SlideShare a Scribd company logo

Security & Compliance in the Cloud [2019]

Tudor Damian
Tudor Damian

Almost every business decision requires executives and managers to balance risk and reward, and efficiency in that process is essential to an enterprise’s success. Too often though, IT risk (business risk related to the use of IT) is overlooked. While other business risks such as market, credit and operational risks have long been incorporated into the decision-making processes, IT risk has usually been relegated to technical specialists outside the boardroom, despite falling under the same risk category as other business risks: failure to achieve strategic objectives. With the emergence of the Cloud, IT risk has suffered yet another radical transformation. The past couple of years have also brought along new vulnerabilities, exploits, and attack methods, as well as new data privacy requirements such as the GDPR. While all of these things require significant changes to any existing processes and tools, they mostly require a different approach when catering to people's IT security awareness, especially when moving to the Cloud.

1 of 41
Download to read offline
Security & Compliance in the Cloud DefCamp 2019 Bucharest, November 7th, 2019
• Managing Partner & CIO @ Avaelgo • Offering Peace of Mind as-a-Service • IT Advisory, Cloud Strategy, Managed Services, IT Security, Training • Co-founder @ ITCamp & ITCamp Community • Cloud and Datacenter Management MVP (Microsoft) • Certified Ethical Hacker (EC-Council) • Certified Security Professional (CQURE) • Contact: tudor.damian@avaelgo.ro / tudy.tel Tudor Damian
• Why the Cloud? • Digital Transformation & Current Cloud adoption trends • How to get there? • Defining a strategy to move to the Cloud • I’m there, now what? • Security & Compliance in the Cloud • What’s next? • Key takeaways & next steps • Case Study: • Example: Microsoft Azure • Our approach (Avaelgo) Objectives
(The mirage of) Digital Transformation
• A recent survey found that Digital Transformation (DT) is the #1 concern in 2019 for directors, CEOs and senior executives (WSJ) • Yet, nearly 70% of all DT initiatives do not reach their goals – in 2018, out of $1.3 trillion spent, $900 billion went to waste (Forbes) • Most digital technologies provide possibilities for efficiency gains • If people lack the right mindset to change and if current organizational practices are flawed, DT will only magnify those flaws The pitfalls of Digital Transformation https://blogs.wsj.com/riskandcompliance/2018/12/05/businesses-predict-digital-transformation-to-be-biggest-risk-factors-in-2019/ https://www.forbes.com/sites/forbestechcouncil/2018/03/13/why-digital-transformations-fail-closing-the-900-billion-hole-in-enterprise-strategy/#4f74e9207b8b Failed 69% Successful 31% Digital Transformation initiatives (2018)
• Figure out your business strategy before you invest in anything • Figure out what’s important – speed, innovation, digitalization, production lead times, increased time-to-market, improved use of data, enhanced supply chain, etc. • Leverage insiders • Don’t just rely on outside consultants, use staff with intimate knowledge about what works and what doesn’t • Design customer experience from the outside in • Ask your customer for feedback, have them describe your strengths and weaknesses • Recognize employees’ fear of being replaced • People may unconsciously resist change if they feel their job is at stake • Learn from the start-up culture • Agile decision making, rapid prototyping, flat structures, fail fast What is there to do?
Open LDAP New PCs bought ad-hoc PCs refreshed when dead Employees using personal mobile devices IT purchasing decisions made “on the spot” What does today look like for you? “Good enough” platforms No technology strategy Legacy back office Fragmented end-point solutions
Increasingly complex demands Multiple tech products Tougher competitive environment Custom solutions required for interoperability Cross-platform device management requirements Race to the bottom pricing impacts deal profitability Multiple technology vendors servicing single client Greater effort to maintain customer base Increased implementation and management complexity Difficulty differentiating brand Increased security exposure Need to source best of breed solutions What does today look like for you?
So, why the Cloud?
Cloud migration will continue to grow C o m p a n i e s a r e a l r e a d y i n t h e C l o u d
• Cost control: Utility services cost less even though they cost more • Higher cost per unit time than leasing or upfront purchase • Zero cost when not used • Efficiency & scalability: on-demand is better than prediction • Forecasting is estimative, often wrong, sometimes impossible • Better to be able to scale up or down “immediately” depending on demand • Workloads: address odd workload patterns • On-and-off, growing fast, unpredictable bursting, predictable bursting • Innovation: access to technology not available on-premises • Making use of some Cloud-native solutions (e.g. AI, ML, DBs, storage) • Consolidating platforms, technologies, expertise • Starting up: new company, startup, spinoff, new market, etc. • Security & compliance: GDPR, data protection, data classification, etc. Why the Cloud? (examples)
• Identity & Data • Data Classification & Labeling, Data Protection • Monitoring & Response • Geography • Multi-geo deployments & GDPR • Latency • Financials • OPEX vs CAPEX • Understand PAYG vs CSP vs EA vs MCA • Understand constants and variables in Cloud consumption • Apply relevant tools for cost visualization, control and budgeting • Governance • Cloud subscriptions will get very messy very quickly without proper governance • Locks, Groups, Tags, Policies, Auditing & Monitoring – it all has little value unless properly understood and employed • Process • This is not a walk in the park, it’s a lengthy and rather complex project Common Cloud challenges
The Cloud migration journey
Types of Migrations (The R’s of Migration) Rehost: i.e. redeploy applications to a different (newer) hardware environment. Rehosting an application without making changes to its architecture can provide a fast cloud migration solution. Revise: i.e. modify or extend the existing code base to support modernization requirements, then use rehost or refactor options to deploy to cloud. Rebuild: i.e. rearchitect the solution. Discard code of existing application/solution and leverage newer and innovative cloud services (like PaaS). Replace: i.e. discard an existing application (or set of applications) and use commercial software delivered as a service (SaaS) Refactor: i.e. run applications on a cloud provider’s infrastructure. Applications/workloads may need to be modified slightly to run on the cloud provider’s platform. Retire/Retain: i.e. discard completely or do not move. Some applications may not be used by anyone or others may be simply impossible to move!
Responsibility zones in the Cloud E x a m p l e Data classification, governance, accountability & rights management Client endpoint protection Account access & management Identity & directory infrastructure Application-level controls Network controls Virtual OS controls Physical hosts Physical network Physical datacenter PaaSIaaS SaaS On- prem Always retained by customer Varies by service type Transfers to Cloud Provider
Migration triggers
• Is the app modern or legacy? • Topology • Transient faults • Latency, performance • Security and compliance • Maintainability • DevOps • Degree of technology lock-in • Multi-tenancy • Cloud perception • New features, possible only in the Cloud • Application architecture guidance PaaS migrations are even more fun ☺
The Security & Compliance talk
