WGU D485 DGN2 TASK 1: CLOUD
SECURITY IMPLEMENTATION PLAN
LATEST UPDATE WITH COMPLETE
SOLUTION
Cloud Security (Western Governors University)
, WGU D485 DGN2 TASK 1: Cloud Security Implementation Plan Latest Update with complete solution
DGN2 TASK 1: Cloud Security Implementation Plan
Cloud Security
implementation Plan A.
Executive
Summary 2
With their rapid growth, and mounting cybersecurity concerns, SWBTL
LLC has begun a migration to the Microsoft Azure cloud environment.
The consultant who was heading up the migration has unexpectedly
left the project to work for another company, and in doing so has left
the Microsoft Azure environment in need of serious repair. After
viewing the company overview and business requirements, I have
identified several areas in which the business requirements are not in
sync with the current security infrastructure.
1. RoleBased Access Control (RBAC): SWBTL LLC's business
requirements document mentions that each department should have
its own resource group, and these resource groups should apply the
principal of least privilege. That is where role- based access controls
come in. The current cloud environment does not utilize role- based
access controls, so it is difficult to apply the principal of least privilege
within the environment. This causes serious security concerns.
2. Compliance: Due to the frequent payment card transactions that
the company processes daily, and the contracts that they have with
the United States Government, SWBTL LLC must remain in
compliance with multiple regulations. The Payment Card Industry
Data Security Standard DSS, or PCI DSS, and the Federal Information
Security Modernization Act, better known as FISMA. The current
SECURITY IMPLEMENTATION PLAN
LATEST UPDATE WITH COMPLETE
SOLUTION
Cloud Security (Western Governors University)
, WGU D485 DGN2 TASK 1: Cloud Security Implementation Plan Latest Update with complete solution
DGN2 TASK 1: Cloud Security Implementation Plan
Cloud Security
implementation Plan A.
Executive
Summary 2
With their rapid growth, and mounting cybersecurity concerns, SWBTL
LLC has begun a migration to the Microsoft Azure cloud environment.
The consultant who was heading up the migration has unexpectedly
left the project to work for another company, and in doing so has left
the Microsoft Azure environment in need of serious repair. After
viewing the company overview and business requirements, I have
identified several areas in which the business requirements are not in
sync with the current security infrastructure.
1. RoleBased Access Control (RBAC): SWBTL LLC's business
requirements document mentions that each department should have
its own resource group, and these resource groups should apply the
principal of least privilege. That is where role- based access controls
come in. The current cloud environment does not utilize role- based
access controls, so it is difficult to apply the principal of least privilege
within the environment. This causes serious security concerns.
2. Compliance: Due to the frequent payment card transactions that
the company processes daily, and the contracts that they have with
the United States Government, SWBTL LLC must remain in
compliance with multiple regulations. The Payment Card Industry
Data Security Standard DSS, or PCI DSS, and the Federal Information
Security Modernization Act, better known as FISMA. The current
