Summary
In this chapter, we learned about the core patterns that can be leveraged to protect data at rest, in transit, and in use. We also learned how important a key management service is when it comes to protecting data at rest, and the significance of certificate management to protect data at rest. Finally, we looked at some of the emerging patterns such as the multi-cloud key orchestrator and encryption-as-a-service patterns. We also learned how and why it is important to implement a data activity monitoring pattern to measure the effectiveness of the data protection mechanisms and provide alerts on any threats. The critical observation is how, in a shared responsibility model of the cloud, customers can leverage key management services to be in full control of their data.
In the next chapter, we will look at shift-left security for DevOps.
