SlideShare a Scribd company logo

Cloud Security - Kloudlearn

KloudLearn
KloudLearn

Cloud Security or Cloud Computing Security refers to a set of policies, procedures, and controls to safeguard cloud-based systems, infrastructure, and data. Cloud Security involves the policies and procedures that safeguard cloud computing environments against cyberattacks.

Software
1 of 24
Download to read offline
Online course offering Cloud Security “Cloud is about how you do computing, not where you do computing.” - Paul Maritz, CEO ofVMware © KloudLearn www.kloudlearn.com
Learning Objectives © KloudLearn www.kloudlearn.com 2 What is Cloud Security (Definition) Trends associated with Cloud Security How DoYou Manage Security in the Cloud? Why is Cloud Security Important Cloud Security vsTraditional Security What are the Challenges What are end-user’s expectations from Cloud Security Some Do's and Don’ts When Using Cloud and its Services QuizTime: Let’s Have Fun ?
What is Cloud Security (Definition) © KloudLearn www.kloudlearn.com 3 Cloud security involves the procedures and technology that secure cloud computing environments against both external and insider cybersecurity threats. Cloud security, also known as cloud computing security, consists of a set of policies, controls, procedures and technologies that work together to protect cloud-based systems, data, and infrastructure. Cloud computing, which is the delivery of information technology services over the internet, has become a must for businesses and governments seeking to accelerate innovation and collaboration.
Trends associated with Cloud Security ● Increasing Partnerships between CSPs and Security Solution Providers Expected. ● Increasing Emergence of Cloud Service-specific Security Solution Providers. ● Identity Management and Encryption to Remain the Top Cloud Security Solutions Offered. ● Increasing Availability of Cloud Security Solutions for Small and Medium-sized Businesses (SMBs). ● Emergence of Strong Cloud Security Standard and Guidelines. © KloudLearn www.kloudlearn.com 4
How DoYou Manage Security in the Cloud? © KloudLearn www.kloudlearn.com 5 Source: https://phoenixnap.com/blog/what-is-cloud-security
How DoYou Manage Security in the Cloud? contd. © KloudLearn www.kloudlearn.com 6 Firewalls: It’s like mainstay of cloud architecture. Access controls: Protect data by allowing you to set access lists for different assets. Data Security: Methods include virtual private networks, encryption, or masking. Data masking: Encrypts identifiable information, such as names. Threat intelligence: spots security threats and ranks them in order of importance. Disaster recovery: key to security since it helps you recover data that are lost or stolen.
INCREASING USAGE OF CLOUD SERVICES Why is Cloud Security Important ? © KloudLearn www.kloudlearn.com 7 Increasing Usage of Cloud Services in Non-traditional Sectors. Growing Adoption of Cloud Services in Government Departments. Rise in Cloud Service-specific Attacks Growing Usage of Cloud Services for Critical Data Storage. Rise in Employee Mobility.
Cloud Security vs Traditional Security © KloudLearn www.kloudlearn.com 8 Source: https://phoenixnap.com/blog/what-is-cloud-security
What are the challenges? ● CSPs believe that Security is End-users’ Issue ● CSP is responsible for some aspects of security. ● Shared Responsibility Model ● Security in the Cloud - CSP ● Security of the Cloud - Customer /You ● Lack of Awareness about Cloud Security ● Tendency of "over trust" in Cloud Providers ● Threats from Insider ● Lack of Proper Cloud Security Standards ● Complicated Interfaces and APIs © KloudLearn www.kloudlearn.com 9
What are end-user’s expectations from Cloud Security ● Strong Overall Security Offered ● Suite of Security Solutions Offered ● Encryption Key Management Features Offered ● Availability of Fine Granular Control © KloudLearn www.kloudlearn.com 10
