From the course: Cloud Data, Platform, and Applications Security by Pearson

Phase 3: Use

From the course: Cloud Data, Platform, and Applications Security by Pearson

Start my 1-month free trial Buy for my team

Phase 3: Use

Phase three is the use or use phase. Here data is consumed by people or subjects, applications, systems, services, and tools. In this phase, data is often changed or modified or translated from the original state. Technically, you could say this is where raw data starts to become information. Now, remember, remotely used data must also use a VPN connection, or an SDP connection, or secure endpoints, or digitally signed API calls. The systems that use the data must be secured as well, such as using Next Generation Endpoint protection, maybe Palo Alto XDR Cortex, and host-based IPS engines. Again, technologies like data loss prevention or information or digital rights management could also be leveraged in this phase to access the monitoring of that data. In phase 3, assistance can come from a managed security service provider, MSSP, or a cloud access security broker. Now, I've mentioned a Caspi several times. Let me give you a list of some of the most popular ones so you can investigate those on your own time. Now, on the exam, you won't get any specific questions, any vendor-specific questions, but you should be aware of companies and products like Cypher Cloud, Forcepoint, Symantec Cloud SoC, Netscope Security Cloud Platform, and Cisco CloudLock. Now, for data being accessed from the consumer side in Phase 3, you should have secure connections VPNs, SDP, TLS 1.2, and the platforms with which the users connect to the cloud should also be secured as well. In addition, permissions for changing and processing data should be implemented. So logging and auditing should be implemented for maximum visibility when data is accessed from the consumer side. What about the provider side? Well, you need robust protections to exist in the deployment of, for example, virtualization clusters. Personnel and administrative controls should be employed on the provider side.

Contents