Understanding cloud security controls W h a t d o e s t h e C l o u d d o f o r m e ? W h a t d o I s t i l l n e e d t o d o ? On-premises IaaS PaaS SaaS 1. Security Strategy, Governance, and Operationalization: Provide clear vision, standards and guidance for the company 2. Administrative Control: Defend against loss of control of your Cloud services and on-premises systems 3. Data: Identify and protect your most important information assets 4. User Identity and Device Security: Strengthen protection for accounts and devices 5. Application Security: Ensure application code is resilient to attacks 6. Network: Ensure connectivity, isolation, and visibility into anomalous attacks 7. OS and Middleware: Protect integrity of (virtual) hosts 8. On-prem / private environments: Secure the foundation
• Governance, risk management & compliance (GRC) are three facets that help to ensure that an organization meets its objectives • Goals: • Keeping risk at acceptable levels • Maintaining availability to systems and services • Complying with relevant laws and regulations • Protecting customer and internal data GRC – are you doing it today? G o v e r n a n c e , R i s k m a n a g e m e n t & C o m p l i a n c e
• Regulatory compliance (e.g. PCI-DSS, HIPAA, CDSA, MPAA, etc.) • Data governance (e.g. DLP, encrypting PII, geo location, etc.) • Financial governance (e.g. CAPEX vs OPEX, prediction, cost centers, etc.) • Change management (e.g. DevOps, user & organization readiness, etc.) • ITIL, COBIT & the Cloud • Strategy, Design, Transition, Operation & Improvement • Ensure clear ownership & responsibilities • Better manage IT investments • Identify & handle IT risk GRC – items in focus G o v e r n a n c e , R i s k m a n a g e m e n t & C o m p l i a n c e
Traditional approach needs rethinking Development IT Governance Speed Control
Built-in Cloud-native governance Speed Control Example: Azure Governance Development Cloud Custodian Templates Policies RBAC Blueprints Management Groups Cost Management Resource Graph
Sacrifice Speed for Control Traditional approach Developers Operations Cloud Custodian / Engineers responsible for Cloud environment
Speed and Control Cloud-native governance Developers Built-in controls through policy instead of workflow Operations Cloud Custodian Team
• 3rd and 4th party risk • Customers: responsible for implementing security in the cloud application • SaaS providers: responsible for the security in the cloud • Cloud service providers: responsible for the security of the cloud • Analyze costs and benefits of Cloud migration • Operational consistency • Information visibility • Advanced threats Cloud security & compliance challenges
• Understanding your business challenge • Data-centric threat defense • Proactive risk management • Continuous security & compliance • Resolving your business challenge • Secure the Data, not the Cloud • Manage risk proactively, including doing an initial assessment • Implement foundational security, with compliance as a by-product Building a Cloud-ready Security strategy
Microsoft Azure C l o u d S e c u r i t y & C o m p l i a n c e e x a m p l e
Example: Azure Compliance offering S o u r c e : h t t p s : / / a z u r e . m i c r o s o f t . c o m / e n - u s / o v e r v i e w / t r u s t e d - c l o u d / c o m p l i a n c e / HIPAA / HITECH Act FERPA GxP 21 CFR Part 11 Singapore MTCS UK G-Cloud Australia IRAP/CCSL FISC Japan New Zealand GCIO China GB 18030 EU Model Clauses ENISA IAF Argentina PDPA Japan CS Mark Gold CDSA Shared Assessments Japan My Number Act FACT UK GLBA Spain ENS PCI DSS Level 1 MARS-E FFIEC China TRUCS Canada Privacy Laws MPAA Privacy Shield India MeitY Germany IT Grundschutz workbook Spain DPA HITRUST IG Toolkit UK China DJCP ITAR Section 508 VPAT SP 800-171 FIPS 140-2 High JAB P-ATO CJIS DoD DISA SRG Level 2 DoD DISA SRG Level 4 IRS 1075 DoD DISA SRG Level 5 Moderate JAB P-ATO GLOBALUSGOVINDUSTRYREGIONAL ISO 27001 SOC 1 Type 2ISO 27018 CSA STAR Self-AssessmentISO 27017 SOC 2 Type 2 SOC 3ISO 22301 CSA STAR Certification CSA STAR AttestationISO 9001
Physical Datacenter Security M i c r o s o f t A z u r e Two-factor authentication with biometrics Employee & contractor vetting Metal detectors Video coverage rack front & back Inability to identify location of specific customer data Secure destruction bins Ongoing roaming patrols Video coverage Ongoing roaming patrols Front entrance gate 1 defined access point Video coverage Perimeter fencing Two-factor authentication with biometrics Video coverage No building signage 24x7x365 security operations Verified single person entry Ongoing roaming patrols Background check System check Access approval Perimeter Building Server environment
• Data & network segregation • Custom-built security hardware • Integrated security attestation • Endpoint restrictions • DDoS mitigation • Wargame exercises • Continuous monitoring • No standing access to production servers • Incident response team Infrastructure Security M i c r o s o f t A z u r e
• Virtual network isolation • Network Security Groups • User-Defined Routing • VPN configuration • Web Application Firewall • Network Firewall • DDoS Protection • ExpressRoute Network Security M i c r o s o f t A z u r e
• Single sign-on (AAD Connect) • Azure RBAC & conditional access policies • Multi-Factor Authentication • Privileged Identity Management • Azure Identity Protection • Storage Service & Disk Encryption • SQL TDE/Always Encrypted • Key management system (Key Vault) • Workload Protection (application whitelisting, JiT access) • Azure Sentinel (SIEM) Data Security M i c r o s o f t A z u r e
Securing Privileged Access Office 365 Security Rapid Cyberattacks (Wannacrypt/Petya) https://aka.ms/MCRA Video Recording Strategies Office 365 Dynamics 365 +Monitor Azure Sentinel – Cloud Native SIEM and SOAR (Preview) SQL Encryption & Data Masking Data Loss Protection Data Governance eDiscovery
Securing Privileged Access Office 365 Security Rapid Cyberattacks (Wannacrypt/Petya) https://aka.ms/MCRA Video Recording Strategies Office 365 Dynamics 365 +Monitor Azure Sentinel – Cloud Native SIEM and SOAR (Preview) SQL Encryption & Data Masking Data Loss Protection Data Governance eDiscovery
So, how do we do it? C a s e s t u d y : A v a e l g o
Cloud Optimize • Proactive Support • Governance & Security • Budgeting & Cost Control • Monitoring & Alerts • DevOps & Automation • Usage Optimizations • Best Practices Cloud Support • Operational Baseline • 24/7 SLA-based Support • Root-Cause Analysis • Critical Issue Escalation • Config Management • Business Continuity • Disaster Recovery Cloud Empower • Power Platform Apps o PowerApps & Flow o PowerBI • Avaelgo Pre-built Apps • Technology Onboarding • Custom Software Dev o Cloud-ready o AI & ML Envision, Readiness & Cloud Onboarding Example: Avaelgo 365 A v a e l g o C l o u d M a n a g e d S e r v i c e s F r a m e w o r k Peace of Mind as-a-Service Growth & Innovation Cloud Migrate • Rehost (Lift & Shift) • Refactor (PaaS) • Revise (Re-architect) • Rebuild (Cloud-native) • Replace (SaaS) • CI & CD (DevOps) Cloud Strategy • Incubation Workshop • Learn-Try-Adopt o Hands-on training o Implementing POCs • Define Cloud Strategy o Planning & Roadmap Ongoing Advisory & Training Designed for:
Wrapping up
• So, we’ve (briefly) discussed: • Why, when and how to move to the Cloud? • Cloud migration, security & governance concerns • Example: Microsoft Azure • Case-study: Avaelgo • First steps: • Ensure you have a clear Cloud Strategy (including Security & Governance) • Discover what you’ve got and where you’re starting from • Don’t forget, you’re mostly just extending your practices to the Cloud • Consider the details – identity, geography, financials, monitoring, operations Summary
Q & A
PEACE OF MIND AS-A-SERVICE CLOUD STRATEGY | MANAGED SERVICES | IT SECURITY | TRAINING

Recommended

Digital Transformation in the Cloud: What They Don’t Always Tell You [2020]
Digital Transformation in the Cloud: What They Don’t Always Tell You [2020]Digital Transformation in the Cloud: What They Don’t Always Tell You [2020]
Digital Transformation in the Cloud: What They Don’t Always Tell You [2020]
Tudor Damian
 
Make A Stress Free Move To The Cloud: Application Modernization and Managemen...
Make A Stress Free Move To The Cloud: Application Modernization and Managemen...Make A Stress Free Move To The Cloud: Application Modernization and Managemen...
Make A Stress Free Move To The Cloud: Application Modernization and Managemen...
Dell World
 
