Recorded Date:
Duration: 2.5 hours
Presenter(s): Chuck Easttom

Description:

  1. Understand where the data is stored
    1. Where are the data centers?
    2. What legal issues does that involve?
    3. How is data flow secured?
      1. It is not enough to say data in transit is encrypted
      2. Questions to ask about encryption and key management
  2. Advantages of public cloud
    1. Scalability
    2. Low cost
    3. Reliability (usually)
  3. Security concerns of public cloud
    1. What does the CSP actually cover?
    2. Configuration issues
    3. Service interruption issues?
    4. Ensuring staff fully understands the cloud issues
    5. IAM
  4. Cloud security standards
    1. ISO/IEC-27017
    2. ISO – 27018
    3. GDPR
    4. SOC
    5. FedRAMP
    6. Why these standards are not enough!