Portuguese Cloud Computing Architects - 2nd Meeting

  • 570 views
Uploaded on

My talk for the PCCA meeting, focused on security

My talk for the PCCA meeting, focused on security

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
570
On Slideshare
0
From Embeds
0
Number of Embeds
1

Actions

Shares
Downloads
10
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. - Weather forecast - partly cloudy, cooler and with some fog by Vitor Domingos weatherman
  • 2. Vitor Domingos [email_address] http://vitordomingos.com - cloud computing & security consultant - thenextweb.com editor - mobilemonday.net PT founder - videocaster (http://alt.prt.sc) - ex failed entrepreneur - ex ITIJ / MJ - ex CGD - ex forumB2B - ex Maxitel - ex Jazztel
  • 3.  
  • 4.  
  • 5.  
  • 6.  
  • 7. * as seen on regular weather channel
  • 8.  
  • 9.  
  • 10.  
  • 11.  
  • 12.  
  • 13.  
  • 14.  
  • 15.  
  • 16. Cloud Computing is ? - Network as a “cloud” - Network is the computer (SUN moto) - TCP/IP abstraction (1 st cloud) - www data abstraction (2 nd cloud) - Virtualization (3 rd cloud) Bottom line: - Virtualization done right, with webservices
  • 17. Cloud Computing is ! - on-demand self-service - ubiquitous network access - location independent resource pooling - rapid elasticity and capacity - measured service - pay as you go - abstract resources
  • 18.  
  • 19. CCaaS - Software as a Service - SalesForce - Platform as a Service - Google App Engine - Microsoft Azure - Infrastructure as a Service - Rackspace Mosso - Amazon Web Services
  • 20.  
  • 21. Cloud Computing leverages - Virtualization - Multi-Tenancy - Massive Scale - Autonomic Computing - Distributed Environment - Security Technologies - Service Oriented
  • 22.  
  • 23. Security in the Cloud
  • 24. Only the paranoid survive! - Key issues trust, trust, multi-tenancy, trust, encryption, compliance - Massive complex systems running on functional units - Certification & Audit - Loss of physical control - Interoperability - Accountability
  • 25. please, keep in mind that - Shared hell: - Hardware - Memory - Disks - NIC's (Virtual) - Cache Snooping - Hypervisor Attacks - Persistent Root Kits - Password Cracking - Broken or stolen key rings / authorization federation - Never ending logs
  • 26.  
  • 27. Great things do come - Provisioning and fault tolerance - Rapid reconstitution of services - Storage fragmented - Security layers (auth, firewall, logging, …) - Network and Security perimeters - Virtual Zoning - Think it all over again
  • 28.  
  • 29. Challenges - Data dispersal and international privacy laws - Isolation management & Multi-Tenancy - Certification (SAS 70 Type II audits and ISO 27001) - Data ownership - QoS & SLA's garantees - Secure Hypervisors - Credentials
  • 30.  
  • 31.  
  • 32. Challenges - Massive outages - Service bottle necks; DNS as your best friend - Encryption needs cloud resources, applications, storage, services - Disaster recovery and contingency plans - If you have it on Auto mode, you won't see it coming - Honey for hackers
  • 33.  
  • 34.  
  • 35.  
  • 36.  
  • 37. ToDo - Network with VPN and VLAN's - SLA's; read the fine prints - Backup and recover often; Risk assessment - Log (out of there) as if the world ended tomorrow - Plan for failure - YOU secure!!! Encrypt data before transmission!!! - Sandbox, Sandbox, Sandbox
  • 38. You're not alone - Security Groups IBM; SUN Oracle ; Amazon; PCCA; ICCV - Cloud Security Alliance (awesome guide!!) - OpenCloud Manifesto & Amazon Security Paper - Cloud Computing ML at Google Groups - Legal Cloud's - Vivek Kundra - USA CTO, did it, so as Facebook, New York Times and Nasdaq (on AWS)
  • 39.  
  • 40. Wrap up - Plan - Encrypt - Backup - Secure - Audit - Sandbox (check my sapo codebits talk) - http://codebits.sapo.pt/files/aws_23.pdf - Trust
  • 41. ? mail: [email_address] site: http://vitordomingos.com