The Keys To A Successful Identity And Access Management Program: How Does You...
The Keys To A Successful Identity And Access Management Program: How Does You...The Keys To A Successful Identity And Access Management Program: How Does You...
The Keys To A Successful Identity And Access Management Program: How Does You...
Dell World
 
December 2014 Webinar - Planning Your 2015 Cloud Strategy
December 2014 Webinar - Planning Your 2015 Cloud StrategyDecember 2014 Webinar - Planning Your 2015 Cloud Strategy
December 2014 Webinar - Planning Your 2015 Cloud Strategy
RapidScale
 
Cloud: To Build or Buy - Can You Justify On-Premises IT?
Cloud: To Build or Buy - Can You Justify On-Premises IT?Cloud: To Build or Buy - Can You Justify On-Premises IT?
Cloud: To Build or Buy - Can You Justify On-Premises IT?
Dell World
 
Extensibility: The Key To Managing Your Entire Cloud Portfolio
Extensibility: The Key To Managing Your Entire Cloud PortfolioExtensibility: The Key To Managing Your Entire Cloud Portfolio
Extensibility: The Key To Managing Your Entire Cloud Portfolio
Dell World
 
Data Movement, Management and Governance In The Cloud: DocuSign Case Study
Data Movement, Management and Governance In The Cloud: DocuSign Case StudyData Movement, Management and Governance In The Cloud: DocuSign Case Study
Data Movement, Management and Governance In The Cloud: DocuSign Case Study
Dell World
 
Prescriptive Cloud Services for the Future Ready Enterprise
Prescriptive Cloud Services for the Future Ready EnterprisePrescriptive Cloud Services for the Future Ready Enterprise
Prescriptive Cloud Services for the Future Ready Enterprise
Dell World
 

Recommended

Digital Transformation in the Cloud: What They Don’t Always Tell You [2020]
Digital Transformation in the Cloud: What They Don’t Always Tell You [2020]Digital Transformation in the Cloud: What They Don’t Always Tell You [2020]
Digital Transformation in the Cloud: What They Don’t Always Tell You [2020]
Tudor Damian
 
Make A Stress Free Move To The Cloud: Application Modernization and Managemen...
Make A Stress Free Move To The Cloud: Application Modernization and Managemen...Make A Stress Free Move To The Cloud: Application Modernization and Managemen...
Make A Stress Free Move To The Cloud: Application Modernization and Managemen...
Dell World
 
The Keys To A Successful Identity And Access Management Program: How Does You...
The Keys To A Successful Identity And Access Management Program: How Does You...The Keys To A Successful Identity And Access Management Program: How Does You...
The Keys To A Successful Identity And Access Management Program: How Does You...
Dell World
 
December 2014 Webinar - Planning Your 2015 Cloud Strategy
December 2014 Webinar - Planning Your 2015 Cloud StrategyDecember 2014 Webinar - Planning Your 2015 Cloud Strategy
December 2014 Webinar - Planning Your 2015 Cloud Strategy
RapidScale
 
Cloud: To Build or Buy - Can You Justify On-Premises IT?
Cloud: To Build or Buy - Can You Justify On-Premises IT?Cloud: To Build or Buy - Can You Justify On-Premises IT?
Cloud: To Build or Buy - Can You Justify On-Premises IT?
Dell World
 
Extensibility: The Key To Managing Your Entire Cloud Portfolio
Extensibility: The Key To Managing Your Entire Cloud PortfolioExtensibility: The Key To Managing Your Entire Cloud Portfolio
Extensibility: The Key To Managing Your Entire Cloud Portfolio
Dell World
 
Data Movement, Management and Governance In The Cloud: DocuSign Case Study
Data Movement, Management and Governance In The Cloud: DocuSign Case StudyData Movement, Management and Governance In The Cloud: DocuSign Case Study
Data Movement, Management and Governance In The Cloud: DocuSign Case Study
Dell World
 
Prescriptive Cloud Services for the Future Ready Enterprise
Prescriptive Cloud Services for the Future Ready EnterprisePrescriptive Cloud Services for the Future Ready Enterprise
Prescriptive Cloud Services for the Future Ready Enterprise
Dell World
 
CFO Summit Series - Cloud Computing
CFO Summit Series - Cloud ComputingCFO Summit Series - Cloud Computing
CFO Summit Series - Cloud Computing
TGO Consulting
 
ISACA Cloud Computing Risks
ISACA Cloud Computing RisksISACA Cloud Computing Risks
ISACA Cloud Computing Risks
Marc Vael
 
Cloud Governance Presentation Dreamforce 2012
Cloud Governance Presentation Dreamforce 2012Cloud Governance Presentation Dreamforce 2012
Cloud Governance Presentation Dreamforce 2012
Bluewolf
 
Deploying Unified Communications with Lync on the easiest, most secure platform
Deploying Unified Communications with Lync on the easiest, most secure platformDeploying Unified Communications with Lync on the easiest, most secure platform
Deploying Unified Communications with Lync on the easiest, most secure platform
Dell World
 
Client solutions for the modern workforce
Client solutions for the modern workforceClient solutions for the modern workforce
Client solutions for the modern workforce
Dell World
 
Cloud security: Accelerating cloud adoption
Cloud security: Accelerating cloud adoption Cloud security: Accelerating cloud adoption
Cloud security: Accelerating cloud adoption
Dell World
 
Cloud capability for startups
Cloud capability for startupsCloud capability for startups
Cloud capability for startups
Cloud and analytics Lab
 
Client Security Strategies To Defeat Advanced Threats
Client Security Strategies To Defeat Advanced ThreatsClient Security Strategies To Defeat Advanced Threats
Client Security Strategies To Defeat Advanced Threats
Dell World
 
[Webinar Slides] Work Where Your Content Really Lives: The Ideal Hybrid ECM E...
[Webinar Slides] Work Where Your Content Really Lives: The Ideal Hybrid ECM E...[Webinar Slides] Work Where Your Content Really Lives: The Ideal Hybrid ECM E...
[Webinar Slides] Work Where Your Content Really Lives: The Ideal Hybrid ECM E...
AIIM International
 
110307 cloud security requirements gourley
110307 cloud security requirements gourley110307 cloud security requirements gourley
110307 cloud security requirements gourley
GovCloud Network
 
Adapting to a Hybrid World [Webinar on Demand]
Adapting to a Hybrid World [Webinar on Demand]Adapting to a Hybrid World [Webinar on Demand]
Adapting to a Hybrid World [Webinar on Demand]
ServerCentral
 
Cloud Security Summit - InfoSec World 2014
Cloud Security Summit - InfoSec World 2014Cloud Security Summit - InfoSec World 2014
Cloud Security Summit - InfoSec World 2014
Bill Burns
 
If You Are Not Embedding Analytics Into Your Day To Day Processes, You Are Do...
If You Are Not Embedding Analytics Into Your Day To Day Processes, You Are Do...If You Are Not Embedding Analytics Into Your Day To Day Processes, You Are Do...
If You Are Not Embedding Analytics Into Your Day To Day Processes, You Are Do...
Dell World
 
Future of Making Things
Future of Making ThingsFuture of Making Things
Future of Making Things
JC Davis
 
Cloud Computing Overview
Cloud Computing OverviewCloud Computing Overview
Cloud Computing Overview
Doug Allen
 
Benefits of Transforming to a Hybrid Infrastructure - HPE
Benefits of Transforming to a Hybrid Infrastructure - HPEBenefits of Transforming to a Hybrid Infrastructure - HPE
Benefits of Transforming to a Hybrid Infrastructure - HPE
MarcoTechnologies
 
Empowering the evolving workforce with virtual workspaces
Empowering the evolving workforce with virtual workspacesEmpowering the evolving workforce with virtual workspaces
Empowering the evolving workforce with virtual workspaces
Dell World
 
Executing on the promise of the Internet of Things (IoT)
Executing on the promise of the Internet of Things (IoT)Executing on the promise of the Internet of Things (IoT)
Executing on the promise of the Internet of Things (IoT)
Dell World
 
IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,
Information Security Awareness Group
 
MT50 Data is the new currency: Protect it!
MT50 Data is the new currency: Protect it!MT50 Data is the new currency: Protect it!
MT50 Data is the new currency: Protect it!
Dell EMC World
 
Enterprise Adoption – Patterns for Success with AWS - Business
Enterprise Adoption – Patterns for Success with AWS - BusinessEnterprise Adoption – Patterns for Success with AWS - Business
Enterprise Adoption – Patterns for Success with AWS - Business
Amazon Web Services
 
Enterprise Adoption – Patterns for Success with AWS - Business
Enterprise Adoption – Patterns for Success with AWS - BusinessEnterprise Adoption – Patterns for Success with AWS - Business
Enterprise Adoption – Patterns for Success with AWS - Business
Amazon Web Services
 

More Related Content

What's hot

CFO Summit Series - Cloud Computing
CFO Summit Series - Cloud ComputingCFO Summit Series - Cloud Computing
CFO Summit Series - Cloud Computing
TGO Consulting
 
ISACA Cloud Computing Risks
ISACA Cloud Computing RisksISACA Cloud Computing Risks
ISACA Cloud Computing Risks
Marc Vael
 
Cloud Governance Presentation Dreamforce 2012
Cloud Governance Presentation Dreamforce 2012Cloud Governance Presentation Dreamforce 2012
Cloud Governance Presentation Dreamforce 2012
Bluewolf
 
Deploying Unified Communications with Lync on the easiest, most secure platform
Deploying Unified Communications with Lync on the easiest, most secure platformDeploying Unified Communications with Lync on the easiest, most secure platform
Deploying Unified Communications with Lync on the easiest, most secure platform
Dell World
 
Client solutions for the modern workforce
Client solutions for the modern workforceClient solutions for the modern workforce
Client solutions for the modern workforce
Dell World
 
Cloud security: Accelerating cloud adoption
Cloud security: Accelerating cloud adoption Cloud security: Accelerating cloud adoption
Cloud security: Accelerating cloud adoption
Dell World
 
Cloud capability for startups
Cloud capability for startupsCloud capability for startups
Cloud capability for startups
Cloud and analytics Lab
 
Client Security Strategies To Defeat Advanced Threats
Client Security Strategies To Defeat Advanced ThreatsClient Security Strategies To Defeat Advanced Threats
Client Security Strategies To Defeat Advanced Threats
Dell World
 
[Webinar Slides] Work Where Your Content Really Lives: The Ideal Hybrid ECM E...
[Webinar Slides] Work Where Your Content Really Lives: The Ideal Hybrid ECM E...[Webinar Slides] Work Where Your Content Really Lives: The Ideal Hybrid ECM E...
[Webinar Slides] Work Where Your Content Really Lives: The Ideal Hybrid ECM E...
AIIM International
 
110307 cloud security requirements gourley
110307 cloud security requirements gourley110307 cloud security requirements gourley
110307 cloud security requirements gourley
GovCloud Network
 
Adapting to a Hybrid World [Webinar on Demand]
Adapting to a Hybrid World [Webinar on Demand]Adapting to a Hybrid World [Webinar on Demand]
Adapting to a Hybrid World [Webinar on Demand]
ServerCentral
 
Cloud Security Summit - InfoSec World 2014
Cloud Security Summit - InfoSec World 2014Cloud Security Summit - InfoSec World 2014
Cloud Security Summit - InfoSec World 2014
Bill Burns
 
If You Are Not Embedding Analytics Into Your Day To Day Processes, You Are Do...
If You Are Not Embedding Analytics Into Your Day To Day Processes, You Are Do...If You Are Not Embedding Analytics Into Your Day To Day Processes, You Are Do...
If You Are Not Embedding Analytics Into Your Day To Day Processes, You Are Do...
Dell World
 
Future of Making Things
Future of Making ThingsFuture of Making Things
Future of Making Things
JC Davis
 
Cloud Computing Overview
Cloud Computing OverviewCloud Computing Overview
Cloud Computing Overview
Doug Allen
 
Benefits of Transforming to a Hybrid Infrastructure - HPE
Benefits of Transforming to a Hybrid Infrastructure - HPEBenefits of Transforming to a Hybrid Infrastructure - HPE
Benefits of Transforming to a Hybrid Infrastructure - HPE
MarcoTechnologies
 
Empowering the evolving workforce with virtual workspaces
Empowering the evolving workforce with virtual workspacesEmpowering the evolving workforce with virtual workspaces
Empowering the evolving workforce with virtual workspaces
Dell World
 
Executing on the promise of the Internet of Things (IoT)
Executing on the promise of the Internet of Things (IoT)Executing on the promise of the Internet of Things (IoT)
Executing on the promise of the Internet of Things (IoT)
Dell World
 
IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,
Information Security Awareness Group
 
MT50 Data is the new currency: Protect it!
MT50 Data is the new currency: Protect it!MT50 Data is the new currency: Protect it!
MT50 Data is the new currency: Protect it!
Dell EMC World
 

What's hot (20)

CFO Summit Series - Cloud Computing
CFO Summit Series - Cloud ComputingCFO Summit Series - Cloud Computing
CFO Summit Series - Cloud Computing
 
ISACA Cloud Computing Risks
ISACA Cloud Computing RisksISACA Cloud Computing Risks
ISACA Cloud Computing Risks
 
Cloud Governance Presentation Dreamforce 2012
Cloud Governance Presentation Dreamforce 2012Cloud Governance Presentation Dreamforce 2012
Cloud Governance Presentation Dreamforce 2012
 
Deploying Unified Communications with Lync on the easiest, most secure platform
Deploying Unified Communications with Lync on the easiest, most secure platformDeploying Unified Communications with Lync on the easiest, most secure platform
Deploying Unified Communications with Lync on the easiest, most secure platform
 
Client solutions for the modern workforce
Client solutions for the modern workforceClient solutions for the modern workforce
Client solutions for the modern workforce
 
Cloud security: Accelerating cloud adoption
Cloud security: Accelerating cloud adoption Cloud security: Accelerating cloud adoption
Cloud security: Accelerating cloud adoption
 
Cloud capability for startups
Cloud capability for startupsCloud capability for startups
Cloud capability for startups
 
Client Security Strategies To Defeat Advanced Threats
Client Security Strategies To Defeat Advanced ThreatsClient Security Strategies To Defeat Advanced Threats
Client Security Strategies To Defeat Advanced Threats
 
[Webinar Slides] Work Where Your Content Really Lives: The Ideal Hybrid ECM E...
[Webinar Slides] Work Where Your Content Really Lives: The Ideal Hybrid ECM E...[Webinar Slides] Work Where Your Content Really Lives: The Ideal Hybrid ECM E...
[Webinar Slides] Work Where Your Content Really Lives: The Ideal Hybrid ECM E...
 
110307 cloud security requirements gourley
110307 cloud security requirements gourley110307 cloud security requirements gourley
110307 cloud security requirements gourley
 
Adapting to a Hybrid World [Webinar on Demand]
Adapting to a Hybrid World [Webinar on Demand]Adapting to a Hybrid World [Webinar on Demand]
Adapting to a Hybrid World [Webinar on Demand]
 
Cloud Security Summit - InfoSec World 2014
Cloud Security Summit - InfoSec World 2014Cloud Security Summit - InfoSec World 2014
Cloud Security Summit - InfoSec World 2014
 
If You Are Not Embedding Analytics Into Your Day To Day Processes, You Are Do...
If You Are Not Embedding Analytics Into Your Day To Day Processes, You Are Do...If You Are Not Embedding Analytics Into Your Day To Day Processes, You Are Do...
If You Are Not Embedding Analytics Into Your Day To Day Processes, You Are Do...
 
