The purpose of this module is to provide students with knowledge and skills to: (1) understand the value of business continuity and disaster recovery planning (2) to perform effective business continuity and disaster recovery planning for a business. Amazon AWS will be used as a case study to demonstrate the important role the Cloud will have in the future of business continuity and disaster recovery. For example, students will investigate how S3 and Glacier can be used as backup solutions. (3) gain an awareness of the security threats and best practices for securing the cloud. The concept of cloud computing continues to evolve, this module provides students with the latest information on new areas of focus in the changing Cloud security landscape.
Cloud Architecture
Definition of Cloud Computing (Essential Characteristics, Cloud Service Models, Cloud Deployment Models), Multi-Tenancy, CSA Cloud Reference Model, Jericho Cloud Cube Model, Cloud Security Reference Model, Cloud Service Brokers, Service Level Agreements
Governance and Enterprise Risk Management
Contractual Security Requirements, Enterprise and Information Risk Management, Third Party Management Recommendations, Supply chain examination, Use of Cost Savings for Cloud
Legal Issues: Contracts and Electronic Discovery
Consideration of cloud-related issues in three dimensions, eDiscovery considerations, Jurisdictions and data locations, Liability for activities of subcontractors, Due diligence responsibility, Federal Rules of Civil Procedure and electronically stored information.
Compliance and Audit Management
Definition of Compliance, Right to audit, Compliance impact on cloud contracts Audit scope and compliance scope, Compliance analysis requirements, Auditor requirements
Traditional Security, Business Continuity, and Disaster Recovery
Four D's of perimeter security, Cloud backup and disaster recovery services, Customer due diligence related to BCM/DR, Business Continuity Management/Disaster Recovery due diligence, Restoration Plan, Physical location of cloud provider
Continuity and Recovery planning
Information backup and storage. Off-site storage, storage consolidation, tape backup, RAID technologies. Mirroring and remote mirroring. Data recovery from backups. Centralized system recovery, decentralized system recovery, end-user recovery. Recovery plan testing.
BCDR in the Cloud
Case study of AWS to demonstrate the important role the Cloud will play in the future of BCDR. Practical exercises with S3 and Glacier for backup. Investigate AWS Elastic Block Store for creating snapshots of data volumes. AWS import/export for rapid migration of large data sets into and out of the Cloud. AWS storage gateway.
| Module Content & Assessment | |
|---|---|
| Assessment Breakdown | % |
| Other Assessment(s) | 100 |