Practicing Security in Public Clouds
Upcoming SlideShare
Loading in...5
×

Like this? Share it with your network

Share
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
1,546
On Slideshare
1,510
From Embeds
36
Number of Embeds
5

Actions

Shares
Downloads
15
Comments
0
Likes
0

Embeds 36

http://www.porticor.com 19
http://porticor.com 8
http://home.porticor.com 7
http://porticor.wordpress.com 1
http://porticor.com.previewdns.com 1

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Gilad Parann-Nissany
    http://www.porticor.comcontact@porticor.com
    June 2nd, 2010
    Practicing Security in Public Clouds
    6/25/2010
    Copyright 2009, 2010 ©Porticor
  • 2. http://www.porticor.comcontact@porticor.com
    6/25/2010
    Copyright 2009, 2010 ©Porticor
  • 3. Public Clouds and FUD
    6/25/2010
    Copyright 2009, 2010 © Porticor
    Pay as you go
    Reasonable cost
    On-demand
    Self service
    Elastic
    Scale
    My precious data in a public place?
    Who do I trust?
    How easy to hack?
    Is encryption enough?
    Can I control it?
    Many considerations exist even before clouds
    Some considerations really are new
  • 4. How much security do I need?
    6/25/2010
    Copyright 2009, 2010 ©Porticor
  • 5. Modern threats…Its far too easy to be a bad guy
    Hacking is a business today, often involving professional criminals
    Interesting fact: biggest cloud in the world belongs to the crooks
    Number of Systems: 6,400,000
    Number of CPUs: 18,000,000+
    Bandwidth: 28 Terabits
    Facilities: 230 Countries
    …the Conficker worm 
    6/25/2010
    Copyright 2009, 2010 ©Porticor
    R. Joffe
  • 6. Security…
    6/25/2010
    Copyright 2009, 2010 ©Porticor
    by clarity
  • 7. Applying Security Concepts to Public Clouds
    Secure distributed data storage
    Keys management
    Hypervisors and virtual machines
    Intrusion Detection and Prevention (IDS/IPS)
    Logging and Log forensics
    Security Information Management
    Identity Access Management
    Policy management
    Denial of Service prevention
    Web Application Firewall
    Firewall
    Virtual Private Networks
    Encryption
    Database Firewall
    Data Leak Prevention
    Scanning for exploits
    Scanning for virus
    Physical security

    6/25/2010
    Copyright 2009, 2010 ©Porticor
    demo
    *courtesy CSA
  • 8. Understand the value of your data and service: sec should be cost effective
    Understand your complete problem domain
    Governance & Measurement
    Architecture & Technology
    Specifics of your application
    Answers
    Some are known already
    Some are truly new
    Cloud Operations really is new!
    Map out – what’s relevant for you
    Roll your own – or work with someone who has experience?
    http://www.porticor.comcontact@porticor.com
    6/25/2010
    Copyright 2009, 2010 ©Porticor