WGU D485 TASK 1– CLOUD SECURITY: |
PASSED ON FIRST ATTEMPT |LATEST UPDATE
WITH COMPLETE SOLUTION
AT WESTERN GOVERNORS UNIVERSITY
SWBTL LLC Cloud Security Implementation Plan
Richard C. Dombkowski
D485 – Cloud Security
Western Governors University
, SWBTL LLC CLOUD SECURITY IMPLEMENTATION PLAN
Table of Contents
A. Executive Summary.............................................................................................................................3
B. Proposed Course of Action..................................................................................................................4
C. Current State of Role-Based Access Analysis......................................................................................8
Role-Based Access Recommendations....................................................................................................9
Recommendation 1..............................................................................................................................9
Recommendation 2.............................................................................................................................10
Recommendation 3 – Role Assignment Audit.....................................................................................11
Role-Based Access Control Configuration.............................................................................................12
D. Azure Key Vaults...............................................................................................................................16
Best Practice Implementation.................................................................................................................17
Marketing Best Practice.....................................................................................................................17
Accounting Best Practice...................................................................................................................19
Key Vault Recommendations.................................................................................................................22
Recommendation 1- Using Key Vualts for Data Encryption..............................................................22
Recommendation 2 – Implementing Key Vault-Backed Encryption...................................................23
E. Backups.............................................................................................................................................24
Current State of Backups.......................................................................................................................24
Setting Configuration Rationale.............................................................................................................25
F. Division of Security Responsibilities.................................................................................................26
Company Assumed Risk........................................................................................................................27
Risk 1- Inadequate Application Security:...........................................................................................27
Risk 2 - Insufficient Data Encryption:................................................................................................27
Risk 3 - Misconfigured Identity and Access Management:.................................................................28
Risk Mitigation Recommendations........................................................................................................28
Recommendation 1 - Implement Continuous Security Monitoring:....................................................28
Recommendation 2 - Regular Security Training and Awareness:......................................................29
Recommendation 3 - Automate Compliance Auditing:.......................................................................29
G. Potential Threats Impacting the Company's Cloud Solution..............................................................29
H. Solution Presentation.........................................................................................................................31
I. References..........................................................................................................................................32
Appendix A...............................................................................................................................................33
2
PASSED ON FIRST ATTEMPT |LATEST UPDATE
WITH COMPLETE SOLUTION
AT WESTERN GOVERNORS UNIVERSITY
SWBTL LLC Cloud Security Implementation Plan
Richard C. Dombkowski
D485 – Cloud Security
Western Governors University
, SWBTL LLC CLOUD SECURITY IMPLEMENTATION PLAN
Table of Contents
A. Executive Summary.............................................................................................................................3
B. Proposed Course of Action..................................................................................................................4
C. Current State of Role-Based Access Analysis......................................................................................8
Role-Based Access Recommendations....................................................................................................9
Recommendation 1..............................................................................................................................9
Recommendation 2.............................................................................................................................10
Recommendation 3 – Role Assignment Audit.....................................................................................11
Role-Based Access Control Configuration.............................................................................................12
D. Azure Key Vaults...............................................................................................................................16
Best Practice Implementation.................................................................................................................17
Marketing Best Practice.....................................................................................................................17
Accounting Best Practice...................................................................................................................19
Key Vault Recommendations.................................................................................................................22
Recommendation 1- Using Key Vualts for Data Encryption..............................................................22
Recommendation 2 – Implementing Key Vault-Backed Encryption...................................................23
E. Backups.............................................................................................................................................24
Current State of Backups.......................................................................................................................24
Setting Configuration Rationale.............................................................................................................25
F. Division of Security Responsibilities.................................................................................................26
Company Assumed Risk........................................................................................................................27
Risk 1- Inadequate Application Security:...........................................................................................27
Risk 2 - Insufficient Data Encryption:................................................................................................27
Risk 3 - Misconfigured Identity and Access Management:.................................................................28
Risk Mitigation Recommendations........................................................................................................28
Recommendation 1 - Implement Continuous Security Monitoring:....................................................28
Recommendation 2 - Regular Security Training and Awareness:......................................................29
Recommendation 3 - Automate Compliance Auditing:.......................................................................29
G. Potential Threats Impacting the Company's Cloud Solution..............................................................29
H. Solution Presentation.........................................................................................................................31
I. References..........................................................................................................................................32
Appendix A...............................................................................................................................................33
2