Future of Making Things
Future of Making ThingsFuture of Making Things
Future of Making Things
 
Cloud Computing Overview
Cloud Computing OverviewCloud Computing Overview
Cloud Computing Overview
 
Benefits of Transforming to a Hybrid Infrastructure - HPE
Benefits of Transforming to a Hybrid Infrastructure - HPEBenefits of Transforming to a Hybrid Infrastructure - HPE
Benefits of Transforming to a Hybrid Infrastructure - HPE
 
Empowering the evolving workforce with virtual workspaces
Empowering the evolving workforce with virtual workspacesEmpowering the evolving workforce with virtual workspaces
Empowering the evolving workforce with virtual workspaces
 
Executing on the promise of the Internet of Things (IoT)
Executing on the promise of the Internet of Things (IoT)Executing on the promise of the Internet of Things (IoT)
Executing on the promise of the Internet of Things (IoT)
 
IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,
 
MT50 Data is the new currency: Protect it!
MT50 Data is the new currency: Protect it!MT50 Data is the new currency: Protect it!
MT50 Data is the new currency: Protect it!
 

Similar to Security & Compliance in the Cloud [2019]

Enterprise Adoption – Patterns for Success with AWS - Business
Enterprise Adoption – Patterns for Success with AWS - BusinessEnterprise Adoption – Patterns for Success with AWS - Business
Enterprise Adoption – Patterns for Success with AWS - Business
Amazon Web Services
 
Enterprise Adoption – Patterns for Success with AWS - Business
Enterprise Adoption – Patterns for Success with AWS - BusinessEnterprise Adoption – Patterns for Success with AWS - Business
Enterprise Adoption – Patterns for Success with AWS - Business
Amazon Web Services
 
The Benefits and Coverage of CloudMASTER Cloud Computing Classes
The Benefits and Coverage of CloudMASTER Cloud Computing ClassesThe Benefits and Coverage of CloudMASTER Cloud Computing Classes
The Benefits and Coverage of CloudMASTER Cloud Computing Classes
Carver Technology Consulting LLC
 
Evaluating the Cloud
Evaluating the CloudEvaluating the Cloud
Evaluating the Cloud
SociusPartner
 
The most trusted, proven enterprise-class Cloud:Closer than you think
The most trusted, proven enterprise-class Cloud:Closer than you think The most trusted, proven enterprise-class Cloud:Closer than you think
The most trusted, proven enterprise-class Cloud:Closer than you think
Uni Systems S.M.S.A.
 
Moving your IT to the Cloud with an Enterprise Cloud Strategy
Moving your IT to the Cloud with an Enterprise Cloud StrategyMoving your IT to the Cloud with an Enterprise Cloud Strategy
Moving your IT to the Cloud with an Enterprise Cloud Strategy
mstockwell
 
How to develop a multi cloud strategy to accelerate digital transformation - ...
How to develop a multi cloud strategy to accelerate digital transformation - ...How to develop a multi cloud strategy to accelerate digital transformation - ...
How to develop a multi cloud strategy to accelerate digital transformation - ...
Senaka Ariyasinghe
 
The Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA IDThe Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA ID
Eryk Budi Pratama
 
Cyber Security in The Cloud
Cyber Security in The CloudCyber Security in The Cloud
Cyber Security in The Cloud
PECB
 
tero-peltola-serverlessMeetup-10.11.2022.ppt
tero-peltola-serverlessMeetup-10.11.2022.ppttero-peltola-serverlessMeetup-10.11.2022.ppt
tero-peltola-serverlessMeetup-10.11.2022.ppt
Tero Peltola
 
Cloud migration
Cloud migrationCloud migration
Cloud migration
ChahalDhilraj
 
Cloud Computing and Data Governance
Cloud Computing and Data GovernanceCloud Computing and Data Governance
Cloud Computing and Data GovernanceTrillium Software
 
Top Trends and Challenges in the Cloud
Top Trends and Challenges in the CloudTop Trends and Challenges in the Cloud
Top Trends and Challenges in the Cloud
Precisely
 
Marlabs Capabilities Overview: Digital Asset Management (DAM)
Marlabs Capabilities Overview: Digital Asset Management (DAM)Marlabs Capabilities Overview: Digital Asset Management (DAM)
Marlabs Capabilities Overview: Digital Asset Management (DAM)
Marlabs
 
Understanding The Cloud For Enterprise Businesses.
Understanding The Cloud For Enterprise Businesses. Understanding The Cloud For Enterprise Businesses.
Understanding The Cloud For Enterprise Businesses.
Triaxil
 
Understanding The Cloud For Enterprise Businesses, an eBook from Triaxil!
Understanding The Cloud For Enterprise Businesses, an eBook from Triaxil!Understanding The Cloud For Enterprise Businesses, an eBook from Triaxil!
Understanding The Cloud For Enterprise Businesses, an eBook from Triaxil!
Ezhilarasan Natarajan
 
Get ahead of the cloud or get left behind
Get ahead of the cloud or get left behindGet ahead of the cloud or get left behind
Get ahead of the cloud or get left behind
Matt Mandich
 
RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...
RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...
RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...
RightScale
 
Webinar compiled powerpoint
Webinar compiled powerpointWebinar compiled powerpoint
Webinar compiled powerpoint
CloudPassage
 

Similar to Security & Compliance in the Cloud [2019] (20)

Enterprise Adoption – Patterns for Success with AWS - Business
Enterprise Adoption – Patterns for Success with AWS - BusinessEnterprise Adoption – Patterns for Success with AWS - Business
Enterprise Adoption – Patterns for Success with AWS - Business
 
Enterprise Adoption – Patterns for Success with AWS - Business
Enterprise Adoption – Patterns for Success with AWS - BusinessEnterprise Adoption – Patterns for Success with AWS - Business
Enterprise Adoption – Patterns for Success with AWS - Business
 
The Benefits and Coverage of CloudMASTER Cloud Computing Classes
The Benefits and Coverage of CloudMASTER Cloud Computing ClassesThe Benefits and Coverage of CloudMASTER Cloud Computing Classes
The Benefits and Coverage of CloudMASTER Cloud Computing Classes
 
Evaluating the Cloud
Evaluating the CloudEvaluating the Cloud
Evaluating the Cloud
 
The most trusted, proven enterprise-class Cloud:Closer than you think
The most trusted, proven enterprise-class Cloud:Closer than you think The most trusted, proven enterprise-class Cloud:Closer than you think
The most trusted, proven enterprise-class Cloud:Closer than you think
 
Moving your IT to the Cloud with an Enterprise Cloud Strategy
Moving your IT to the Cloud with an Enterprise Cloud StrategyMoving your IT to the Cloud with an Enterprise Cloud Strategy
Moving your IT to the Cloud with an Enterprise Cloud Strategy
 
AWS Services 7 Transformation Media
AWS Services 7 Transformation MediaAWS Services 7 Transformation Media
AWS Services 7 Transformation Media
 
How to develop a multi cloud strategy to accelerate digital transformation - ...
How to develop a multi cloud strategy to accelerate digital transformation - ...How to develop a multi cloud strategy to accelerate digital transformation - ...
How to develop a multi cloud strategy to accelerate digital transformation - ...
 
The Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA IDThe Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA ID
 
Cyber Security in The Cloud
Cyber Security in The CloudCyber Security in The Cloud
Cyber Security in The Cloud
 
tero-peltola-serverlessMeetup-10.11.2022.ppt
tero-peltola-serverlessMeetup-10.11.2022.ppttero-peltola-serverlessMeetup-10.11.2022.ppt
tero-peltola-serverlessMeetup-10.11.2022.ppt
 
Cloud migration
Cloud migrationCloud migration
Cloud migration
 
Cloud Computing and Data Governance
Cloud Computing and Data GovernanceCloud Computing and Data Governance
Cloud Computing and Data Governance
 
Top Trends and Challenges in the Cloud
Top Trends and Challenges in the CloudTop Trends and Challenges in the Cloud
Top Trends and Challenges in the Cloud
 
Marlabs Capabilities Overview: Digital Asset Management (DAM)
Marlabs Capabilities Overview: Digital Asset Management (DAM)Marlabs Capabilities Overview: Digital Asset Management (DAM)
Marlabs Capabilities Overview: Digital Asset Management (DAM)
 
Understanding The Cloud For Enterprise Businesses.
Understanding The Cloud For Enterprise Businesses. Understanding The Cloud For Enterprise Businesses.
Understanding The Cloud For Enterprise Businesses.
 
Understanding The Cloud For Enterprise Businesses, an eBook from Triaxil!
Understanding The Cloud For Enterprise Businesses, an eBook from Triaxil!Understanding The Cloud For Enterprise Businesses, an eBook from Triaxil!
Understanding The Cloud For Enterprise Businesses, an eBook from Triaxil!
 
Get ahead of the cloud or get left behind
Get ahead of the cloud or get left behindGet ahead of the cloud or get left behind
Get ahead of the cloud or get left behind
 
RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...
RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...
RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...
 
Webinar compiled powerpoint
Webinar compiled powerpointWebinar compiled powerpoint
Webinar compiled powerpoint
 

More from Tudor Damian

Modern cybersecurity threats, and shiny new tools to help deal with them
Modern cybersecurity threats, and shiny new tools to help deal with themModern cybersecurity threats, and shiny new tools to help deal with them
Modern cybersecurity threats, and shiny new tools to help deal with them
Tudor Damian
 
The state of web applications (in)security @ ITDays 2016
The state of web applications (in)security @ ITDays 2016The state of web applications (in)security @ ITDays 2016
The state of web applications (in)security @ ITDays 2016
Tudor Damian
 
Microsoft Azure Stack
Microsoft Azure StackMicrosoft Azure Stack
Microsoft Azure Stack
Tudor Damian
 
2016, A new era of OS and Cloud Security
2016, A new era of OS and Cloud Security2016, A new era of OS and Cloud Security
2016, A new era of OS and Cloud Security
Tudor Damian
 
IT Risk Management
IT Risk ManagementIT Risk Management
IT Risk Management
Tudor Damian
 
IDS Evasion Techniques
IDS Evasion TechniquesIDS Evasion Techniques
IDS Evasion Techniques
Tudor Damian
 
Social Engineering, or hacking people
Social Engineering, or hacking peopleSocial Engineering, or hacking people
Social Engineering, or hacking people
Tudor Damian
 
Azure Site Recovery and System Center
Azure Site Recovery and System Center Azure Site Recovery and System Center
Azure Site Recovery and System Center
Tudor Damian
 
Upgrading your Private Cloud to Windows Server 2012 R2
Upgrading your Private Cloud to Windows Server 2012 R2Upgrading your Private Cloud to Windows Server 2012 R2
Upgrading your Private Cloud to Windows Server 2012 R2
Tudor Damian
 
What's new in Hyper-V 2012 R2
What's new in Hyper-V 2012 R2What's new in Hyper-V 2012 R2
What's new in Hyper-V 2012 R2
Tudor Damian
 
Comparing MS Cloud with VMware Cloud
Comparing MS Cloud with VMware CloudComparing MS Cloud with VMware Cloud
Comparing MS Cloud with VMware Cloud
Tudor Damian
 
What's new in Windows 8
What's new in Windows 8What's new in Windows 8
What's new in Windows 8
Tudor Damian
 
Linux on Hyper-V
Linux on Hyper-VLinux on Hyper-V
Linux on Hyper-V
Tudor Damian
 
Private cloud, the Good, the Bad and the Ugly
Private cloud, the Good, the Bad and the UglyPrivate cloud, the Good, the Bad and the Ugly
Private cloud, the Good, the Bad and the Ugly
Tudor Damian
 
Hyper-V 3.0 Overview
Hyper-V 3.0 OverviewHyper-V 3.0 Overview
Hyper-V 3.0 OverviewTudor Damian
 
BOI 2011 - Be what's next
BOI 2011 - Be what's nextBOI 2011 - Be what's next
BOI 2011 - Be what's next
Tudor Damian
 
Hosting your virtual private cloud
Hosting your virtual private cloudHosting your virtual private cloud
Hosting your virtual private cloud
Tudor Damian
 
Linux sub Hyper-V R2
Linux sub Hyper-V R2Linux sub Hyper-V R2
Linux sub Hyper-V R2
Tudor Damian
 
White Hat Hacking #3
White Hat Hacking #3White Hat Hacking #3
White Hat Hacking #3
Tudor Damian
 
White Hat Hacking #1
White Hat Hacking #1White Hat Hacking #1
White Hat Hacking #1
Tudor Damian
 

More from Tudor Damian (20)

Modern cybersecurity threats, and shiny new tools to help deal with them
Modern cybersecurity threats, and shiny new tools to help deal with themModern cybersecurity threats, and shiny new tools to help deal with them
Modern cybersecurity threats, and shiny new tools to help deal with them
 
The state of web applications (in)security @ ITDays 2016
The state of web applications (in)security @ ITDays 2016The state of web applications (in)security @ ITDays 2016
The state of web applications (in)security @ ITDays 2016
 
Microsoft Azure Stack
Microsoft Azure StackMicrosoft Azure Stack
Microsoft Azure Stack
 
2016, A new era of OS and Cloud Security
2016, A new era of OS and Cloud Security2016, A new era of OS and Cloud Security
2016, A new era of OS and Cloud Security
 
IT Risk Management
IT Risk ManagementIT Risk Management
IT Risk Management
 
IDS Evasion Techniques
IDS Evasion TechniquesIDS Evasion Techniques
IDS Evasion Techniques
 
Social Engineering, or hacking people
Social Engineering, or hacking peopleSocial Engineering, or hacking people
Social Engineering, or hacking people
 
Azure Site Recovery and System Center
Azure Site Recovery and System Center Azure Site Recovery and System Center
Azure Site Recovery and System Center
 
Upgrading your Private Cloud to Windows Server 2012 R2
Upgrading your Private Cloud to Windows Server 2012 R2Upgrading your Private Cloud to Windows Server 2012 R2
Upgrading your Private Cloud to Windows Server 2012 R2
 
What's new in Hyper-V 2012 R2
What's new in Hyper-V 2012 R2What's new in Hyper-V 2012 R2
What's new in Hyper-V 2012 R2
 
Comparing MS Cloud with VMware Cloud
Comparing MS Cloud with VMware CloudComparing MS Cloud with VMware Cloud
Comparing MS Cloud with VMware Cloud
 
What's new in Windows 8
What's new in Windows 8What's new in Windows 8
What's new in Windows 8
 
Linux on Hyper-V
Linux on Hyper-VLinux on Hyper-V
Linux on Hyper-V
 
Private cloud, the Good, the Bad and the Ugly
Private cloud, the Good, the Bad and the UglyPrivate cloud, the Good, the Bad and the Ugly
Private cloud, the Good, the Bad and the Ugly
 
Hyper-V 3.0 Overview
Hyper-V 3.0 OverviewHyper-V 3.0 Overview
Hyper-V 3.0 Overview
 
BOI 2011 - Be what's next
BOI 2011 - Be what's nextBOI 2011 - Be what's next
BOI 2011 - Be what's next
 
Hosting your virtual private cloud
Hosting your virtual private cloudHosting your virtual private cloud
Hosting your virtual private cloud
 
Linux sub Hyper-V R2
Linux sub Hyper-V R2Linux sub Hyper-V R2
Linux sub Hyper-V R2
 
White Hat Hacking #3
White Hat Hacking #3White Hat Hacking #3
White Hat Hacking #3
 
White Hat Hacking #1
White Hat Hacking #1White Hat Hacking #1
White Hat Hacking #1
 

Recently uploaded

Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
UiPathCommunity
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Product School
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
Thijs Feryn
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
Product School
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
Alison B. Lowndes
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
DianaGray10
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
OnBoard
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Ramesh Iyer
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
Paul Groth
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Thierry Lestable
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
Cheryl Hung
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
RTTS
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 

Recently uploaded (20)

Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
 

Security & Compliance in the Cloud [2019]

  • 1. Security & Compliance in the Cloud DefCamp 2019 Bucharest, November 7th, 2019
  • 2. • Managing Partner & CIO @ Avaelgo • Offering Peace of Mind as-a-Service • IT Advisory, Cloud Strategy, Managed Services, IT Security, Training • Co-founder @ ITCamp & ITCamp Community • Cloud and Datacenter Management MVP (Microsoft) • Certified Ethical Hacker (EC-Council) • Certified Security Professional (CQURE) • Contact: tudor.damian@avaelgo.ro / tudy.tel Tudor Damian
  • 3. • Why the Cloud? • Digital Transformation & Current Cloud adoption trends • How to get there? • Defining a strategy to move to the Cloud • I’m there, now what? • Security & Compliance in the Cloud • What’s next? • Key takeaways & next steps • Case Study: • Example: Microsoft Azure • Our approach (Avaelgo) Objectives
  • 4. (The mirage of) Digital Transformation
  • 5. • A recent survey found that Digital Transformation (DT) is the #1 concern in 2019 for directors, CEOs and senior executives (WSJ) • Yet, nearly 70% of all DT initiatives do not reach their goals – in 2018, out of $1.3 trillion spent, $900 billion went to waste (Forbes) • Most digital technologies provide possibilities for efficiency gains • If people lack the right mindset to change and if current organizational practices are flawed, DT will only magnify those flaws The pitfalls of Digital Transformation https://blogs.wsj.com/riskandcompliance/2018/12/05/businesses-predict-digital-transformation-to-be-biggest-risk-factors-in-2019/ https://www.forbes.com/sites/forbestechcouncil/2018/03/13/why-digital-transformations-fail-closing-the-900-billion-hole-in-enterprise-strategy/#4f74e9207b8b Failed 69% Successful 31% Digital Transformation initiatives (2018)
  • 6. • Figure out your business strategy before you invest in anything • Figure out what’s important – speed, innovation, digitalization, production lead times, increased time-to-market, improved use of data, enhanced supply chain, etc. • Leverage insiders • Don’t just rely on outside consultants, use staff with intimate knowledge about what works and what doesn’t • Design customer experience from the outside in • Ask your customer for feedback, have them describe your strengths and weaknesses • Recognize employees’ fear of being replaced • People may unconsciously resist change if they feel their job is at stake • Learn from the start-up culture • Agile decision making, rapid prototyping, flat structures, fail fast What is there to do?
  • 7. Open LDAP New PCs bought ad-hoc PCs refreshed when dead Employees using personal mobile devices IT purchasing decisions made “on the spot” What does today look like for you? “Good enough” platforms No technology strategy Legacy back office Fragmented end-point solutions
  • 8. Increasingly complex demands Multiple tech products Tougher competitive environment Custom solutions required for interoperability Cross-platform device management requirements Race to the bottom pricing impacts deal profitability Multiple technology vendors servicing single client Greater effort to maintain customer base Increased implementation and management complexity Difficulty differentiating brand Increased security exposure Need to source best of breed solutions What does today look like for you?
  • 9. So, why the Cloud?
  • 10. Cloud migration will continue to grow C o m p a n i e s a r e a l r e a d y i n t h e C l o u d
  • 11. • Cost control: Utility services cost less even though they cost more • Higher cost per unit time than leasing or upfront purchase • Zero cost when not used • Efficiency & scalability: on-demand is better than prediction • Forecasting is estimative, often wrong, sometimes impossible • Better to be able to scale up or down “immediately” depending on demand • Workloads: address odd workload patterns • On-and-off, growing fast, unpredictable bursting, predictable bursting • Innovation: access to technology not available on-premises • Making use of some Cloud-native solutions (e.g. AI, ML, DBs, storage) • Consolidating platforms, technologies, expertise • Starting up: new company, startup, spinoff, new market, etc. • Security & compliance: GDPR, data protection, data classification, etc. Why the Cloud? (examples)
  • 12. • Identity & Data • Data Classification & Labeling, Data Protection • Monitoring & Response • Geography • Multi-geo deployments & GDPR • Latency • Financials • OPEX vs CAPEX • Understand PAYG vs CSP vs EA vs MCA • Understand constants and variables in Cloud consumption • Apply relevant tools for cost visualization, control and budgeting • Governance • Cloud subscriptions will get very messy very quickly without proper governance • Locks, Groups, Tags, Policies, Auditing & Monitoring – it all has little value unless properly understood and employed • Process • This is not a walk in the park, it’s a lengthy and rather complex project Common Cloud challenges
  • 14. Types of Migrations (The R’s of Migration) Rehost: i.e. redeploy applications to a different (newer) hardware environment. Rehosting an application without making changes to its architecture can provide a fast cloud migration solution. Revise: i.e. modify or extend the existing code base to support modernization requirements, then use rehost or refactor options to deploy to cloud. Rebuild: i.e. rearchitect the solution. Discard code of existing application/solution and leverage newer and innovative cloud services (like PaaS). Replace: i.e. discard an existing application (or set of applications) and use commercial software delivered as a service (SaaS) Refactor: i.e. run applications on a cloud provider’s infrastructure. Applications/workloads may need to be modified slightly to run on the cloud provider’s platform. Retire/Retain: i.e. discard completely or do not move. Some applications may not be used by anyone or others may be simply impossible to move!
  • 15. Responsibility zones in the Cloud E x a m p l e Data classification, governance, accountability & rights management Client endpoint protection Account access & management Identity & directory infrastructure Application-level controls Network controls Virtual OS controls Physical hosts Physical network Physical datacenter PaaSIaaS SaaS On- prem Always retained by customer Varies by service type Transfers to Cloud Provider
  • 17. • Is the app modern or legacy? • Topology • Transient faults • Latency, performance • Security and compliance • Maintainability • DevOps • Degree of technology lock-in • Multi-tenancy • Cloud perception • New features, possible only in the Cloud • Application architecture guidance PaaS migrations are even more fun ☺
