Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

10 Step Guide to Cloud Security - 10th Magnitude - CSS Dallas Azure

177 views

Published on

10 Step Guide to Cloud Security - 10th Magnitude - CSS Dallas Azure

Published in: Technology
  • Be the first to comment

  • Be the first to like this

10 Step Guide to Cloud Security - 10th Magnitude - CSS Dallas Azure

  1. 1. AZURE SECURITY PLAYBOOK: 10 STEP GUIDE TO CLOUD SECURITY Ryan McDonald Cloud Security Practice Manager, 10th Magnitude
  2. 2. © 10th Magnitude 2017 Azure Security Playbook 10 Step Guide to Cloud Security
  3. 3. © 10th Magnitude 2017 Ryan McDonald, Director, Managed Services 10th Magnitude CISSP rmcdonald@10thmagnitude.com @rtmcdo www.linkedin.com/in/ryanmcdonald
  4. 4. © 10th Magnitude 2017 1: Rightscale: 2017 State of Cloud Survey http://www.rightscale.com/blog/cloud-industry-insights/cloud-computing-trends-2017-state-cloud-survey#hybrid-cloud Cloud adoption is growing - 90% of Fortune 500 use Microsoft Cloud
  5. 5. © 10th Magnitude 2017 1: Rightscale: 2017 State of Cloud Survey http://www.rightscale.com/blog/cloud-industry-insights/cloud-computing-trends-2017-state-cloud-survey#hybrid-cloud While cloud is growing, hybrid is the most common approach, with 67% of Enterprises adopting hybrid cloud in 2017
  6. 6. © 10th Magnitude 2017Sourc:e Gartner Reveals Top Predictions for IT Organizations and Users for 2016 and Beyond, October 2015, http://www.gartner.com/newsroom/id/3143718 “Through 2020, 95 percent of cloud security failures will be the customer's fault” – Gartner
  7. 7. © 10th Magnitude 2017 1. Old rules still apply
  8. 8. © 10th Magnitude 2017 2. 90% of breaches can be avoided if you do the simple things
  9. 9. © 10th Magnitude 2017 3. It starts with the foundation
  10. 10. © 10th Magnitude 2017
  11. 11. © 10th Magnitude 2017 4. Understand the Shift
  12. 12. © 10th Magnitude 2017
  13. 13. © 10th Magnitude 2017
  14. 14. © 10th Magnitude 2017 anti
  15. 15. © 10th Magnitude 2017 Identity
  16. 16. © 10th Magnitude 2017 built-in
  17. 17. © 10th Magnitude 2017
  18. 18. © 10th Magnitude 2017 partner
  19. 19. © 10th Magnitude 2017 DevOps build in
  20. 20. © 10th Magnitude 2017 roadmap
  21. 21. © 10th Magnitude 2017 Thank you! More information @ 10thmagnitude.com
  22. 22. © 10th Magnitude 2017 Appendix
  23. 23. © 10th Magnitude 2017 23 1. Don't forget what has served us well (Old rules still apply) § People Process and Technology § Risk based approach § Use Principle of Lease Privilege 2. 90% of breaches can be avoided if you do the simple things § Harden OS & Patch <https://www.cisecurity.org/cis-hardened-images-now-in-microsoft-azure-marketplace/> § Control Identity <https://docs.microsoft.com/en-us/azure/security/azure-security-identity-management-best-practices> § Current anti-virus and anti-malware <https://docs.microsoft.com/en-us/azure/security/azure-security-antimalware> § Monitor <https://docs.microsoft.com/en-us/azure/log-analytics/log-analytics-overview> 10 STEP GUIDE TO CLOUD SECURITY APPENDIX
  24. 24. © 10th Magnitude 2017 24 3. It starts with the foundation § Azure Scaffold <https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-manager-subscription-governance> 4. Understand the Shift § Shared Responsibility Model <https://cloudsecurityalliance.org/group/cloud-controls-matrix/> <https://blogs.msdn.microsoft.com/azuresecurity/2016/04/18/what-does-shared-responsibility-in-the-cloud-mean/> <https://gallery.technet.microsoft.com/Shared-Responsibilities-81d0ff91> <https://www.microsoft.com/en-us/trustcenter/stp/default.aspx> 5. Look for the anti-patterns 10 STEP GUIDE TO CLOUD SECURITY APPENDIX
  25. 25. © 10th Magnitude 2017 25 6. Identity is the new Perimeter § Protect all identities regardless of their privilege level § Proactively prevent compromised identities from being abused <https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/active-directory-securing-privileged-access> <https://docs.microsoft.com/en-us/azure/active-directory/active-directory-identityprotection> <https://docs.microsoft.com/en-us/azure/active-directory/active-directory-identityprotection> <https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/active-directory-securing-privileged-access> <https://docs.microsoft.com/en-us/azure/active-directory/active-directory-conditional-access-azure-portal> <https://gallery.technet.microsoft.com/eBook-Defending-the-New-dcd58679> 7. Leverage Built in Security § Azure Security Center <https://docs.microsoft.com/en-us/azure/security-center/security-center-partner-integration> <https://docs.microsoft.com/en-us/azure/security-center/security-center-intro> <https://docs.microsoft.com/en-us/azure/security-center/security-center-detection-capabilities> 10 STEP GUIDE TO CLOUD SECURITY APPENDIX
  26. 26. © 10th Magnitude 2017 26 8. Leverage partner offerings for advanced security and compliance 9. Work with DevOps teams to build in security <https://github.com/azsdk/azsdk-docs> <https://azure.microsoft.com/en-us/services/azure-policy/> 10. Understand the roadmap <https://azure.microsoft.com/en-us/blog/> <https://cloudblogs.microsoft.com/microsoftsecure/ > <https://blogs.technet.microsoft.com/msoms/> <https://cloudblogs.microsoft.com/hybridcloud/> <https://blogs.technet.microsoft.com/> <https://blogs.msdn.microsoft.com/cloud_solution_architect/> <https://cloudblogs.microsoft.com/enterprisemobility/author/brad-anderson/> <https://blogs.technet.microsoft.com/heyscriptingguy/> <https://azure.microsoft.com/en-us/blog/topics/virtual-machines/> <https://blogs.technet.microsoft.com/hybridcloudbp/> 10 STEP GUIDE TO CLOUD SECURITY APPENDIX

×