Chapter 4

Restricting Access

IN THIS CHAPTER

Restricting data access

Getting to know least privilege policy

Adding authentication

Dealing with compliance

Understanding CSPM

Restricting access to data is one of the important (and perhaps stunningly obvious) parts of cloud security. This chapter delves into that topic, but also introduces the basics of compliance because, though not limited to access restrictions, most of the compliance requirements deal heavily with who has access to which types of data.

Protecting data with user access restriction has been around since the first days of computers, when users had to log in to a mainframe over a hardwired dumb terminal. There isn’t much new to the idea of user validation, but how it’s done in the 21st century is quite different. This next section goes into detail in determining the types of access restrictions you should set for your data and corresponding applications.

Determining the Level of Access Required

Properly configuring ...

Get Cybersecurity All-in-One For Dummies now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Cybersecurity All-in-One For Dummies by Joseph Steinberg, Kevin Beaver, Ira Winkler, Ted Coombs

Restricting Access

Determining the Level of Access Required

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly