You're reading from Cloud Security Handbook Find out how to effectively secure cloud environments using AWS, Azure, and GCP

Product type Paperback

Published in Apr 2022

Publisher Packt

ISBN-13 9781800569195

Length 456 pages

Edition 1st Edition

Tools

AWS

Concepts

Cloud Computing

Author (1):

Eyal Estrin

Preface

1. Section 1: Securing Infrastructure Cloud Services

2. Chapter 1: Introduction to Cloud Security FREE CHAPTER

3. Chapter 2: Securing Compute Services

4. Chapter 3: Securing Storage Services

5. Chapter 4: Securing Networking Services

6. Section 2: Deep Dive into IAM, Auditing, and Encryption

7. Chapter 5: Effective Strategies to Implement IAM Solutions

8. Chapter 6: Monitoring and Auditing Your Cloud Environments

9. Chapter 7: Applying Encryption in Cloud Services

10. Section 3: Threats and Compliance Management

11. Chapter 8: Understanding Common Security Threats to Cloud Services

12. Chapter 9: Handling Compliance and Regulation

13. Chapter 10: Engaging with Cloud Providers

14. Section 4: Advanced Use of Cloud Services

15. Chapter 11: Managing Hybrid Clouds

16. Chapter 12: Managing Multi-Cloud Environments

17. Chapter 13:Security in Large-Scale Environments

18. Other Books You May Enjoy

Failing to manage identities

Before we move on to Identity Management (IdM), let's look at a few examples of failing to manage identities:

A new employee has joined the organization. Since we do not have a documented and automated IdM workflow, the employee's permissions were copied from a system administrator's profile. The new employee was not aware of which sites they should browse on the internet, and, as result, they were infected by ransomware. This, in turn, infected the sales database, which was encrypted, and caused downtime for the sales division.
An employee was able to create an easy-to-guess password (because a complex password policy was not enforced at the organization level), and, as a result, a hacker was able to guess the employee's password and gain access to a confidential financial report.
An employee has changed their role in the organization, from IT to the development team, and we forgot to update their privileges on the production...

The rest of the chapter is locked