Chapter 5

Restricting Access

IN THIS CHAPTER

Bullet Restricting data access

Bullet Getting to know least privilege policy

Bullet Adding authentication

Bullet Dealing with compliance

Bullet Understanding CSPM

Restricting access to data is one of the important (and perhaps stunningly obvious) parts of cloud security. This chapter delves into that topic, but also introduces the basics of compliance because, though not limited to access restrictions, most of the compliance requirements deal heavily with who has access to which types of data.

Protecting data with user access restriction has been around since the first days of computers, when users had to log in to a mainframe over a hardwired dumb terminal. There isn’t much new to the idea of user validation, but how it’s done in the 21st century is quite different. This next section goes into detail in determining the types of access restrictions you should set for your data and corresponding applications.

Determining the Level of Access Required

Properly configuring ...

Get Cloud Security For Dummies now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.