Understanding how to secure the cloud is a crucial piece of tradecraft that every CISO needs to understand. This episode provides an in depth discussion of AWS's 7 design principles for securing the cloud:
- Implement a strong identity foundation
- Enable traceability
- Apply security at all layers
- Automate security best practices
- Protect data in transit and rest
- Keep people away from data
- Prepare for security events
Please note the AWS Well-Architected Framework Security Design Principles can be found here: https://wa.aws.amazon.com/wat.pillar.security.en.html
Chapters
- 00:00 Introduction
- 02:33 Seven design principles for securing the cloud
- 04:17 Multi Factor Authentication (MFA)
- 05:59 How to prevent password guessing attacks on the cloud
- 08:19 How to limit access to your applications
- 11:05 How to enable traceability in your environment
- 13:15 The importance of cloud infrastructure
- 14:47 How to monitor security in the cloud
- 17:09 How to automate monitoring, alerting, and auditing
- 19:09 Configuring a strong identity foundation
- 20:52 How to have an effective real time view of what your developers have produced
- 22:48 How to automate your security best practices
- 26:42 How to protect your data in the cloud
- 28:36 How to limit access to your data
- 31:36 How to scan your APIs to protect your data
- 33:41 The importance of permissions in a data science environment
- 36:06 The importance of identity in cloud computing
- 41:30 Review of the 7 design principles for securing the cloud