  • 18. The Security & Compliance talk
  • 19. Understanding cloud security controls W h a t d o e s t h e C l o u d d o f o r m e ? W h a t d o I s t i l l n e e d t o d o ? On-premises IaaS PaaS SaaS 1. Security Strategy, Governance, and Operationalization: Provide clear vision, standards and guidance for the company 2. Administrative Control: Defend against loss of control of your Cloud services and on-premises systems 3. Data: Identify and protect your most important information assets 4. User Identity and Device Security: Strengthen protection for accounts and devices 5. Application Security: Ensure application code is resilient to attacks 6. Network: Ensure connectivity, isolation, and visibility into anomalous attacks 7. OS and Middleware: Protect integrity of (virtual) hosts 8. On-prem / private environments: Secure the foundation
  • 20. • Governance, risk management & compliance (GRC) are three facets that help to ensure that an organization meets its objectives • Goals: • Keeping risk at acceptable levels • Maintaining availability to systems and services • Complying with relevant laws and regulations • Protecting customer and internal data GRC – are you doing it today? G o v e r n a n c e , R i s k m a n a g e m e n t & C o m p l i a n c e
  • 21. • Regulatory compliance (e.g. PCI-DSS, HIPAA, CDSA, MPAA, etc.) • Data governance (e.g. DLP, encrypting PII, geo location, etc.) • Financial governance (e.g. CAPEX vs OPEX, prediction, cost centers, etc.) • Change management (e.g. DevOps, user & organization readiness, etc.) • ITIL, COBIT & the Cloud • Strategy, Design, Transition, Operation & Improvement • Ensure clear ownership & responsibilities • Better manage IT investments • Identify & handle IT risk GRC – items in focus G o v e r n a n c e , R i s k m a n a g e m e n t & C o m p l i a n c e
  • 22. Traditional approach needs rethinking Development IT Governance Speed Control
  • 23. Built-in Cloud-native governance Speed Control Example: Azure Governance Development Cloud Custodian Templates Policies RBAC Blueprints Management Groups Cost Management Resource Graph
  • 24. Sacrifice Speed for Control Traditional approach Developers Operations Cloud Custodian / Engineers responsible for Cloud environment
  • 25. Speed and Control Cloud-native governance Developers Built-in controls through policy instead of workflow Operations Cloud Custodian Team
  • 26. • 3rd and 4th party risk • Customers: responsible for implementing security in the cloud application • SaaS providers: responsible for the security in the cloud • Cloud service providers: responsible for the security of the cloud • Analyze costs and benefits of Cloud migration • Operational consistency • Information visibility • Advanced threats Cloud security & compliance challenges
  • 27. • Understanding your business challenge • Data-centric threat defense • Proactive risk management • Continuous security & compliance • Resolving your business challenge • Secure the Data, not the Cloud • Manage risk proactively, including doing an initial assessment • Implement foundational security, with compliance as a by-product Building a Cloud-ready Security strategy
  • 28. Microsoft Azure C l o u d S e c u r i t y & C o m p l i a n c e e x a m p l e
  • 29. Example: Azure Compliance offering S o u r c e : h t t p s : / / a z u r e . m i c r o s o f t . c o m / e n - u s / o v e r v i e w / t r u s t e d - c l o u d / c o m p l i a n c e / HIPAA / HITECH Act FERPA GxP 21 CFR Part 11 Singapore MTCS UK G-Cloud Australia IRAP/CCSL FISC Japan New Zealand GCIO China GB 18030 EU Model Clauses ENISA IAF Argentina PDPA Japan CS Mark Gold CDSA Shared Assessments Japan My Number Act FACT UK GLBA Spain ENS PCI DSS Level 1 MARS-E FFIEC China TRUCS Canada Privacy Laws MPAA Privacy Shield India MeitY Germany IT Grundschutz workbook Spain DPA HITRUST IG Toolkit UK China DJCP ITAR Section 508 VPAT SP 800-171 FIPS 140-2 High JAB P-ATO CJIS DoD DISA SRG Level 2 DoD DISA SRG Level 4 IRS 1075 DoD DISA SRG Level 5 Moderate JAB P-ATO GLOBALUSGOVINDUSTRYREGIONAL ISO 27001 SOC 1 Type 2ISO 27018 CSA STAR Self-AssessmentISO 27017 SOC 2 Type 2 SOC 3ISO 22301 CSA STAR Certification CSA STAR AttestationISO 9001
  • 30. Physical Datacenter Security M i c r o s o f t A z u r e Two-factor authentication with biometrics Employee & contractor vetting Metal detectors Video coverage rack front & back Inability to identify location of specific customer data Secure destruction bins Ongoing roaming patrols Video coverage Ongoing roaming patrols Front entrance gate 1 defined access point Video coverage Perimeter fencing Two-factor authentication with biometrics Video coverage No building signage 24x7x365 security operations Verified single person entry Ongoing roaming patrols Background check System check Access approval Perimeter Building Server environment
  • 31. • Data & network segregation • Custom-built security hardware • Integrated security attestation • Endpoint restrictions • DDoS mitigation • Wargame exercises • Continuous monitoring • No standing access to production servers • Incident response team Infrastructure Security M i c r o s o f t A z u r e
  • 32. • Virtual network isolation • Network Security Groups • User-Defined Routing • VPN configuration • Web Application Firewall • Network Firewall • DDoS Protection • ExpressRoute Network Security M i c r o s o f t A z u r e
  • 33. • Single sign-on (AAD Connect) • Azure RBAC & conditional access policies • Multi-Factor Authentication • Privileged Identity Management • Azure Identity Protection • Storage Service & Disk Encryption • SQL TDE/Always Encrypted • Key management system (Key Vault) • Workload Protection (application whitelisting, JiT access) • Azure Sentinel (SIEM) Data Security M i c r o s o f t A z u r e
  • 34. Securing Privileged Access Office 365 Security Rapid Cyberattacks (Wannacrypt/Petya) https://aka.ms/MCRA Video Recording Strategies Office 365 Dynamics 365 +Monitor Azure Sentinel – Cloud Native SIEM and SOAR (Preview) SQL Encryption & Data Masking Data Loss Protection Data Governance eDiscovery
  • 35. Securing Privileged Access Office 365 Security Rapid Cyberattacks (Wannacrypt/Petya) https://aka.ms/MCRA Video Recording Strategies Office 365 Dynamics 365 +Monitor Azure Sentinel – Cloud Native SIEM and SOAR (Preview) SQL Encryption & Data Masking Data Loss Protection Data Governance eDiscovery
  • 36. So, how do we do it? C a s e s t u d y : A v a e l g o
  • 37. Cloud Optimize • Proactive Support • Governance & Security • Budgeting & Cost Control • Monitoring & Alerts • DevOps & Automation • Usage Optimizations • Best Practices Cloud Support • Operational Baseline • 24/7 SLA-based Support • Root-Cause Analysis • Critical Issue Escalation • Config Management • Business Continuity • Disaster Recovery Cloud Empower • Power Platform Apps o PowerApps & Flow o PowerBI • Avaelgo Pre-built Apps • Technology Onboarding • Custom Software Dev o Cloud-ready o AI & ML Envision, Readiness & Cloud Onboarding Example: Avaelgo 365 A v a e l g o C l o u d M a n a g e d S e r v i c e s F r a m e w o r k Peace of Mind as-a-Service Growth & Innovation Cloud Migrate • Rehost (Lift & Shift) • Refactor (PaaS) • Revise (Re-architect) • Rebuild (Cloud-native) • Replace (SaaS) • CI & CD (DevOps) Cloud Strategy • Incubation Workshop • Learn-Try-Adopt o Hands-on training o Implementing POCs • Define Cloud Strategy o Planning & Roadmap Ongoing Advisory & Training Designed for:
  • 39. • So, we’ve (briefly) discussed: • Why, when and how to move to the Cloud? • Cloud migration, security & governance concerns • Example: Microsoft Azure • Case-study: Avaelgo • First steps: • Ensure you have a clear Cloud Strategy (including Security & Governance) • Discover what you’ve got and where you’re starting from • Don’t forget, you’re mostly just extending your practices to the Cloud • Consider the details – identity, geography, financials, monitoring, operations Summary
  • 40. Q & A
  • 41. PEACE OF MIND AS-A-SERVICE CLOUD STRATEGY | MANAGED SERVICES | IT SECURITY | TRAINING