Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

CloudHealth Boston Presentation

46 views

Published on

CloudHealth Boston Presentation

Published in: Technology
  • Be the first to comment

  • Be the first to like this

CloudHealth Boston Presentation

  1. 1. CLOUD SECURITY THROUGH EFFECTIVE GOVERNANCE Adam Schepis
  2. 2. @aschepis adam@cloudhealthtech.com Adam has 15+ years of experience building high- quality, secure software for consumers and enterprises and nearly a decade of experience working in the security industry. At CloudHealth Technologies, Adam focuses on providing enterprises with an exceptional platform for enabling governance, policies, automation, and security in the cloud. Who am I?
  3. 3. Who is CloudHealth Technologies? • Deep Domain Expertise • $86 Million in Venture Capital Raised • 600+ Direct Customers • 1,500+ Channel Customers through 85+ Partners • 200+ Employees • Headquartered in Boston, MA • Offices located in San Francisco, Washington DC, London, Amsterdam, Tel Aviv, Sydney, & Singapore
  4. 4. million 1.1 99.99% yearly platform uptime 600 assets PER MONTH… $50 million in monthly RI purchases 1.2 million policies evaluated 365,000 emails sent PER DAY… 14 million instances 600PB S3 usage 8TB bills processed 400,000 perspectives / groups 305,000 cubes generated 3,000 reports generated billion API calls $3.8 in cloud spend managed per year billion Our Management Metrics
  5. 5. Customer Success
  6. 6. • Management of resources has been decentralized • Growing complexity gap necessitates new tools. • Centralized governance has never been more important Decentralized management Centralized Governance
  7. 7. Security Policies We know the tools, BUT • WHAT are the things I need to inspect? • WHERE are they? • WHO owns them? • HOW do we ensure they are tested frequently and monitored continuously? • Centralized Governance Tools - Discover surface area - Aid in definition of attack vectors - Help identify owners • Policies - Automatically discover new assets - Continuously evaluate
  8. 8. • Identify scenarios that aren’t directly security related but may indicate a problem • Anomaly detection - Types of assets being used - Patterns of create/destroy for assets - Network connectivity patterns (in/out) - Disk I/O patterns Indicators Operation Policies
  9. 9. • Continuous Scanning for compliance to IT standards - Tagging compliance - Configuration changes • security groups • user privileges • blob store exposure - API key usage/rotation • Patching • Required software (firewalls, etc) Keeping things in line Compliance Policies
  10. 10. Storing and Analyzing Policy Results
  11. 11. • Great security tools will detect an issue, fix it, and then tell you what happened • Cloud governance is no different • Don't constantly hunting for a new needle in the haystack - Let tools do that for you • Automation lets you constantly monitor, remediate, and alert You can't manage by exception Automation
  12. 12. • Training/Certification • Metrics driven • KPIs include: # of people trained # of people AWS certified # of workloads moved to the cloud # of assets and cost # of policies in compliance Cloud Center of Excellence
  13. 13. Cloud Steward Role • Cross-functional role • Responsible for ongoing optimization and governance • Help to bring groups together to and define and manage security automation policies, cost, usage, and performance across environments • Make recommendations on capacity planning, modeling, and forecasting • This is the person who wakes up every morning thinking about ways to improve how the organization utilizes the cloud in a secure, low-friction, cost-effective way. Operations Cloud Steward Finance Engineering/ IT/Ops LOBs
  14. 14. • Complexity gap has made cloud security and governance a challenge. • Effective governance contributes to improving overall security posture in the cloud • Having a corporate Cloud Steward is a critical role when building out a large, efficient, secure, dynamic cloud infrastructure. In Summary
  15. 15. Questions?
  16. 16. Thank you! Adam Schepis @aschepis adam@cloudhealthtech.com

×