Information security uses administrative, technical (logical), and physical controls to mitigate risks related to organization’s assets. A policy is an administrative control.
If no policy exist in the IT department, research shows that employees will default to a defacto policy. A defacto policy means a policy that is in effect ,but not formally recognize. To stop this for happening, It is important for students to understand how to take the cloud best practices discussed throughout this course and use them to create a cloud security policy. Cloud security fundamentals and mechanisms is a huge part of the cloud security policy.
For this assignment, read the attached article: “Our Journey to the Cloud”. Use the “attached Template format” to create a policy for the cloud. Please note, the SANS policy is a template you can use to structure your policy.
Note – “ATTACHMENTS” – Assignment should be in attached format template. Need to read the following attached PDF from page 30-33 for better understanding.