CloudCamp Chicago May 2014

683 views

Published on

CloudCamp Chicago May 2014

Full speaker deck, with lightning talks:
"Reasoning About Enterprise Application Security in a Cloudy World" - Steve Binderup, Cloud Security Advocate at Elastica @stevebinderup
"Effectively Designing & Implementing Hybrid Solutions: A Real-World Hybrid Use Case" - Eric Dominguez, Director of Sales Engineering at ServerCentral
"A Hybrid Strategy" - Chris Swan, CTO at Cohesive @cpswan
"It’s Time to Go Public With Cloud" - Trevor Hess, Consultant at 10th Magnitude @trevorghess
"Welcome to the Farm (or why a hybrid cloud makes sense)" - Jay O'Connor, Director of Engineering at Belly @jdoconnor

Interested in speaking, sponsoring, or attending the next CloudCamp? Contact CohesiveFT!

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
683
On SlideShare
0
From Embeds
0
Number of Embeds
18
Actions
Shares
0
Downloads
8
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

CloudCamp Chicago May 2014

  1. 1. Sponsored by Hosted by CloudCamp Chicago ! ! “Public, Private or Hybrid?” #cloudcamp @CloudCamp_CHI
  2. 2. Emcee ! Ryan Koop
 CohesiveFT ! ! Tweet: @RyanKoop
 #cloudcam Sponsored by Hosted by #cloudcamp @CloudCamp_CHI
  3. 3. … sponsored by you! Mircea Husz - HP Leonard Salva - Century Link / Savvis Eric Peebles - ArtisanalTechnology Solutions Mark Calaguas Brandon Pittman -VMware Michael Basil - UprisingTechnology, Inc. Matthew Hess - Northwestern University
  4. 4. Mark your calendars - CloudCamp Chicago on July 24

