Price: $2,999.00

Course Number: 6001
Length: 3 Days
Print Friendly, PDF & Email

Cloud Security Training Crash Course

Cloud security is the protection of data stored online from theft, leakage and deletion.

Cloud security is important for both business and personal users. Everyone wants to know that their information is safe and secure and businesses have legal obligations to keep client data secure, with certain sectors having more stringent rules about data storage.

Methods of providing cloud security include firewalls, penetration testing, obfuscation, tokenization, virtual private networks (VPN), and avoiding public internet connections.

Major threats to cloud security include data breaches, data loss, account hijacking, service traffic hijacking, insecure application program interfaces (APIs), poor choice of cloud storage providers, and shared technology that can compromise cloud security.

Distributed denial of service (DDoS) attacks are another threat to cloud security. These attacks shut down a service by overwhelming it with data so that users cannot access their accounts, such as bank accounts or email accounts.

There are several important security considerations before moving sensitive data to cloud storage. A major concern of CEOs is losing control of company data. Leasing a public cloud service means an organization does not have ownership of the hardware, applications, or software on which the cloud services run. It’s important that organizations understand their cloud vendor’s approach to these assets.

Also, keep in mind that cloud applications may contain embedded and/or default credentials. Default credentials post an increased risk as they may be guessable by attackers. Organizations need to manage these credentials as they would other types of privileged credentials.

Cybersecurity experts report that one of the top strategies to prevent cyber-attacks on the cloud is to manage access.

This involves the ability to identify and authenticate users, the ability to assign users access rights and the ability to create and enforce access control policies for resources.

Protecting data is also crucial to prevent unauthorized access. Most efficient way to accomplish this is by encrypting data at rest to protect it from unauthorized exposure. Typically, CSPs offer consumers a choice of CSP-managed or consumer-managed keys. Security experts say although consumer-managed keys place the burden of key management on the consumer, they provide better control.

Traditional environments usually control access using a perimeter security model. Cloud environments are highly connected, making it easier for traffic to bypass traditional perimeter defenses. Insecure application programming interfaces (APIs), weak identity and credentials management, account hijacks, and malicious insiders may pose threats to the system and data.

Preventing unauthorized access in the cloud requires shifting to a data-centric approach. Encrypt the data. Strengthen the authorization process. Require strong passwords and two factor authentication. Build security into every level.

Cloud Security Training Crash Course by Tonex

Cloud Security Training Boot Camp by Tonex provides technical details on information, data, and storage security in the cloud. All aspects of authentication, confidentiality, integrity, availability and security risks and mitigations are covered.

IaaS/PaaS/SaaS (SPI) for infrastructure, platform, software as a service model, and security as service aspects are discussed. The course addresses stored data confidentiality, cloud provider operations, identity and access management in the cloud, availability management as well as privacy.

Tonex Cloud Security Training Crash Course in boot camp style is an intensive, 3-day learning experience that covers the essential elements of cloud security. Boot camps are ideal for busy professionals who want to stay current in their fields but have limited time to be away from the office.

All boot camps include:

  • Experienced instructors including senior technology leaders, project managers, technical authors, engineers, educators, consultants, course developers, and CTOs.
  • Real life examples and practices.
  • Small class size.
  • Personalized instructor mentoring.
  • Pre-training discussions.
  • Ongoing post-training support via e-mail, phone and WebEx.

Cloud Security Training Crash Course

Who Should Attend

Ideal for IT professionals, information security and privacy practitioners, business managers, and service providers, this course offers you detailed information on cloud computing security.

Objectives

  • Review the current state of data security and storage in the cloud, including confidentiality, integrity, and availability
  • Learn about the identity and access management (IAM) practice for authentication, authorization, and auditing of the users accessing cloud services
  • Discover which security management frameworks and standards are relevant for the cloud
  • Understand the privacy aspects you need to consider in the cloud, including how they compare with traditional computing models
  • Learn the importance of audit and compliance functions within the cloud, and the various standards and frameworks to consider
  • Examine security delivered as a service -- a different facet of cloud security

Outline

Introduction to Cloud Computing

  • What Is Cloud Computing?
  • Cloud Deployment Models
  • Cloud Computing Reference Architecture
  • Technical Description of Cloud
  • Layers
  • Clients
  • Applications
  • Platforms
  • Infrastructure
  • Servers
  • Building Cloud Networks
  • Virtualization Overview
  • Federation, Presence, Security, and Privacy in the Cloud
  • Cloud Computing Standards and Best Practices
  • Deployment models
  • Public Cloud
  • Security and Access Control
  • Managing End-User Access to Cloud Computing'
  • Assets supported by the cloud
    • Data
    • Applications
    • Functions
    • Processes

