GCP Cloud Security: Introduction
Photo: Google

GCP Cloud Security: Introduction

Christopher Howell Christopher Howell

Christopher Howell

Published Feb 26, 2022
+ Follow

The Dork Knight

Here's the scenario - You have been recently hired as the cloud security engineer for Wayne Enterprises. Your new employer, Bruce, is too busy being a billionaire-playboy by day and masked vigilante by night, to deal with his cloud infrastructure. Wayne Enterprises has decided to use Google Cloud Platform as their service provider.

That is where you come in - as an expert in cloud security, it is your job to ensure that the company's secrets are protected. This of course can be an overwhelming task.

Year One

Let's cover a few basics here before we delve deeper into cloud security topics in later articles.

What is security? It consists of mainly three parts: identify the assets you need to protect, the threats you need to protect those assets against, and the defenses you need for protecting those assets.

What is the shared responsibility model? When using a cloud provider, you now share some of these assets and threats with a third party. It is both the cloud provider's and your responsibility to protect against threats.

Recommended by LinkedIn

4 Must Haves on your Cloud Security Checklist
4 Must Haves on your Cloud Security Checklist
Sandeep Y. 6 years ago
Cloud Security: Also Potentially Vulnerable
Cloud Security: Also Potentially Vulnerable
Yogesh K 2 years ago
5 Important Considerations for Cloud Security
5 Important Considerations for Cloud Security
Indranil Sengupta 10 years ago
It is both the cloud provider's and your responsibility to protect against threats.

What's different about cloud security? Traditional security perimeters no longer exist - identity is now the perimeter. You no longer control the hardware - everything you use now is in the form of software. The threat landscape is more sophisticated - malware, vulnerabilities, data leaks, oh my!

Clean Up The Streets

How do we protect this stuff? Let's start by prioritizing three things first. Implementing identity and access management(IAM), protecting our data with encryption, and ensuring we are logging and monitoring our assets. Later we'll shift to network security and learning how to implement disaster recovery.

Where do we start? Well, it would be foolish to try and tackle everything all at once. So, let's break it down and focus on one thing at a time.

In the next article, we will work on identity and access management as it is an essential first step in securing our cloud resources.

To view or add a comment, sign in

More articles by Christopher Howell

See all articles

Others also viewed

Similar topics

Explore content categories