Some Do's and Don’ts When Using Cloud and its Services © KloudLearn www.kloudlearn.com 11 ● Do strategize your cloud migration ● Do include automated testing ● Do consider containers ● Do get trained and train your employees too ● Do decouple your applications from physical resources ● Do review the costs before migration ● Do remember risk and compliance Let’s Check Out the Do’s First Now, what can you Avoid ● Don’t forget about security ● Don’t relocate many applications into the cloud ● Don’t be too selective ● Don’t transfer everything to the cloud ● Don’t start the project with rigid views of the outcome ● Don’t overlook the importance of a governance infrastructure
Key Takeaways ● Don't think Cloud will protect us whatever we throw on that ● Remember we're always responsible for "Security in the cloud" ● Misconfigurations are the biggest threat than anything, stick to best practices ● Make sure to follow respective Benchmarks ● A single leak of Secrets can compromise your entire Cloud Security ● Eg. are Uber Leak, Famous Twitter Hack of 2020 etc ● Understand different types of clouds and your role ● Shared Responsibility model ● CSPs are not solely responsible for securing data, we're also ● Legacy tools and architectures don’t work on cloud security issues ● Look for automation when scaling in the cloud © KloudLearn www.kloudlearn.com 12
Test your knowledge! Quiz Quiz
By ensuring enough resources to make information available for all users By preventing unauthorized changes By regularly backing up the information By restricting access to information © KloudLearn www.kloudlearn.com How can confidentiality of information be achieved? 14
Increased/shared attack surface Configuration and vulnerability management Identity management Administrative access control © KloudLearn www.kloudlearn.com Which of the following risks is actually increased by cloud-specific security technologies? 15
© KloudLearn www.kloudlearn.com Google App Engine (often referred to as GAE or simply App Engine) ____. 16 Is a Platform as a Service Is a Software as a Service Is a Infrastructure as a Service All of the above
© KloudLearn www.kloudlearn.com Which of the following service provider provides the least amount of built in security? 17 SaaS PaaS IaaS All of the above
© KloudLearn www.kloudlearn.com Point out the wrong statement: 18 You can use proxy and brokerage services to separate clients from direct access to shared cloud storage Any distributed application has a much greater attack surface than an application that is closely held on a Local Area Network Cloud computing don’t have vulnerabilities associated with Internet applications All of the mentioned
VPN WAF IPSec HTTPS © KloudLearn www.kloudlearn.com Which of the following security technologies is commonly used to give administrators access into trust zones within an environment? 19
© KloudLearn www.kloudlearn.com 7. StateTrue or False: Public, Private and Hybrid are cloud deployment models. 20 True False
AType 1 hypervisor also controls patching of its hosted virtual machines ensure they are always secure. AType 1 hypervisor is tied directly to the bare metal and only runs with code necessary to perform its specific mission. AType 1 hypervisor performs hardware-level encryption for tighter security and efficiency. AType 1 hypervisor only hosts virtual machines with the same operating systems as the hypervisor. © KloudLearn www.kloudlearn.com Why does aType 1 hypervisor typically offer tighter security controls than aType 2 hypervisor? 21
SaaS PaaS IaaS All of the above © KloudLearn www.kloudlearn.com Identify a cloud service model which can be used for developing, testing and managing applications? 22
Authentication and authorization; Control of access Cloud storage services; Policies Integrity of data and Clean-up Phase; Compliance Infrastructure; Cloud ingress © KloudLearn www.kloudlearn.com The main two security aspects you receive along with cloud is ___ and ___? 23
ThankYou © KloudLearn www.kloudlearn.com 24 KloudLearn, Inc. is headquartered in SiliconValley, California. Our mission is to help enterprises provide an engaging and impactful learning experience that improves business performance.We provide the industry’s most modern LMS (Learning Management System). For more information visit us at www.kloudlearn.com or reach out to us at info@kloudlearn.com

