Introduction to Confluent Cloud Security

Hi, I'm Dan Weston with Confluent and welcome to this course on Confluent Cloud Security. Having a secure system that protects user data, adheres to privacy and compliance standards, and makes it easy for developers to build secure applications can be an extremely difficult task. In most cases, it becomes a balancing act between making sure your data is secure, and allowing your system to scale and be usable by your developers. This course is designed to walk you through the security features and advantages of using Confluent Cloud as your fully managed Cloud Native Apache Kafka system. First, we'll talk about how Confluent Cloud authenticates your users using a username and password or single sign-on and your applications using an OAuth provider or API keys. Now that your users have access, we'll make sure they have the correct authority to access the services and data they should. No more, no less. Using role-based access controls and access control lists. By default, Confluent Cloud encrypts your data in motion and your data at rest. In the encryption module, we'll focus on how to further protect your cluster by leveraging bring your own key, or BYOK. Next, in the auditing and monitoring module, we'll take a look at three different types of audit logs that are captured: authentication, authorization, and organizational events. For companies that are highly regulated, such as financial services, healthcare, government, energy, or high tech, providing and maintaining compliance with all the different services and platforms can be extremely labor intensive as well as time consuming. Confluent Cloud simplifies this process by maintaining a number of different compliance and privacy practices. Last, I'll leave you with some resources to help you on your way to setting up and maintaining a secure Kafka cluster. Now, let's get started.