End-to-end view of user identity and behavior (application and database):

• Unauthorized access
• Threat and attack
• Privilege changes
• Critical knowledge

Security teams responsible for data protection

Understand cloud architecture security

Quick response

Cloud:

• Increases security complexity
• Allows automation
• Gives more control
• Allows granularization

Monitoring across cloud architectures:

• Access log files
• End-to-end monitoring
• Security management

Log files and monitoring tools:

• Track data modification
• Unauthorized access
• Simultaneous logins
• Access privilege changes
• Data manipulation

Visualize events with dashboards

Alerts: reactive to proactive response

Security intelligence

Monitoring aids audit

Ensure compliance

Aids rapid threat resolution

Common issues:

• Visibility
• Compliance
• Automation
• Development vs security
• Hybrid IT
• SLAs

1. Visibility

Service adoption needs coordination

Maintain visibility

Affects security

Cloud sprawl

Cloud resources can have short lifecycle

Legacy practices lack security

Security and authorization controls

Security policy

Reduce cloud sprawl through ITIL practices:

• Change enablement
  • Define deployment
  • Allow standard changes
• Service financial management: cost approval requirements
• Service request management
  • Workflow management
  • Authorization documentation

2. Compliance

Compliance is difficult

CSP can document compliance

Only applies to CSP responsibilities

CSPs can´t comply with every standard

Consumer must evaluate compliance

Consumer responsible for compliance within its environment

Compliance tips:

• Use compliance specialists
• Applly compliance best practice
• Consult CPS guidelines

Understand:

• Compliance in shared responsibility model
• Control implementation and maintenance
• Compliance agencies

3. Automation

Seen as security risk

Allows proactive security management

Consistent security application

Allows security staff to focus on high-value tasks

4. Development vs security

Development focuses on speed

Security desires thorough review

Creates silos

Common security rules

Collaboration between development and security

5. Hybrid IT

Multiple security policies

Different security practices

Tools and practices based on legacy systems

Don´t work with cloud

For example:

• Traditional network
  • IP addresses assigned to physical and virtual machines
  • Addresses don´t change
  • Simple tracking method
• Cloud-native workloads
  • Dynamic
  • Separate services
  • Static IPs too rigid

Mitigations:

• Understand each landscape
• Accept different security needs
• Collaborative IT policies

6. SLAs

SLAs affect:

• Security
• Business continuity

Set availability

Outlines what´s not provided

Effective SLAs:

• Availability
• Performance
• Security
• Compliance
• Privacy
• Data ownership
• Business continuity
• Data location and access
• Portability
• Problem and change management
• Dispute resolution
• Exit strategy

Establish criteria

Evaluate criticality of cloud service

Identify key management activities

Go back to ITIL 4 Acquiring Managing Cloud Services Certification Course: Onboard to finish this chapter or to the main page ITIL 4 Acquiring Managing Cloud Services Certification Course.