SlideShare a Scribd company logo

8 Elements of Multi-Cloud Security

RightScale
RightScale

In today’s cloud-first environment, enterprises are embracing a heterogeneous cloud strategy that spans multiple public clouds as well as private clouds. This creates complexities for enterprise IT teams who need to ensure security across all of their applications and all of their infrastructure resources. This webinar will help you understand how to approach multi-cloud security.

Technology
1 of 43
Download to read offline
8 ELEMENTS OF MULTI-CLOUD SECURITY 1
o Bart Falzarano • Director, Security and Compliance, RightScale o Ryan Geyer • Cloud Solutions Architect, RightScale Panelists
POLLING QUESTIONS
o The State of Multi-Cloud Security o How to Think About Multi-Cloud Security o 8 Elements • Visibility • Identity and Access Control • Workload Security • Data Security • Network Security • Business Continuity/Disaster Recovery • Audit • Compliance Agenda
82% of Enterprises Want Multi-Cloud Single private 5% Single public 10% No plans 3% Multiple private 14% Multiple public 13% Hybrid cloud 55% 82% Enterprise Cloud Strategy 1000+ employees Multi-Cloud 82% Source: RightScale 2015 State of the Cloud Report
17% 21% 21% 18% 24% 17% 26% 17% 23% 24% 25% 25% 27% 28% Performance Governance/control Managing costs Managing multiple cloud services Compliance Lack of resources/expertise Security Cloud Challenges 2015 vs. 2014 % of Respondents Reporting These As Significant Challenges 2015 2014 Security Remains #1 Challenge Source: RightScale 2015 State of the Cloud Report
Decentralized Cloud Management 7
Security Features Vary by Cloud 8 Security Features AWS Azure Google IAM ✔ ✔ ✔ Encryption in DBaaS ✔ ✔ ✔ Key Management as a Service ✔ ✔ Hardware Key Management ✔ Security Assessment ✔ ✔ Configuration Governance ✔ ✔ Audit Trails ✔ ✔ ✔
Cloud Security Ecosystem Cloud Provider Enterprise RightScale 3rd Party Vendors Plan for a Cloud Security Ecosystem • CMDB • SIEM /Logging / Auditing • IdP • Configuration Management • Orchestration Workflows • Web Application Firewalls • File-Integrity Monitoring • Continuous Integration • Source Code Repositories
Options Abound o RightScale provides visibility, governance, auditing across clouds o Cloud providers offer cloud-specific security options o 3rd party vendors offer multi-cloud options o Ability for segregation of duties: encryption provider vs cloud storage provider Capability Who? Encrypt data in transit Vendor, Enterprise Encrypt data at rest Vendor, Cloud, Enterprise Secure communications RightScale, Cloud, Enterprise, Vendor Systems Configuration /Network segmentation Cloud, Enterprise, RightScale Integrate with IAM RightScale, Cloud, Enterprise, Vendors Privileged identity management RightScale, Cloud, Enterprise Backup/Replicate data RightScale, Cloud, Enterprise, Vendor Coordinate BC & DR RightScale, Cloud, Enterprise, Vendor Log cloud activity RightScale, Cloud, Enterprise, Vendor Shared Responsibility for Cloud Security
#1: VISIBILITY
Visibility • Can you see all your cloud accounts and instances? • Connect to all your clouds • Gain visibility to all your accounts You Can’t Control What You Can’t See 12 Many Accounts Across Clouds AWS Azure Google CloudStack OpenStack vSphere Account Account Account Account Account Account Account Account Account Account Account Account Account Account Account Account Account AccountAccount
Single pane of glass • Multi-cloud access • Public clouds • Private clouds • Virtualized • Control access • Standardize configuration • Patch and update • Audit trails RightScale: Multi-Cloud Visibility 13 AWS Azure Google CloudStack OpenStack vSphere
#2: IAM
• Mostly the same • Govern and enforce user access • Configure Role Management • Context Based Access Control • Enable Audit reporting • 3rd Party Identity Providers • SSO SAML, MFA, Oauth, ADFS • But… • How do you handle multiple clouds and accounts? • So how do you control cloud credentials? Considerations for IAM in Cloud 15 “Should this person (user) who performs this job function and therefore has these roles assigned (role) be allowed to access this type of data as it applies to this particular account (context)?”
Current state • CSPs follow proprietary schemes to support user provisioning and lifecycle management of user profiles • IAM Integrations accomplished through grafts and tie-ins • What’s the state of IAM for difference cloud providers? • Not all have IAM services for all features. • How do you manage multiple clouds? • Centralize control through your CMP • Limit users that can go directly to cloud accounts • AD Agents/Connectors • Okta, Ping Identity, OneLogin • Enterprise Directory Services • Active Directory Federation Services ADFS/ SAML integration Multi-Cloud IAM 16
Challenges • Difficult to implement, manage, and support • Difficult to scale and/ or extend to other CSPs • No direct coupling between AD and AWS IAM Integrating IAM 17 ADFS AWS STS A D SQ L 1 2 3 4 5 6 Your Environment SAML 7 AWS AWS account 123456789012 AWS account 111122223333 IAM roles=> ADFS-Production ADFS-DEV IAM roles=> ADFS-Production ADFS-DEV IAM role=> ADFS-DEV IAM role=> ADFS-DEV AWS account 777788889999 AWS account 444455556666 AD group memberships=> AWS-Production AWS-DEV User object attribute 123456789012 111122223333
What you get: • Aggregate accounts across clouds • Hierarchical organization of accounts • Security and access controls • SSO integration RightScale Multi-Cloud Access Controls 18 User BUser A User EUser DUser C Enterprise Account Cloud Account Cloud Account Cloud Account Cloud Account Cloud Account Cloud Account Account 2Account 1 RightScale Access Control Authenticate with passwords or SSO Authenticate with cloud credentials
#3: WORKLOAD SECURITY
Enforce Policies • Catalog of templates that meet corporate standards • Configured to your security requirements • Define which clouds can be used • Control user options and choices • Orchestrate and automate deployment and operations Workload Security: From Rogue to Policy-Based 20 Basic instances Stacks for Dev or Prod Applications
Standardization • Automate provisioning and configuration • Version-controlled • Follow standards for versions, patches and configuration • Leverage a variety of scripting languages • Modular and auditable • Define Security Configuration Baselines Standardize Server Configurations AWS Azure Google CloudStack OpenStack vSphere Multi-Cloud Image Configuration Scripts Containers 21
Standardize System Configurations 22 Load Balancers App Servers Master DB Slave DB Replicate > DNS Configure a system: Cloud Application Template (CAT) Configure a server: • ServerTemplates (portable) • Docker container (portable) • AMI • CloudFormation • VM template
Increase IT efficiency o Bring your own configuration management o Clone existing architectures o Updates and patches o Monitor and alert o Auto-scale up and down Patch and Update
• Asymmetric keys private/public • Key Management • NISTIR 7966 http://tinyurl.com/lhtujnv • Key storage options • Key Management-as-a-Service • AWS, Azure • Multi-tenant • Hardware Security Modules • On-premise • Cloud services (AWS) • RightScale • Encryption of keys -MUST Key Management 24
#4: DATA SECURITY
Compliance Requirements • PCI E-Commerce • HIPAA / PHI/ 21CFR11 • NPI / PII • FTI IRS PUB1075 • MPAA • Data Protection / Encryption • In-transit: MUST • At rest: MUST • In process: DEPENDS • Considerations in the Cloud • Select the right cloud provider • Some cloud providers encrypt by default • Review their security documents • Most Cloud Providers will sign BAA • Segregate workloads Data Security 26
Data Residency with a Global Cloud Platform Amazon Web Services Google Cloud Platform IBM SoftLayer Rackspace Windows Azure Public Clouds Singapore Hong Kong Japan Texas DC Area SF Area Seattle Chicago Dublin London Amsterdam Oregon São Paulo Midwest Beijing Sydney W Europe Private Clouds CloudStack OpenStack vSphere Melbourne Toronto Mexico City Taiwan 27
• Data privacy legislation differs around the world • Evaluate encryption options where you manage the keys (a la Amazon Aurora) so vendor can’t give data in case of subpoena • What is the CSP’s data retention period? • What country is the CSP headquartered out of? • Which jurisdiction covers the contract between you and the CSP? Data Residency: Impact of Safe Harbor 28
#5: NETWORK SECURITY
• HTTPS / TLS • SSL? • IP address Whitelisting • VPN IPSEC • VPC (AWS) Securely Connecting to Cloud
• AWS DirectConnect • Azure ExpressRoute • Google Carrier Interconnect • SoftLayer DirectLink Direct Connection Options 31 AWS Cage Customer Cage AWS Direct Connect Azure Cage Customer Cage Azure ExpressRoute
Comply with policies • Quickly Audit Security Groups • Interactive Network Visualization • Maintain Security and Compliance Network Visibility 32
#6: BUSINESS CONTINUITY & DISASTER RECOVERY
34 SLAs by Cloud Certification AWS Azure Google SoftLayer Uptime SLA 99.95% 99.95% 99.95% 100% Max SLA Credit on monthly bill 30% 25% 50% 5% per 30 minutes downtime Downtime Calculation Any minutes downtime Any minutes downtime 5+ consecutive minutes downtime 30+ consecutive minutes downtime
Architect for SLAs • HA/DR reference architectures • Cross-region and cross- cloud • Auto-scale to meet demand • Hybrid cloudbursting • Monitor and automate failover • Hot, warm, and cold DR scenarios Implement DR Architectures for your Apps 35 Load Balancers App Servers Slave DB Master DB App Servers Slave DB < Replicate Replicate > Load Balancers PRIMARY WARM DR DNS
Ensure availability o Separate management plane from cloud and cloud applications o RightScale platform is fully redundant o Automate failover processes for hot, warm or cold DR Outage-Proof with Independent Control Plane
#7: AUDIT
38 o Cloud Trails o Azure Diagnostics o Google Cloud Logging (beta) o SoftLayer Audit Trails What Audit Tools by Provider?
Approach: • Feed audit trails from individual clouds to SIEM • Feed audit trails from CMP to SIEM Multi-Cloud Logging and Audit Trails 39 Cloud Management Platform Cloud SIEM Cloud Cloud Cloud Cloud Cloud
Ensure compliance o See who changed what and when o Provide audit logs and reports to satisfy regulators o Available via API to integrate with other systems Gain Visibility with Audit Trails
#8: COMPLIANCE
Cloud Provider Certifications Matrix 42 Certification AWS Azure Google SoftLayer PCI DSS1     HIPAA     SSAE16 SOC1 (Type II)     SSAE16 SOC2 (Type II)     SSAE16 SOC3 (Type II)     ISO 27001     ISO 27017  ISO 27018    CSA    FedRAMP   In process  FISMA    
• RightScale Certifications • State of the Cloud Report • www.rightscale.com/2015-cloud-report • Private and Hybrid Cloud Whitepaper • www.rightscale.com/private-hybrid-cloud-whitepaper Questions? 43 SSAE16 SOC1 and SOC2 Type II PCI DSS SAQ C CompliantU.S.-EU Safe Harbor Framework and U.S.-Swiss Safe Harbor Framework

Recommended

How to Manage VMware vSphere Like AWS and Azure
How to Manage VMware vSphere Like AWS and AzureHow to Manage VMware vSphere Like AWS and Azure
How to Manage VMware vSphere Like AWS and AzureRightScale
 
How 2015 Cloud Trends Should Impact Your 2016 Cloud Strategy
How 2015 Cloud Trends Should Impact Your 2016 Cloud StrategyHow 2015 Cloud Trends Should Impact Your 2016 Cloud Strategy
How 2015 Cloud Trends Should Impact Your 2016 Cloud StrategyRightScale
 
The Path to Broker Cloud Services
The Path to Broker Cloud ServicesThe Path to Broker Cloud Services
The Path to Broker Cloud ServicesRightScale
 
Beyond PaaS v.s IaaS: How to Manage Both
Beyond PaaS v.s IaaS: How to Manage BothBeyond PaaS v.s IaaS: How to Manage Both
Beyond PaaS v.s IaaS: How to Manage BothRightScale
 
Successful Cloud Orchestration with RightScale CMP
Successful Cloud Orchestration with RightScale CMPSuccessful Cloud Orchestration with RightScale CMP
Successful Cloud Orchestration with RightScale CMPRightScale
 
How to Manage Clouds, VMs and Bare Metal via RightScale
How to Manage Clouds, VMs and Bare Metal via RightScaleHow to Manage Clouds, VMs and Bare Metal via RightScale
How to Manage Clouds, VMs and Bare Metal via RightScaleRightScale
 
7 Common Questions About a Cloud Management Platform
7 Common Questions About a Cloud Management Platform7 Common Questions About a Cloud Management Platform
7 Common Questions About a Cloud Management PlatformRightScale
 
Best Practices for Your CMP RFP or RFI
Best Practices for Your CMP RFP or RFIBest Practices for Your CMP RFP or RFI
Best Practices for Your CMP RFP or RFIRightScale
 

Recommended

How to Manage VMware vSphere Like AWS and Azure
How to Manage VMware vSphere Like AWS and AzureHow to Manage VMware vSphere Like AWS and Azure
How to Manage VMware vSphere Like AWS and AzureRightScale
 
How 2015 Cloud Trends Should Impact Your 2016 Cloud Strategy
How 2015 Cloud Trends Should Impact Your 2016 Cloud StrategyHow 2015 Cloud Trends Should Impact Your 2016 Cloud Strategy
How 2015 Cloud Trends Should Impact Your 2016 Cloud StrategyRightScale
 
The Path to Broker Cloud Services
The Path to Broker Cloud ServicesThe Path to Broker Cloud Services
The Path to Broker Cloud ServicesRightScale
 
Beyond PaaS v.s IaaS: How to Manage Both
Beyond PaaS v.s IaaS: How to Manage BothBeyond PaaS v.s IaaS: How to Manage Both
Beyond PaaS v.s IaaS: How to Manage BothRightScale
 
Successful Cloud Orchestration with RightScale CMP
Successful Cloud Orchestration with RightScale CMPSuccessful Cloud Orchestration with RightScale CMP
Successful Cloud Orchestration with RightScale CMPRightScale
 
How to Manage Clouds, VMs and Bare Metal via RightScale
How to Manage Clouds, VMs and Bare Metal via RightScaleHow to Manage Clouds, VMs and Bare Metal via RightScale
How to Manage Clouds, VMs and Bare Metal via RightScaleRightScale
 
7 Common Questions About a Cloud Management Platform
7 Common Questions About a Cloud Management Platform7 Common Questions About a Cloud Management Platform
7 Common Questions About a Cloud Management PlatformRightScale
 
Best Practices for Your CMP RFP or RFI
Best Practices for Your CMP RFP or RFIBest Practices for Your CMP RFP or RFI
Best Practices for Your CMP RFP or RFIRightScale
 
How to Find and Fix Waste to Optimize Your Cloud Spend
How to Find and Fix Waste to Optimize Your Cloud SpendHow to Find and Fix Waste to Optimize Your Cloud Spend
How to Find and Fix Waste to Optimize Your Cloud SpendRightScale
 
Cloud Trends for 2017 and Actions You Can Take Now
Cloud Trends for 2017 and Actions You Can Take NowCloud Trends for 2017 and Actions You Can Take Now
Cloud Trends for 2017 and Actions You Can Take NowRightScale
 
Top 10 Cloud Trends for 2018 and Actions You Can Take Now
Top 10 Cloud Trends for 2018 and Actions You Can Take NowTop 10 Cloud Trends for 2018 and Actions You Can Take Now
Top 10 Cloud Trends for 2018 and Actions You Can Take NowRightScale
 
Get Started Today with Cloud-Ready Contracts | AWS Public Sector Summit 2017
Get Started Today with Cloud-Ready Contracts | AWS Public Sector Summit 2017Get Started Today with Cloud-Ready Contracts | AWS Public Sector Summit 2017
Get Started Today with Cloud-Ready Contracts | AWS Public Sector Summit 2017Amazon Web Services
 
