Quizlet #7 Flashcards
Goals of cost management tools
Visibility, Accountability, Control and Intelligence
Visibility to cloud costs
Built-in reporting tools, Custom dashboards, Pricing calculator
Accountability for cloud costs
Defining clear ownership for projects and sharing cost views with the departments and teams that are using cloud resources
Control over cloud costs
Precise permissions in place to ensure that only authorized individuals in an organization have the power to deploy cloud resources. Creating budgets and alerts to notify key stakeholders when spending is getting off track is an important practice to keep costs under control.
Intelligence in cloud costs
Optimize usage, Save time, Minimize costs
Financial Governance
How leaders plan, manage, set up, and control IT costs
Security
Securing data centers, networks, and private data
Privacy
The data an organization or an individual has access to and who they can share that data with
Compliance
Meeting standards set by a third party. This third party might be a regulatory authority, or it might be an international standards organization
Availability
How much time the cloud service provider guarantees data and services will be running or accessible
How availibity documented
% of time available per year. Ex. 99.9% available.
Common Cyber Threats
Phishing, physical damage, malware, unsecured 3rd party systems, and lack of expert knowledge
Shared service provider management
Cloud service provider is the data processor while organization is the data controller
Google’s layers of security
(Top-down) Operations, Network, Identity, Storage, Software, Hardware
Customer’s responsibility
Control access to data
Cloud provider’s responsibility
Securing underlying infrastructure
Google’s Hardware layer of protection
Google designs its own servers, its storage, and its networking gear. It manufactures almost all of its own hardware, and third parties never see the overall process. The hardware is housed in these high-security data centers that are located around the world
Titan
Chip embedded that checks a machine for integrity every time it boots up.
Software layer of protection
Verifies the operating systems and the rest of the deployed software stack. The server is not allowed onto the network and it holds zero data until its health is confirmed
Storage layer of protection
Encryption at rest protects data when it is stored on physical media. ALL data at rest is also encrypted by default to help guard against unauthorized access.
