Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type

Topics

Publication Date

Podcast

Best Practices for Security in Cloud Computing

  • October 2018
  • By Donald Faatz, Timothy Morrow
  • Don Faatz and Tim Morrow, researchers with the SEI’s CERT Division, outline best practices that organizations should use to address the vulnerabilities and risks in moving applications and data to cloud services.
  • Cloud Computing
  • Publisher: Software Engineering Institute
  • Watch

  • Listen

    Loading Podcast.....
  • Related

    SEI Blog Post | Best Practices for Cloud Security

  • Abstract

    The federal government recently made cloud adoption a central tenet of its IT modernization strategy. As organizations adopt cloud technologies and/or choose cloud service providers (CSPs), they face vulnerabilities and risks. In this podcast, Don Faatz and Tim Morrow, researchers with the SEI’s CERT Division, outline best practices that organizations should use to address the vulnerabilities and risks in moving applications and data to cloud services. These practices are geared toward small and medium-sized organizations; however, all organizations, independent of size, can use these practices to improve the security of their cloud usage. 

  • Transcript
  • Audio

About the Speaker

  • Donald Faatz

    Donald Faatz is a security solutions engineer in the SEI’s CERT Division. Faatz’s ongoing work focuses on understanding and architecting mitigation solutions for cybersecurity risks associated with emerging and evolving technologies, such as cloud computing and the Internet of Things. Faatz’s past experience includes developing reference architectures that address cybersecurity challenges facing electric utilities. He has also researched graphical modeling techniques for cybersecurity architecture, for which he was awarded a patent.

  • Timothy Morrow

    Tim Morrow is the situational awareness technical manager in the SEI CERT Division’s Monitoring and Response Directorate. Morrow applies architecture-centric approaches to systems-of-systems to analyze and identify potential risks to improve their cybersecurity. Morrow’s past experience includes providing acquisition and technical support for the complete lifecycle of DoD and non-DoD programs.