Recommended

The Top Cloud Security Issues
The Top Cloud Security IssuesThe Top Cloud Security Issues
The Top Cloud Security Issues
HTS Hosting
 
Cloud Computing Security - Cloud Controls Security
Cloud Computing Security - Cloud Controls SecurityCloud Computing Security - Cloud Controls Security
Cloud Computing Security - Cloud Controls Security
Hari Kumar
 
Cyber Security and Cloud Computing
Cyber Security and Cloud ComputingCyber Security and Cloud Computing
Cyber Security and Cloud Computing
Keet Sugathadasa
 
cloud security ppt
cloud security ppt cloud security ppt
cloud security ppt
Devyani Vaidya
 
Cloud security training, certified cloud security professional
Cloud security training, certified cloud security professionalCloud security training, certified cloud security professional
Cloud security training, certified cloud security professional
Bryan Len
 
Cloud security
Cloud securityCloud security
Cloud security
Tushar Kayande
 
Cloud security
Cloud securityCloud security
Cloud security
BikashPokharel3
 
Cloud Security & Cloud Encryption Explained
Cloud Security & Cloud Encryption ExplainedCloud Security & Cloud Encryption Explained
Cloud Security & Cloud Encryption Explained
Porticor - The Cloud Security Experts
 

Recommended

The Top Cloud Security Issues
The Top Cloud Security IssuesThe Top Cloud Security Issues
The Top Cloud Security Issues
HTS Hosting
 
Cloud Computing Security - Cloud Controls Security
Cloud Computing Security - Cloud Controls SecurityCloud Computing Security - Cloud Controls Security
Cloud Computing Security - Cloud Controls Security
Hari Kumar
 
Cyber Security and Cloud Computing
Cyber Security and Cloud ComputingCyber Security and Cloud Computing
Cyber Security and Cloud Computing
Keet Sugathadasa
 
cloud security ppt
cloud security ppt cloud security ppt
cloud security ppt
Devyani Vaidya
 
Cloud security training, certified cloud security professional
Cloud security training, certified cloud security professionalCloud security training, certified cloud security professional
Cloud security training, certified cloud security professional
Bryan Len
 
Cloud security
Cloud securityCloud security
Cloud security
Tushar Kayande
 
Cloud security
Cloud securityCloud security
Cloud security
BikashPokharel3
 
Cloud Security & Cloud Encryption Explained
Cloud Security & Cloud Encryption ExplainedCloud Security & Cloud Encryption Explained
Cloud Security & Cloud Encryption Explained
Porticor - The Cloud Security Experts
 
Security on Cloud Computing
Security on Cloud Computing Security on Cloud Computing
Security on Cloud Computing
Reza Pahlava
 
Cloud Security Governance
Cloud Security GovernanceCloud Security Governance
Cloud Security Governance
Shankar Subramaniyan
 
Cloud Security Demystified
Cloud Security DemystifiedCloud Security Demystified
Cloud Security Demystified
Michael Torres
 
The Notorious 9 Cloud Computing Threats - CSA Congress, San Jose
The Notorious 9 Cloud Computing Threats - CSA Congress, San JoseThe Notorious 9 Cloud Computing Threats - CSA Congress, San Jose
The Notorious 9 Cloud Computing Threats - CSA Congress, San Jose
Moshe Ferber
 
Can Cloud Solutions Transform Network Security
Can Cloud Solutions Transform Network SecurityCan Cloud Solutions Transform Network Security
Can Cloud Solutions Transform Network Security
EC-Council
 
Microsoft Platform Security Briefing
Microsoft Platform Security BriefingMicrosoft Platform Security Briefing
Microsoft Platform Security Briefing
technext1
 
CLOUD SECURITY IN INSURANCE INDUSTRY WITH RESPECT TO INDIAN MARKET
CLOUD SECURITY IN INSURANCE INDUSTRY WITH RESPECT TO INDIAN MARKETCLOUD SECURITY IN INSURANCE INDUSTRY WITH RESPECT TO INDIAN MARKET
CLOUD SECURITY IN INSURANCE INDUSTRY WITH RESPECT TO INDIAN MARKET
Amity University | FMS - DU | IMT | Stratford University | KKMI International Institute | AIMA | DTU
 
Cloud summit demystifying cloud security
Cloud summit demystifying cloud securityCloud summit demystifying cloud security
Cloud summit demystifying cloud security
David De Vos
 
secureit-cloudsecurity-151130141528-lva1-app6892.pdf
secureit-cloudsecurity-151130141528-lva1-app6892.pdfsecureit-cloudsecurity-151130141528-lva1-app6892.pdf
secureit-cloudsecurity-151130141528-lva1-app6892.pdf
YounesChafi1
 
Microsoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overviewMicrosoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overview
Allessandra Negri
 
Managing Cloud Security Risks in Your Organization
Managing Cloud Security Risks in Your OrganizationManaging Cloud Security Risks in Your Organization
Managing Cloud Security Risks in Your Organization
Charles Lim
 
Rik Ferguson
Rik FergusonRik Ferguson
Rik Ferguson
CloudExpoEurope
 
Msft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacksMsft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacks
Akram Qureshi
 
Who owns security in the cloud
Who owns security in the cloudWho owns security in the cloud
Who owns security in the cloud
Trend Micro
 
