7.2 Operating System Security P2

Question 1

What is involved in Cloud Computing Security?

Answer 1

Hosting your system(s) virtually
Securing the OS within the cloud
What is the cloud? - what is the benefits?
What are the extra challenges?

Question 2

What are the benefits of cloud?

Answer 2

Productivity gains supported by economies of scale for all enterprises
Data centres that provide cost-effective, secure & sustainable computing power
Increased accessibility for SMEs to computing resources coupled by a standardised interface usage
Efficient scaling of resources
Resources concentration
Timely access to updates & defaults
Effective audit & evidence gathering useful in forensic analysis

Question 3

What are potential challenges for cloud computing security?

Answer 3

What data is it?
Who controls it?
Who has responsibility for what?
What should be in the SLA?
Compatibility & common standards between cloud providers
Can one 'harden' your cloud services
SMEs and security - the corporation / SME still has responsibility for security
Data protection rules

Question 4

What does BYOD & cloud computing hardening involve?

Answer 4

Technology
Processes
Responsibility
Existing guidance seems to be focused on larger organisations with all the resources, practices, processes
Gaps in provision for SMEs - security dictated by SLAs & sharing responsibility

Question 5

What are the OS security practicalities?

Answer 5

Camera phones
BYOD policies… practical issues
Dynamic state (all change, new tech, processes, capabilities)