Cloud Security training course explores some of the key risk areas when it comes to security and cloud computing. Although some of the fears in regards to security in the cloud are exaggerated, there are specific areas to be aware and cautious about. The key is knowing your IT infrastructure and needs, as well as carefully assessing the cloud provider’s offering and security measures. The course introduces control assessment frameworks and models that can be used in assessing your risk in going to the cloud and evaluating the cloud provider’s security offering. Along with the top identified security risks, it outlines basic guidelines that should be followed to ensure an adequate level of security in an xaaS environment. In particular, key areas of the IT infrastructure and issues relating to data transfer and storage are covered.
By attending Cloud Security workshop, Participants will learn to:
- Identify methods of providing security for data moving to the cloud or residing in the cloud
- Match the means by which CSPs provide security assurances to their descriptions
- Identify the key risk areas in cloud computing
- Describe the basic security practices that should be implemented in a SaaS environment
- Describe the security considerations involved in connecting your network infrastructure to the cloud
- Distinguish between the security responsibilities of client and CSP for different cloud deployments at the host level
- Match the cloud service delivery model to who is responsible for it’s application security
- Describe the key challenges related to securing data in the cloud
- Identify the questions a potential user of cloud data storage needs to ask when conducting a risk assessment
- Determine if a CSP can provide the required security assurances in a given scenario
- Define the cloud data security challenges for a given scenario
In Cloud Security class, Participants will be able to find answers for the following:
- What are the characteristics of cloud computing?
- Know some techniques for securing public cloud instances
- Which third party risk management practices should you apply to cloud provider engagements?
- How is cloud computing different from outsourcing?
- What should you be looking for in a SAS 70 Type II or SSAE 16 audit statement?
- What are the six phases of the data security lifecycle?
- Which practices help in porting platform as a service (PaaS) solutions?
- How can cloud providers minimize risks of insider abuse?
- How can a cloud customer predict whether the cloud providers availability and performance will meet service level agreement commitments?
- What capabilities can a cloud provider deliver to support offline analysis of potential incidents?
- What are key success factors to support application security in Infrastructure as a Service (IaaS) environments?
- How can key management be used to prevent cloud providers from inappropriately accessing customer data?
- Which prominent standards should be considered to federate customer identity management systems with cloud providers?
- Why do communications between multiple virtual machines in a private cloud often evade tradition security monitoring systems?
The program is restricted to those who have basic understanding of security fundamentals, firewalls, secure development, encryption, and identity management.
This workshop will significantly benefit professionals responsible for security in a cloud computing environment.
- CEO / CFO / CIO / CTO / CISO
- IS / IT Specialist / Analyst / Manager
- IS / IT Auditor / Consultant
- IS / IT Head / Director
- IT Operations Manager / Head / Director
- IT Compliance Manager / Head / Director
- Security Head / Director
- Security Specialist / Analyst / Manager / Architect
- Security Consultant / Professional / Officer
- Security Engineer / Administrator / Auditor
- Network Specialist / Analyst / Manager
- Network Consultant / Professional / Architect / Administrator
- Senior Systems Engineer
- Systems Analyst / Administrator