Cloud Security and Governance
Ahmad, Rizwan (2021)
Ahmad, Rizwan
2021
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-202103083032
https://urn.fi/URN:NBN:fi:amk-202103083032
Tiivistelmä
Cloud security is a diverse challenge and the main reason is the loss of control of the infrastructure provisioning and visibility of the underlying virtual network. These cloud computing properties make cloud security and governance more challenging.
This thesis discusses many security and governance solutions and categorizes them either security or governance related issues. Existing processes that rely on manual operations are not efficient enough because the infrastructure is expandable in minutes (in relation to human resources). How security and audit processes can be deployed on such an agile infrastructure? How does security and governance can be monitored at scale? How does one not compromise agility and security at scale? How to provide security assurance to top management while following agile methodology.
This thesis discusses security and governance importance, implementation, automation at scale, enforcing and testing. AWS multi-account environment strategy was implemented to achieve security at scale. Centralizing security and logging enable security and audit teams to manage and view all resources by a central dashboard. Automation tools were deployed on each provisioned account to send logs, audit trails, resource inventory details to central service accounts for central management.
The results strongly indicate that security automation is a key component of cloud security and cloud security can be achieved at scale without compromising agility.
This thesis discusses many security and governance solutions and categorizes them either security or governance related issues. Existing processes that rely on manual operations are not efficient enough because the infrastructure is expandable in minutes (in relation to human resources). How security and audit processes can be deployed on such an agile infrastructure? How does security and governance can be monitored at scale? How does one not compromise agility and security at scale? How to provide security assurance to top management while following agile methodology.
This thesis discusses security and governance importance, implementation, automation at scale, enforcing and testing. AWS multi-account environment strategy was implemented to achieve security at scale. Centralizing security and logging enable security and audit teams to manage and view all resources by a central dashboard. Automation tools were deployed on each provisioned account to send logs, audit trails, resource inventory details to central service accounts for central management.
The results strongly indicate that security automation is a key component of cloud security and cloud security can be achieved at scale without compromising agility.