Andy Malone - Keynote: the cloud one small step for man one giant leap for it


Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Andy Malone - Keynote: the cloud one small step for man one giant leap for it

  1. 1. Andy Malone The Cloud: One small step for man. One giant leap for IT
  2. 2. Microsoft MVP (Enterprise Security) Microsoft Certified Trainer (18 years) Founder: Cybercrime Security Forum! International Event Speaker Winner: Microsoft Speaker Idol 2006 Andy Malone (United Kingdom) Follow me on Twitter @AndyMalone
  3. 3. Agenda Revolution or Evolution What drives the cloud Security & Identity Privacy & Surveillance The Snowden Effect The future
  4. 4. The Journey from Revolution to Evolution The Industrial Revolution The Industrial Internet 1760 - 1840 2005 - Present The Internet Revolution 1980 - 2005
  5. 5. Revolution or Evolution The Mainframe Era The Home Computer Revolution The PC Dream The Internet Age The Mobile Era The Cloud Era
  6. 6. The Personal Computer Revolution
  7. 7. Storage Driven Revolution Punched Tape Magnetic Tape Floppy Disk Compact Disk & Variants Hard Drive HDD & Variants USB Portable Storage Cloud Storage
  8. 8. The Explosion of Data • Challenges • • • Anytime, anywhere, any device connectivity Explosion of data in all areas Discover, search, and analyze information in near real-time • Responses • • • • Massive build-out of data centers Innovations in technologies From infrastructure-focused to user-centric deployment New business models Doubling every 2 years
  9. 9. What drives the cloud? Consumerism High Speed Connections Elastic Data Storage Data center Reliability 99.9% SLA Simple Management Safe & Secure
  10. 10. The magic of Smart Innovation
  11. 11. The magic of software
  12. 12. Cloud Solutions SaaS Applications at Scale (Software as a Service (End (End users) users) Execution Platforms at Scale PaaS (Platform as a Service) Developers (Developers) Infrastructure at Scale IaaS (Infrastructure as a Service (Administrators (System Administrators) Enabling Technology (Cloud Service Delivery at Scale (Public / Private Cloud Providers) Cloud Service Delivery at Scale (Public / Private Cloud Providers) Cisco Confidential
  13. 13. Cloud Deployment Models Public Cloud Private Cloud Hybrid Cloud Virtual Private Cloud Personal Cloud
  14. 14. Hybrid IT Microsoft Solutions Private • • • Hybrid Support & the Commons First-party Applications Total Cost of Ownership Public • • • Hybrid Support & the Commons First-party Applications Higher-level Services
  15. 15. In the Cloud World: Size Matters • Firstly many vendors are moving to cloud hosted software • As such… – Smaller entities expected to migrate fully to the cloud (e.g. Office 365) – Medium entities will typically look at a cloud or Hybrid solutions – Larger entities may typically use Private or Hybrid solutions
  16. 16. Identity & the Microsoft Cloud • Separate credential from on-premises credential • Authentication occurs via cloud directory service • Password policy is stored in Office 365 • Does not require on-premises server deployment • Same credential as on-premises credential • Authentication occurs via on-premises directory service • Password policy is stored on-premises • Requires on-premises DirSync server • Solutions include Dirsync & Password Sync • Or Dirsync & On-premises ADFS server Single Sign On!
  17. 17. What is Windows Azure Active Directory? • Customized Version of ADLDS / ADAM • Every Office 365 Customer is an Azure AD Tennant • Designed primarily to meet the needs of cloud applications • Extends Customers Active Directory into the cloud • Think of it as a Fish on a Hook! • Identity as a service: essential part of Platform as a Service
  18. 18. Relationship to Windows Server AD • On-premises and cloud Active Directory managed as one • Directory information synchronized to cloud, made available to cloud apps via roles-based access control • Federated authentication enables single sign on to cloud applications
  19. 19. Why is WAAD So important While enterprises work to consolidate identity system on-premises, cloud apps are fragmenting identity… again
  20. 20. Knowing where your data is stored
  21. 21. Know where your Data is Stored 10 – 100 Datacenters (DCs) worldwide Multiple Content Delivery Network (CDN) “edge nodes” around the world Datacenter network conn
  22. 22. Microsoft Cloud Principles Or the Gotcha’s you need to understand!
  23. 23. Microsoft Cloud compliance ISO27001 EU Model Clauses Data Processing Agreement US Health Insurance Portability and Accountability Act EU Safe Harbor
  24. 24. Service Level Agreements (SLAs) • Contract between customers and service providers of the level of service to be provided • Contains performance metrics (e.g., uptime, throughput, response time) • Problem management details • Documented security capabilities • Contains penalties for nonperformance
  25. 25. Privacy in Office 365 & Windows Azure The Microsoft strategy for privacy is to set a “high bar” around privacy practices that support global standards for data handling and transfer No Advertising No advertising products out of Customer Data. No scanning of email or documents to build analytics or mine data. Data Portability Office 365 Customer Data belongs to the customer. Customers can export their data at any time. No Mingling Choices to keep Office 365 Customer Data separate from consumer services.
  26. 26. Comparison to the Consumer Cloud ...Everything is Cloud Cisco Confidential
  27. 27. The Consumer Cloud The Privacy Dilemma • Facebook, Google, Skype, Twitter, LinkedIn etc are all US BASED Companies. Who have access to your data? • Social-networking sites allow seemingly trivial gossip to be distributed to a worldwide audience, sometimes making people the butt of rumours shared by millions of users across the Internet • Public sharing of private lives has led to a rethinking of our current conceptions of privacy
  28. 28. Facebook Privacy…Confusing!
  29. 29. The Consumer / Public Cloud Privacy Dilemma Linked In Additionally, you grant LinkedIn a nonexclusive, irrevocable, worldwide, Facebook perpetual, unlimited, assignable, sublicenseable, fully paid up and royaltyfree right to us to copy, prepare derivative works of, improve, distribute, “You hereby grant Facebook an irrevocable, perpetual, non-exclusive, publish, remove, retain, add, process, analyze, use and commercialize, in any transferable, fully paid, worldwide license (with the right to sublicense) to (a) way now known or in the future discovered, any information you provide, use, copy, publish, stream, store, retain, publicly perform or display, transmit, directly or indirectly to LinkedIn, including but not limited to any user scan, reformat, modify, edit, frame, translate, excerpt, adapt, create generated content, ideas, concepts, techniques or data to the services, you derivative works and distribute (through multiple tiers), any User Content you submit to LinkedIn, without any further consent, notice and/or (i) Post on or in connection with the Facebook Service or the promotion compensation to you or to any third parties. Any information you submit to thereof subject only us is at your own risk of loss. to your privacy settings or (ii) enable a user to Post, including by offering a Share Link on your website and (b) to use your name, likeness and image for any purpose, including commercial or advertising, each of (a) and (b) on or in connection with the Facebook Service or the promotion thereof. You may remove your User Content from the Site at any time. If you choose to remove your User Content, the license granted above will automatically expire, however you acknowledge that the Company may retain archived copies of your User Content.”
  30. 30. Government Surveillance
  31. 31. Edward Snowden • Revealed classified NSA details of a global surveillance apparatus run by the NSA and its Five Eyes partners, and numerous commercial and international partners • Release was called the most significant leak in US history
  32. 32. Room 641A
  33. 33. Boundless Informant • Powerful data mining tool for recording and analysing of intelligence • Uses Big Data capture technology & provides near real time business intelligence to tactical & strategic decision makers • Looks for visible trends, Deep metadata extraction • Raw blob data analytics & back end processing (MapReduce, HDFS, Cloudbase)
  34. 34. The Technology behind Boundless Informant • • • • • CloudBase is an open source data warehouse system for upto Pb scale analytics Built on top of Map-Reduce architecture Analyses using ANSI SQL to directly query large-scale log files arising in web site, telecommunications or IT operations Allows you to query flat log files using ANSI SQL Visit CloudBase home page for details
  35. 35. The Technology behind Boundless Informant • MapReduce is based upon Intel’s Predictive Analytics platform for the capture and analysis of Big blob data • Combines Hardware & Apache Hadoop Software • Many applications including commercial, military, energy management etc
  36. 36. Project PRSIM
  37. 37. A word about NSA Suite B Encryption
  38. 38. Current NSA / CIA Surveillance Programs • • • • • • • • • • • • • • Aircap BlackPerl Boundless Informant Cineplex XKeyscore PRISM Creek Crossbones Cultwave Cultweave Cybertrans Dishfire Double Arrow Dragonfly • • • • • • • • • • • • • • • Wealthy Cluster Hightide Skywriter Jolly Rodger Kingfish Liquid fire Messiah Night surf Normal Run Mailorder Pinwale Taperplay Tarotcard Twisted Path Yellowstone
  39. 39. “I have nothing to hide”
  40. 40. “For to be free is not merely to cast off one's chains, but to live in a way that respects and enhances the freedom of others” Nelson Mandela
  41. 41. “If there is no right to privacy then there can be no true freedom of expression and therefore no true democracy” Dilma Vana Rousseff
  42. 42. Finding the Correct Balance! Is it right that the foundational Technologies of the Internet, Cryptographic Algorithms, Domain names, IP Address backbone be dominated by the One Nation? Perhaps Is it time for this infrastructure to be internationally managed Independently of any one Country?
  43. 43. Announcing: Microsoft Bill V2.0… A Bill in Everyone’s Home Now Everyone Can Have One….
  44. 44. "The world as we have created it is a process of our thinking. It cannot be changed without changing our thinking."
  45. 45. “It’s not about the destination. It’s about the journey”
  46. 46. Join me for my other NIC sessions… Office 365 Security Deep Dive The new Office 365 for IT Pro's Migrating to Office 365
  47. 47. Thank you Please evaluate the session before you leave 