Esplicito
Episode #97 Head in the Clouds
11 lug 2022 ·
1 h 35 min. 4 sec.
Scarica e ascolta ovunque
Scarica i tuoi episodi preferiti e goditi l'ascolto, ovunque tu sia! Iscriviti o accedi ora per ascoltare offline.
Descrizione
"Why going to the cloud means more work for security not less, shared responsiblity is 100% your problem - Am I going to treat this like a green field, or...
mostra di più
"Why going to the cloud means more work for security not less, shared responsiblity is 100% your problem
- Am I going to treat this like a green field, or the next dumpster to throw the data, systems, and stuff we can’t deal with in real life?
- What are my expectations? (planning, timing, longevity, migration, business, etc.)
- Will we use it as an enclave to simply separate developers from anything else, or vice-versa, OR will we take a stance and work with ALL the teams to build it out successfully?
- DOES my cloud governance align with the rest of my business and technology policies and goals?
- AM I willing to implement the recommendations that most cloud providers offer TO make things safer and more secure?
- Can I manage the audit and compliance of a new world, and HOW will I integrate it?
- Speaking of integration, WILL my business and technology actually function IN/WITH the cloud?
- The cloud is MUCH more than someone else’s computers OR a spare data centre, but it still has to live somewhere, so WHERE does it live, and HOW do you get to it?
- Where’s YOUR staff, how do they talk with the cloud, what controls, management, etc.
- How much control will I have over my data in YOUR cloud?
- Who’s got access TO my little slice of the cloud, hardware, system, bare metal, data, etc.
- How do I (OR who’s going to) monitor YOUR cloud infrastructure, and MY systems for access, etc.
- And if it’s on your side, do I get to see the logs
- What’s the charges FOR monitoring
- SLA’s etc?
- Who’s managing the encryption for my data, if it’s YOU then where’s my key’s if it’s me what help etc.
- I don’t want to catch cooties from YOUR other clients, how to you maintain separation/segmentation?
- What options exist to backup my data, my configs, and what happens if YOUR systems go down?
- What areas of the technology, services, systems, and environments fall into shared responsibilities?
- Who has to deal with what when it goes wrong
- Who get’s to point fingers, and who has to fix things (AND what timeframe, etc.)
- ALL my data belongs to YOU… what happens about uptime, distribution, redundancy, AND company stability.
- Technology roadmap in here too
- What dependencies, partnerships, and vendors do THEY rely upon?
- Let’s talk security, compliance, regulatory stance, etc. What do you have, AND how do you maintain it?
- When we fall OUT of love, what happens, how do I migrate, what options are out there (and costs, etc.)"
mostra meno
- Am I going to treat this like a green field, or the next dumpster to throw the data, systems, and stuff we can’t deal with in real life?
- What are my expectations? (planning, timing, longevity, migration, business, etc.)
- Will we use it as an enclave to simply separate developers from anything else, or vice-versa, OR will we take a stance and work with ALL the teams to build it out successfully?
- DOES my cloud governance align with the rest of my business and technology policies and goals?
- AM I willing to implement the recommendations that most cloud providers offer TO make things safer and more secure?
- Can I manage the audit and compliance of a new world, and HOW will I integrate it?
- Speaking of integration, WILL my business and technology actually function IN/WITH the cloud?
- The cloud is MUCH more than someone else’s computers OR a spare data centre, but it still has to live somewhere, so WHERE does it live, and HOW do you get to it?
- Where’s YOUR staff, how do they talk with the cloud, what controls, management, etc.
- How much control will I have over my data in YOUR cloud?
- Who’s got access TO my little slice of the cloud, hardware, system, bare metal, data, etc.
- How do I (OR who’s going to) monitor YOUR cloud infrastructure, and MY systems for access, etc.
- And if it’s on your side, do I get to see the logs
- What’s the charges FOR monitoring
- SLA’s etc?
- Who’s managing the encryption for my data, if it’s YOU then where’s my key’s if it’s me what help etc.
- I don’t want to catch cooties from YOUR other clients, how to you maintain separation/segmentation?
- What options exist to backup my data, my configs, and what happens if YOUR systems go down?
- What areas of the technology, services, systems, and environments fall into shared responsibilities?
- Who has to deal with what when it goes wrong
- Who get’s to point fingers, and who has to fix things (AND what timeframe, etc.)
- ALL my data belongs to YOU… what happens about uptime, distribution, redundancy, AND company stability.
- Technology roadmap in here too
- What dependencies, partnerships, and vendors do THEY rely upon?
- Let’s talk security, compliance, regulatory stance, etc. What do you have, AND how do you maintain it?
- When we fall OUT of love, what happens, how do I migrate, what options are out there (and costs, etc.)"
Informazioni
| Autore | The InfoSec Mission |
| Organizzazione | InfoSec Missionaries |
| Sito | - |
| Tag |
Copyright 2024 - Spreaker Inc. an iHeartMedia Company
Commenti