Multi-Cloud Management with RightScale CMP (Demo)
Multi-Cloud Management with RightScale CMP (Demo)Multi-Cloud Management with RightScale CMP (Demo)
Multi-Cloud Management with RightScale CMP (Demo)RightScale
 
Automating Cloud Operations: Tips from Managed Services
Automating Cloud Operations: Tips from Managed ServicesAutomating Cloud Operations: Tips from Managed Services
Automating Cloud Operations: Tips from Managed ServicesAngela_Tripp
 
Using RightScale CMP with Cloud Provider Tools
Using RightScale CMP with Cloud Provider ToolsUsing RightScale CMP with Cloud Provider Tools
Using RightScale CMP with Cloud Provider ToolsRightScale
 
Cloud Orchestration with RightScale Cloud Workflow
Cloud Orchestration with RightScale Cloud WorkflowCloud Orchestration with RightScale Cloud Workflow
Cloud Orchestration with RightScale Cloud WorkflowRightScale
 
Best Practices in Planning a Large-Scale Migration to AWS - May 2017 AWS Onli...
Best Practices in Planning a Large-Scale Migration to AWS - May 2017 AWS Onli...Best Practices in Planning a Large-Scale Migration to AWS - May 2017 AWS Onli...
Best Practices in Planning a Large-Scale Migration to AWS - May 2017 AWS Onli...Amazon Web Services
 
How MSPs Can Be Successful in AWS, Azure, and Google Clouds
How MSPs Can Be Successful in AWS, Azure, and Google CloudsHow MSPs Can Be Successful in AWS, Azure, and Google Clouds
How MSPs Can Be Successful in AWS, Azure, and Google CloudsRightScale
 
Ten Ways to Optimize Costs on Public and Private Clouds
Ten Ways to Optimize Costs on Public and Private CloudsTen Ways to Optimize Costs on Public and Private Clouds
Ten Ways to Optimize Costs on Public and Private CloudsRightScale
 
RightScale Webinar: Hybrid-IT: Connecting Your On-Premises Infrastructure Wit...
RightScale Webinar: Hybrid-IT: Connecting Your On-Premises Infrastructure Wit...RightScale Webinar: Hybrid-IT: Connecting Your On-Premises Infrastructure Wit...
RightScale Webinar: Hybrid-IT: Connecting Your On-Premises Infrastructure Wit...RightScale
 
How to Report and Optimize Cloud Costs Across All Your Clouds by RightScale
How to Report and Optimize Cloud Costs Across All Your Clouds by RightScale How to Report and Optimize Cloud Costs Across All Your Clouds by RightScale
How to Report and Optimize Cloud Costs Across All Your Clouds by RightScaleRightScale
 
AWS re:Invent 2016: Partner-Led Migrations to AWS Starting with the Enterpris...
AWS re:Invent 2016: Partner-Led Migrations to AWS Starting with the Enterpris...AWS re:Invent 2016: Partner-Led Migrations to AWS Starting with the Enterpris...
AWS re:Invent 2016: Partner-Led Migrations to AWS Starting with the Enterpris...Amazon Web Services
 
Accelerating YourBusiness with Security
Accelerating YourBusiness with SecurityAccelerating YourBusiness with Security
Accelerating YourBusiness with SecurityAmazon Web Services
 
Cloud Lessons Learned: 3 Cloud Case Studies
Cloud Lessons Learned: 3 Cloud Case StudiesCloud Lessons Learned: 3 Cloud Case Studies
Cloud Lessons Learned: 3 Cloud Case StudiesRightScale
 
AWS re:Invent 2016: [JK REPEAT] The Enterprise Fast Lane - What Your Competit...
AWS re:Invent 2016: [JK REPEAT] The Enterprise Fast Lane - What Your Competit...AWS re:Invent 2016: [JK REPEAT] The Enterprise Fast Lane - What Your Competit...
AWS re:Invent 2016: [JK REPEAT] The Enterprise Fast Lane - What Your Competit...Amazon Web Services
 
Managing Container-as-a-Service and Docker Clusters in the Cloud with RightScale
Managing Container-as-a-Service and Docker Clusters in the Cloud with RightScaleManaging Container-as-a-Service and Docker Clusters in the Cloud with RightScale
Managing Container-as-a-Service and Docker Clusters in the Cloud with RightScaleRightScale
 
Got a Multi-Cloud Strategy? How RightScale CMP Helps
Got a Multi-Cloud Strategy? How RightScale CMP HelpsGot a Multi-Cloud Strategy? How RightScale CMP Helps
Got a Multi-Cloud Strategy? How RightScale CMP HelpsRightScale
 
Cloud Migration and Portability (with and without Containers)
Cloud Migration and Portability (with and without Containers)Cloud Migration and Portability (with and without Containers)
Cloud Migration and Portability (with and without Containers)RightScale
 
RightScale Webinar: Security and Compliance in the Cloud
RightScale Webinar: Security and Compliance in the CloudRightScale Webinar: Security and Compliance in the Cloud
RightScale Webinar: Security and Compliance in the CloudRightScale
 
Multi cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCPMulti cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCPFaiza Mehar
 

More Related Content

What's hot

How to Find and Fix Waste to Optimize Your Cloud Spend
How to Find and Fix Waste to Optimize Your Cloud SpendHow to Find and Fix Waste to Optimize Your Cloud Spend
How to Find and Fix Waste to Optimize Your Cloud SpendRightScale
 
Cloud Trends for 2017 and Actions You Can Take Now
Cloud Trends for 2017 and Actions You Can Take NowCloud Trends for 2017 and Actions You Can Take Now
Cloud Trends for 2017 and Actions You Can Take NowRightScale
 
Top 10 Cloud Trends for 2018 and Actions You Can Take Now
Top 10 Cloud Trends for 2018 and Actions You Can Take NowTop 10 Cloud Trends for 2018 and Actions You Can Take Now
Top 10 Cloud Trends for 2018 and Actions You Can Take NowRightScale
 
Get Started Today with Cloud-Ready Contracts | AWS Public Sector Summit 2017
Get Started Today with Cloud-Ready Contracts | AWS Public Sector Summit 2017Get Started Today with Cloud-Ready Contracts | AWS Public Sector Summit 2017
Get Started Today with Cloud-Ready Contracts | AWS Public Sector Summit 2017Amazon Web Services
 
Multi-Cloud Management with RightScale CMP (Demo)
Multi-Cloud Management with RightScale CMP (Demo)Multi-Cloud Management with RightScale CMP (Demo)
Multi-Cloud Management with RightScale CMP (Demo)RightScale
 
Automating Cloud Operations: Tips from Managed Services
Automating Cloud Operations: Tips from Managed ServicesAutomating Cloud Operations: Tips from Managed Services
Automating Cloud Operations: Tips from Managed ServicesAngela_Tripp
 
Using RightScale CMP with Cloud Provider Tools
Using RightScale CMP with Cloud Provider ToolsUsing RightScale CMP with Cloud Provider Tools
Using RightScale CMP with Cloud Provider ToolsRightScale
 
Cloud Orchestration with RightScale Cloud Workflow
Cloud Orchestration with RightScale Cloud WorkflowCloud Orchestration with RightScale Cloud Workflow
Cloud Orchestration with RightScale Cloud WorkflowRightScale
 
Best Practices in Planning a Large-Scale Migration to AWS - May 2017 AWS Onli...
Best Practices in Planning a Large-Scale Migration to AWS - May 2017 AWS Onli...Best Practices in Planning a Large-Scale Migration to AWS - May 2017 AWS Onli...
Best Practices in Planning a Large-Scale Migration to AWS - May 2017 AWS Onli...Amazon Web Services
 
How MSPs Can Be Successful in AWS, Azure, and Google Clouds
How MSPs Can Be Successful in AWS, Azure, and Google CloudsHow MSPs Can Be Successful in AWS, Azure, and Google Clouds
How MSPs Can Be Successful in AWS, Azure, and Google CloudsRightScale
 
