Duration: about 1 - 1.5 hours (video targets 0.5 hours)
Level: Beginner / Intermediate / Advanced
This module provides a friendly introduction to general security concerns in the cloud, describes how risks can be mitigated by the cloud provider and by the user, and how NeCTAR handles specific concerns. Deployment methods of cloud services (SaaS, PaaS, IaaS) and how they affect security are discussed. Practical advice is given for hardening a machine: passwords and passphrases, updates/patches, blocking ports, etc. This module also includes hands-on exercises on how to encrypt data (both individual files, and entire volumes on the instance).
This module covers the following topics:
- Common security concerns when using the Cloud and how cloud provider and the user can mitigate such risks
- Cloud deployment models
- File and Volume Encryption (hands-on exercises)
- face to face
- hands-on exercises
The researcher will have gained awareness of the risks involved when using Cloud computing and what to watch out for when choosing a Cloud provider. They will know that NeCTAR is an excellent choice in regards to the security issues posed by a Cloud platform. They will also have learned what they need to do to keep their virtual machine and their data secure.
Course suitable for
This module targets intermediate users who have a VM on NeCTAR up and running. But their VM is still vulnerable to attack. The researcher wants to know what risks are involved, and wants to know practical steps to undertake in order to keep their machine from being hacked and their data from being leaked or compromised.
Before the course
The attendee needs to bring their own laptop (and charger!) if there are no Lab computers available. Instructions in this Module cover Linux, Mac OSX and Windows systems.
The user should have already logged onto the Dashboard once to activate their Trial Account. They should be familiar will all terminology and steps involved in launching an instance and setting up NeCTAR storage. Ideally, they have already set up an instance and can connect to it via ssh; they have set up one secondary ephemeral disk and mounted it on the instance; optionally, they have done the same with one Volume.
No software needs to be installed in advance, all of this is going to be covered in the exercises.