1 00:00:00,006 --> 00:00:01,008 - [Instructor] It's important to understand 2 00:00:01,008 --> 00:00:04,003 cloud management as well as agility 3 00:00:04,003 --> 00:00:06,004 in selecting your cloud services. 4 00:00:06,004 --> 00:00:08,003 This video will take a deeper look 5 00:00:08,003 --> 00:00:12,007 at how to select cloud security services step-by-step. 6 00:00:12,007 --> 00:00:15,006 There's a trade off of risk management versus agility. 7 00:00:15,006 --> 00:00:17,000 When considering cloud security, 8 00:00:17,000 --> 00:00:20,003 the ideal is to maximize risk management, 9 00:00:20,003 --> 00:00:22,006 as well as maximize agility. 10 00:00:22,006 --> 00:00:25,007 Typically, the more advanced our security tools are, 11 00:00:25,007 --> 00:00:28,002 the more you'll be able to manage risks better 12 00:00:28,002 --> 00:00:30,004 as well as be able to change around 13 00:00:30,004 --> 00:00:33,007 using the tool or agility. 14 00:00:33,007 --> 00:00:38,009 For example, the use of IAM or Identity Access Management 15 00:00:38,009 --> 00:00:41,001 provides you with the ability to leverage security 16 00:00:41,001 --> 00:00:45,006 using identities of humans, applications, data, et cetera, 17 00:00:45,006 --> 00:00:49,004 and thus allows you to configure your security solution 18 00:00:49,004 --> 00:00:53,000 in the ways that will work best for the business. 19 00:00:53,000 --> 00:00:54,009 The idea is to advance through the notion 20 00:00:54,009 --> 00:00:58,007 of security program maturity through five basic steps 21 00:00:58,007 --> 00:01:00,006 or maturity levels. 22 00:01:00,006 --> 00:01:02,005 Basic means that you're leveraging 23 00:01:02,005 --> 00:01:04,000 the fundamentals of cloud security, 24 00:01:04,000 --> 00:01:06,009 including user ID and passwords. 25 00:01:06,009 --> 00:01:09,006 Layered tools, meaning that you're adding more tools 26 00:01:09,006 --> 00:01:13,006 to include directory management, which may enable IAM, 27 00:01:13,006 --> 00:01:15,007 in other words, more mature tools. 28 00:01:15,007 --> 00:01:17,003 While the tools don't work together, 29 00:01:17,003 --> 00:01:20,008 they are additive considering complimentary functions. 30 00:01:20,008 --> 00:01:23,009 Integrated tools, meaning that the tools work together 31 00:01:23,009 --> 00:01:26,004 such as tools that share directory services 32 00:01:26,004 --> 00:01:29,001 and manage identities for cloud security. 33 00:01:29,001 --> 00:01:31,001 Proactive, meaning that the security tools 34 00:01:31,001 --> 00:01:34,001 are not just reacting to issues such as breaches, 35 00:01:34,001 --> 00:01:36,000 but work to avoid breaches. 36 00:01:36,000 --> 00:01:39,001 For example, updating operating systems automatically 37 00:01:39,001 --> 00:01:40,009 to avoid vulnerabilities. 38 00:01:40,009 --> 00:01:44,002 Finally, predictive, which is the most mature 39 00:01:44,002 --> 00:01:46,004 in cloud security types of services. 40 00:01:46,004 --> 00:01:47,007 Here is where we're able to work 41 00:01:47,007 --> 00:01:49,003 beyond just being proactive, 42 00:01:49,003 --> 00:01:51,006 but actually provide predictions 43 00:01:51,006 --> 00:01:54,006 as to when security events are likely to occur 44 00:01:54,006 --> 00:01:56,001 and how to avoid them. 45 00:01:56,001 --> 00:01:59,009 The idea is to get to a state called minimum viable security 46 00:01:59,009 --> 00:02:02,006 where we have enough security services in place 47 00:02:02,006 --> 00:02:04,005 to meet our business requirements. 48 00:02:04,005 --> 00:02:05,009 This is considered optimized 49 00:02:05,009 --> 00:02:08,000 because we're only spending money to get us 50 00:02:08,000 --> 00:02:11,002 to just the cloud security services that we need. 51 00:02:11,002 --> 00:02:13,004 Moving to the next maturity level is an option. 52 00:02:13,004 --> 00:02:15,006 However, we have to first consider 53 00:02:15,006 --> 00:02:18,003 the business cases for doing so. 54 00:02:18,003 --> 00:02:20,003 Selecting the right security technologies 55 00:02:20,003 --> 00:02:22,003 is perhaps the most difficult part 56 00:02:22,003 --> 00:02:24,005 of the cloud security deployment process. 57 00:02:24,005 --> 00:02:27,009 However, it's worth taking your time learning all you can 58 00:02:27,009 --> 00:02:29,003 and selecting the technology 59 00:02:29,003 --> 00:02:34,000 that's going to provide the best chance for success.