Ten Ways to Optimize Costs on Public and Private Clouds
Ten Ways to Optimize Costs on Public and Private CloudsTen Ways to Optimize Costs on Public and Private Clouds
Ten Ways to Optimize Costs on Public and Private CloudsRightScale
 
RightScale Webinar: Hybrid-IT: Connecting Your On-Premises Infrastructure Wit...
RightScale Webinar: Hybrid-IT: Connecting Your On-Premises Infrastructure Wit...RightScale Webinar: Hybrid-IT: Connecting Your On-Premises Infrastructure Wit...
RightScale Webinar: Hybrid-IT: Connecting Your On-Premises Infrastructure Wit...RightScale
 
How to Report and Optimize Cloud Costs Across All Your Clouds by RightScale
How to Report and Optimize Cloud Costs Across All Your Clouds by RightScale How to Report and Optimize Cloud Costs Across All Your Clouds by RightScale
How to Report and Optimize Cloud Costs Across All Your Clouds by RightScaleRightScale
 
AWS re:Invent 2016: Partner-Led Migrations to AWS Starting with the Enterpris...
AWS re:Invent 2016: Partner-Led Migrations to AWS Starting with the Enterpris...AWS re:Invent 2016: Partner-Led Migrations to AWS Starting with the Enterpris...
AWS re:Invent 2016: Partner-Led Migrations to AWS Starting with the Enterpris...Amazon Web Services
 
Accelerating YourBusiness with Security
Accelerating YourBusiness with SecurityAccelerating YourBusiness with Security
Accelerating YourBusiness with SecurityAmazon Web Services
 
Cloud Lessons Learned: 3 Cloud Case Studies
Cloud Lessons Learned: 3 Cloud Case StudiesCloud Lessons Learned: 3 Cloud Case Studies
Cloud Lessons Learned: 3 Cloud Case StudiesRightScale
 
AWS re:Invent 2016: [JK REPEAT] The Enterprise Fast Lane - What Your Competit...
AWS re:Invent 2016: [JK REPEAT] The Enterprise Fast Lane - What Your Competit...AWS re:Invent 2016: [JK REPEAT] The Enterprise Fast Lane - What Your Competit...
AWS re:Invent 2016: [JK REPEAT] The Enterprise Fast Lane - What Your Competit...Amazon Web Services
 
Managing Container-as-a-Service and Docker Clusters in the Cloud with RightScale
Managing Container-as-a-Service and Docker Clusters in the Cloud with RightScaleManaging Container-as-a-Service and Docker Clusters in the Cloud with RightScale
Managing Container-as-a-Service and Docker Clusters in the Cloud with RightScaleRightScale
 
Got a Multi-Cloud Strategy? How RightScale CMP Helps
Got a Multi-Cloud Strategy? How RightScale CMP HelpsGot a Multi-Cloud Strategy? How RightScale CMP Helps
Got a Multi-Cloud Strategy? How RightScale CMP HelpsRightScale
 
Cloud Migration and Portability (with and without Containers)
Cloud Migration and Portability (with and without Containers)Cloud Migration and Portability (with and without Containers)
Cloud Migration and Portability (with and without Containers)RightScale
 

What's hot (20)

How to Find and Fix Waste to Optimize Your Cloud Spend
How to Find and Fix Waste to Optimize Your Cloud SpendHow to Find and Fix Waste to Optimize Your Cloud Spend
How to Find and Fix Waste to Optimize Your Cloud Spend
 
Cloud Trends for 2017 and Actions You Can Take Now
Cloud Trends for 2017 and Actions You Can Take NowCloud Trends for 2017 and Actions You Can Take Now
Cloud Trends for 2017 and Actions You Can Take Now
 
Top 10 Cloud Trends for 2018 and Actions You Can Take Now
Top 10 Cloud Trends for 2018 and Actions You Can Take NowTop 10 Cloud Trends for 2018 and Actions You Can Take Now
Top 10 Cloud Trends for 2018 and Actions You Can Take Now
 
Get Started Today with Cloud-Ready Contracts | AWS Public Sector Summit 2017
Get Started Today with Cloud-Ready Contracts | AWS Public Sector Summit 2017Get Started Today with Cloud-Ready Contracts | AWS Public Sector Summit 2017
Get Started Today with Cloud-Ready Contracts | AWS Public Sector Summit 2017
 
Multi-Cloud Management with RightScale CMP (Demo)
Multi-Cloud Management with RightScale CMP (Demo)Multi-Cloud Management with RightScale CMP (Demo)
Multi-Cloud Management with RightScale CMP (Demo)
 
Automating Cloud Operations: Tips from Managed Services
Automating Cloud Operations: Tips from Managed ServicesAutomating Cloud Operations: Tips from Managed Services
Automating Cloud Operations: Tips from Managed Services
 
Using RightScale CMP with Cloud Provider Tools
Using RightScale CMP with Cloud Provider ToolsUsing RightScale CMP with Cloud Provider Tools
Using RightScale CMP with Cloud Provider Tools
 
Cloud Orchestration with RightScale Cloud Workflow
Cloud Orchestration with RightScale Cloud WorkflowCloud Orchestration with RightScale Cloud Workflow
Cloud Orchestration with RightScale Cloud Workflow
 
Best Practices in Planning a Large-Scale Migration to AWS - May 2017 AWS Onli...
Best Practices in Planning a Large-Scale Migration to AWS - May 2017 AWS Onli...Best Practices in Planning a Large-Scale Migration to AWS - May 2017 AWS Onli...
Best Practices in Planning a Large-Scale Migration to AWS - May 2017 AWS Onli...
 
How MSPs Can Be Successful in AWS, Azure, and Google Clouds
How MSPs Can Be Successful in AWS, Azure, and Google CloudsHow MSPs Can Be Successful in AWS, Azure, and Google Clouds
How MSPs Can Be Successful in AWS, Azure, and Google Clouds
 
Ten Ways to Optimize Costs on Public and Private Clouds
Ten Ways to Optimize Costs on Public and Private CloudsTen Ways to Optimize Costs on Public and Private Clouds
Ten Ways to Optimize Costs on Public and Private Clouds
 
RightScale Webinar: Hybrid-IT: Connecting Your On-Premises Infrastructure Wit...
RightScale Webinar: Hybrid-IT: Connecting Your On-Premises Infrastructure Wit...RightScale Webinar: Hybrid-IT: Connecting Your On-Premises Infrastructure Wit...
RightScale Webinar: Hybrid-IT: Connecting Your On-Premises Infrastructure Wit...
 
How to Report and Optimize Cloud Costs Across All Your Clouds by RightScale
How to Report and Optimize Cloud Costs Across All Your Clouds by RightScale How to Report and Optimize Cloud Costs Across All Your Clouds by RightScale
How to Report and Optimize Cloud Costs Across All Your Clouds by RightScale
 
AWS re:Invent 2016: Partner-Led Migrations to AWS Starting with the Enterpris...
AWS re:Invent 2016: Partner-Led Migrations to AWS Starting with the Enterpris...AWS re:Invent 2016: Partner-Led Migrations to AWS Starting with the Enterpris...
AWS re:Invent 2016: Partner-Led Migrations to AWS Starting with the Enterpris...
 
Accelerating YourBusiness with Security
Accelerating YourBusiness with SecurityAccelerating YourBusiness with Security
Accelerating YourBusiness with Security
 
Cloud Lessons Learned: 3 Cloud Case Studies
Cloud Lessons Learned: 3 Cloud Case StudiesCloud Lessons Learned: 3 Cloud Case Studies
Cloud Lessons Learned: 3 Cloud Case Studies
 
AWS re:Invent 2016: [JK REPEAT] The Enterprise Fast Lane - What Your Competit...
AWS re:Invent 2016: [JK REPEAT] The Enterprise Fast Lane - What Your Competit...AWS re:Invent 2016: [JK REPEAT] The Enterprise Fast Lane - What Your Competit...
AWS re:Invent 2016: [JK REPEAT] The Enterprise Fast Lane - What Your Competit...
 