  5. 5. 6:00 pm Introductions 6:10 pm: Lightning Talks "Reasoning About Enterprise Application Security in a Cloudy World" - Steve Binderup, Cloud Security Advocate at Elastica @stevebinderup "Effectively Designing & Implementing Hybrid Solutions:A Real- World Hybrid Use Case" - Eric Dominguez, Director of Sales Engineering at ServerCentral "A Hybrid Strategy" - Chris Swan, CTO at CohesiveFT @cpswan “It’s Time to Go Public With Cloud" - Trevor Hess, Consultant - at 10th Magnitude @trevorghess “Welcome To The Farm (or why a hybrid cloud makes sense)” - Jay O'Connor, Director of Engineering at Belly @jdoconnor 6:45 pm: Unpanel 7:30 pm: Unconference / Networking, drinks and pizza Agenda Sponsored by Hosted by #cloudcamp @CloudCamp_CHI
  6. 6. “Reasoning About Enterprise Application Security in a Cloudy World” ! Steve Binderup, Cloud Security Advocate
 Elastica ! Tweet: @stevebinderup #cloudcamp Sponsored by Hosted by #cloudcamp @CloudCamp_CHI
  7. 7. Reasoning About Enterprise Application Security in a Cloudy World Steve Binderup/Cloud Security Advocate / www.elastica.net
  8. 8. T H R E A T L I F E C Y C L E BEFORE Controls DURING Identification AFTER Response Firewalls, NGFW IDS/IPS, AV, AMP Forensics, IR Tools Rethinking Security: Being Threat Centric
  9. 9. Key Cybersecurity Hurdles Prolifera)on   of  New   Technologies   Evolu)on  of   Threat   Landscape   Increase  of     Complexity  
  10. 10. GRC: What Matters? Compliance:  Highly  complex,  one-­‐size  fits  all,  dynamic.   What  do  you  ul)mately  care  about:  Transparency.  Have   to  understand  risks  we  are  trying  to  mi)gate.  
  11. 11. Traditional Security Operation Center (SOC) 5   DLP  Firewall   IDS/IPS  
  12. 12. Key Enterprise SaaS Security Challenges Make  it   work  vs.   Approval   No   Visibility   App  /   Ac)on   No  Events   for  SEIM   to   Consume  
  13. 13. Where Controls are Lost 7   Layer   On  Prem   IaaS   PaaS   SaaS   App/Data   Middleware   OS   Virtual   Physical  
  14. 14. ESTABLISH SECURITY BASELINE CHOOSE AND APPLY COMPENSTATING CONTROLS Gartner Public Cloud Management Lifecycle INCIDENT DETECTION INCIDENT RESPONSE MANAGEMENT
  15. 15. Establish a Security Baseline 9   Baseline: Need to understand where you are right now Basic Discovery: Table stakes (any Firewall / NGFW can do it) Interesting challenge: Audit (what’s enterprise ready for you specifically?) ADMINISTRATIVE INFORMATIONALACCESS BUSINESS DATA SERVICE COMPLIANCE
  16. 16. Choose and Apply Compensating Controls 10   VISIBILITY ACTION User   Service   Object  Ac)on  
  17. 17. Incident Detection 11   Policies and controls identify specific tangible behaviors. But what about sophisticated threats that fall outside their scope? SIGNATURES   HEURISTiCS   BEHAVIOR-­‐ BASED   ANALYSIS   ANOMALY   DETECTION  
  18. 18. Incident Response Management 12   Attackers are constantly evolving and adapting. Threats will eventually get through. The question is no longer “What if?”, but “What now?” INFORMATION   ASYMMETRY   FAVORS   ATTACKERS   PRE-­‐THINK   RESPONSE;   HARD  TO  DO   AFTER  THE   FACT     INTEGRATE.   DON’T  BOLT  ON  
  19. 19. Cloud Services Security Problem 13   Visibility   Security   Compliance   Risk   Governance  
  20. 20. Thank you TAKEAWAYS     SaaS  Security  and  GRC  Problem  Mul)faceted     Consider  full  threat  lifecycle:  Before,  During,  AZer     Visibility  and  Ac)on  are  Key  Pillars       Sbinderup@elas)ca.co      
  21. 21. “Effectively Designing & Implementing Hybrid Solutions:A Real-World Hybrid Use Case” ! Eric Dominguez, Director of Sales Engineering ServerCentral ! Tweet: 
 #cloudcamp Sponsored by Hosted by #cloudcamp @CloudCamp_CHI
  22. 22. A Real-World Hybrid Use CaseE
  23. 23. HYBRID CLOUD YOU KEEP USING THAT WORD. I DO NOT THINK IT MEANS WHAT YOU THINK IT MEANS
  24. 24. CAN I HAVE MY RED CARD NOW?
  25. 25. “A Hybrid Strategy” ! Chris Swan, CTO
 CohesiveFT ! Tweet: @cpswan
 #cloudcamp Sponsored by Hosted by #cloudcamp @CloudCamp_CHI
  26. 26. A hybrid cloud or a hybrid strategy? Chris Swan CTO CohesiveFT @cpswan
  27. 27. Hybrid cloud is about common software stack Public Private Sponsored by:
  28. 28. Hybrid cloud is about resources outside your own data centre Public Hybrid Private Sponsored by:
  29. 29. Hybrid cloud is about common management and governance Public Private Single pane of glass Sponsored by:
  30. 30. Hybrid cloud is about common APIs Public Private Sponsored by:
  31. 31. Hybrid cloud is about common networking Public Private Overlay network Sponsored by:
  32. 32. And you can have multi cloud nirvana if you just buy all the stuff
  33. 33. Enough of hybrid cloud What about a hybrid strategy
  34. 34. Hybrid strategy Public Private Green field System of engagement Big data Public facing Sensitive data Specific control needs Tight integration Repatriation
  35. 35. A hybrid strategy is workload dependent Public Private ?
  36. 36. Very few workloads need both at once Public Private &?
  37. 37. Faster, cheaper and more expedient than removing variation? Public Private Tolerance of variation Public Private
  38. 38. But… not all that is private is cloud Private
  39. 39. And that new app might need old data Public
  40. 40. And there’s no need to do this Public Private
  41. 41. To get this Public
  42. 42. Conclusion • Hybrid cloud is a bill of goods • A hybrid strategy gets your app to where it needs to be • Cost of variance should be compared to cost of uniformity – pick your own winner • Connectivity can be ordered a la carte (and might not even come with the set menu anyway)
  43. 43. Thanks for listening @cpswan
  44. 44. “It’s Time to Go Public With Cloud” ! Trevor Hess, Consultant 10th Magnitude ! Tweet: @trevorghess
 #cloudcamp Sponsored by Hosted by #cloudcamp @CloudCamp_CHI
  45. 45. IT’S%TIME%TO%GO% PUBLIC%WITH% CLOUD
  46. 46. SO%WHY%PUBLIC?
  47. 47. STORAGE
  48. 48. MOBILE%APPS
  49. 49. JUST%CODE
  50. 50. FOCUS%ON%TESTS,%NOT%ENVIRONMENTS
  51. 51. TO%SUM%UP •  Let$Azure$take$care$of$ the$Flickr$for$pieces$and$ parts$of$your$loosely7 coupled$architecture$ •  Level$up$your$capabili:es$ by$taking$advantage$of$a$ scale$and$featureset$that$ would$take$millions$to$ invest$in$privately.$ •  Focus$on$what$makes$ you$amazing$
  52. 52. “Welcome To The Farm (or why a hybrid cloud makes sense)“ ! Jay O’Connor, Director of Engineering
 Belly ! Tweet: @jdoconnor #cloudcamp Sponsored by Hosted by #cloudcamp @CloudCamp_CHI
  53. 53. Welcome To The Farm (or why a hybrid cloud makes sense)
  54. 54. Livestock Vs Pets
  55. 55. Popular Hybrids
  56. 56. Popular Hybrids
  57. 57. Popular Hybrids
  58. 58. Popular Hybrids Your infrastructure
  59. 59. Public Commodity Cheap Replaceable
  60. 60. Private SecureExpensive Fixable
  61. 61. Playing Nice Tunnel everything Draw easy lines Hide complexity with apps
  62. 62. I mentioned nothing about planting crops
  63. 63. jay@bellycard.com @jdoconnor
  64. 64. Un-panel Discussion ! ! ! volunteer to join the panel & ask questions from the floor! ! Sponsored by Hosted by #cloudcamp @CloudCamp_CHI
  65. 65. Unconference ! Small groups & discussions, network ! Pizza’s almost here! ! ! Sponsored by Hosted by #cloudcamp @CloudCamp_CHI
  66. 66. Sponsored by Hosted by #cloudcamp @CloudCamp_CHI

×