Difference between revisions of "User:Shawndouglas/sandbox/sublevel1"

From LIMSWiki
Jump to navigationJump to search
 
(25 intermediate revisions by the same user not shown)
Line 1: Line 1:
[[File:Cloud-Security.png|right|400px]]Just as turning to a CSP's [[infrastructure as a service]] (IaaS) offloads much of the responsibility for supporting IT infrastructure to someone else, you can also offload a significant portion of the responsibility for supporting cloud security to someone else. As such, the vendor of managed security services (MSS)—whether it's the CSP itself or a third-party cloud-friendly MSSP—manages cloud-based security aspects such as vulnerability testing, intrusion detection, firewall management, virtual private network (VPN) management, security reporting, and technical support for your cloud implementation. As such, most of your internal IT staff can be freed to focus on other aspects of the business' IT infrastructure and operational developments.
{{Saved book
|title=Introduction to Quality and Quality Management Systems
|subtitle=
|cover-image=Time-Quality-Money.png
|cover-color=#fffccc
| setting-papersize = A4
| setting-showtoc = 1
| setting-columns = 1
}}


But turning to MSS for your cloud implementation should be about more than just staffing relief. Outsourcing security services may also have other perceived benefits to an organization, such as gaining operational and financial efficiency, increasing service availability, and avoiding technological obsolescence.<ref name="FFIEC_Out04">{{cite web |url=https://ithandbook.ffiec.gov/media/274841/ffiec_itbooklet_outsourcingtechnologyservices.pdf |format=PDF |title=Outsourcing Technology Services |author=Federal Financial Institutions Examination Council |publisher=FFIEC |date=June 2004 |accessdate=21 August 2021}}</ref> To be sure, managing [[cybersecurity]] in the cloud is both vital to and difficult for the average organization, particularly small organizations like independent laboratories with constrained budgets. Managing the physical and cybersecurity complexities associated with the likes of the [[Health Insurance Portability and Accountability Act]] (HIPAA), the [[General Data Protection Regulation]] (GDPR), and the Payment Card Industry Data Security Standard (PCI DSS) can be daunting, particularly given a lack of sufficient in-house expertise. Throw hybrid and multicloud deployments into the mix, and you suddenly require even more in-house expertise for development in public cloud environments like AWS and Microsoft Azure. When also considering that traditional on-premises IT security experience is not enough to manage cloud implementations, it's not difficult to imagine a scenario where an inexperienced IT staff could misconfigure a network security setting and compromise sensitive data within a cloud implementation.<ref name="TrianzHowMana21" />
==''Introduction to Quality and Quality Management Systems''==
{{ombox
| type      = content
| style    = width: 500px;
| text      = This book should not be considered complete until this message box has been removed. This is a work in progress.
}}
The goal of this short volume is to act as an introduction to the quality management system. It collects several articles related to quality, quality management, and associated systems.


An optimally run set of managed security services by a knowledgeable and experienced organization able to offer and stick to clear, legally defensible service level agreements and information governance mechanisms<ref name="SmallwoodInform14">{{cite book |title=Information Governance: Concepts, Strategies, and Best Practices |chapter=Chapter 1: The Onslaught of Big Data and the Information Governance Imperative |author=Smallwood, R.F. |publisher=Wiley |pages=3–13 |year=2014 |isbn=9781118218303}}</ref><ref name="O'NeillInform15">{{cite web |url=https://www.daymarksi.com/information-technology-navigator-blog/information-governance-a-principled-framework |title=Information Governance: A Principled Framework |author=O'Neill, S. |work=Daymark Blog |date=22 October 2015 |accessdate=21 August 2021}}</ref> makes sense for organizations without the necessary technical expertise and with significant liability should something go wrong. The complexities of running secure operations in the cloud only increase the importance of such an MSSP. Such a provider is able to<ref name="DotsonPract19">{{cite book |title=Practical Cloud Security: A Guide for Secure Design and Deployment |chapter=Chapter 7: Detecting, Responding to, and Recovering from Security Incidents |author=Dotson, C. |publisher=O'Reilly Media |pages=139–71 |year=2019 |isbn=9781492037514}}</ref>:
;1. What is quality?
:''Key terms''
:[[Quality (business)|Quality]]
:[[Quality assurance]]
:[[Quality control]]
:''The rest''
:[[Data quality]]
:[[Information quality]]
:[[Nonconformity (quality)|Nonconformity]]
:[[Service quality]]
;2. Processes and improvement
:[[Business process]]
:[[Process capability]]
:[[Risk management]]
:[[Workflow]]
;3. Mechanisms for quality
:[[Acceptance testing]]
:[[Conformance testing]]
:[[Clinical quality management system]]
:[[Continual improvement process]]
:[[Corrective and preventive action]]
:[[Good manufacturing practice]]
:[[Malcolm Baldrige National Quality Improvement Act of 1987]]
:[[Quality management]]
:[[Quality management system]]
:[[Total quality management]]
;4. Quality standards
:[[ISO 9000]]
:[[ISO 13485]]
:[[ISO 14000|ISO 14001]]
:[[ISO 15189]]
:[[ISO/IEC 17025]]
:[[ISO/TS 16949]]
;5. Quality in software
:[[Software quality]]
:[[Software quality assurance]]
:[[Software quality management]]


* monitor for, identify, assess, and react to vulnerabilities, intrusions, and other threats;
<!--Place all category tags here-->
* audit, adjust, and patch native security settings;
* improve encryption, firewall, and anti-malware mechanisms;
* manage and secure connected devices;
* manage and improve identity access management; and
* provide detailed reports about the state of organizational infrastructure.
 
==References==
{{Reflist|colwidth=30em}}

Latest revision as of 19:46, 9 February 2022

Introduction to Quality and Quality Management Systems
Time-Quality-Money.png
This user book is a user-generated collection of LIMSWiki articles that can be easily saved, rendered electronically, and ordered as a printed book.
If you are the creator of this book and need help, see Help:Books.

Edit this book: Book Creator · Wikitext
Select format to download:

PDF (A4) · PDF (Letter)

Order a printed copy from these publishers: PediaPress
Start ] [ FAQ ] [ Basic help ] [ Advanced help ] [ Feedback ] [ Recent Changes ]


Introduction to Quality and Quality Management Systems

The goal of this short volume is to act as an introduction to the quality management system. It collects several articles related to quality, quality management, and associated systems.

1. What is quality?
Key terms
Quality
Quality assurance
Quality control
The rest
Data quality
Information quality
Nonconformity
Service quality
2. Processes and improvement
Business process
Process capability
Risk management
Workflow
3. Mechanisms for quality
Acceptance testing
Conformance testing
Clinical quality management system
Continual improvement process
Corrective and preventive action
Good manufacturing practice
Malcolm Baldrige National Quality Improvement Act of 1987
Quality management
Quality management system
Total quality management
4. Quality standards
ISO 9000
ISO 13485
ISO 14001
ISO 15189
ISO/IEC 17025
ISO/TS 16949
5. Quality in software
Software quality
Software quality assurance
Software quality management