Managing Container-as-a-Service and Docker Clusters in the Cloud with RightScale
Managing Container-as-a-Service and Docker Clusters in the Cloud with RightScaleManaging Container-as-a-Service and Docker Clusters in the Cloud with RightScale
Managing Container-as-a-Service and Docker Clusters in the Cloud with RightScale
 
Got a Multi-Cloud Strategy? How RightScale CMP Helps
Got a Multi-Cloud Strategy? How RightScale CMP HelpsGot a Multi-Cloud Strategy? How RightScale CMP Helps
Got a Multi-Cloud Strategy? How RightScale CMP Helps
 
Cloud Migration and Portability (with and without Containers)
Cloud Migration and Portability (with and without Containers)Cloud Migration and Portability (with and without Containers)
Cloud Migration and Portability (with and without Containers)
 

Similar to 8 Elements of Multi-Cloud Security

RightScale Webinar: Security and Compliance in the Cloud
RightScale Webinar: Security and Compliance in the CloudRightScale Webinar: Security and Compliance in the Cloud
RightScale Webinar: Security and Compliance in the CloudRightScale
 
Multi cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCPMulti cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCPFaiza Mehar
 
AWS Public Sector Symposium 2014 Canberra | Compliance and Governance on the ...
AWS Public Sector Symposium 2014 Canberra | Compliance and Governance on the ...AWS Public Sector Symposium 2014 Canberra | Compliance and Governance on the ...
AWS Public Sector Symposium 2014 Canberra | Compliance and Governance on the ...Amazon Web Services
 
CIS Compliance Automations Eevidence Collection, Security and Compliance Be...
CIS Compliance Automations Eevidence Collection, Security and Compliance Be...CIS Compliance Automations Eevidence Collection, Security and Compliance Be...
CIS Compliance Automations Eevidence Collection, Security and Compliance Be...Faiza Mehar
 
Cloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsCloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsViresh Suri
 
Getting Started with AWS Security
Getting Started with AWS Security Getting Started with AWS Security
Getting Started with AWS SecurityAmazon Web Services
 
Best Practices for Multi-Cloud Security and Compliance
Best Practices for Multi-Cloud Security and ComplianceBest Practices for Multi-Cloud Security and Compliance
Best Practices for Multi-Cloud Security and ComplianceRightScale
 
Blue Chip Tek Connect and Protect Presentation #3
Blue Chip Tek Connect and Protect Presentation #3Blue Chip Tek Connect and Protect Presentation #3
Blue Chip Tek Connect and Protect Presentation #3Kimberly Macias
 
(ISM206) Modern IT Governance Through Transparency and Automation
(ISM206) Modern IT Governance Through Transparency and Automation(ISM206) Modern IT Governance Through Transparency and Automation
(ISM206) Modern IT Governance Through Transparency and AutomationAmazon Web Services
 
Outpost24 webinar: cloud providers ate hosting companies' lunch, what's next?...
Outpost24 webinar: cloud providers ate hosting companies' lunch, what's next?...Outpost24 webinar: cloud providers ate hosting companies' lunch, what's next?...
Outpost24 webinar: cloud providers ate hosting companies' lunch, what's next?...Outpost24
 
AWS Canberra WWPS Summit 2013 - AWS Governance and Security Overview
AWS Canberra WWPS Summit 2013 - AWS Governance and Security OverviewAWS Canberra WWPS Summit 2013 - AWS Governance and Security Overview
AWS Canberra WWPS Summit 2013 - AWS Governance and Security OverviewAmazon Web Services
 
AWS Enterprise Summit Netherlands - Creating a Landing Zone
AWS Enterprise Summit Netherlands - Creating a Landing ZoneAWS Enterprise Summit Netherlands - Creating a Landing Zone
AWS Enterprise Summit Netherlands - Creating a Landing ZoneAmazon Web Services
 
AWS April Webianr Series - How Willbros Builds Securely in AWS with Trend Micro
AWS April Webianr Series - How Willbros Builds Securely in AWS with Trend MicroAWS April Webianr Series - How Willbros Builds Securely in AWS with Trend Micro
AWS April Webianr Series - How Willbros Builds Securely in AWS with Trend MicroAmazon Web Services
 
(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the Cloud(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the CloudAmazon Web Services
 
AWS re:Invent 2016: Scaling Security Resources for Your First 10 Million Cust...
AWS re:Invent 2016: Scaling Security Resources for Your First 10 Million Cust...AWS re:Invent 2016: Scaling Security Resources for Your First 10 Million Cust...
AWS re:Invent 2016: Scaling Security Resources for Your First 10 Million Cust...Amazon Web Services
 
선도 금융사들의 aws security 활용 방안 소개 :: Eugene Yu :: AWS Finance...
선도 금융사들의 aws security 활용 방안 소개 :: Eugene Yu :: AWS Finance...선도 금융사들의 aws security 활용 방안 소개 :: Eugene Yu :: AWS Finance...
선도 금융사들의 aws security 활용 방안 소개 :: Eugene Yu :: AWS Finance...Amazon Web Services Korea
 
AWS re:Invent 2016: Automating and Scaling Infrastructure Administration with...
AWS re:Invent 2016: Automating and Scaling Infrastructure Administration with...AWS re:Invent 2016: Automating and Scaling Infrastructure Administration with...
AWS re:Invent 2016: Automating and Scaling Infrastructure Administration with...Amazon Web Services
 
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...Amazon Web Services
 

Similar to 8 Elements of Multi-Cloud Security (20)

RightScale Webinar: Security and Compliance in the Cloud
RightScale Webinar: Security and Compliance in the CloudRightScale Webinar: Security and Compliance in the Cloud
RightScale Webinar: Security and Compliance in the Cloud
 
Multi cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCPMulti cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCP
 
AWS Public Sector Symposium 2014 Canberra | Compliance and Governance on the ...
AWS Public Sector Symposium 2014 Canberra | Compliance and Governance on the ...AWS Public Sector Symposium 2014 Canberra | Compliance and Governance on the ...
AWS Public Sector Symposium 2014 Canberra | Compliance and Governance on the ...
 
CIS Compliance Automations Eevidence Collection, Security and Compliance Be...
CIS Compliance Automations Eevidence Collection, Security and Compliance Be...CIS Compliance Automations Eevidence Collection, Security and Compliance Be...
CIS Compliance Automations Eevidence Collection, Security and Compliance Be...
 
Cloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsCloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentals
 
Getting Started with AWS Security
Getting Started with AWS Security Getting Started with AWS Security
Getting Started with AWS Security
 
Best Practices for Multi-Cloud Security and Compliance
Best Practices for Multi-Cloud Security and ComplianceBest Practices for Multi-Cloud Security and Compliance
Best Practices for Multi-Cloud Security and Compliance
 
Blue Chip Tek Connect and Protect Presentation #3
Blue Chip Tek Connect and Protect Presentation #3Blue Chip Tek Connect and Protect Presentation #3
Blue Chip Tek Connect and Protect Presentation #3
 
Benefits of Cloud Computing
Benefits of Cloud ComputingBenefits of Cloud Computing
Benefits of Cloud Computing
 
(ISM206) Modern IT Governance Through Transparency and Automation
(ISM206) Modern IT Governance Through Transparency and Automation(ISM206) Modern IT Governance Through Transparency and Automation
(ISM206) Modern IT Governance Through Transparency and Automation
 
Outpost24 webinar: cloud providers ate hosting companies' lunch, what's next?...
Outpost24 webinar: cloud providers ate hosting companies' lunch, what's next?...Outpost24 webinar: cloud providers ate hosting companies' lunch, what's next?...
Outpost24 webinar: cloud providers ate hosting companies' lunch, what's next?...
 