Cloud Security Engineering - Tools and Techniques
Cloud Security Engineering - Tools and TechniquesCloud Security Engineering - Tools and Techniques
Cloud Security Engineering - Tools and Techniques
Gokul Alex
 
Transforming cloud security into an advantage
Transforming cloud security into an advantageTransforming cloud security into an advantage
Transforming cloud security into an advantage
Moshe Ferber
 
Cloud university intel security
Cloud university intel securityCloud university intel security
Cloud university intel security
Ingram Micro Cloud
 
Cloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-wareCloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-ware
Tzar Umang
 
Cloud security for banks - the central bank of Israel regulations for cloud s...
Cloud security for banks - the central bank of Israel regulations for cloud s...Cloud security for banks - the central bank of Israel regulations for cloud s...
Cloud security for banks - the central bank of Israel regulations for cloud s...
Moshe Ferber
 
Security issue in Cloud computing
Security issue in Cloud computingSecurity issue in Cloud computing
Security issue in Cloud computing
Seema Kumari
 
Cloud Security - Types, Common Threats & Tips To Mitigate.pdf
Cloud Security - Types, Common Threats & Tips To Mitigate.pdfCloud Security - Types, Common Threats & Tips To Mitigate.pdf
Cloud Security - Types, Common Threats & Tips To Mitigate.pdf
DataSpace Academy
 
chapitre1-cloud security basics-23 (1).pptx
chapitre1-cloud security basics-23 (1).pptxchapitre1-cloud security basics-23 (1).pptx
chapitre1-cloud security basics-23 (1).pptx
GhofraneFerchichi2
 

More Related Content

What's hot

Microsoft Platform Security Briefing
Microsoft Platform Security BriefingMicrosoft Platform Security Briefing
Microsoft Platform Security Briefing
technext1
 
Who owns security in the cloud
Who owns security in the cloudWho owns security in the cloud
Who owns security in the cloud
Trend Micro
 
Cloud university intel security
Cloud university intel securityCloud university intel security
Cloud university intel security
Ingram Micro Cloud
 

What's hot (20)

Security on Cloud Computing
Security on Cloud Computing Security on Cloud Computing
Security on Cloud Computing
 
Cloud Security Governance
Cloud Security GovernanceCloud Security Governance
Cloud Security Governance
 
Cloud Security Demystified
Cloud Security DemystifiedCloud Security Demystified
Cloud Security Demystified
 
The Notorious 9 Cloud Computing Threats - CSA Congress, San Jose
The Notorious 9 Cloud Computing Threats - CSA Congress, San JoseThe Notorious 9 Cloud Computing Threats - CSA Congress, San Jose
The Notorious 9 Cloud Computing Threats - CSA Congress, San Jose
 
Can Cloud Solutions Transform Network Security
Can Cloud Solutions Transform Network SecurityCan Cloud Solutions Transform Network Security
Can Cloud Solutions Transform Network Security
 
Microsoft Platform Security Briefing
Microsoft Platform Security BriefingMicrosoft Platform Security Briefing
Microsoft Platform Security Briefing
 
CLOUD SECURITY IN INSURANCE INDUSTRY WITH RESPECT TO INDIAN MARKET
CLOUD SECURITY IN INSURANCE INDUSTRY WITH RESPECT TO INDIAN MARKETCLOUD SECURITY IN INSURANCE INDUSTRY WITH RESPECT TO INDIAN MARKET
CLOUD SECURITY IN INSURANCE INDUSTRY WITH RESPECT TO INDIAN MARKET
 
Cloud summit demystifying cloud security
Cloud summit demystifying cloud securityCloud summit demystifying cloud security
Cloud summit demystifying cloud security
 
secureit-cloudsecurity-151130141528-lva1-app6892.pdf
secureit-cloudsecurity-151130141528-lva1-app6892.pdfsecureit-cloudsecurity-151130141528-lva1-app6892.pdf
secureit-cloudsecurity-151130141528-lva1-app6892.pdf
 
Microsoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overviewMicrosoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overview
 
Managing Cloud Security Risks in Your Organization
Managing Cloud Security Risks in Your OrganizationManaging Cloud Security Risks in Your Organization
Managing Cloud Security Risks in Your Organization
 
Rik Ferguson
Rik FergusonRik Ferguson
Rik Ferguson
 
Msft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacksMsft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacks
 
Who owns security in the cloud
Who owns security in the cloudWho owns security in the cloud
Who owns security in the cloud
 
