Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Practicing Security in Public Clouds


Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Practicing Security in Public Clouds

  1. 1. Gilad Parann-Nissany<br /><br />June 2nd, 2010<br />Practicing Security in Public Clouds<br />6/25/2010<br />Copyright 2009, 2010 ©Porticor<br />
  2. 2.<br />6/25/2010<br />Copyright 2009, 2010 ©Porticor<br />
  3. 3. Public Clouds and FUD<br />6/25/2010<br />Copyright 2009, 2010 © Porticor<br />Pay as you go<br />Reasonable cost<br />On-demand<br />Self service<br />Elastic<br />Scale<br />My precious data in a public place?<br />Who do I trust?<br />How easy to hack?<br />Is encryption enough?<br />Can I control it?<br />Many considerations exist even before clouds<br />Some considerations really are new<br />
  4. 4. How much security do I need?<br />6/25/2010<br />Copyright 2009, 2010 ©Porticor<br />
  5. 5. Modern threats…Its far too easy to be a bad guy<br />Hacking is a business today, often involving professional criminals<br />Interesting fact: biggest cloud in the world belongs to the crooks<br />Number of Systems: 6,400,000<br />Number of CPUs: 18,000,000+<br />Bandwidth: 28 Terabits <br />Facilities: 230 Countries<br />…the Conficker worm <br />6/25/2010<br />Copyright 2009, 2010 ©Porticor<br />R. Joffe<br />
  6. 6. Security…<br />6/25/2010<br />Copyright 2009, 2010 ©Porticor<br />by clarity<br />
  7. 7. Applying Security Concepts to Public Clouds<br />Secure distributed data storage<br />Keys management<br />Hypervisors and virtual machines<br />Intrusion Detection and Prevention (IDS/IPS)<br />Logging and Log forensics<br />Security Information Management<br />Identity Access Management<br />Policy management<br />Denial of Service prevention<br />Web Application Firewall<br />Firewall<br />Virtual Private Networks<br />Encryption<br />Database Firewall<br />Data Leak Prevention<br />Scanning for exploits<br />Scanning for virus<br />Physical security<br />…<br />6/25/2010<br />Copyright 2009, 2010 ©Porticor<br />demo<br />*courtesy CSA<br />
  8. 8. Understand the value of your data and service: sec should be cost effective<br />Understand your complete problem domain<br />Governance & Measurement<br />Architecture & Technology<br />Specifics of your application<br />Answers<br />Some are known already<br />Some are truly new<br />Cloud Operations really is new!<br />Map out – what’s relevant for you<br />Roll your own – or work with someone who has experience?<br /><br />6/25/2010<br />Copyright 2009, 2010 ©Porticor<br />