Learn about security and governance tools.
- [Instructor] So let's talk about security and governance. And ultimately why they need to be linked. This is really kind of a no brainer because security basically depends on governance systems because we have to create limitations as well as lock people out of accessing resources and services. And governance needs security to basically understand that we may be violating some security policy, even though we're not violating some governance policy. So they need to be linked, and typically they're linked with what we talked about previously in the previous video.
And that was identity and access management and common directories. So they need to share information, such as identities. In the past, and certainly before we got into cloud computing, this was not fairly common place. In other words, we had user ID and passwords that were localized for the particular system that we're trying to login to. Where cloud is much more complex. We have governance systems, storing systems, database systems, we have virtual machines we're able to fire up. All sorts of things that basically need to be tracked and governance policies placed around them as well as access limited based on the ability to understand the roles and responsibilities, and the security rules we need to enforce.
So, in looking at security and governance, again we have the abstraction part. So in other words, the directory and the tool set that we're leveraging should abstract us when the complexity, and there's a bunch of complexity in there, in terms of how we're dealing with the native interfaces and communicating with the backend applications. So ultimately, this is about placing a layer of abstraction on top of the identities, the directory, and then in turn the resources and services that they're protecting.
And it could be devices and other things that we're protecting as well. But this is a exercise in making the technology work and play well together, while leveraging a center repository, mainly identity management system. As the single source of truth, in terms of who's there, who's leveraging what, and what should be protected. And we do them in different ways. There's different patterns of use and protection in governance that we deal with in terms of resources, we'll see in a demo later when you look at the right skill tool.
They were able to limit access to a resource based on someone's identity, someone in a group, and what they're doing and how they're approaching the cloud and what it means to their role within the business. And then services is a bit more granular, as we talked about before, in that we're dealing with a API that may perform a very distinct duty. Such as providing credit check information based on the passing a social security number in or accessing a storage based system.
All kinds of things can be services. And the configuration of services actually creates applications, that's the idea between service oriented architecture, or SOA. So this is something that needs to be understood as you start moving into a governance infrastructure that security needs to be joined at the hip. And whenever I'm working on a governance strategy, I always make sure there's security people that are on the team to make sure that they bring their expertise in terms of how these things can actually work together.
- Cloud governance basics
- Cloud resource governance
- How cloud security and governance are linked
- Defining governance policies
- Cloud management platform basics
- Reviewing service governance tools
- Cloud governance costs
- Understanding your requirements
- Finding the right tools
- Testing cloud governance
- How operations deals with governance