Cloud Security Engineering - Tools and Techniques
Cloud Security Engineering - Tools and TechniquesCloud Security Engineering - Tools and Techniques
Cloud Security Engineering - Tools and Techniques
 
Transforming cloud security into an advantage
Transforming cloud security into an advantageTransforming cloud security into an advantage
Transforming cloud security into an advantage
 
Cloud university intel security
Cloud university intel securityCloud university intel security
Cloud university intel security
 
Cloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-wareCloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-ware
 
Cloud security for banks - the central bank of Israel regulations for cloud s...
Cloud security for banks - the central bank of Israel regulations for cloud s...Cloud security for banks - the central bank of Israel regulations for cloud s...
Cloud security for banks - the central bank of Israel regulations for cloud s...
 
Security issue in Cloud computing
Security issue in Cloud computingSecurity issue in Cloud computing
Security issue in Cloud computing
 

Similar to Cloud Security - Kloudlearn

Zero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fastZero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fast
Cloudflare
 
Trust based Mechanism for Secure Cloud Computing Environment: A Survey
Trust based Mechanism for Secure Cloud Computing Environment: A SurveyTrust based Mechanism for Secure Cloud Computing Environment: A Survey
Trust based Mechanism for Secure Cloud Computing Environment: A Survey
inventionjournals
 
Migrating Critical Applications To The Cloud - ISACA Seattle - Sanitized
Migrating Critical Applications To The Cloud - ISACA Seattle - SanitizedMigrating Critical Applications To The Cloud - ISACA Seattle - Sanitized
Migrating Critical Applications To The Cloud - ISACA Seattle - Sanitized
Norm Barber
 
Secure Your Sky_ Mastering Cloud Web Security.pdf
Secure Your Sky_ Mastering Cloud Web Security.pdfSecure Your Sky_ Mastering Cloud Web Security.pdf
Secure Your Sky_ Mastering Cloud Web Security.pdf
NK Carpenter
 

Similar to Cloud Security - Kloudlearn (20)

Cloud Security - Types, Common Threats & Tips To Mitigate.pdf
Cloud Security - Types, Common Threats & Tips To Mitigate.pdfCloud Security - Types, Common Threats & Tips To Mitigate.pdf
Cloud Security - Types, Common Threats & Tips To Mitigate.pdf
 
chapitre1-cloud security basics-23 (1).pptx
chapitre1-cloud security basics-23 (1).pptxchapitre1-cloud security basics-23 (1).pptx
chapitre1-cloud security basics-23 (1).pptx
 
Zero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fastZero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fast
 
Whitepaper: Security of the Cloud
Whitepaper: Security of the CloudWhitepaper: Security of the Cloud
Whitepaper: Security of the Cloud
 
Security of the Cloud
Security of the CloudSecurity of the Cloud
Security of the Cloud
 
Trust based Mechanism for Secure Cloud Computing Environment: A Survey
Trust based Mechanism for Secure Cloud Computing Environment: A SurveyTrust based Mechanism for Secure Cloud Computing Environment: A Survey
Trust based Mechanism for Secure Cloud Computing Environment: A Survey
 
Cloud security
Cloud securityCloud security
Cloud security
 
What is the significance of cybersecurity in cloud.pptx
What is the significance of cybersecurity in cloud.pptxWhat is the significance of cybersecurity in cloud.pptx
What is the significance of cybersecurity in cloud.pptx
 
What is the significance of cybersecurity in cloud.pptx
What is the significance of cybersecurity in cloud.pptxWhat is the significance of cybersecurity in cloud.pptx
What is the significance of cybersecurity in cloud.pptx
 
Module 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDModule 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUD
 
Cloud is not an option, but is security?
Cloud is not an option, but is security?Cloud is not an option, but is security?
Cloud is not an option, but is security?
 
