrid cloud implementations for compliance • Patriot Act impact on Cloud Providers and Services
  29. 29. Classes cover the tools and standards that help meet compliance.
  30. 30. Tools and standards topics include: • Compliance standards: SSAE 16, ISAE 3402, and ISO 27001 • 3rd party compliance tools and services • CloudAudit specification
  31. 31. Classes cover the questions you need to ask your providers that relate to compliance.
  32. 32. Common question topics include: • Data location • Data center security • Tenant data isolation • Security controls • Auditing and logging • Incident response • Audit response
  33. 33. What are you waiting for? Turn up your cloud computing expertise! Learn more about CloudMASTER: See our class schedule & class descriptions:
  34. 34. Get 5% off your first CloudMASTER class, or 10% off for 3 or more attendees!
  35. 35. Connect with us on our Cloud Channels: Cloud Blog: Class Schedule: