Almost every business decision requires executives and managers to balance risk and reward, and efficiency in that process is essential to an enterprise’s success. Too often though, IT risk (business risk related to the use of IT) is overlooked. While other business risks such as market, credit and operational risks have long been incorporated into the decision-making processes, IT risk has usually been relegated to technical specialists outside the boardroom, despite falling under the same risk category as other business risks: failure to achieve strategic objectives.
With the emergence of the Cloud, IT risk has suffered yet another radical transformation. The past couple of years have also brought along new vulnerabilities, exploits, and attack methods, as well as new data privacy requirements such as the GDPR. While all of these things require significant changes to any existing processes and tools, they mostly require a different approach when catering to people's IT security awareness, especially when moving to the Cloud.
Digital Transformation in the Cloud: What They Don’t Always Tell You [2020]Tudor Damian
The payoff of successful Digital Transformation can be essential for companies engaged in highly-competitive markets. Almost every business decision requires executives and managers to balance risk and reward, and efficiency in that process is essential to an enterprise’s success.
With the emergence of the Cloud, IT risk has suffered yet another radical transformation. The past couple of years have also brought along new vulnerabilities, exploits, and attack methods, as well as new data privacy requirements such as the GDPR. While all of these things require significant changes to any existing processes and tools, they mostly require a different approach when catering to people's IT security awareness, especially when moving to the Cloud.
Based on real-life projects and experience from recent years, this session provides a quick insight into the role that the Cloud plays within Digital Transformation initiatives, touching on challenges companies usually face when dealing with governance, security, change management & cost-control. Examples and case studies included.
Make A Stress Free Move To The Cloud: Application Modernization and Managemen...Dell World
Delivering IT services that keep the business running from day to day is always challenging. Delivering these services while simultaneously moving your IT infrastructure to the cloud can be almost impossible without the right tools and support. Attend this session to hear directly from leaders at Dell who specialize in application management and learn how Dell migration tools and services accelerate your move to the cloud while maintaining the high quality access to web and mobile services that your users demand.
The Keys To A Successful Identity And Access Management Program: How Does You...Dell World
The way you implement Identity and Access Management (IAM) can make or break your security and compliance strategies. Based on Dell’s experience helping customers deploy IAM properly, we have identified common themes that run through these successful projects. In this session, one of Dell’s IAM experts will present a maturity model that will help you gauge the correct place to start your deployment, highlight the course corrections that may be necessary, and help you determine the path to IAM that’s right for you.
December 2014 Webinar - Planning Your 2015 Cloud StrategyRapidScale
By 2015, at least 20% of all cloud services will be consumed via internal or external cloud service brokerages, rather than directly, up from less than 5%. (Sky High Networks) It's clear that the cloud is no longer just a fad - it's here to stay, and 2015 will be a year full of continued cloud education and cloud adoption. Plan your cloud strategy now, with these tips.
Cloud: To Build or Buy - Can You Justify On-Premises IT?Dell World
Outsourcing IT to the public cloud may seem cheap and easy, but is it? Data shows that on-premises private and hybrid cloud can deliver superior ROI. Explore methodologies and TCO analysis that can help you build a better business case for your organization, while meeting a "cloud first" objective.
Extensibility: The Key To Managing Your Entire Cloud PortfolioDell World
As cloud adoption increases, cloud management becomes more and more of a challenge. No longer can you look at managing your clouds with a one-off management strategy. In this session, you will learn how forward-thinking organizations around the world are bringing cloud into their IT operations and integrating it with their existing tools, systems, and processes to simplify management for administrators and streamline provisioning for developers. We will discuss governance tools, like security systems and chargeback models, as well as policy tools, monitoring solutions, ITSM systems and more. Discover how applying an extensible management approach across all of your clouds, including SaaS, PaaS and IaaS, can increase scale, availability and performance.
Data Movement, Management and Governance In The Cloud: DocuSign Case StudyDell World
Learn how DocuSign, a leader in digital transaction management, has scaled its IT infrastructure for growth, automated business processes and created extendable efficiencies by implementing Dell Boomi AtomSphere as its integration platform as a service. In this session, you will learn how DocuSign went from managing a host of disparate applications to automating data movement, management and governance across them, while establishing an enterprise-grade IT infrastructure—and how you can, too.
Prescriptive Cloud Services for the Future Ready EnterpriseDell World
In today’s ever-changing, software-defined world, matching workloads to the right cloud solutions is incredibly challenging. Failure to do so can add complexity and lead to excessive spend on suboptimal cloud services. At this panel of Dell Cloud providers and customers, you will discover how our worldwide partnerships and in-depth expertise help organizations become future ready, optimizing cloud costs and workloads. You'll learn how our prescriptive cloud services have helped reduce risk and get the most of out of cloud investments. Regardless of geographic location or workload type, Dell can help you plan for your unique cloud future.
Digital Transformation in the Cloud: What They Don’t Always Tell You [2020]Tudor Damian
The payoff of successful Digital Transformation can be essential for companies engaged in highly-competitive markets. Almost every business decision requires executives and managers to balance risk and reward, and efficiency in that process is essential to an enterprise’s success.
With the emergence of the Cloud, IT risk has suffered yet another radical transformation. The past couple of years have also brought along new vulnerabilities, exploits, and attack methods, as well as new data privacy requirements such as the GDPR. While all of these things require significant changes to any existing processes and tools, they mostly require a different approach when catering to people's IT security awareness, especially when moving to the Cloud.
Based on real-life projects and experience from recent years, this session provides a quick insight into the role that the Cloud plays within Digital Transformation initiatives, touching on challenges companies usually face when dealing with governance, security, change management & cost-control. Examples and case studies included.
Make A Stress Free Move To The Cloud: Application Modernization and Managemen...Dell World
Delivering IT services that keep the business running from day to day is always challenging. Delivering these services while simultaneously moving your IT infrastructure to the cloud can be almost impossible without the right tools and support. Attend this session to hear directly from leaders at Dell who specialize in application management and learn how Dell migration tools and services accelerate your move to the cloud while maintaining the high quality access to web and mobile services that your users demand.
The Keys To A Successful Identity And Access Management Program: How Does You...Dell World
The way you implement Identity and Access Management (IAM) can make or break your security and compliance strategies. Based on Dell’s experience helping customers deploy IAM properly, we have identified common themes that run through these successful projects. In this session, one of Dell’s IAM experts will present a maturity model that will help you gauge the correct place to start your deployment, highlight the course corrections that may be necessary, and help you determine the path to IAM that’s right for you.