Security Considerations When Using Cloud Infrastructure Services.pdf
Security Considerations When Using Cloud Infrastructure Services.pdfSecurity Considerations When Using Cloud Infrastructure Services.pdf
Security Considerations When Using Cloud Infrastructure Services.pdf
 
Cloud security risks
Cloud security risksCloud security risks
Cloud security risks
 
Cloud security risks
Cloud security risksCloud security risks
Cloud security risks
 
Migrating Critical Applications To The Cloud - ISACA Seattle - Sanitized
Migrating Critical Applications To The Cloud - ISACA Seattle - SanitizedMigrating Critical Applications To The Cloud - ISACA Seattle - Sanitized
Migrating Critical Applications To The Cloud - ISACA Seattle - Sanitized
 
Migrating Critical Applications to the Cloud - isaca seattle - sanitized
Migrating Critical Applications to the Cloud - isaca seattle - sanitizedMigrating Critical Applications to the Cloud - isaca seattle - sanitized
Migrating Critical Applications to the Cloud - isaca seattle - sanitized
 
IRJET- A Survey: Data Security in Cloud using Cryptography and Steganography
IRJET- A Survey: Data Security in Cloud using Cryptography and SteganographyIRJET- A Survey: Data Security in Cloud using Cryptography and Steganography
IRJET- A Survey: Data Security in Cloud using Cryptography and Steganography
 
Demystifying Cloud Security: Lessons Learned for the Public Sector
Demystifying Cloud Security: Lessons Learned for the Public SectorDemystifying Cloud Security: Lessons Learned for the Public Sector
Demystifying Cloud Security: Lessons Learned for the Public Sector
 
Secure Your Sky_ Mastering Cloud Web Security.pdf
Secure Your Sky_ Mastering Cloud Web Security.pdfSecure Your Sky_ Mastering Cloud Web Security.pdf
Secure Your Sky_ Mastering Cloud Web Security.pdf
 
Understanding Cloud Security - An In-Depth Exploration For Business Growth | ...
Understanding Cloud Security - An In-Depth Exploration For Business Growth | ...Understanding Cloud Security - An In-Depth Exploration For Business Growth | ...
Understanding Cloud Security - An In-Depth Exploration For Business Growth | ...
 

More from KloudLearn

More from KloudLearn (8)

Service Organizational Control (SOC 2) Compliance - Kloudlearn
Service Organizational Control (SOC 2) Compliance - KloudlearnService Organizational Control (SOC 2) Compliance - Kloudlearn
Service Organizational Control (SOC 2) Compliance - Kloudlearn
 
What is Phishing - Kloudlearn
What is Phishing - KloudlearnWhat is Phishing - Kloudlearn
What is Phishing - Kloudlearn
 
What is a Malware - Kloudlearn
What is a Malware - KloudlearnWhat is a Malware - Kloudlearn
What is a Malware - Kloudlearn
 
Health Insurance Portability and Accountability Act (HIPPA) - Kloudlearn
Health Insurance Portability and Accountability Act (HIPPA) - KloudlearnHealth Insurance Portability and Accountability Act (HIPPA) - Kloudlearn
Health Insurance Portability and Accountability Act (HIPPA) - Kloudlearn
 
Employee Awareness in Cyber Security - Kloudlearn
Employee Awareness in Cyber Security - KloudlearnEmployee Awareness in Cyber Security - Kloudlearn
Employee Awareness in Cyber Security - Kloudlearn
 
Cyber Crisis Management - Kloudlearn
Cyber Crisis Management - KloudlearnCyber Crisis Management - Kloudlearn
Cyber Crisis Management - Kloudlearn
 
California Consumer Privacy Act (CCPA) - Kloudlearn
California Consumer Privacy Act (CCPA) - KloudlearnCalifornia Consumer Privacy Act (CCPA) - Kloudlearn
California Consumer Privacy Act (CCPA) - Kloudlearn
 
KloudLearn LMS | E-learning Platform
KloudLearn LMS | E-learning Platform KloudLearn LMS | E-learning Platform
KloudLearn LMS | E-learning Platform
 

Recently uploaded

Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
VictoriaMetrics
 
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Medical / Health Care (+971588192166) Mifepristone and Misoprostol tablets 200mg
 
What Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the SituationWhat Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the Situation
Juha-Pekka Tolvanen
 
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
masabamasaba
 
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
masabamasaba
 

Recently uploaded (20)

%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
 
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
 
tonesoftg
tonesoftgtonesoftg
tonesoftg
 
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
 
WSO2Con2024 - Hello Choreo Presentation - Kanchana
WSO2Con2024 - Hello Choreo Presentation - KanchanaWSO2Con2024 - Hello Choreo Presentation - Kanchana
WSO2Con2024 - Hello Choreo Presentation - Kanchana
 
WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...
WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...
WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...
 
