Episode description
In Cloud Provider Comparisons, we take a look at the same cloud services across the three major public cloud providers – Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). In this episode we put the focus on security. Often, there’s confusion surrounding cloud security because organizations don’t always know what they’re responsible for. In addition, with security breaches happening around the world, knowing how to secure your resources in the cloud has become a key focus area. Join Riaan Lowe in this episode to learn about the shared responsibility models across AWS, Azure, and GCP, as well as Identity and Access Management (IAM), Platform-as-a-Service (PaaS) data security options, and built-in security and compliance.
Links to everything covered in this episode are provided below.
Timestamps:
0:00 Introduction
0:42 An introduction to cloud security
1:29 Shared responsibility models for Azure, AWS, and GCP
3:39 Identity and Access Management (IAM)
5:02 IaaS Security (DDoS protection, secrets management, virtual private networking)
6:33 Data security (PaaS – IAM policies, firewall rules/IP whitelisting, TLS, TDE)
7:31 Built-in security and compliance
8:26 Marketplace support for cloud security
- Subscribe to stay updated on when we drop a new video!
https://www.youtube.com/channel/UCp8lLM2JP_1pv6E0NQ38pqw/?sub_confirmation=1 - Sign up for a free ACG account – get access to free courses and content: https://bit.ly/2R07VSz
- Like us on Facebook: https://www.facebook.com/acloudguru
- Follow us on Twitter: https://twitter.com/acloudguru
- Join the conversation on Discord: https://discord.com/invite/acloudguru
Microsoft Azure Shared Responsibility: https://docs.microsoft.com/en-us/azure/security/fundamentals/shared-responsibility
Amazon Web Services Shared Responsibility Model: https://aws.amazon.com/compliance/shared-responsibility-model/
Google Cloud Platform Shared Responsibility Matrix: https://services.google.com/fh/files/misc/gcp_pci_srm__apr_2019.pdf
Azure Identity and Access Management (IAM): https://azure.microsoft.com/en-au/product-categories/identity/
Azure AD Privileged Identity Management (IAM): https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure
AWS Identity and Access Management (IAM): https://aws.amazon.com/iam/
Google Cloud Identity and Access Management: https://cloud.google.com/iam
Azure DDos Protection: https://azure.microsoft.com/en-au/services/ddos-protection/
AWS Shield (managed DDos Protection): https://aws.amazon.com/shield/
Google Cloud Armor: https://cloud.google.com/armor
Azure Key Vault: https://azure.microsoft.com/en-au/services/key-vault/
AWS Secrets Manager: https://aws.amazon.com/secrets-manager/
Google Cloud Secret Manager: https://cloud.google.com/secret-manager
AWS VPN (Virtual Private Network): https://aws.amazon.com/vpn/
Azure VPN Gateway: https://azure.microsoft.com/en-au/services/vpn-gateway/
Google Cloud VPN: https://cloud.google.com/network-connectivity/docs/vpn/concepts/overview
Azure SQL Database and SQL Managed Instance security: https://docs.microsoft.com/en-us/azure/azure-sql/database/security-overview
Security in Amazon RDS: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.html
Best practices for securing your Google Cloud databases: https://cloud.google.com/blog/products/gcp/best-practices-for-securing-your-google-cloud-databases
Azure Security Center: https://azure.microsoft.com/en-au/services/security-center/
Amazon Inspector: https://aws.amazon.com/inspector/
Google Cloud Trust and Security: https://cloud.google.com/security
Azure Marketplace: https://azuremarketplace.microsoft.com/en-us/marketplace/
AWS Marketplace: https://aws.amazon.com/marketplace
Google Cloud Marketplace: https://cloud.google.com/marketplace
Series description
In Cloud Provider Comparisons, we explore and compare the same cloud service across the three major public cloud providers - Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP).