• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Securing Your Data In The Cloud
 

Securing Your Data In The Cloud

on

  • 2,394 views

Introduction to data security in the cloud.

Introduction to data security in the cloud.

Statistics

Views

Total Views
2,394
Views on SlideShare
2,374
Embed Views
20

Actions

Likes
0
Downloads
79
Comments
1

3 Embeds 20

http://www.slideshare.net 8
http://www.linkedin.com 8
https://www.linkedin.com 4

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel

11 of 1 previous next

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
  • Have you updated this? Nice overview whether you did or not.

    Any insight on fourth Amendment issues w/ government entities accessing your data since you stored it on a 3rd-party's equipment?
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Securing Your Data In The Cloud Securing Your Data In The Cloud Presentation Transcript

    • Securing your Data in the Cloud Omer Trajman Sr. Dir. for Cloud and Virtualization Vertica Systems [email_address]
    • Something old…Something new
      • Before we jump in what do we mean “ Cloud ?”
      • Oh….and what do we mean “ securing ?”
      • Plus ça change…
      • Tools of the trade
      • Key takeaways
    • What is….Cloud?
      • What are Cloud Services?
      • Other Peoples’ Software
      • What are Cloud Platforms?
      • Other Peoples’ Frameworks
      • What is Cloud Infrastructure?
      • Other Peoples’ Hardware
    • Security is a Tradeoff
      • “ Security costs money, but it also costs in time, convenience, capabilities,… ”
      • -Bruce Schneier
      • Assess how important it is to secure your data
      • What are the risks with in-house and cloud?
      • Why not keep it under your mattress ?
    • Data Security 101
      • Confidential and Proprietary
      • Secure Communications
      • On Disk Encryption
      • Private Key Cryptography
      • Timeliness of Data
    • History of Keeping Secrets
      • Greeks use coded messages during wartime
      • Manuscript for the Deciphering Cryptographic Messages was written circa 800 AD
      • Computer Science was nurtured during the World Wars to keep communications secure
      • In 1970 IBM invented DES for the NIST to support secure financial transactions
      • In 1976 Diffie and Hellman introduced asymmetric key exchange
    • What do we keep Secure Today?
      • Most Security and Military Information
      • Some Financial Data
      • Some Personal Information
      • Some Business Information
    • Tools of the Trade
      • Key Algorithms
        • AES, Blowfish, RSA, DH
      • Encryption in Place
        • PGP, FileVault, Firmware
      • Secure Transmission
        • SSL, VPN, SSH
      • Firewalls
        • Comes with your OS
    • Securing the Cloud
      • Create a VPN
      • Firewall the host
      • Encrypt the disk
      • Consider where to keep sensitive data
    • Virtual Private Network
      • Why
        • Secure communication between your enterprise and cloud infrastructure
      • What
        • OpenVPN, Checkpoint, Cisco, CohesiveFT
      VPN
    • Virtual Private Network
      • How
        • VPN Server in your enterprise
        • Cloud machine configure to connect over VPN to a server in your enterprise
        • Client keys deployed to cloud machines
      • Challenges
        • Provisioning VPN client software
        • Key management for Cloud machines
        • Failover if Cloud machines fail
      • Why
        • Guard against intrusion, enforce network policies
      • What
        • IaaS provided, OS Built-in, Checkpoint
      Firewall VPN
    • Firewall
      • How
        • For IaaS there is an API (e.g. Amazon EC2 groups) that controls network access
        • Linux Firewall or iptables configuration
      • Challenges
        • Complex port requirements (e.g. ssh internally and https externally)
        • Subtleties in configuration files can lead to a susceptible host
    • Encryption
      • Why
        • Prevent malicious or accidental data leaks
      • What
        • Truecrypt, Encfs, CryptoFS, NTFS Encryption
      1, Jonathan 2, Susan 3, David 03Wea91ab05841fe1oFVDxa2x99G
    • Encryption
      • How
        • DIY – install an encrypted volume on the host
        • May come as an IaaS option
      • Challenges
        • Key management
        • Complicates host setup
        • Incremental backup/recovery
    • What about Securing Resources?
      • Don’t use passwords (use public/private keys)
      • Open minimal ports (use dedicated servers)
      • Monitor your system (tripwire, OSSEC)
      • Use configuration tools (FireHOL, Bastille)
      • Keep Backups (and keep them secure)
      Client Server Data
    • Future Developments
      • Cloud offerings are constantly changing
      • Management as a Service providers will facilitate setup configurations
      • Security will become an integrated offering
      • Best practices for Cloud security are growing out of enterprise and web security expertise
    • Key Takeaways
      • Security is a trade off
      • Use the same tools in the cloud
      • VPN, Firewall, Encrypt…Detect and Backup
      • Look for solutions from your provider
      • Check your service agreement
    • References
      • Twenty Rules for Amazon Cloud Security (George Reese, O’Reilly)
      • Three tools to help you configure iptables (Chris Lynch, Linux.com)
      • Disk Encryption Tools for Linux
      • (Justin Krelc and Ed Tittel, All about Linux)
      • VPN labs
      • Amazon Security Whitepaper
      • thank you – omer@vertica.com