AWS Canberra WWPS Summit 2013 - AWS Governance and Security Overview
AWS Canberra WWPS Summit 2013 - AWS Governance and Security OverviewAWS Canberra WWPS Summit 2013 - AWS Governance and Security Overview
AWS Canberra WWPS Summit 2013 - AWS Governance and Security Overview
 
AWS Enterprise Summit Netherlands - Creating a Landing Zone
AWS Enterprise Summit Netherlands - Creating a Landing ZoneAWS Enterprise Summit Netherlands - Creating a Landing Zone
AWS Enterprise Summit Netherlands - Creating a Landing Zone
 
AWS April Webianr Series - How Willbros Builds Securely in AWS with Trend Micro
AWS April Webianr Series - How Willbros Builds Securely in AWS with Trend MicroAWS April Webianr Series - How Willbros Builds Securely in AWS with Trend Micro
AWS April Webianr Series - How Willbros Builds Securely in AWS with Trend Micro
 
(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the Cloud(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the Cloud
 
AWS re:Invent 2016: Scaling Security Resources for Your First 10 Million Cust...
AWS re:Invent 2016: Scaling Security Resources for Your First 10 Million Cust...AWS re:Invent 2016: Scaling Security Resources for Your First 10 Million Cust...
AWS re:Invent 2016: Scaling Security Resources for Your First 10 Million Cust...
 
Application Migrations
Application MigrationsApplication Migrations
Application Migrations
 
선도 금융사들의 aws security 활용 방안 소개 :: Eugene Yu :: AWS Finance...
선도 금융사들의 aws security 활용 방안 소개 :: Eugene Yu :: AWS Finance...선도 금융사들의 aws security 활용 방안 소개 :: Eugene Yu :: AWS Finance...
선도 금융사들의 aws security 활용 방안 소개 :: Eugene Yu :: AWS Finance...
 
AWS re:Invent 2016: Automating and Scaling Infrastructure Administration with...
AWS re:Invent 2016: Automating and Scaling Infrastructure Administration with...AWS re:Invent 2016: Automating and Scaling Infrastructure Administration with...
AWS re:Invent 2016: Automating and Scaling Infrastructure Administration with...
 
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
 

More from RightScale

10 Must-Have Automated Cloud Policies for IT Governance
10 Must-Have Automated Cloud Policies for IT Governance10 Must-Have Automated Cloud Policies for IT Governance
10 Must-Have Automated Cloud Policies for IT GovernanceRightScale
 
Kubernetes and Terraform in the Cloud: How RightScale Does DevOps
Kubernetes and Terraform in the Cloud: How RightScale Does DevOpsKubernetes and Terraform in the Cloud: How RightScale Does DevOps
Kubernetes and Terraform in the Cloud: How RightScale Does DevOpsRightScale
 
Optimize Software, SaaS, and Cloud with Flexera and RightScale
Optimize Software, SaaS, and Cloud with Flexera and RightScaleOptimize Software, SaaS, and Cloud with Flexera and RightScale
Optimize Software, SaaS, and Cloud with Flexera and RightScaleRightScale
 
Prepare Your Enterprise Cloud Strategy for 2019: 7 Things to Think About Now
Prepare Your Enterprise Cloud Strategy for 2019: 7 Things to Think About NowPrepare Your Enterprise Cloud Strategy for 2019: 7 Things to Think About Now
Prepare Your Enterprise Cloud Strategy for 2019: 7 Things to Think About NowRightScale
 
How to Set Up a Cloud Cost Optimization Process for your Enterprise
How to Set Up a Cloud Cost Optimization Process for your EnterpriseHow to Set Up a Cloud Cost Optimization Process for your Enterprise
How to Set Up a Cloud Cost Optimization Process for your EnterpriseRightScale
 
Comparing Cloud VM Types and Prices: AWS vs Azure vs Google vs IBM
Comparing Cloud VM Types and Prices: AWS vs Azure vs Google vs IBMComparing Cloud VM Types and Prices: AWS vs Azure vs Google vs IBM
Comparing Cloud VM Types and Prices: AWS vs Azure vs Google vs IBMRightScale
 
How to Allocate and Report Cloud Costs with RightScale Optima
How to Allocate and Report Cloud Costs with RightScale OptimaHow to Allocate and Report Cloud Costs with RightScale Optima
How to Allocate and Report Cloud Costs with RightScale OptimaRightScale
 
Should You Move Between AWS, Azure, or Google Clouds? Considerations, Pros an...
Should You Move Between AWS, Azure, or Google Clouds? Considerations, Pros an...Should You Move Between AWS, Azure, or Google Clouds? Considerations, Pros an...
Should You Move Between AWS, Azure, or Google Clouds? Considerations, Pros an...RightScale
 
Automating Multi-Cloud Policies for AWS, Azure, Google, and More
Automating Multi-Cloud Policies for AWS, Azure, Google, and MoreAutomating Multi-Cloud Policies for AWS, Azure, Google, and More
Automating Multi-Cloud Policies for AWS, Azure, Google, and MoreRightScale
 
The 5 Stages of Cloud Management for Enterprises
The 5 Stages of Cloud Management for EnterprisesThe 5 Stages of Cloud Management for Enterprises
The 5 Stages of Cloud Management for EnterprisesRightScale
 
9 Ways to Reduce Cloud Storage Costs
9 Ways to Reduce Cloud Storage Costs9 Ways to Reduce Cloud Storage Costs
9 Ways to Reduce Cloud Storage CostsRightScale
 
Serverless Comparison: AWS vs Azure vs Google vs IBM
Serverless Comparison: AWS vs Azure vs Google vs IBMServerless Comparison: AWS vs Azure vs Google vs IBM
Serverless Comparison: AWS vs Azure vs Google vs IBMRightScale
 
Best Practices for Cloud Managed Services Providers: The Path to CMP Success
Best Practices for Cloud Managed Services Providers: The Path to CMP SuccessBest Practices for Cloud Managed Services Providers: The Path to CMP Success
Best Practices for Cloud Managed Services Providers: The Path to CMP SuccessRightScale
 
Cloud Storage Comparison: AWS vs Azure vs Google vs IBM
Cloud Storage Comparison: AWS vs Azure vs Google vs IBMCloud Storage Comparison: AWS vs Azure vs Google vs IBM
Cloud Storage Comparison: AWS vs Azure vs Google vs IBMRightScale
 
2018 Cloud Trends: RightScale State of the Cloud Report
2018 Cloud Trends: RightScale State of the Cloud Report2018 Cloud Trends: RightScale State of the Cloud Report
2018 Cloud Trends: RightScale State of the Cloud ReportRightScale
 
How to Manage Cloud Costs with RightScale Optima
How to Manage Cloud Costs with RightScale OptimaHow to Manage Cloud Costs with RightScale Optima
How to Manage Cloud Costs with RightScale OptimaRightScale
 
AWS re:Invent 2017 Recap
AWS re:Invent 2017 RecapAWS re:Invent 2017 Recap
AWS re:Invent 2017 RecapRightScale
 
Cloud Instances Price Comparison: AWS vs Azure vs Google vs IBM
Cloud Instances Price Comparison: AWS vs Azure vs Google vs IBMCloud Instances Price Comparison: AWS vs Azure vs Google vs IBM
Cloud Instances Price Comparison: AWS vs Azure vs Google vs IBMRightScale
 
Enterprise Cloud Strategy: 7 Areas You Need to Re-Think
Enterprise Cloud Strategy: 7 Areas You Need to Re-ThinkEnterprise Cloud Strategy: 7 Areas You Need to Re-Think
Enterprise Cloud Strategy: 7 Areas You Need to Re-ThinkRightScale
 
Orchestrating PaaS and IaaS+ with RightScale
Orchestrating PaaS and IaaS+ with RightScaleOrchestrating PaaS and IaaS+ with RightScale
Orchestrating PaaS and IaaS+ with RightScaleRightScale
 

More from RightScale (20)

10 Must-Have Automated Cloud Policies for IT Governance
10 Must-Have Automated Cloud Policies for IT Governance10 Must-Have Automated Cloud Policies for IT Governance
10 Must-Have Automated Cloud Policies for IT Governance
 
Kubernetes and Terraform in the Cloud: How RightScale Does DevOps
Kubernetes and Terraform in the Cloud: How RightScale Does DevOpsKubernetes and Terraform in the Cloud: How RightScale Does DevOps
Kubernetes and Terraform in the Cloud: How RightScale Does DevOps
 
