Cloud and Wireless Security
- Module 1: Operate and Configure Cloud Security
- We have all seen the extraordinary growth in the area of cloud computing fueled, at least in part, by the advances in virtualization and storage technologies. Cloud computing offers subscribers almost unlimited possibilities, but it also presents some formidable challenges regarding information security. The security professional must have a thorough knowledge of cloud concepts and the security implications of outsourced IT in general. Let’s begin by examining the essential characteristics.
- Module 2: Cloud Security Considerations
- It’s time to take a closer look at virtualization and how it is both the strength and the attractive nuisance or “threat magnet” aspect of hosting an organization’s business processes and data in the cloud. We know why we have to protect information assets no matter where they are hosted, how they are in motion, or how they are being used. As to how, almost every week the specific details change for each cloud services provider not only as they add new features and capabilities but also because they respond to new vulnerabilities and attack attempts. Instead, this module will concentrate more on what to protect.
- Module 3: Secure Wireless Configurations
- In this module, we discuss how the many different digital, analog and other technologies common to our personal and professional lives have converged or come together in nearly seamless ways. This convergence of technologies has shifted the way we work and communicate with others. It’s almost easier to make a list of technologies that are not part of this converged communication than it is to include them all. We won’t try to cover them all here in module 3. TCP/IP and the OSI 7-Layer protocol stacks have already been covered, as have many of the basic software technologies. We’ve also looked at access control as a fundamental need when allowing mobile devices to connect to those IP networks regardless of the physical layer they use to start that connection process with.
In that sense, this module looks further at the ways things work at layers 2 and above in those protocol stacks. We’ll focus on security needs that the various systems require and highlight some key issues along the way. Doing so will help us put voice over IP (VoIP) and other converged communications systems and their use cases into a security context.
- Module 4: Chapter 6 Review
- Information systems and assets that have been fully or partially migrated into a cloud hosted environment is a straightforward process, as we’ve seen in this chapter. Straightforward, yes, but a process that requires significant specialist knowledge and skill regarding the cloud services providers’ architecture, systems, and security tools.
Central to securing a cloud-hosted system is the virtualization that makes it work. As you gain experience with cloud systems security, you’ll need to strengthen your own working knowledge of virtual systems and how to secure, manage, deploy and monitor them. It may seem to be a large mental shift to move away from tangible hardware devices that you physically configure to using GUIs and scripts to configure virtual devices — simulations of routers and firewalls running as software-only entities — but in reality, most security professionals and many network engineers spend much of their effort using scripts and GUIs to manage their existing physical IT and OT infrastructures.
The continued convergence of communications brings our security thinking to a different perspective on cloud security, when we accept that many of these new people-facing services, such as full-function collaboration suites, are cloud native to begin with. This also guides us to plan for and include in the organization’s overall IT and OT architectures the many different types of communications technologies and systems being used.