[109-B10] COMPSCI 316 L01C - Thu 17 Oct 12_00 PM (copy)

Chapter 1: Introduction

• Difference Between Traditional IT and Cloud Environments

  • Traditional IT environments and cloud systems operate under different models and technologies.

  • Unique threats are associated with cloud environments.

• Cloud-Specific Security Threats (Cloud Security Alliance)

  • Abuse of Cloud Computing

    • Easy registration processes for users can lead to misuse and abuse of services.

    • Countermeasures:

      • Implement robust identity verification during registration.

      • Enhance credit card monitoring to detect fraud.

      • Collaborate with financial institutions to prevent fraudulent activities.

      • Conduct comprehensive inspection of consumer network traffic to identify malicious activities.

      • Regularly monitor public blacklists for network blocks to mitigate IP address abuse.

  • Insecure Interfaces and APIs

    • APIs and interfaces must be secured to prevent attacks.

    • Countermeasures:

      • Analyze security models of cloud service provider's interfaces.

      • Ensure strong authentication and access controls.

      • Implement encryption for data transmission through APIs.

      • Understand the dependency chain associated with APIs to identify risk.

  • Malicious Insiders

    • Insiders may include employees of cloud service providers who have access to sensitive data.

    • Countermeasures:

      • Enforce strict supply chain management.

      • Conduct comprehensive supplier assessments.

      • Specify human resource requirements in legal contracts to ensure compliance.

      • Require transparency in supplier security practices and compliance reporting.

      • Establish security breach notification processes.

  • Shared Technology Issues

    • Sharing infrastructure can introduce security vulnerabilities.

    • Countermeasures:

      • Implement security best practices for installation and configuration.

      • Monitor the environment for unauthorized changes or activities.

      • Promote strong authentication for administrative access.

      • Enforce service level agreements (SLAs) for patches and vulnerability remediation.

      • Conduct regular vulnerability scanning and configuration audits.

  • Data Loss or Leakage

    • Protecting sensitive data from loss or leakage is crucial.

    • Countermeasures:

      • Implement strong API access controls.

      • Encrypt data in transit and at rest to maintain confidentiality.

      • Analyze data protection practices continuously throughout the design and runtime.

      • Use strong key management practices for encryption keys.

Chapter 2: Security and Management

• Security Breach Notification Processes

  • Ensure clear notification protocols for security breaches to mitigate damage.

• Shared Technology Management

  • Monitor for unauthorized access and changes to shared resources.

• Administrative Security

  • Require strong authentication mechanisms for administrative accounts to prevent escalated attacks.

Chapter 3: Potential Security Breaches

• Account or Service Hijacking

  • Prevent account credential sharing.

  • Implement two-factor authentication for additional security.

  • Proactive monitoring for unauthorized activities.

  • Understand and align with cloud service provider's security policies.

• Unknown Risk Profile

  • Organizations migrating to cloud may lack visibility into potential risks.

  • Countermeasures:

    • Seek disclosure of applicable logs and data from service providers.

    • Request partial or full disclosure of infrastructure details to assess vulnerabilities.

Chapter 4: Latest Security Tools

• Cloud Security as a Service

  • Reference: Security services provided over the Internet.

  • Does not require dedicated in-house security infrastructure; outsourced to vendors.

  • Example Incident: CrowdStrike incident causing system failures across various sectors.

• Benefits of Security as a Service

  • Access to the latest tools and technologies via continuous updates.

  • Interaction with security experts capable of solving complex challenges.

  • Flexibility in scaling security measures as needed.

  • Subscription-based model for predictable costs.

Chapter 5: Security of Data

• Data Loss Prevention

  • Services protect data throughout its lifecycle.

• Email Security

  • Protects against phishing, spam, and malicious uploads.

• Business Continuity and Disaster Recovery

  • Maintain operations during and after a disaster with secure backup and recovery mechanisms.

Chapter 6: Personal IoT Devices

• Overview of IoT

  • Rapidly expanding interconnectivity of smart devices in various sectors.

  • IoT devices range from simple household items to complex industrial sensors.

• Key Components of IoT Devices

  • Sensors, actuators, transceivers, microcontrollers, RFID systems.

  • Sensors gather data; actuators perform actions based on that data.

Chapter 7: Multiple IoT Devices

• Communication between IoT Devices

  • IoT devices communicate with one another to function effectively.

• Edge Devices

  • Typically a network of IoT devices managing data communication and aggregation before sending it to a central system.

Chapter 8: Conclusion

• Reminder for students about the upcoming exam details.

• Ongoing assignments and completion status.

• Encouragement to review major incidents for a better understanding.