Your SlideShare is downloading. ×
0
Cloud security design considerations
Cloud security design considerations
Cloud security design considerations
Cloud security design considerations
Cloud security design considerations
Cloud security design considerations
Cloud security design considerations
Cloud security design considerations
Cloud security design considerations
Cloud security design considerations
Cloud security design considerations
Cloud security design considerations
Cloud security design considerations
Cloud security design considerations
Cloud security design considerations
Cloud security design considerations
Cloud security design considerations
Cloud security design considerations
Cloud security design considerations
Cloud security design considerations
Cloud security design considerations
Cloud security design considerations
Cloud security design considerations
Cloud security design considerations
Cloud security design considerations
Cloud security design considerations
Cloud security design considerations
Cloud security design considerations
Cloud security design considerations
Cloud security design considerations
Cloud security design considerations
Cloud security design considerations
Cloud security design considerations
Cloud security design considerations
Cloud security design considerations
Cloud security design considerations
Cloud security design considerations
Cloud security design considerations
Cloud security design considerations
Cloud security design considerations
Cloud security design considerations
Cloud security design considerations
Cloud security design considerations
Cloud security design considerations
Cloud security design considerations
Cloud security design considerations
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Cloud security design considerations

1,460

Published on

Published in: Technology, Business
0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,460
On Slideshare
0
From Embeds
0
Number of Embeds
6
Actions
Shares
0
Downloads
148
Comments
0
Likes
3
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  1. Cloud SecurityDesign ConsiderationsKavis Technology Consulting
  2. What level of security is required
  3. What level of security is required•••••
  4. What level of security is required••••••••••
  5. What level of security is required••••••••••
  6. What level of security is required•••••••••
  7. Security and Cloud Service Models
  8. Private Cloudshttp://designyoutrust.com
  9. It’s allYou!
  10. Public Clouds
  11. Vendor supplies …- Infrastructure securityYoudothis
  12. Vendor supplies …- Application Stack Security- Infrastructure SecurityYoudothis
  13. Vendor supplies …- Application Security- Application Stack Security- Infrastructure SecurityYoudothis
  14. Infrastructure Security••••
  15. Applications Stack Security••••
  16. Application Security•••••••••
  17. User security•••
  18. Security across all service models•••••••••Source:https://cloudsecurityalliance.org/guidance/csaguide.v3.0.pdf
  19. Key Security Areas of Focus••••••••••
  20. Security StrategiesCentralizeStandardizeAutomate
  21. Security ActionsApplicationDetectionPrevention
  22. Policy Enforcement”Golden” ImageCloud ServersDeploy••••••
  23. Policy Enforcement••••••
  24. Policy Enforcement••••••••Client ServerData StoreDeployAdmin ConsolePolicies
  25. Encryption•••••••••Encryption• Compliance• SecurityUsability• Complexity• Performance
  26. Encryption•••••••••••Encryption• Compliance• SecurityUsability• Complexity• Performance
  27. Key Management•••••••••ApplicationsUsersOrganizationsAccount
  28. Web Security••••
  29. API Token ManagementDo Not Roll Your Own
  30. API Token Management
  31. API Token Management
  32. API Token Management••••••
  33. Patch Management•••••••••
  34. Monitoring Security Performance Capacity Uptime Throughput SLA User metrics Kpis Log file analysis
  35. IntrusionDetectionTroubleShootingLogging
  36. Source: http://www.thoughtworks.com/continuous-deliveryContinuous Deployments
  37. Maintaining Consistent EnvironmentsAutomationManageTrackAdminister• Self Provision• Charge Back• Access Control• Policies• Audits
  38. ID ManagementCentralizedLDAPFacadeEntity 1 Entity 2 Entity nCSP 1 CSP 2 CSP 3USE CASEs Business to Business Internal costumers Known CustomersAdvantages Central control Roles, and groups termination
  39. ID ManagementdeCentralizedUSE CASEs Business to Consumer Open registration Large Number ofenrolleesAdvantages Must accept terms Simple integrationwith PartnersSource: http://static.springsource.org/spring-social/docs/1.0.x/reference/html/serviceprovider.html
  40. Thank YouFor details on this topic and others go to my blogwww Kavistechnology comImages courtesy of www.thinkstockphotos.com

×