How to conduct forensic and IR investigations in the cloud [WEBINAR]
Depending on whom you ask, “cloud” is a term with many different meanings. Say it and some IT pros might think about their team’s new hybrid cloud initiative, while others might think of specific could platforms – and still others might consider the security risks cloud computing can bring into an IT environment.
While most companies understand the benefits that come with adopting cloud architectures, as well as those potential security risks, many lack an understanding of how to approach challenges. To protect sensitive data and make the most of the cloud, teams need to conduct incident response (IR) activities, investigate servers and applications across various cloud environments and seize opportunities to expedite forensic investigations.
Recently, Andrew Hay, chief information security officer of DataGravity, joined the SANS Institute for a webinar titled “Facilitating fluffy forensics 2.0.” In the segment, Hay focuses on cloud architecture, the advantages of conducting forensic and IR investigations in cloud environments, and the architectural challenges associated with cloud implementation.
To add validity to forensic investigations, it’s crucial to know where data exists. Data residency programs, such as those associated with Amazon Web Services, can help. However, organizations must still be aware of challenges associated with physical acquisition, instance isolation and hypervisors. During the webinar, Hay shares tips for asking questions that can aid these efforts, such as:
- Do we own the cloud architecture in question?
- Is our data sending or receiving communications to or from the outside world?
- Are we enabling virtualization with our data?
Hay also suggests that organizations keep an open mind when looking at cloud infrastructures, as they can help with complex investigations. Cloud infrastructure can scale much more than one individual with one laptop – in fact, it can open an infinite number of possibilities.
Learn more tips and strategies about cloud forensics and cloud security.Like This