Organizations use cloud services for a wide variety of data storage needs. These cloud services offer tremendous flexibility and cost effectiveness but also come with security concerns that administrators must address. In this video, you will learn the importance of securing data stored in cloud services through the use of access controls and encryption.
- [Presenter] Organizations use cloud services…for a wide variety of data storage needs.…These cloud services offer tremendous flexibility…and cost effectiveness but also come with security concerns…that administrators must address.…The basic principle that organizations should follow…is that you should apply the same security controls…to data stored in the cloud as you would data stored…in your own data center.…If you'd encrypt information in your own data center…you should encrypt it in the cloud.…If you'd restrict access in your own data center…you should restrict it in the cloud.…
The two main issues you should think about…when handling cloud data security…are encryption and access control.…The way you'll implement encryption…depends upon the type of service that you're using…and the way that you use it.…For example, when using an infrastructure…as a service provider for servers…you may be able to encrypt entire virtual disk volumes…to prevent anyone, including the provider,…from accessing the contents of the disk.…
Members who take all eight courses in the series will be prepared to take and pass the CISSP exam. Find the companion study books at the Sybex test prep site and review the complete CISSP Body of Knowledge at https://www.isc2.org/cissp-domains/default.aspx.
- Understanding data security policies and roles
- Limiting data collection
- Developing security baselines
- Leveraging industry standards
- Restricting access to data with Windows and Linux file permissions
- Encrypting data
- Securing cloud storage