Cloud computing Security Framework

  • Security issues associated with the cloud
  • Dimensions of cloud security
  • Infrastructure Security
  • Security and privacy
  • Data Security and Storage
  • Identity and Access Management
  • Security Management in the Cloud
  • Physical and personnel security
  • Availability
  • Application security
  • Privacy
  • Audit and Compliance
  • Business continuity and data recovery
  • Logs and audit trails
  • Unique compliance requirements
  • Legal and contractual issues

Cloud Security Reference Model

  • Types of assets, resources, and information being managed
  • Who manages them and how
  • Which controls are selected and how they are integrated
  • Compliance issues
  • Software as a Service (SaaS)
  • Platform as a Service (PaaS)
  • Infrastructure as a Service (IaaS)
  • Introduction to Cloud Computing
  • Defining cloud computing
  • Delivering services from the cloud
  • Building a Business Case
  • Calculating the financial implications
  • Preserving business continuity
  • Migrating to the Cloud
  • Technical considerations
  • Planning the migration
  • Access Control in Cloud
  • Exploiting Software as a Service (SaaS)
  • Exploiting Platform as a Service (PaaS)
  • Exploiting Infrastructure as a Service (IaaS)
  • Accessing IaaS

Overview of Cloud Security Risks

  • Loss of Governance
  • Lock-In
  • Isolation Failure
  • Compliance Risks
  • Management Interface Compromise
  • Data Protection
  • Insecure or Incomplete Data Deletion
  • Malicious Insider
  • Redundancy / Disaster Recovery
  • Network management
  • Modifying network traffic
  • Privilege escalation
  • Social engineering attacks (i.e., impersonation)
  • Loss or compromise of operational logs
  • Loss or compromise of security logs (manipulation of forensic investigation)
  • Backups lost, stolen
  • Unauthorized access to premises (including physical access to machines and other facilities)
  • Theft of computer equipment
  • Natural disasters
  • Vulnerabilities
  • Vulnerabilities not specific to the cloud

General Cloud Security Challenges

  • Email and Web Security
  • Granular Email and Web Controls
  • Data Loss Prevention (DLP)
  • Real-time Transaction Level Reporting
  • Trusting vendor’s security model
  • Customer inability to respond to audit findings
  • Obtaining support for investigations
  • Indirect administrator accountability
  • Proprietary implementations can’t be examined
  • Loss of physical control
  • Securing Cloud Provisioning Services
  • Securing Cloud Data Storage Services
  • Securing Cloud Processing Infrastructure
  • Securing Cloud Support Services
  • Cloud Network and Perimeter Security
  • Distributed DoS protection
  • VLAN capabilities
  • Perimeter security (IDS, firewall, authentication)
  • Virtual zoning with application mobility

Cloud Security Control Model

  • Applications
  • Data and Information
  • Management
  • Network
  • Trusted Computing
  • Compute and storage
  • Physical
  • Compliance Model
  • Security as a Service
  • Managing Identity in the Cloud
  • Securing Public Clouds
  • Securing Private Clouds
  • Securing Community Clouds
  • Securing Hybrid Clouds
  • Data Center Operations
  • Incident Response
  • Encryption and Key Management
  • Identity, Entitlement, and Access Management
  • Virtualization
  • Security as a Service

Governing in the Cloud

  • Governance and Enterprise Risk Management
  • Legal Issues: Contracts and Electronic Discovery
  • Compliance and Audit Management
  • Information Management and Data Security
  • Interoperability and Portability
  • Infrastructure Security
  • The Network Level
  • The Host Level
  • The Application Level
  • Data Security and Storage
  • Aspects of Data Security
  • Data Security Mitigation
  • Provider Data and its Security
  • Risk assessment
  • Risk assessment process
  • Policy and organizational risks
  • Loss of governance

Tonex Cloud Security Recommendations and Road maps

  • Identity and Access Management
  • Trust Boundaries and IAM
  • Cloud Authorization Management
  • Cloud Service Provider IAM Practice
  • Security Management in the Cloud
  • Availability Management
  • Access Control
  • Security Vulnerability, Patch, and Configuration Management
  • Privacy
  • S. Laws and Regulations
  • International Laws and Regulations
  • Audit and Compliance
  • Internal Policy Compliance
  • Governance, Risk, and Compliance (GRC)
  • Auditing the Cloud for Compliance
  • Security-As-a-[Cloud] Service
  • Key Control Areas
  • Contraindications
  • Resistance Against Threats
  • Control Details

 

Cloud Security Training Crash Course

Request More Information

  • Please complete the following form and a Tonex Training Specialist will contact you as soon as is possible.

    * Indicates required fields

  • This field is for validation purposes and should be left unchanged.