BACKGROUND IMAGE: iSTOCK/GETTY IMAGES
Curb cloud computing security risks with ITIL frameworks
As your use of cloud services grows, so does your need for effective IT service management so that permissions, controls and compliance requirements are consistently addressed. Watch Now
American television audiences in the 1980s delighted in watching Fred the Baker, the fictional face of Dunkin’ Donuts’ 15-year advertising campaign, repeatedly declare it was “time to make the doughnuts” as the character dutifully trudged off to work before dawn -- ensuring a fresh batch of doughnuts would be ready when customers arrived. The catchphrase took on a life of its own, coming to symbolize the dedication to doing a job, doing it right and doing it consistently, day in and day out, despite the challenges.
So, what do doughnuts have to do with building and maintaining secure cloud infrastructure? More than you might think. The cloud presents new operational challenges, requiring cloud security professionals to become intimately familiar with and invested in the day-to-day development, planning, implementation, operations, management and security of physical and logical cloud infrastructure. That’s because secure cloud infrastructure doesn’t happen by accident. From access control to patch management to risk assessment and everything in between, protecting cloud resources requires diligent adherence to best practices in all aspects of IT operations and service management. In other words, somebody’s got to make the doughnuts in a cloud data center -- and if not cloud security professionals, then who?
Domain 5 of the CCSP exam, “Operations,” comprehensively covers cloud operations in the context of security. This section of the test examines your understanding of what it takes to design, implement, control, monitor, manage and audit secure cloud infrastructure, including physical and logical resources. Additionally, candidates must demonstrate an understanding of risk cloud assessment, compliance and regulations.
This Security School, based on (ISC)² CCSP training material, covers the fundamentals of Domain 5 of the CCSP exam. Once you've reviewed the parts of this Security School on the operational requirements of maintaining secure cloud infrastructure, take the quiz to see how prepared you are for this portion of the exam.
CCSP® is a registered mark of (ISC)².