December 2014 Webinar - Planning Your 2015 Cloud StrategyRapidScale
By 2015, at least 20% of all cloud services will be consumed via internal or external cloud service brokerages, rather than directly, up from less than 5%. (Sky High Networks) It's clear that the cloud is no longer just a fad - it's here to stay, and 2015 will be a year full of continued cloud education and cloud adoption. Plan your cloud strategy now, with these tips.
Cloud: To Build or Buy - Can You Justify On-Premises IT?Dell World
Outsourcing IT to the public cloud may seem cheap and easy, but is it? Data shows that on-premises private and hybrid cloud can deliver superior ROI. Explore methodologies and TCO analysis that can help you build a better business case for your organization, while meeting a "cloud first" objective.
Extensibility: The Key To Managing Your Entire Cloud PortfolioDell World
As cloud adoption increases, cloud management becomes more and more of a challenge. No longer can you look at managing your clouds with a one-off management strategy. In this session, you will learn how forward-thinking organizations around the world are bringing cloud into their IT operations and integrating it with their existing tools, systems, and processes to simplify management for administrators and streamline provisioning for developers. We will discuss governance tools, like security systems and chargeback models, as well as policy tools, monitoring solutions, ITSM systems and more. Discover how applying an extensible management approach across all of your clouds, including SaaS, PaaS and IaaS, can increase scale, availability and performance.
Data Movement, Management and Governance In The Cloud: DocuSign Case StudyDell World
Learn how DocuSign, a leader in digital transaction management, has scaled its IT infrastructure for growth, automated business processes and created extendable efficiencies by implementing Dell Boomi AtomSphere as its integration platform as a service. In this session, you will learn how DocuSign went from managing a host of disparate applications to automating data movement, management and governance across them, while establishing an enterprise-grade IT infrastructure—and how you can, too.
Prescriptive Cloud Services for the Future Ready EnterpriseDell World
In today’s ever-changing, software-defined world, matching workloads to the right cloud solutions is incredibly challenging. Failure to do so can add complexity and lead to excessive spend on suboptimal cloud services. At this panel of Dell Cloud providers and customers, you will discover how our worldwide partnerships and in-depth expertise help organizations become future ready, optimizing cloud costs and workloads. You'll learn how our prescriptive cloud services have helped reduce risk and get the most of out of cloud investments. Regardless of geographic location or workload type, Dell can help you plan for your unique cloud future.
There is a lot of talk in technology circles about 'the Cloud' these days. Wondering what it means for you and your business systems? While this new era of cloud computing can bring benefits to your organization these need to be weighed against the risks.
Learn from experts what is really happening today and what you should be considering for the future.
Presentation I gave in March 2014 on cloud computing with cloud definition & characteristics, cloud ROI, benefits and costs, lessons learned, examples, and 7 enablers.
Governance and the Social Enterprise
James Hindes, The Standard, Director of Enterprise CRM
Lou Fox, Blue Wolf Group, CTO
James Burns, Salesforce.com, Director - Platform
Agenda
Introductions
A Strategic Governance Framework for the Salesforce Platform
The Standard’s Journey to Cloud Governance
Q&A
James Burns
Company – Salesforce.com
Role - Director – Platform Community Solution Advisors
Salesforce experience - 18 months
30 years Enterprise Architecture and design
Strategic Governance Framework
The Standard’s Journey to Cloud Governance
James Hindes – Director Enterprise CRM
Lou Fox – CTO, Blue Wolfe
James Burns
Director – Platform
Community Solution Advisors
http://uk.linkedin.com/in/burnsjames
CoE Drives Strategic Alignment and Ensures Value
Change Control
Basically to manage successful projects its needs 3 key ingredients:
The correct Processes for the job at hand.
The correct people.
The use of the correct techniques for the job at hand.
Traditional via Cloud
Over the years many great IT projects have delivered successfully.
With Cloud we can build on these processes and techniques.
No need to reinvent them.
The Single Org vs Multi Org Dilemma
Decision Process Methodology
Business Considerations
Solution speed to market
Flexibility and adaptability
Frequency of change
Predictability of delivery
Regional, global user base
Commonality of business process across the company
Collaboration use cases
Cross-application access across Salesforce applications to backend systems eg SAP
Technical Considerations
Data security level
Sharing of data across Salesforce applications
Record level access rights
User profiles
Business reporting requirements
Salesforce Org level security and system administration complexity
Common functionality between applications
Do the applications need to share data
Coding Standards
Strategic Governance Framework
Deploying Unified Communications with Lync on the easiest, most secure platformDell World
Virtual desktop infrastructure (VDI) offers a simple and secure way to deploy unified communications with Lync. In this session you will learn about the new Dell appliance, operating system and thin clients that set a new standard for easy implementation of Citrix XenDesktop with ultra-secure connectivity to Microsoft Lync. Experience live displays of these innovative technologies and discover how customers have realized the benefits of unified communications more easily and securely with Dell.
Client solutions for the modern workforceDell World
Businesses and end users today are not just looking for the latest devices or software developments in isolation – they are looking for solutions to help them remain secure, productive and connected in a simple and integrated manner. It's with this insight that Dell is developing innovative client solutions by integrating our range of capabilities, from tablets to PCs and virtualization solutions. Join us in this session as we will discuss how Dell uniquely enables customers to protect data, drive efficiencies in systems management, and deliver a reliable end user device all while saving IT time and money to focus on more strategic projects that can help companies grow.
Cloud security: Accelerating cloud adoption Dell World
Organizations now have an opportunity to more rapidly overcome their security concerns by using third-party cloud platforms. In this session, Dell SecureWorks security experts discuss the Shared Security Responsibility model, how organizations need to think about security architecture in the cloud, and new Dell SecureWorks services that are helping organizations plan, architect, manage and respond to threats in the cloud.
Client Security Strategies To Defeat Advanced ThreatsDell World
With the workplace changing, job responsibilities are being met at home, at customer locations, even in public spaces like coffee shops. Does your security strategy protect you from the damaging costs of a data breach while providing end users seamless access to data and apps on any device, anywhere, at any time? From protecting data on any device, in the cloud, and over public WiFi, to managing access control and governance on networks, we will discuss Dell's approach to securing company data while enabling productivity and mobility.
Adapting to a Hybrid World [Webinar on Demand]ServerCentral
Learn:
- when hybrid IT works: successful deployment models we’ve seen
- when hybrid IT doesn’t work: how to avoid the "gotchas"
- which applications go where in hybrid environments
- pro tips from a managed infrastructure hosting provider's point of view
Cloud Security Summit - InfoSec World 2014Bill Burns
Cloud Security trends, practical tips and lessons learned. Implementing holistic security controls to protect business data, Trends that will affect data security, and advice to security startups and companies evaluating them.
If You Are Not Embedding Analytics Into Your Day To Day Processes, You Are Do...Dell World
Becoming data-driven requires analytics to be embedded throughout the organization in different functional areas and different operational processes. But how do you provide more and more people with the ability to run any analytics on any data anywhere– without breaking the bank? In this session, you’ll see real-world examples of Dell customers who have successfully embedded analytics across processes and operations to drive innovation.We will also demonstrate how embedding analytics enables faster innovation and improves collaboration between data scientists, business analysts, and business stakeholders, leading to a competitive advantage.
One of the most over-used terms in technology today, the “Cloud” is being used to describe pretty much any service that works over the Internet. But cloud computing has some specific advantages and some specific concerns. There are also three main areas where cloud computing is making a lot of business sense: in running business applications, in provide storage services, and in providing an alternative to computer servers.
In this presentation, I will better define what the cloud is and isn’t and then explore the areas where cloud services are providing value. I also give you tips on evaluating future cloud service providers so that you can continue to understand this new computing paradigm.
Empowering the evolving workforce with virtual workspacesDell World
The traditional approach of measuring the value of a technology solution for end users has changed. Moving beyond merely defining transaction costs and economies of scale, today’s focus is on deriving business value from an evolving workforce that is increasingly mobile. In this session, we'll share how our innovative vision of flexible, virtual workspaces can empower your mobile workforce while enhancing security and increasing productivity. Join your peers as we discuss mobile technology solutions and, in particular, look at both cultural and operational transformation as critical success factors in driving overall workforce effectiveness.
Executing on the promise of the Internet of Things (IoT)Dell World
As sensors spread across almost every industry, the Internet of Things is triggering a massive influx of data. Data is coming from all directions – machinery, train tracks, shipping containers, and power stations. As we go from isolated systems to an integrated network of smart devices, enterprises need to develop smart data integration and analytics techniques to generate insights quickly. Not all data collected from sensors needs to be stored and analyzed in the cloud or data center. This session will discuss smart ways of integrating multiple data sources and using analytics techniques at the edge to enable faster decision making.
IBM Security Strategy Intelligence, Integration and Expertise
by Marc van Zadelhoff, VP, WW Strategy and Product Management and Joe Ruthven IBM MEA Security Leader
MT50 Data is the new currency: Protect it!Dell EMC World
Data is meant to roam, and contrary to popular opinion, better security is better business. But endpoints and users remain the key vulnerability to even the most robust security programs. In fact, 95% of all breaches occur at the endpoint, and organizations can still be susceptible to the latest viruses and malware. In this session you will learn how to protect your data on digital and physical workstations throughout the organization, wherever employees use it – at home, on the road, collaborating with partners, and more.
Learn more at Dell.com/datasecurity
Enterprise Adoption – Patterns for Success with AWS - BusinessAmazon Web Services
Enterprises are using AWS to both develop new sources of customer value as well as reinventing their core. In this session we will provide insights into the successful adoption patterns that have emerged. We will also discuss how enterprises have successfully navigated the people and processes challenges that initially inhibited enterprise wide adoption. Finally, we will provide you with a framework to assess where you are on your Cloud journey and tangible takeaways that will help you accelerate.
Speaker: Shannon O'Brien, Enterprise Sales Manager, Amazon Web Services
Featured Customer - Strategy&
Enterprise Adoption – Patterns for Success with AWS - BusinessAmazon Web Services
Enterprises are using AWS to both develop new sources of customer value as well as reinventing their core. In this session we will provide insights into the successful adoption patterns that have emerged. We will also discuss how enterprises have successfully navigated the people and processes challenges that initially inhibited enterprise wide adoption. Finally, we will provide you with a framework to assess where you are on your Cloud journey and tangible takeaways that will help you accelerate.
Speaker: Shannon O'Brien, Enterprise Sales Manager, Amazon Web Services
Featured Customer - Strategy&
There is a lot of talk in technology circles about 'the Cloud' these days. Wondering what it means for you and your business systems? While this new era of cloud computing can bring benefits to your organization these need to be weighed against the risks.
Learn from experts what is really happening today and what you should be considering for the future.
Presentation I gave in March 2014 on cloud computing with cloud definition & characteristics, cloud ROI, benefits and costs, lessons learned, examples, and 7 enablers.
Governance and the Social Enterprise
James Hindes, The Standard, Director of Enterprise CRM
Lou Fox, Blue Wolf Group, CTO
James Burns, Salesforce.com, Director - Platform
Agenda
Introductions
A Strategic Governance Framework for the Salesforce Platform
The Standard’s Journey to Cloud Governance
Q&A
James Burns
Company – Salesforce.com
Role - Director – Platform Community Solution Advisors
Salesforce experience - 18 months
30 years Enterprise Architecture and design
Strategic Governance Framework
The Standard’s Journey to Cloud Governance
James Hindes – Director Enterprise CRM
Lou Fox – CTO, Blue Wolfe
James Burns
Director – Platform
Community Solution Advisors
http://uk.linkedin.com/in/burnsjames
CoE Drives Strategic Alignment and Ensures Value
Change Control
Basically to manage successful projects its needs 3 key ingredients:
The correct Processes for the job at hand.
The correct people.
The use of the correct techniques for the job at hand.
Traditional via Cloud
Over the years many great IT projects have delivered successfully.
With Cloud we can build on these processes and techniques.
No need to reinvent them.
The Single Org vs Multi Org Dilemma
Decision Process Methodology
Business Considerations
Solution speed to market
Flexibility and adaptability
Frequency of change
Predictability of delivery
Regional, global user base
Commonality of business process across the company
Collaboration use cases
Cross-application access across Salesforce applications to backend systems eg SAP
Technical Considerations
Data security level
Sharing of data across Salesforce applications
Record level access rights
User profiles
Business reporting requirements
Salesforce Org level security and system administration complexity
Common functionality between applications
Do the applications need to share data
Coding Standards
Strategic Governance Framework
Deploying Unified Communications with Lync on the easiest, most secure platformDell World
Virtual desktop infrastructure (VDI) offers a simple and secure way to deploy unified communications with Lync. In this session you will learn about the new Dell appliance, operating system and thin clients that set a new standard for easy implementation of Citrix XenDesktop with ultra-secure connectivity to Microsoft Lync. Experience live displays of these innovative technologies and discover how customers have realized the benefits of unified communications more easily and securely with Dell.
Client solutions for the modern workforceDell World
Businesses and end users today are not just looking for the latest devices or software developments in isolation – they are looking for solutions to help them remain secure, productive and connected in a simple and integrated manner. It's with this insight that Dell is developing innovative client solutions by integrating our range of capabilities, from tablets to PCs and virtualization solutions. Join us in this session as we will discuss how Dell uniquely enables customers to protect data, drive efficiencies in systems management, and deliver a reliable end user device all while saving IT time and money to focus on more strategic projects that can help companies grow.
Cloud security: Accelerating cloud adoption Dell World
Organizations now have an opportunity to more rapidly overcome their security concerns by using third-party cloud platforms. In this session, Dell SecureWorks security experts discuss the Shared Security Responsibility model, how organizations need to think about security architecture in the cloud, and new Dell SecureWorks services that are helping organizations plan, architect, manage and respond to threats in the cloud.
Client Security Strategies To Defeat Advanced ThreatsDell World
With the workplace changing, job responsibilities are being met at home, at customer locations, even in public spaces like coffee shops. Does your security strategy protect you from the damaging costs of a data breach while providing end users seamless access to data and apps on any device, anywhere, at any time? From protecting data on any device, in the cloud, and over public WiFi, to managing access control and governance on networks, we will discuss Dell's approach to securing company data while enabling productivity and mobility.
Adapting to a Hybrid World [Webinar on Demand]ServerCentral
Learn:
- when hybrid IT works: successful deployment models we’ve seen
- when hybrid IT doesn’t work: how to avoid the "gotchas"
- which applications go where in hybrid environments
- pro tips from a managed infrastructure hosting provider's point of view
Cloud Security Summit - InfoSec World 2014Bill Burns
Cloud Security trends, practical tips and lessons learned. Implementing holistic security controls to protect business data, Trends that will affect data security, and advice to security startups and companies evaluating them.
If You Are Not Embedding Analytics Into Your Day To Day Processes, You Are Do...Dell World
Becoming data-driven requires analytics to be embedded throughout the organization in different functional areas and different operational processes. But how do you provide more and more people with the ability to run any analytics on any data anywhere– without breaking the bank? In this session, you’ll see real-world examples of Dell customers who have successfully embedded analytics across processes and operations to drive innovation.We will also demonstrate how embedding analytics enables faster innovation and improves collaboration between data scientists, business analysts, and business stakeholders, leading to a competitive advantage.
One of the most over-used terms in technology today, the “Cloud” is being used to describe pretty much any service that works over the Internet. But cloud computing has some specific advantages and some specific concerns. There are also three main areas where cloud computing is making a lot of business sense: in running business applications, in provide storage services, and in providing an alternative to computer servers.
In this presentation, I will better define what the cloud is and isn’t and then explore the areas where cloud services are providing value. I also give you tips on evaluating future cloud service providers so that you can continue to understand this new computing paradigm.
Empowering the evolving workforce with virtual workspacesDell World
The traditional approach of measuring the value of a technology solution for end users has changed. Moving beyond merely defining transaction costs and economies of scale, today’s focus is on deriving business value from an evolving workforce that is increasingly mobile. In this session, we'll share how our innovative vision of flexible, virtual workspaces can empower your mobile workforce while enhancing security and increasing productivity. Join your peers as we discuss mobile technology solutions and, in particular, look at both cultural and operational transformation as critical success factors in driving overall workforce effectiveness.
Executing on the promise of the Internet of Things (IoT)Dell World
As sensors spread across almost every industry, the Internet of Things is triggering a massive influx of data. Data is coming from all directions – machinery, train tracks, shipping containers, and power stations. As we go from isolated systems to an integrated network of smart devices, enterprises need to develop smart data integration and analytics techniques to generate insights quickly. Not all data collected from sensors needs to be stored and analyzed in the cloud or data center. This session will discuss smart ways of integrating multiple data sources and using analytics techniques at the edge to enable faster decision making.
IBM Security Strategy Intelligence, Integration and Expertise
by Marc van Zadelhoff, VP, WW Strategy and Product Management and Joe Ruthven IBM MEA Security Leader
MT50 Data is the new currency: Protect it!Dell EMC World
Data is meant to roam, and contrary to popular opinion, better security is better business. But endpoints and users remain the key vulnerability to even the most robust security programs. In fact, 95% of all breaches occur at the endpoint, and organizations can still be susceptible to the latest viruses and malware. In this session you will learn how to protect your data on digital and physical workstations throughout the organization, wherever employees use it – at home, on the road, collaborating with partners, and more.
Learn more at Dell.com/datasecurity
Enterprise Adoption – Patterns for Success with AWS - BusinessAmazon Web Services
Enterprises are using AWS to both develop new sources of customer value as well as reinventing their core. In this session we will provide insights into the successful adoption patterns that have emerged. We will also discuss how enterprises have successfully navigated the people and processes challenges that initially inhibited enterprise wide adoption. Finally, we will provide you with a framework to assess where you are on your Cloud journey and tangible takeaways that will help you accelerate.
Speaker: Shannon O'Brien, Enterprise Sales Manager, Amazon Web Services
Featured Customer - Strategy&
Enterprise Adoption – Patterns for Success with AWS - BusinessAmazon Web Services
Enterprises are using AWS to both develop new sources of customer value as well as reinventing their core. In this session we will provide insights into the successful adoption patterns that have emerged. We will also discuss how enterprises have successfully navigated the people and processes challenges that initially inhibited enterprise wide adoption. Finally, we will provide you with a framework to assess where you are on your Cloud journey and tangible takeaways that will help you accelerate.
Speaker: Shannon O'Brien, Enterprise Sales Manager, Amazon Web Services
Featured Customer - Strategy&
This infographic shows the platforms, and tools covered in CloudMASTER cloud computing classes, and how they address key concerns of executives and IT Pros
The cloud is driving significant change in how companies deploy and manage resources for their existing business applications. This session explains in non-technical terms how to evaluate if a move to the cloud is in your midst without being a technical expert. We'll explain the many different deployment options as well as business opportunities, pros and cons that companies should consider when addressing the cloud. This session will also provide an executive viewpoint on Azure and it's future potential for businesses.
The most trusted, proven enterprise-class Cloud:Closer than you think Uni Systems S.M.S.A.
The Big Decision – What, when, and why?
Enterprises are aware that the Cloud is changing IT, but security and performance remain a concern. Each cloud model has potential risks: reliability, adaptability, application compatibility, efficiency, scaling, lock- in, security and compliance. Companies must select an enterprise cloud solution to suit a complex mix of applications; these decisions require great care. Uni Systems’ Uni|Cloud was built to be enterprise class. The essential reason that many businesses today are using Uni Systems Cloud for their enterprise IT, is because it offers the only enterprise-class cloud solution in the Greek market, designed for mission-critical applications, coupled with application performance SLAs and security built for the enterprise, combined with cloud efficiency and consumption-based pricing/chargeback.
Moving your IT to the Cloud with an Enterprise Cloud Strategymstockwell
Gaining business benefits from Cloud requires much more than just using a cloud provider because they're cheaper: You need an Enterprise Cloud Strategy. This presentation addresses why you need an Enterprise Cloud Strategy, what your strategy should encompass, and what benefits will be gained.
Presented at ISACA Indonesia Monthly Technical Meeting, 11 Dec 2019 at Telkom Landmark.
Key takeaways from my presentation:
1. Cloud customers have to understand the share responsibilities between customer and cloud provider
2. Different cloud service model (IaaS, PaaS, SaaS) has different audit methodology
3. Customer’s IT Auditor have to be trained to have the skills needed to audit the cloud service
4. Understanding IAM in Cloud is very important. Each Cloud Service Provider has different IAM mechanism
5. Understanding different type of audit logs in cloud platform is important for IT Auditor
As public and private cloud adoption skyrockets, the number of attacks against cloud infrastructure is also increasing dramatically. Now more than ever, it is crucial to secure your cloud assets and data against advanced threats.
We’ll dig into what it means to be successful in the cloud and what successful organizations do more of (and less of) than their less successful peers. We’ll look across technologies adopted, organizational and operational practices, and vendors embraced.
Recorded webinar: https://youtu.be/Og1-xcc7JNs
My main interest currently is business driven cloud adoption and from that perspective I addressed migration and modernization themes on the Serverless meetup 10.11.2022. From business requirements perspective, should everything be serverless?
Gartner predicts that by 2026, 75% of organizations will adopt a digital transformation model predicated on cloud as the fundamental underlying platform. It is clear that cloud is here to stay and will continue to be top of mind for organizations of all sizes for years to come. To have a successful cloud strategy, not only is it important to know how other organizations are successfully migrating their architecture, but also how they are handling operations once they make the switch.
However, moving to and operating in the cloud successfully is not as easy as purchasing some public cloud credits and calling it a day. There are many common challenges that organizations face as they move to be cloud-first. By understanding more about these challenges, organizations can avoid expensive consequences.
Join this session to learn about:
Top trends in cloud migration and computingCommon challenges that organizations face as they move to a cloud-first approachConsequences that organizations face when they mishandle cloud adoption
Understanding The Cloud For Enterprise Businesses. Triaxil
Cloud is getting lots of attention these days. Cloud is a transformational platform that can support the opportunities of today’s digital business being shaped and driven by mobile, social, IoT (Internet of Things), Big Data and other forces. Cloud Computing not only is a powerful agent of change, but it also can accelerate transformation.
The benefits are big. “Cloud computing is a disruptive phenomenon, with the potential to make IT organizations more responsive than ever,” says research firm Gartner. “Cloud computing promises economic advantages, speed, agility, flexibility,infinite elasticity an dinnovation.” As a result, more and more enterprises are moving to the cloud. According to Gartner, 78 percent of enterprises are planning to increase their investment in cloud through 2017.
Understanding The Cloud For Enterprise Businesses, an eBook from Triaxil!Ezhilarasan Natarajan
Cloud is getting lots of attention these days. Cloud is a transformational platform that can support the opportunities of today’s digital business being shaped and driven by mobile, social, IoT (Internet of Things), Big Data and other forces. Cloud Computing not only is a powerful agent of change, but it also can accelerate transformation.
The benefits are big. “Cloud computing is a disruptive phenomenon, with the
potential to make IT organizations more responsive than ever,” says research firm Gartner. “Cloud computing promises economic advantages, speed, agility,
flexibility,infinite elasticity and innovation.” As a result, more and more enterprises are moving to the cloud. According to Gartner, 78 percent of enterprises are planning to increase their investment in cloud through 2017.
Interested further?
Get ahead of the cloud or get left behindMatt Mandich
An enterprise cloud computing strategy results in:
Broad consensus on goals and expected results of moving select processes to the cloud
Standardized, consistent approach to evaluating the benefits and challenges of cloud projects
Clear requirements for the negotiation and monitoring of partnerships with cloud service providers
Understanding and consensus on the enabling and managing role IT will play in future cloud initiatives
Goals and a roadmap for transforming internal IT from asset managers to service broker
RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...RightScale
Businesses who want to stay ahead of the curve and achieve maximum efficiency and consistency are adopting cloud infrastructure. Keeping up with dynamic cloud environments, achieving scalable, automated, flexible, and secure cloud infrastructures means increased business agility. But how can you manage security as you migrate to cloud infrastructures?
Join Rishi Vaish, VP of Product at RightScale & Amrit Williams, CTO at CloudPassage as they discuss:
1. Recent findings from RightScale's State of the Cloud survey
2. Why hybrid cloud is the standard of choice
3. Three strategies for existing cloud server workloads
4. Benefits and security challenges of migrating to cloud infrastructures
5. Choosing a hybrid strategy - management and security practices to get the utmost resource flexibility
Businesses who want to stay ahead of the curve and achieve maximum efficiency and consistency are adopting cloud infrastructure. Keeping up with dynamic cloud environments, achieving scalable, automated, flexible, and secure cloud infrastructures means increased business agility. But how can you manage security as you migrate to cloud infrastructures?
Join Rishi Vaish, VP of Product at RightScale & Amrit Williams, CTO at CloudPassage as they discuss:
Recent findings from RightScale's State of the Cloud survey
Why hybrid cloud is the standard of choice
3 strategies for existing cloud server workloads
Benefits and security challenges of migrating to cloud infrastructures
Choosing a hybrid strategy - management and security practices to get the utmost resource flexibility
Similar to Security & Compliance in the Cloud [2019] (20)
Modern cybersecurity threats, and shiny new tools to help deal with themTudor Damian
With cybersecurity threats changing rapidly, we definitely need a new set of tools to be able to prevent and address them more efficiently: malware is becoming more complex and harder to detect, malicious insider attacks are on the rise and zero-day exploits make their way to the public much quicker than before. Join this session to see how Windows Server 2016 and Windows 10 can help organizations deal with this ever-changing security ecosystem by providing them with ways to better secure their environment and data. We’ll touch on topics such as malware & threat resistance, identity & access control, virtualization-based security, configurable code integrity, remote attestation and a few others.
The state of web applications (in)security @ ITDays 2016Tudor Damian
The global security landscape is changing, now more than ever. With cloud computing gaining momentum and advanced persistent threats becoming a common occurrence, the industry is taking a more focused and serious approach, especially after some of last years' heavily publicized cyber breaches. Join this session for a high-level overview on the industry trends in the area of web application security, and find out why security is bound to become a hot topic in any organization developing or using web applications.
2016, A new era of OS and Cloud SecurityTudor Damian
The global security landscape is changing, now more than ever. With cloud computing gaining momentum and advanced persistent threats becoming a common occurrence, the industry is taking a more focused and serious approach when it comes to security, especially after some of last years’ heavily publicized incidents. Join this session for a discussion on what Microsoft is doing to protect against these new security threats with fresh approaches taken both at the server & client OS level, as well as in Azure.
Almost every business decision requires executives and managers to balance risk and reward, and efficiency in that process is essential to an enterprise’s success. Too often though, IT risk (business risk related to the use of IT) is overlooked.
While other business risks such as market, credit and operational risks have long been incorporated into the decision-making processes, IT risk has usually been relegated to technical specialists outside the boardroom, despite falling under the same risk category as other business risks: failure to achieve strategic objectives.
This session intends to address business risks related to the use of IT, looking at industry standards, frameworks and best practices, as well as focusing on real world examples and specific plans on how to implement IT Risk Management on every level of your company.
There is no doubt that Intrusion Detection Systems should be incorporated into any security infrastructure, however today’s IDS implementations are far from perfect. Security Managers should continue to add layers to their defense strategy and not place too much reliance on this technology, as it’s not easy to create a system that can effectively flag an attack without crashing under the weight of its own logs, operate relatively maintenance free and respond appropriately to benign anomalous events without raising too many false alarms.
This session discusses some of the most common techniques aimed at evading IDS detection order to easily attack the infrastructure sitting behind those systems.
DefCamp #5, Bucharest, November 29th
Just as a chain is as weak as its weakest link, computer systems are as vulnerable as their weakest component – and that’s rarely the technology itself, it’s more often the people using it. This is precisely why it’s usually easier to exploit people’s natural inclination to trust than it is to discover ways to hack into computer systems. As the art of manipulating people into them giving up confidential information, Social Engineering has been a hot topic for many years. This session will discuss some of the most common Social Engineering techniques and countermeasures.
Azure Site Recovery and System Center Tudor Damian
Azure Site Recovery is a cloud-based service that automates virtual machine fail-over across sites. The service integrates with Virtual Machine Manager which manages on-premises Hyper-V servers. Hyper-V Replica technology replicates virtual machine configuration and data across sites. Based on customer feedback, support for SAN replication is important. This session covers the scenarios in scope, solution architecture, and SAN integration using SMI-S.
Upgrading your Private Cloud to Windows Server 2012 R2Tudor Damian
Learn about the functionality and processes that are available to enable you to move your private cloud deployments to Windows Server 2012 R2 with zero downtime. Understand the options that are available to you and the considerations that need to be made as you determine the best path for continuing to keep your environment on the best technology available for private clouds today. This session covers the end to end approach including Hyper-V, Clustering, Storage and SCVMM.
O scurta introducere in arhitectura Hyper-V R2 si Linux Integration Services v2.1, precum si o detaliere a unor solutii de management si instrumente utile in gazduirea sistemelor Linux sub Hyper-V - video screencast pe Vimeo: http://www.vimeo.com/15466169
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
2. • Managing Partner & CIO @ Avaelgo
• Offering Peace of Mind as-a-Service
• IT Advisory, Cloud Strategy, Managed Services, IT Security, Training
• Co-founder @ ITCamp & ITCamp Community
• Cloud and Datacenter Management MVP (Microsoft)
• Certified Ethical Hacker (EC-Council)
• Certified Security Professional (CQURE)
• Contact: tudor.damian@avaelgo.ro / tudy.tel
Tudor Damian
3. • Why the Cloud?
• Digital Transformation & Current Cloud adoption trends
• How to get there?
• Defining a strategy to move to the Cloud
• I’m there, now what?
• Security & Compliance in the Cloud
• What’s next?
• Key takeaways & next steps
• Case Study:
• Example: Microsoft Azure
• Our approach (Avaelgo)
Objectives
5. • A recent survey found that Digital
Transformation (DT) is the #1 concern in
2019 for directors, CEOs and senior
executives (WSJ)
• Yet, nearly 70% of all DT initiatives do not reach
their goals – in 2018, out of $1.3 trillion spent,
$900 billion went to waste (Forbes)
• Most digital technologies provide
possibilities for efficiency gains
• If people lack the right mindset to change and if
current organizational practices are flawed, DT
will only magnify those flaws
The pitfalls of Digital Transformation
https://blogs.wsj.com/riskandcompliance/2018/12/05/businesses-predict-digital-transformation-to-be-biggest-risk-factors-in-2019/
https://www.forbes.com/sites/forbestechcouncil/2018/03/13/why-digital-transformations-fail-closing-the-900-billion-hole-in-enterprise-strategy/#4f74e9207b8b
Failed
69%
Successful
31%
Digital Transformation
initiatives (2018)
6. • Figure out your business strategy before you invest in anything
• Figure out what’s important – speed, innovation, digitalization, production lead
times, increased time-to-market, improved use of data, enhanced supply chain, etc.