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
 
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
 
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open SourceWSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
 
WSO2CON 2024 - How to Run a Security Program
WSO2CON 2024 - How to Run a Security ProgramWSO2CON 2024 - How to Run a Security Program
WSO2CON 2024 - How to Run a Security Program
 
WSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go PlatformlessWSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go Platformless
 
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
 
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
 
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
 
What Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the SituationWhat Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the Situation
 
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
 
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
 
WSO2Con2024 - From Blueprint to Brilliance: WSO2's Guide to API-First Enginee...
WSO2Con2024 - From Blueprint to Brilliance: WSO2's Guide to API-First Enginee...WSO2Con2024 - From Blueprint to Brilliance: WSO2's Guide to API-First Enginee...
WSO2Con2024 - From Blueprint to Brilliance: WSO2's Guide to API-First Enginee...
 
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
 
%in Soweto+277-882-255-28 abortion pills for sale in soweto
%in Soweto+277-882-255-28 abortion pills for sale in soweto%in Soweto+277-882-255-28 abortion pills for sale in soweto
%in Soweto+277-882-255-28 abortion pills for sale in soweto
 

Cloud Security - Kloudlearn

  • 1. Online course offering Cloud Security “Cloud is about how you do computing, not where you do computing.” - Paul Maritz, CEO ofVMware © KloudLearn www.kloudlearn.com
  • 2. Learning Objectives © KloudLearn www.kloudlearn.com 2 What is Cloud Security (Definition) Trends associated with Cloud Security How DoYou Manage Security in the Cloud? Why is Cloud Security Important Cloud Security vsTraditional Security What are the Challenges What are end-user’s expectations from Cloud Security Some Do's and Don’ts When Using Cloud and its Services QuizTime: Let’s Have Fun ?
  • 3. What is Cloud Security (Definition) © KloudLearn www.kloudlearn.com 3 Cloud security involves the procedures and technology that secure cloud computing environments against both external and insider cybersecurity threats. Cloud security, also known as cloud computing security, consists of a set of policies, controls, procedures and technologies that work together to protect cloud-based systems, data, and infrastructure. Cloud computing, which is the delivery of information technology services over the internet, has become a must for businesses and governments seeking to accelerate innovation and collaboration.
  • 4. Trends associated with Cloud Security ● Increasing Partnerships between CSPs and Security Solution Providers Expected. ● Increasing Emergence of Cloud Service-specific Security Solution Providers. ● Identity Management and Encryption to Remain the Top Cloud Security Solutions Offered. ● Increasing Availability of Cloud Security Solutions for Small and Medium-sized Businesses (SMBs). ● Emergence of Strong Cloud Security Standard and Guidelines. © KloudLearn www.kloudlearn.com 4
  • 5. How DoYou Manage Security in the Cloud? © KloudLearn www.kloudlearn.com 5 Source: https://phoenixnap.com/blog/what-is-cloud-security
  • 6. How DoYou Manage Security in the Cloud? contd. © KloudLearn www.kloudlearn.com 6 Firewalls: It’s like mainstay of cloud architecture. Access controls: Protect data by allowing you to set access lists for different assets. Data Security: Methods include virtual private networks, encryption, or masking. Data masking: Encrypts identifiable information, such as names. Threat intelligence: spots security threats and ranks them in order of importance. Disaster recovery: key to security since it helps you recover data that are lost or stolen.
  • 7. INCREASING USAGE OF CLOUD SERVICES Why is Cloud Security Important ? © KloudLearn www.kloudlearn.com 7 Increasing Usage of Cloud Services in Non-traditional Sectors. Growing Adoption of Cloud Services in Government Departments. Rise in Cloud Service-specific Attacks Growing Usage of Cloud Services for Critical Data Storage. Rise in Employee Mobility.
  • 8. Cloud Security vs Traditional Security © KloudLearn www.kloudlearn.com 8 Source: https://phoenixnap.com/blog/what-is-cloud-security
  • 9. What are the challenges? ● CSPs believe that Security is End-users’ Issue ● CSP is responsible for some aspects of security. ● Shared Responsibility Model ● Security in the Cloud - CSP ● Security of the Cloud - Customer /You ● Lack of Awareness about Cloud Security ● Tendency of "over trust" in Cloud Providers ● Threats from Insider ● Lack of Proper Cloud Security Standards ● Complicated Interfaces and APIs © KloudLearn www.kloudlearn.com 9
