Blue Security
Andy Jaw & Adam Brewer
Kategorien: Technologie
Hören Sie sich die letzte Folge an:
In this episode, Andy and Adam discuss the importance of VDI (Virtual Desktop Infrastructure) in security and enterprise architecture. They highlight the security benefits of VDI, such as separating end user environments from the underlying physical hardware, centralized management of baseline images and patches, and the ability to keep sensitive data in the data center. They also explore the shared responsibility model in cloud computing, where the cloud provider is responsible for the security of the infrastructure, but the end users are responsible for protecting their data and assets stored in the cloud.
Takeaways -VDI provides security benefits by separating end user environments from the underlying physical hardware and centralizing management of baseline images and patches.
-The shared responsibility model in cloud computing means that while the cloud provider is responsible for the security of the infrastructure, the end users are responsible for protecting their data and assets stored in the cloud.
-Understanding the shared responsibility model is crucial for security practitioners to ensure they are defending their organization's data effectively.
-Minimizing the use of IaaS and on-premises models in favor of PaaS and SaaS models can reduce the organization's security responsibilities and provide better security.
-It's important to know what you're responsible for in terms of data protection and security when using cloud services.
----------------------------------------------------------- YouTube Video Link: ----------------------------------------------------------- Documentation:
https://x.com/itguysocal/status/1769052129111707877?s=46&t=wVpJpdH7u2mDZZDEtx3bMg
https://learn.microsoft.com/en-us/azure/security/fundamentals/shared-responsibility
https://aws.amazon.com/compliance/shared-responsibility-model/
https://cloud.google.com/architecture/framework/security/shared-responsibility-shared-fate ----------------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Linkedin: https://www.linkedin.com/company/bluesecpod Youtube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ----------------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com
--- Send in a voice message: https://podcasters.spotify.com/pod/show/blue-security-podcast/messageVorherige Folgen
-
189 - VDI and Shared Responsibility Model Mon, 22 Apr 2024
-
188 - Entra Follow-up, Helpdesk Security, Certifications Tue, 16 Apr 2024
-
187 - Managed Machines, E3 vs E5 Tue, 09 Apr 2024
-
186 - Teams External User Phishing Tue, 02 Apr 2024
-
185 - Midnight Blizzard Update, CISO Technical Skills, BEC + Automatic Attack Disruption Tue, 26 Mar 2024
-
184 - Microsoft Secure Recap Tue, 19 Mar 2024
-
183 - FBI Internet Crimes Report and BEC Protection Tue, 12 Mar 2024
-
182 - Application Allow Listing, iMessage Post Quantum Tue, 05 Mar 2024
-
181 - Edge Password Vault, SSO, Domain Admin Creds Tue, 27 Feb 2024
-
180 - Bitlocker Bypass and USAF Re-org Tue, 20 Feb 2024
-
179 - Microsoft Sentinel Deep-Dive with Henrik Wojcik Tue, 13 Feb 2024
-
178 - Cloudflare Hacked, Intune Suite, Apple Stolen Device Protection Tue, 06 Feb 2024
-
177 - Midnight Blizzard Attack on Microsoft Tue, 30 Jan 2024
-
176 - X accounts hacked, 23andMe revisited, CA for Entitlement Management Tue, 23 Jan 2024
-
175 - Entra Join is the way Tue, 16 Jan 2024
-
174 - Entra improvements, QR Code phishing, AppGuard deprecated Tue, 09 Jan 2024
-
173 - Common PIM mistakes Mon, 01 Jan 2024
-
172 - Microsoft Digital Defense Report 2023 Mon, 25 Dec 2023
-
171 - Audits and Data/AI Security with Special Guests Carley Salmon and Megan Maley Mon, 18 Dec 2023
-
170 - CNAPP - Defender for Cloud Overview Mon, 11 Dec 2023
-
169 - MeridianLink extortion, Plastic Surgery office breached, AI voice clones Mon, 04 Dec 2023
-
168 - Microsoft Ignite 2023 - Part 2 Mon, 04 Dec 2023
-
167 - Microsoft Ignite 2023 - Part 1 Mon, 20 Nov 2023
-
166 - Okta Breach Follow-up and Passkeys Mon, 13 Nov 2023
-
165 - SEC charges Solarwinds CISO & Backing up and Archiving M365 data Sun, 12 Nov 2023
-
164 - 23andMe, Okta breach, MDE Automatic Attack Disruption Mon, 30 Oct 2023
-
163 - Entra Web-sign in, MDE Device Control, Imposter Syndrome Mon, 23 Oct 2023
-
162 - Conditional Access Gap Analysis Thu, 19 Oct 2023
-
161 - Unpopular Cybersecurity Opinions Mon, 09 Oct 2023
-
160 - JCI Ransomware, Ransomware Negotiations, CISA guidance Mon, 02 Oct 2023
-
159 - MITRE Engenuity ATT&CK Evaluations and Insider Risk Tue, 26 Sep 2023
-
158 - MGM Resorts Security Incident Mon, 18 Sep 2023
-
157 - Apple 0-day's, Storm-0558 follow up, MFST Conditional Access Dashboard Mon, 11 Sep 2023
-
156 - Data Security in Microsoft 365 Mon, 04 Sep 2023
-
155 - Side channel attack, White House cybersecurity workforce plan, IBM Cost of a Data Breach Mon, 28 Aug 2023
-
154 - Red Teaming with Special Guest 23P Mon, 21 Aug 2023
-
153 - Securing Entra External Identities Mon, 14 Aug 2023
-
152 - Educating Defenders with Special Guest Howard Friedman, Ascent Solutions Mon, 07 Aug 2023
-
151 - New SEC and FCC rules, and Samsung device security Mon, 31 Jul 2023
-
150 - Expanded M365 audit logs, Threads, new Entra features Mon, 24 Jul 2023
-
149 - Storm-0558 - Attack on Exchange Online Mon, 17 Jul 2023
-
148 - Common M365 Misconfigurations Mon, 10 Jul 2023
-
147 - What's new with Intune and Entra Mon, 03 Jul 2023
-
146 - OWASP Top 10 and Top 10 for LLM Mon, 26 Jun 2023
-
145 - Network Security 101 Mon, 19 Jun 2023
-
144 - MSSP's Mon, 12 Jun 2023
-
143 - Protecting M365 from on-premise attacks Mon, 05 Jun 2023
-
142 - Microsoft Build 2023 Recap Tue, 30 May 2023
-
141 - Limiting Chatgpt Mon, 22 May 2023
-
140 - Apple Rapid Security, Data Encryption, Layoffs & Insider Risk Mon, 15 May 2023