• Leverage insiders
• Don’t just rely on outside consultants, use staff with intimate knowledge about what
works and what doesn’t
• Design customer experience from the outside in
• Ask your customer for feedback, have them describe your strengths and
weaknesses
• Recognize employees’ fear of being replaced
• People may unconsciously resist change if they feel their job is at stake
• Learn from the start-up culture
• Agile decision making, rapid prototyping, flat structures, fail fast
What is there to do?
7. Open LDAP
New PCs
bought ad-hoc
PCs refreshed
when dead
Employees
using personal
mobile devices
IT purchasing
decisions
made “on the spot”
What does today
look like for you?
“Good
enough”
platforms
No
technology
strategy
Legacy
back office
Fragmented
end-point
solutions
8. Increasingly
complex
demands
Multiple tech
products
Tougher
competitive
environment
Custom solutions
required for
interoperability
Cross-platform
device management
requirements
Race to the bottom
pricing impacts
deal profitability
Multiple technology
vendors servicing
single client
Greater effort
to maintain
customer base
Increased
implementation
and
management
complexity
Difficulty
differentiating
brand
Increased security
exposure
Need to source
best of breed
solutions
What does today
look like for you?
10. Cloud migration will continue to grow
C o m p a n i e s a r e a l r e a d y i n t h e C l o u d
11. • Cost control: Utility services cost less even though they cost more
• Higher cost per unit time than leasing or upfront purchase
• Zero cost when not used
• Efficiency & scalability: on-demand is better than prediction
• Forecasting is estimative, often wrong, sometimes impossible
• Better to be able to scale up or down “immediately” depending on demand
• Workloads: address odd workload patterns
• On-and-off, growing fast, unpredictable bursting, predictable bursting
• Innovation: access to technology not available on-premises
• Making use of some Cloud-native solutions (e.g. AI, ML, DBs, storage)
• Consolidating platforms, technologies, expertise
• Starting up: new company, startup, spinoff, new market, etc.
• Security & compliance: GDPR, data protection, data classification, etc.
Why the Cloud? (examples)
12. • Identity & Data
• Data Classification & Labeling, Data Protection
• Monitoring & Response
• Geography
• Multi-geo deployments & GDPR
• Latency
• Financials
• OPEX vs CAPEX
• Understand PAYG vs CSP vs EA vs MCA
• Understand constants and variables in Cloud consumption
• Apply relevant tools for cost visualization, control and budgeting
• Governance
• Cloud subscriptions will get very messy very quickly without proper governance
• Locks, Groups, Tags, Policies, Auditing & Monitoring – it all has little value unless properly
understood and employed
• Process
• This is not a walk in the park, it’s a lengthy and rather complex project
Common Cloud challenges
14. Types of Migrations (The R’s of Migration)
Rehost: i.e. redeploy applications to a different (newer) hardware environment. Rehosting an application
without making changes to its architecture can provide a fast cloud migration solution.
Revise: i.e. modify or extend the existing code base to support modernization requirements,
then use rehost or refactor options to deploy to cloud.
Rebuild: i.e. rearchitect the solution. Discard code of existing application/solution and leverage newer
and innovative cloud services (like PaaS).
Replace:
i.e. discard an existing application (or set of applications) and use commercial software
delivered as a service (SaaS)
Refactor: i.e. run applications on a cloud provider’s infrastructure. Applications/workloads may need to be
modified slightly to run on the cloud provider’s platform.
Retire/Retain: i.e. discard completely or do not move. Some applications may not be used by anyone or
others may be simply impossible to move!
15. Responsibility zones in the Cloud
E x a m p l e
Data classification, governance,
accountability & rights management
Client endpoint protection
Account access & management
Identity & directory infrastructure
Application-level controls
Network controls
Virtual OS controls
Physical hosts
Physical network
Physical datacenter
PaaSIaaS SaaS
On-
prem
Always retained by customer
Varies by service type
Transfers to Cloud Provider
17. • Is the app modern or legacy?
• Topology
• Transient faults
• Latency, performance
• Security and compliance
• Maintainability
• DevOps
• Degree of technology lock-in
• Multi-tenancy
• Cloud perception
• New features, possible only in the Cloud
• Application architecture guidance
PaaS migrations are even more fun ☺
19. Understanding cloud security controls
W h a t d o e s t h e C l o u d d o f o r m e ? W h a t d o I s t i l l n e e d t o d o ?
On-premises IaaS PaaS SaaS
1. Security Strategy, Governance, and Operationalization: Provide clear vision, standards and guidance for the company
2. Administrative Control: Defend against loss of control of your Cloud services and on-premises systems
3. Data: Identify and protect your most important information assets
4. User Identity and Device Security: Strengthen protection for accounts and devices
5. Application Security: Ensure application code is resilient to attacks
6. Network: Ensure connectivity, isolation, and visibility into anomalous attacks
7. OS and Middleware: Protect integrity of (virtual) hosts
8. On-prem / private
environments: Secure
the foundation
20. • Governance, risk management & compliance (GRC) are three facets
that help to ensure that an organization meets its objectives
• Goals:
• Keeping risk at acceptable levels
• Maintaining availability to systems and services
• Complying with relevant laws and regulations
• Protecting customer and internal data
GRC – are you doing it today?
G o v e r n a n c e , R i s k m a n a g e m e n t & C o m p l i a n c e
21. • Regulatory compliance (e.g. PCI-DSS, HIPAA, CDSA, MPAA, etc.)
• Data governance (e.g. DLP, encrypting PII, geo location, etc.)
• Financial governance (e.g. CAPEX vs OPEX, prediction, cost centers, etc.)
• Change management (e.g. DevOps, user & organization readiness, etc.)