  • 10. What are end-user’s expectations from Cloud Security ● Strong Overall Security Offered ● Suite of Security Solutions Offered ● Encryption Key Management Features Offered ● Availability of Fine Granular Control © KloudLearn www.kloudlearn.com 10
  • 11. Some Do's and Don’ts When Using Cloud and its Services © KloudLearn www.kloudlearn.com 11 ● Do strategize your cloud migration ● Do include automated testing ● Do consider containers ● Do get trained and train your employees too ● Do decouple your applications from physical resources ● Do review the costs before migration ● Do remember risk and compliance Let’s Check Out the Do’s First Now, what can you Avoid ● Don’t forget about security ● Don’t relocate many applications into the cloud ● Don’t be too selective ● Don’t transfer everything to the cloud ● Don’t start the project with rigid views of the outcome ● Don’t overlook the importance of a governance infrastructure
  • 12. Key Takeaways ● Don't think Cloud will protect us whatever we throw on that ● Remember we're always responsible for "Security in the cloud" ● Misconfigurations are the biggest threat than anything, stick to best practices ● Make sure to follow respective Benchmarks ● A single leak of Secrets can compromise your entire Cloud Security ● Eg. are Uber Leak, Famous Twitter Hack of 2020 etc ● Understand different types of clouds and your role ● Shared Responsibility model ● CSPs are not solely responsible for securing data, we're also ● Legacy tools and architectures don’t work on cloud security issues ● Look for automation when scaling in the cloud © KloudLearn www.kloudlearn.com 12
  • 14. By ensuring enough resources to make information available for all users By preventing unauthorized changes By regularly backing up the information By restricting access to information © KloudLearn www.kloudlearn.com How can confidentiality of information be achieved? 14
  • 15. Increased/shared attack surface Configuration and vulnerability management Identity management Administrative access control © KloudLearn www.kloudlearn.com Which of the following risks is actually increased by cloud-specific security technologies? 15
  • 16. © KloudLearn www.kloudlearn.com Google App Engine (often referred to as GAE or simply App Engine) ____. 16 Is a Platform as a Service Is a Software as a Service Is a Infrastructure as a Service All of the above
  • 17. © KloudLearn www.kloudlearn.com Which of the following service provider provides the least amount of built in security? 17 SaaS PaaS IaaS All of the above
  • 18. © KloudLearn www.kloudlearn.com Point out the wrong statement: 18 You can use proxy and brokerage services to separate clients from direct access to shared cloud storage Any distributed application has a much greater attack surface than an application that is closely held on a Local Area Network Cloud computing don’t have vulnerabilities associated with Internet applications All of the mentioned
  • 19. VPN WAF IPSec HTTPS © KloudLearn www.kloudlearn.com Which of the following security technologies is commonly used to give administrators access into trust zones within an environment? 19
  • 20. © KloudLearn www.kloudlearn.com 7. StateTrue or False: Public, Private and Hybrid are cloud deployment models. 20 True False
  • 21. AType 1 hypervisor also controls patching of its hosted virtual machines ensure they are always secure. AType 1 hypervisor is tied directly to the bare metal and only runs with code necessary to perform its specific mission. AType 1 hypervisor performs hardware-level encryption for tighter security and efficiency. AType 1 hypervisor only hosts virtual machines with the same operating systems as the hypervisor. © KloudLearn www.kloudlearn.com Why does aType 1 hypervisor typically offer tighter security controls than aType 2 hypervisor? 21
  • 22. SaaS PaaS IaaS All of the above © KloudLearn www.kloudlearn.com Identify a cloud service model which can be used for developing, testing and managing applications? 22
  • 23. Authentication and authorization; Control of access Cloud storage services; Policies Integrity of data and Clean-up Phase; Compliance Infrastructure; Cloud ingress © KloudLearn www.kloudlearn.com The main two security aspects you receive along with cloud is ___ and ___? 23
  • 24. ThankYou © KloudLearn www.kloudlearn.com 24 KloudLearn, Inc. is headquartered in SiliconValley, California. Our mission is to help enterprises provide an engaging and impactful learning experience that improves business performance.We provide the industry’s most modern LMS (Learning Management System). For more information visit us at www.kloudlearn.com or reach out to us at info@kloudlearn.com