A presentation I gave at 451's inaugural Digital Infrastructure Summit in May 2015. The basic premise is that security can actually be easier, not more difficult in the cloud. I also explain why security is often listed as a top concern with using cloud providers.
The video is also available, though I had to cut my presentation time by a third, so it doesn't go quite as deep as some of the slides might suggest. The following YouTube link drops you about 65 minutes in, which is when my talk begins.
https://youtu.be/tHkVTSfTZtA?t=3903
10. Path from traditional to private cloud
10
Physical Infrastructure/Data
Center
Applications
Operating System
Network
Hypervisor/Virtualization Layer
ManagementPlane
Customer
Responsibility
Data
New challenges &
opportunities
New Attack
Surface
11. Public IaaS: Provider vs. customer responsibilities
11
Physical Infrastructure/Data
Center
Applications
Operating System
Network
Hypervisor/Virtualization Layer
Management
Plane
Customer
Responsibility
Service Provider
Responsibility
Data
Encryption &
Tokenization
Opportunities
New Attack
Surface
12. Containers – Cloud 2.0 already?
12
Physical Infrastructure/Data
Center
Applications
Container Management
Network
Hypervisor/Virtualization Layer
ManagementPlane
Customer
Responsibility
Data
Image
Repositories
Unvalidated
Images
New
Operating
Systems
Breakout
potential
18. Servers as pets: the old model
18
Old & Busted
Attackers
Users
Support
Services
Admins
Hostname: Jabba
Uptime: 347 days
Built: Nov 2009
Built by: Brandon
Missing Patches: 49
Unique configuration
R/W
Filesystem
19. Servers as cattle: the new model
19
New & Shiny
Attackers
Users
Support
Services
Admins
Hostname: SVR129
Uptime: 9 hours
Built: Yesterday
Built by: a script
Missing Patches: 0
Non-unique config
R/W
Filesystem
R/O Filesystem