Optimize Software, SaaS, and Cloud with Flexera and RightScale
Optimize Software, SaaS, and Cloud with Flexera and RightScaleOptimize Software, SaaS, and Cloud with Flexera and RightScale
Optimize Software, SaaS, and Cloud with Flexera and RightScale
 
Prepare Your Enterprise Cloud Strategy for 2019: 7 Things to Think About Now
Prepare Your Enterprise Cloud Strategy for 2019: 7 Things to Think About NowPrepare Your Enterprise Cloud Strategy for 2019: 7 Things to Think About Now
Prepare Your Enterprise Cloud Strategy for 2019: 7 Things to Think About Now
 
How to Set Up a Cloud Cost Optimization Process for your Enterprise
How to Set Up a Cloud Cost Optimization Process for your EnterpriseHow to Set Up a Cloud Cost Optimization Process for your Enterprise
How to Set Up a Cloud Cost Optimization Process for your Enterprise
 
Comparing Cloud VM Types and Prices: AWS vs Azure vs Google vs IBM
Comparing Cloud VM Types and Prices: AWS vs Azure vs Google vs IBMComparing Cloud VM Types and Prices: AWS vs Azure vs Google vs IBM
Comparing Cloud VM Types and Prices: AWS vs Azure vs Google vs IBM
 
How to Allocate and Report Cloud Costs with RightScale Optima
How to Allocate and Report Cloud Costs with RightScale OptimaHow to Allocate and Report Cloud Costs with RightScale Optima
How to Allocate and Report Cloud Costs with RightScale Optima
 
Should You Move Between AWS, Azure, or Google Clouds? Considerations, Pros an...
Should You Move Between AWS, Azure, or Google Clouds? Considerations, Pros an...Should You Move Between AWS, Azure, or Google Clouds? Considerations, Pros an...
Should You Move Between AWS, Azure, or Google Clouds? Considerations, Pros an...
 
Automating Multi-Cloud Policies for AWS, Azure, Google, and More
Automating Multi-Cloud Policies for AWS, Azure, Google, and MoreAutomating Multi-Cloud Policies for AWS, Azure, Google, and More
Automating Multi-Cloud Policies for AWS, Azure, Google, and More
 
The 5 Stages of Cloud Management for Enterprises
The 5 Stages of Cloud Management for EnterprisesThe 5 Stages of Cloud Management for Enterprises
The 5 Stages of Cloud Management for Enterprises
 
9 Ways to Reduce Cloud Storage Costs
9 Ways to Reduce Cloud Storage Costs9 Ways to Reduce Cloud Storage Costs
9 Ways to Reduce Cloud Storage Costs
 
Serverless Comparison: AWS vs Azure vs Google vs IBM
Serverless Comparison: AWS vs Azure vs Google vs IBMServerless Comparison: AWS vs Azure vs Google vs IBM
Serverless Comparison: AWS vs Azure vs Google vs IBM
 
Best Practices for Cloud Managed Services Providers: The Path to CMP Success
Best Practices for Cloud Managed Services Providers: The Path to CMP SuccessBest Practices for Cloud Managed Services Providers: The Path to CMP Success
Best Practices for Cloud Managed Services Providers: The Path to CMP Success
 
Cloud Storage Comparison: AWS vs Azure vs Google vs IBM
Cloud Storage Comparison: AWS vs Azure vs Google vs IBMCloud Storage Comparison: AWS vs Azure vs Google vs IBM
Cloud Storage Comparison: AWS vs Azure vs Google vs IBM
 
2018 Cloud Trends: RightScale State of the Cloud Report
2018 Cloud Trends: RightScale State of the Cloud Report2018 Cloud Trends: RightScale State of the Cloud Report
2018 Cloud Trends: RightScale State of the Cloud Report
 
How to Manage Cloud Costs with RightScale Optima
How to Manage Cloud Costs with RightScale OptimaHow to Manage Cloud Costs with RightScale Optima
How to Manage Cloud Costs with RightScale Optima
 
AWS re:Invent 2017 Recap
AWS re:Invent 2017 RecapAWS re:Invent 2017 Recap
AWS re:Invent 2017 Recap
 
Cloud Instances Price Comparison: AWS vs Azure vs Google vs IBM
Cloud Instances Price Comparison: AWS vs Azure vs Google vs IBMCloud Instances Price Comparison: AWS vs Azure vs Google vs IBM
Cloud Instances Price Comparison: AWS vs Azure vs Google vs IBM
 
Enterprise Cloud Strategy: 7 Areas You Need to Re-Think
Enterprise Cloud Strategy: 7 Areas You Need to Re-ThinkEnterprise Cloud Strategy: 7 Areas You Need to Re-Think
Enterprise Cloud Strategy: 7 Areas You Need to Re-Think
 
Orchestrating PaaS and IaaS+ with RightScale
Orchestrating PaaS and IaaS+ with RightScaleOrchestrating PaaS and IaaS+ with RightScale
Orchestrating PaaS and IaaS+ with RightScale
 

Recently uploaded

Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Nikki Chapple
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructureitnewsafrica
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 

Recently uploaded (20)

Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 

8 Elements of Multi-Cloud Security

  • 2. o Bart Falzarano • Director, Security and Compliance, RightScale o Ryan Geyer • Cloud Solutions Architect, RightScale Panelists
  • 4. o The State of Multi-Cloud Security o How to Think About Multi-Cloud Security o 8 Elements • Visibility • Identity and Access Control • Workload Security • Data Security • Network Security • Business Continuity/Disaster Recovery • Audit • Compliance Agenda
  • 5. 82% of Enterprises Want Multi-Cloud Single private 5% Single public 10% No plans 3% Multiple private 14% Multiple public 13% Hybrid cloud 55% 82% Enterprise Cloud Strategy 1000+ employees Multi-Cloud 82% Source: RightScale 2015 State of the Cloud Report
  • 6. 17% 21% 21% 18% 24% 17% 26% 17% 23% 24% 25% 25% 27% 28% Performance Governance/control Managing costs Managing multiple cloud services Compliance Lack of resources/expertise Security Cloud Challenges 2015 vs. 2014 % of Respondents Reporting These As Significant Challenges 2015 2014 Security Remains #1 Challenge Source: RightScale 2015 State of the Cloud Report
  • 8. Security Features Vary by Cloud 8 Security Features AWS Azure Google IAM ✔ ✔ ✔ Encryption in DBaaS ✔ ✔ ✔ Key Management as a Service ✔ ✔ Hardware Key Management ✔ Security Assessment ✔ ✔ Configuration Governance ✔ ✔ Audit Trails ✔ ✔ ✔
  • 9. Cloud Security Ecosystem Cloud Provider Enterprise RightScale 3rd Party Vendors Plan for a Cloud Security Ecosystem • CMDB • SIEM /Logging / Auditing • IdP • Configuration Management • Orchestration Workflows • Web Application Firewalls • File-Integrity Monitoring • Continuous Integration • Source Code Repositories
  • 10. Options Abound o RightScale provides visibility, governance, auditing across clouds o Cloud providers offer cloud-specific security options o 3rd party vendors offer multi-cloud options o Ability for segregation of duties: encryption provider vs cloud storage provider Capability Who? Encrypt data in transit Vendor, Enterprise Encrypt data at rest Vendor, Cloud, Enterprise Secure communications RightScale, Cloud, Enterprise, Vendor Systems Configuration /Network segmentation Cloud, Enterprise, RightScale Integrate with IAM RightScale, Cloud, Enterprise, Vendors Privileged identity management RightScale, Cloud, Enterprise Backup/Replicate data RightScale, Cloud, Enterprise, Vendor Coordinate BC & DR RightScale, Cloud, Enterprise, Vendor Log cloud activity RightScale, Cloud, Enterprise, Vendor Shared Responsibility for Cloud Security
  • 12. Visibility • Can you see all your cloud accounts and instances? • Connect to all your clouds • Gain visibility to all your accounts You Can’t Control What You Can’t See 12 Many Accounts Across Clouds AWS Azure Google CloudStack OpenStack vSphere Account Account Account Account Account Account Account Account Account Account Account Account Account Account Account Account Account AccountAccount
  • 13. Single pane of glass • Multi-cloud access • Public clouds • Private clouds • Virtualized • Control access • Standardize configuration • Patch and update • Audit trails RightScale: Multi-Cloud Visibility 13 AWS Azure Google CloudStack OpenStack vSphere
  • 15. • Mostly the same • Govern and enforce user access • Configure Role Management • Context Based Access Control • Enable Audit reporting • 3rd Party Identity Providers • SSO SAML, MFA, Oauth, ADFS • But… • How do you handle multiple clouds and accounts? • So how do you control cloud credentials? Considerations for IAM in Cloud 15 “Should this person (user) who performs this job function and therefore has these roles assigned (role) be allowed to access this type of data as it applies to this particular account (context)?”
  • 16. Current state • CSPs follow proprietary schemes to support user provisioning and lifecycle management of user profiles • IAM Integrations accomplished through grafts and tie-ins • What’s the state of IAM for difference cloud providers? • Not all have IAM services for all features. • How do you manage multiple clouds? • Centralize control through your CMP • Limit users that can go directly to cloud accounts • AD Agents/Connectors • Okta, Ping Identity, OneLogin • Enterprise Directory Services • Active Directory Federation Services ADFS/ SAML integration Multi-Cloud IAM 16
  • 17. Challenges • Difficult to implement, manage, and support • Difficult to scale and/ or extend to other CSPs • No direct coupling between AD and AWS IAM Integrating IAM 17 ADFS AWS STS A D SQ L 1 2 3 4 5 6 Your Environment SAML 7 AWS AWS account 123456789012 AWS account 111122223333 IAM roles=> ADFS-Production ADFS-DEV IAM roles=> ADFS-Production ADFS-DEV IAM role=> ADFS-DEV IAM role=> ADFS-DEV AWS account 777788889999 AWS account 444455556666 AD group memberships=> AWS-Production AWS-DEV User object attribute 123456789012 111122223333
  • 18. What you get: • Aggregate accounts across clouds • Hierarchical organization of accounts • Security and access controls • SSO integration RightScale Multi-Cloud Access Controls 18 User BUser A User EUser DUser C Enterprise Account Cloud Account Cloud Account Cloud Account Cloud Account Cloud Account Cloud Account Account 2Account 1 RightScale Access Control Authenticate with passwords or SSO Authenticate with cloud credentials
  • 20. Enforce Policies • Catalog of templates that meet corporate standards • Configured to your security requirements • Define which clouds can be used • Control user options and choices • Orchestrate and automate deployment and operations Workload Security: From Rogue to Policy-Based 20 Basic instances Stacks for Dev or Prod Applications
  • 21. Standardization • Automate provisioning and configuration • Version-controlled • Follow standards for versions, patches and configuration • Leverage a variety of scripting languages • Modular and auditable • Define Security Configuration Baselines Standardize Server Configurations AWS Azure Google CloudStack OpenStack vSphere Multi-Cloud Image Configuration Scripts Containers 21
  • 22. Standardize System Configurations 22 Load Balancers App Servers Master DB Slave DB Replicate > DNS Configure a system: Cloud Application Template (CAT) Configure a server: • ServerTemplates (portable) • Docker container (portable) • AMI • CloudFormation • VM template
  • 23. Increase IT efficiency o Bring your own configuration management o Clone existing architectures o Updates and patches o Monitor and alert o Auto-scale up and down Patch and Update
  • 24. • Asymmetric keys private/public • Key Management • NISTIR 7966 http://tinyurl.com/lhtujnv • Key storage options • Key Management-as-a-Service • AWS, Azure • Multi-tenant • Hardware Security Modules • On-premise • Cloud services (AWS) • RightScale • Encryption of keys -MUST Key Management 24
  • 26. Compliance Requirements • PCI E-Commerce • HIPAA / PHI/ 21CFR11 • NPI / PII • FTI IRS PUB1075 • MPAA • Data Protection / Encryption • In-transit: MUST • At rest: MUST • In process: DEPENDS • Considerations in the Cloud • Select the right cloud provider • Some cloud providers encrypt by default • Review their security documents • Most Cloud Providers will sign BAA • Segregate workloads Data Security 26
  • 27. Data Residency with a Global Cloud Platform Amazon Web Services Google Cloud Platform IBM SoftLayer Rackspace Windows Azure Public Clouds Singapore Hong Kong Japan Texas DC Area SF Area Seattle Chicago Dublin London Amsterdam Oregon São Paulo Midwest Beijing Sydney W Europe Private Clouds CloudStack OpenStack vSphere Melbourne Toronto Mexico City Taiwan 27
  • 28. • Data privacy legislation differs around the world • Evaluate encryption options where you manage the keys (a la Amazon Aurora) so vendor can’t give data in case of subpoena • What is the CSP’s data retention period? • What country is the CSP headquartered out of? • Which jurisdiction covers the contract between you and the CSP? Data Residency: Impact of Safe Harbor 28
  • 30. • HTTPS / TLS • SSL? • IP address Whitelisting • VPN IPSEC • VPC (AWS) Securely Connecting to Cloud
  • 31. • AWS DirectConnect • Azure ExpressRoute • Google Carrier Interconnect • SoftLayer DirectLink Direct Connection Options 31 AWS Cage Customer Cage AWS Direct Connect Azure Cage Customer Cage Azure ExpressRoute
  • 32. Comply with policies • Quickly Audit Security Groups • Interactive Network Visualization • Maintain Security and Compliance Network Visibility 32
  • 33. #6: BUSINESS CONTINUITY & DISASTER RECOVERY
  • 34. 34 SLAs by Cloud Certification AWS Azure Google SoftLayer Uptime SLA 99.95% 99.95% 99.95% 100% Max SLA Credit on monthly bill 30% 25% 50% 5% per 30 minutes downtime Downtime Calculation Any minutes downtime Any minutes downtime 5+ consecutive minutes downtime 30+ consecutive minutes downtime
  • 35. Architect for SLAs • HA/DR reference architectures • Cross-region and cross- cloud • Auto-scale to meet demand • Hybrid cloudbursting • Monitor and automate failover • Hot, warm, and cold DR scenarios Implement DR Architectures for your Apps 35 Load Balancers App Servers Slave DB Master DB App Servers Slave DB < Replicate Replicate > Load Balancers PRIMARY WARM DR DNS
  • 36. Ensure availability o Separate management plane from cloud and cloud applications o RightScale platform is fully redundant o Automate failover processes for hot, warm or cold DR Outage-Proof with Independent Control Plane
  • 38. 38 o Cloud Trails o Azure Diagnostics o Google Cloud Logging (beta) o SoftLayer Audit Trails What Audit Tools by Provider?
  • 39. Approach: • Feed audit trails from individual clouds to SIEM • Feed audit trails from CMP to SIEM Multi-Cloud Logging and Audit Trails 39 Cloud Management Platform Cloud SIEM Cloud Cloud Cloud Cloud Cloud
  • 40. Ensure compliance o See who changed what and when o Provide audit logs and reports to satisfy regulators o Available via API to integrate with other systems Gain Visibility with Audit Trails
  • 42. Cloud Provider Certifications Matrix 42 Certification AWS Azure Google SoftLayer PCI DSS1     HIPAA     SSAE16 SOC1 (Type II)     SSAE16 SOC2 (Type II)     SSAE16 SOC3 (Type II)     ISO 27001     ISO 27017  ISO 27018    CSA    FedRAMP   In process  FISMA    
  • 43. • RightScale Certifications • State of the Cloud Report • www.rightscale.com/2015-cloud-report • Private and Hybrid Cloud Whitepaper • www.rightscale.com/private-hybrid-cloud-whitepaper Questions? 43 SSAE16 SOC1 and SOC2 Type II PCI DSS SAQ C CompliantU.S.-EU Safe Harbor Framework and U.S.-Swiss Safe Harbor Framework