Lecture 5 Flashcards
Cloud Database Security
What is a cloud database? (!!)
It is a database that runs on the internet, which allows companies to manage their data without the need for on-premise physical servers.
What are the 3 types of cloud databases? (!!)
-Public: using shared public services.
-Private: a cloud environment dedicated to one organization. could be on or off-premise.
-Hybrid: combining both public and private cloud environments.
What are 4 advantages of cloud databases? (!!)
-Scalability: scales up/down on demand.
-Low cost: no need for hardware.
-Accessibility: can be accessed from anywhere.
-Managed services: database is managed by provider.
Name 4 challenges to cloud databases: (!!)
-Security concerns: data is in the providers hands.
-Internet reliance: internet inconsistency can effect connectivity to the cloud.
-Vendor Lock-in: hard to switch providers.
-Complaince risk: makes compliance more complicated.
What is cloud database security? (!!)
The strategies and tools designed to protect data in the cloud.
Explain the shared responsibility model of cloud security: (!!)
The security responsibility is shared between both the cloud service provider and the customer, where:
-The CSP handles the security of hardware, network, and infrastructure.
-The customer secures data, applications, and access control.
What are 4 best practices in cloud database security? (!!)
-Encryption.
-Access Control.
-Regular Auditing.
-Multi-Factor Authentication.
List 3 advanced tools for cloud database security:
System Information and Event Management tools (SIEM): analysis logs and responds to potential threats.
Intrusion Detection Systems (IDS): detects and alerts for suspicious activity.
Backup and Disaster Recovery Planning tools: ensures up-to-date automated backups of data.
Talk about some future trends in cloud database security: (!!)
Cloud security is evolving and some future trends are machine learning, zero trust architecture, and confidential computing.
What is the “Zero Trust Architecture (ZTA)”? (!!)
it is a modern principle of never trusting anything without verification.
List 3 key features of the zero trust architecture: (!!)
-Continuous Verification.
-Micro-segmentation: network is segmented to limit access to sensitive data.
-Least privilege.
What is confidential computing? (!!)
Confidential computing is using hardware to keep data protected and encrypted while it’s being used.
What makes confidential computing different than homomorphic encryption?
1- Homomorphic encryption relies on encryption techniques, whereas confidential computing uses security hardware.
2- Homomorphic encryption processes data while its encrypted, but confidential computing processes data in plaintext but using secure hardware.
3- Homomorphic is slower, confidential computing is faster.
What are 2 benefits to confidential computing?
-Data protection in use.
-More trust.