• ITIL, COBIT & the Cloud
• Strategy, Design, Transition, Operation & Improvement
• Ensure clear ownership & responsibilities
• Better manage IT investments
• Identify & handle IT risk
GRC – items in focus
G o v e r n a n c e , R i s k m a n a g e m e n t & C o m p l i a n c e
23. Built-in Cloud-native governance
Speed Control
Example: Azure Governance
Development Cloud Custodian
Templates
Policies
RBAC
Blueprints
Management
Groups
Cost
Management
Resource
Graph
24. Sacrifice Speed for Control
Traditional approach
Developers
Operations
Cloud Custodian /
Engineers responsible
for Cloud environment
25. Speed and Control
Cloud-native governance
Developers
Built-in controls through
policy instead of workflow
Operations
Cloud Custodian
Team
26. • 3rd and 4th party risk
• Customers: responsible for implementing security in the cloud application
• SaaS providers: responsible for the security in the cloud
• Cloud service providers: responsible for the security of the cloud
• Analyze costs and benefits of Cloud migration
• Operational consistency
• Information visibility
• Advanced threats
Cloud security & compliance challenges
27. • Understanding your business challenge
• Data-centric threat defense
• Proactive risk management
• Continuous security & compliance
• Resolving your business challenge
• Secure the Data, not the Cloud
• Manage risk proactively, including doing an
initial assessment
• Implement foundational security, with
compliance as a by-product
Building a Cloud-ready Security strategy
28. Microsoft Azure
C l o u d S e c u r i t y & C o m p l i a n c e e x a m p l e
29. Example: Azure Compliance offering
S o u r c e : h t t p s : / / a z u r e . m i c r o s o f t . c o m / e n - u s / o v e r v i e w / t r u s t e d - c l o u d / c o m p l i a n c e /
HIPAA /
HITECH Act
FERPA
GxP
21 CFR Part 11
Singapore
MTCS
UK
G-Cloud
Australia
IRAP/CCSL
FISC Japan
New Zealand
GCIO
China
GB 18030
EU
Model Clauses
ENISA
IAF
Argentina
PDPA
Japan CS
Mark Gold
CDSA
Shared
Assessments
Japan My
Number Act
FACT UK GLBA
Spain
ENS
PCI DSS
Level 1 MARS-E FFIEC
China
TRUCS
Canada
Privacy Laws
MPAA
Privacy
Shield
India
MeitY
Germany IT
Grundschutz
workbook
Spain
DPA
HITRUST IG Toolkit UK
China
DJCP
ITAR
Section 508
VPAT
SP 800-171 FIPS 140-2
High
JAB P-ATO
CJIS
DoD DISA
SRG Level 2
DoD DISA
SRG Level 4
IRS 1075
DoD DISA
SRG Level 5
Moderate
JAB P-ATO
GLOBALUSGOVINDUSTRYREGIONAL
ISO 27001
SOC 1
Type 2ISO 27018
CSA STAR
Self-AssessmentISO 27017
SOC 2
Type 2
SOC 3ISO 22301
CSA STAR
Certification
CSA STAR
AttestationISO 9001
30. Physical Datacenter Security
M i c r o s o f t A z u r e
Two-factor
authentication
with biometrics
Employee &
contractor vetting
Metal
detectors
Video coverage
rack front & back
Inability to identify
location of specific
customer data
Secure
destruction bins
Ongoing
roaming patrols
Video
coverage
Ongoing
roaming patrols
Front
entrance gate
1 defined
access point
Video
coverage
Perimeter
fencing
Two-factor
authentication
with biometrics
Video
coverage
No building
signage
24x7x365
security operations
Verified single
person entry
Ongoing
roaming patrols
Background
check
System
check
Access
approval
Perimeter
Building
Server
environment
31. • Data & network segregation
• Custom-built security hardware
• Integrated security attestation
• Endpoint restrictions
• DDoS mitigation
• Wargame exercises
• Continuous monitoring
• No standing access to production servers
• Incident response team
Infrastructure Security
M i c r o s o f t A z u r e
32. • Virtual network isolation
• Network Security Groups
• User-Defined Routing
• VPN configuration
• Web Application Firewall
• Network Firewall
• DDoS Protection
• ExpressRoute
Network Security
M i c r o s o f t A z u r e
33. • Single sign-on (AAD Connect)
• Azure RBAC & conditional access policies
• Multi-Factor Authentication
• Privileged Identity Management
• Azure Identity Protection
• Storage Service & Disk Encryption
• SQL TDE/Always Encrypted
• Key management system (Key Vault)
• Workload Protection (application whitelisting, JiT access)
• Azure Sentinel (SIEM)
Data Security
M i c r o s o f t A z u r e
34. Securing Privileged Access
Office 365 Security
Rapid Cyberattacks
(Wannacrypt/Petya)
https://aka.ms/MCRA Video Recording Strategies
Office 365
Dynamics 365
+Monitor
Azure Sentinel – Cloud Native SIEM and SOAR (Preview)
SQL Encryption &
Data Masking
Data Loss Protection
Data Governance
eDiscovery
35. Securing Privileged Access
Office 365 Security
Rapid Cyberattacks
(Wannacrypt/Petya)
https://aka.ms/MCRA Video Recording Strategies
Office 365
Dynamics 365
+Monitor
Azure Sentinel – Cloud Native SIEM and SOAR (Preview)
SQL Encryption &
Data Masking
Data Loss Protection
Data Governance
eDiscovery
36. So, how do we do it?
C a s e s t u d y : A v a e l g o
37. Cloud
Optimize
• Proactive Support
• Governance & Security
• Budgeting & Cost Control
• Monitoring & Alerts
• DevOps & Automation
• Usage Optimizations
• Best Practices
Cloud
Support
• Operational Baseline
• 24/7 SLA-based Support
• Root-Cause Analysis
• Critical Issue Escalation
• Config Management
• Business Continuity
• Disaster Recovery
Cloud
Empower
• Power Platform Apps
o PowerApps & Flow
o PowerBI
• Avaelgo Pre-built Apps
• Technology Onboarding
• Custom Software Dev
o Cloud-ready
o AI & ML
Envision, Readiness &
Cloud Onboarding
Example: Avaelgo 365
A v a e l g o C l o u d M a n a g e d S e r v i c e s F r a m e w o r k
Peace of Mind
as-a-Service
Growth &
Innovation
Cloud
Migrate
• Rehost (Lift & Shift)
• Refactor (PaaS)
• Revise (Re-architect)
• Rebuild (Cloud-native)
• Replace (SaaS)
• CI & CD (DevOps)
Cloud
Strategy
• Incubation Workshop
• Learn-Try-Adopt
o Hands-on training
o Implementing POCs
• Define Cloud Strategy
o Planning & Roadmap
Ongoing Advisory & Training
Designed for:
39. • So, we’ve (briefly) discussed:
• Why, when and how to move to the Cloud?
• Cloud migration, security & governance concerns
• Example: Microsoft Azure
• Case-study: Avaelgo
• First steps:
• Ensure you have a clear Cloud Strategy (including Security & Governance)
• Discover what you’ve got and where you’re starting from
• Don’t forget, you’re mostly just extending your practices to the Cloud
• Consider the details – identity, geography, financials, monitoring, operations
Summary