From the course: SecOps on Google Distributed Cloud (GDC) for Tier 3 Analysts by Google

Unlock this course with a free trial

Join today to access over 25,500 courses taught by industry experts.

Security engineering best practices

Security engineering best practices - Google Cloud Platform Tutorial

From the course: SecOps on Google Distributed Cloud (GDC) for Tier 3 Analysts by Google

Start my 1-month free trial Buy for my team

Security engineering best practices

- [Instructor] In this video, you'll briefly review a few best practices for an effective security engineering program. The first best practice returns to the security by design philosophy and building a zero trust architecture, ZTA. Every time you develop a security control system, remember the mantra, "Never trust, always verify." This requires you to verify the identity and security posture of all devices and users irrespective of their location before granting access to your network. As noted earlier in the earlier videos, you'll also want to keep the following zero trust principles in mind: Designed for least privilege access. Only grant access to the resources absolutely necessary for the performance of the user's role. This reduces the potential impact of a breach by limiting access paths and resources that could be exploited. Divide your network into smaller, more manageable zones using microsegmentation.…

Contents