From the course: Building a Cloud Security Program
Join today to access over 25,300 courses taught by industry experts.
Governance, risk, and compliance
From the course: Building a Cloud Security Program
Governance, risk, and compliance
- [Instructor] The next pillar of your cloud security program should also include governance, risk, and compliance. Let's start with the challenges for GRC in cloud. The risk matrix that you have maintained for your on-premise data center doesn't directly translate to the cloud, so the risk matrix itself would need to be updated for the application. If you manage a risk register for applications that would've been on premise, they would need to be revisited for when they are moved into the cloud. The governance layer usually would consider some geographical boundaries, limitation on services, security gaps, and compliance certification for services that are provided by the cloud service provider, as not all services would be compliant to the industry requirement for the industry that you operate in. The on-premise processes and policies would need to include cloud environments and its nuances. Same goes for the cloud environments which have interaction with the on-premise environments…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.