The concept of data security
Complete this Microsoft Education lesson to learn how to secure your Azure Storage account, https://docs.microsoft.com/en-us/learn/modules/secure-azure-storage-account/. You will use your Bellevue Office365 credentials to login where needed. The lesson will show you how several of the topics we have been discussing are implemented in Azure. Take a screenshot of the badge you earn from completing the lesson or the screen showing each of the units completed and submit it along with your answer to the below question.
Consider the below scenario:
- Your organization’s CEO has been considering how to address projected growth in your data processing functions by moving the workload to a cloud service provider. Current functions are executed in an on-prem data center on the same Local Area Network as the principal employee workforce. It is assumed some processing functions will remain on-prem during the transition.
- You’ve just completed a Privacy Impact Assessment on the customer data your organization maintains and have assessed that it will require protection to ensure it is not openly accessible to the public.
- Your CEO has asked what data security considerations must be addressed prior to proceeding to a cloud implementation.
In a two-page memorandum written to your CEO, explain the concepts of data security which will need to be addressed; these may not have held as high a priority in your on-prem deployment. Your CEO does not have an IT background, so structure your discussion for a non-technical audience. Remember, your CEO just wants to know what needs to be done. He doesn’t need to know the specific implementation details.
Note: Also mention the need for access keys or key management.
Student papers should address the need for data at rest and data in transit encryption as workload moves to a cloud provider. Data in transit should consider remote users as well as remaining on-prem workload. Data at rest should address encryption of remote data storage. Exceptional papers would also mention the need for access keys or key management. Papers that are not written to a non-technical audience should receive a deduction in points.