Thank you for the information and quick reply, Kevin. I will have to check out Junglemap.
Haha...I think these days everyone's attention spans are a little fried. :P
Original Message:
Sent: Oct 21, 2020 07:28:51 AM
From: Kevin Stander
Subject: Cloud Deployment Models- Pros & Cons
Its done in conjunction with 3rd party , Junglemap.
the theme of only 2-3mins doesn't say much about the attention span our users have (only kidding if I have any of the users from my company reading this)
...LOL
------------------------------
Kevin Stander
Original Message:
Sent: Oct 20, 2020 12:13:39 PM
From: Anna Schorr
Subject: Cloud Deployment Models- Pros & Cons
Thank you for your response, Kevin. It is very helpful.
Does your company create these "Nano Leaning" training sessions yourselves? Or do you use a third-party to facilitate these trainings?
I know NINJIO was a huge success at my company and was something employees looked forward to. These sessions were also 2-3 min targetted training sessions and had a few questions at the end of each session to measure understanding. I credit a lot of my cybersecurity knowledge to these trainings.
------------------------------
Anna Campbell Schorr
Training Content Development
Cloud Security Alliance
[email protected]
Original Message:
Sent: Oct 20, 2020 04:21:57 AM
From: Kevin Stander
Subject: Cloud Deployment Models- Pros & Cons
Hi Anna,
We have been conducting very sucessful training with our companies user base using "Nano Learning". These are 2 -3 min targetted training sessions. It maybe a series of say 10 lessons (1 every 2 - 4 weeks). Users will receive specific, targeted topics , eg. phising, what to look for, identify , how to respond etc... some lessons may have a few quetions during or at the end of the session.
This has had over whelming approval as a learning format from our users, and with the various post learning exercises like Phishing email test, we saw how well our users identified and followed teh vaious processes as a result of the training...
/Kevin
------------------------------
Kevin Stander
Original Message:
Sent: Oct 16, 2020 10:00:37 AM
From: Anna Schorr
Subject: Cloud Deployment Models- Pros & Cons
Thank you Brian for your post and the analogy. I totally agree with you! In my security training experience, I have also learned that hacks and stolen information are often due to human error. What frustrates me though, is a lot of companies do not teach their employees best security practices. They take for granted that employees should be able to recognize a trojan or phishing email, for example. However, these things have only existed for a few decades.
NINJIO is one of my favorite security training programs. It is gamified, there is a new episode every week, and it is easy for nonsecurity background people to understand and digest. Does anyone else have suggestions for a security training program? How can we make our data more secure and educate ourselves and our coworkers?
Best,
------------------------------
Anna Schorr
Training Content Development
CSA
Original Message:
Sent: Oct 09, 2020 05:36:18 PM
From: Brian Dorsey
Subject: Cloud Deployment Models- Pros & Cons
Hack is an interesting word in and of itself these days. While there are a multitude of reasons why someone may get hacked in the cloud for me personally the number one reason is the same reason it happens on-prem and that's b/c of PEOPLE. If I am a visitor in your office and I plug my laptop in a jack is it hot, should I be able to pull an ip. Is your lan closet also your broom closet. If you do not have a clear security policy, accurate inventory, visibility into your environment, etc. and you move to the cloud then I see a lot customers bring those same habits to the cloud.
We have a very nice security system at home. We have motion sensors, lights outside, sensors for sound in case someone breaks a window and still My wife and kids like to open the back door and put the windows up to get some fresh air when it's nice outside. What the loves of my life do not like to do is lock those same windows and back door when they shut them, so every night I walk the house and check the windows and back door. That's not my sensors fault, or my security system, or the lights and my house is not insecurely built. This year 20 in the field for me and there's more products and solutions than I can ever remember. Security is a mindset and a culture.
------------------------------
Brian Dorsey
Original Message:
Sent: Oct 09, 2020 12:32:47 PM
From: Anna Schorr
Subject: Cloud Deployment Models- Pros & Cons
Thank you Guillaume for your response. It was very informative. I really appreciate the education.
My next question and this is open to the group, is why do people's and organization's clouds get hacked? It seems to be an increasing problem in today's society. Is it due to a lack of security, human error, etc.? It seems like its not just personal accounts being hacked anymore, but even big-name companies who should know better. What is the group's personal opinion on cloud hacks and what we can do to reduce them?
Thank you in advance for your contribution.
------------------------------
Anna Schorr
Training Administrative Assistant
CSA
Original Message:
Sent: Oct 06, 2020 06:48:21 AM
From: Guillaume Boutisseau
Subject: Cloud Deployment Models- Pros & Cons
There isn't a deployment model/type that is automatically more (or less) secure than another. Private gives you more visibility and control (incl up to hardware and facilities), but it is still possible to misconfigure it and make it vulnerable. Public doesn't give you that same depth of visibility and control, but you are secure if you use it correctly.
If you know your requirements and understand what can be achieved with the different deployment models (and also with the different SPI service models), you are more likely to make the right security decisions. The CCM, the CSA guidance and the CCSK cert will help with all that.
As for {security-cost-performance}, good security can be improved with the right architectural choices, (for example by taking advantage of the strengths of the different models and going Hybrid), and you can optimize cost and performance at the same time.
------------------------------
Guillaume Boutisseau
CCSK Authorized Instructor , CCSP
Original Message:
Sent: Sep 30, 2020 10:18:34 AM
From: Anna Schorr
Subject: Cloud Deployment Models- Pros & Cons
Thank you, Guillaume. What deployment model is that most secure? What can we do to make the cloud more secure? As you increase the price, does performance and security also increase? Or are the two not correlated? Or are they negatively correlated (as you increase performance, you lose control of security)?
Best,
------------------------------
Anna Schorr
Training Administrative Assistant
CSA
Original Message:
Sent: Sep 29, 2020 08:30:00 AM
From: Guillaume Boutisseau
Subject: Cloud Deployment Models- Pros & Cons
From a cloud migration point of view, the pros and cons of the different deployment models will depend essentially on the performance, cost (budget), and security requirements that you have.
Hybrid is probably the most popular type of deployment at this time.
------------------------------
Guillaume Boutisseau
CCSK Authorized Instructor , CCSP
Original Message:
Sent: Sep 18, 2020 11:11:29 AM
From: Anna Schorr
Subject: Cloud Deployment Models- Pros & Cons
In your opinion what are the pro and cons of different Cloud Deployment Models for cloud computing? What Cloud Deployment Model do you use if any? (Public Cloud, Private Cloud, Community, Hybrid)
Best,
------------------------------
Anna C. Schorr
Training Administrative Assistant
CSA
------------------------------