SlideShare a Scribd company logo

Cloud Perspectives - Ottawa Seminar - Oct 6

Scalar Decisions
Scalar Decisions

Cloud Perspectives lunch and learn in Ottawa on October 6.

Presentations & Public Speaking
1 of 41
Download to read offline
Cloud  Perspectives Neil  Bunn,  P.Eng.    -­ Chief  Technology  Officer Theo  van  Wyk  – Security  Solution  Architect  Manager October  6th ,  2016
©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Defining  Cloud “Cloud  Computing”  by  the  NIST  Definition  is: Cloud  computing  is  a  model  for  enabling ubiquitous, convenient, on-­demand  network  access   to  a shared  pool of  configurable  computing  resources  (e.g.,  networks,  servers,  storage,   applications,  and  services)  that  can  be rapidly  provisioned and released with  minimal   management  effort  or  service  provider  interaction.  This  cloud  model  is  composed  of  five   essential  characteristics, three  service  models,  and  four  deployment  models. Which  really  means….. 2
©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Pragmatic  View  of  Industry  Change § Cloud  is  just  another  delivery  model,  but  largely  predicated  on: § Automation § Elasticity § Pay-­as-­you-­go  (public  cloud) § Cloud  creates  challenges  for  clients  in  security,  processes,  automation,  internal  governance,   and  controls. § Hyperscale IaaS  providers  will  dominate  the  market § Hybrid-­Cloud  (multi-­provider  /  hybridization)  required  for  business  success  and  security § Most  clients  forget  about: § SLAs  &  Service § Governance  and  Financial  controls  -­ lead  to  accidently  “breaking  the  bank” § Security 3
©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   4 Cloud  Primer Broad   Network  Access Automation Flexible  Costing On-­Demand   Self-­Service Resource  Pooling Cloud Characteristics   Software  as  a  Service   (SaaS) Platform  as  a  Service   (PaaS) Infrastructure  as  a   Service  (IaaS) Service  Models Deployment   Models Public  Cloud Hybrid  Cloud Private  Cloud
©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   5 Primary  reasons  for  adopting  cloud Source:  Cloud  Security  Alliance,  “HOW  CLOUD  IS  BEING   USED  IN  THE  FINANCIAL  SECTOR”  SURVEY  REPORT  – March  2015
©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   6 Top  Cloud  Applications  Adopted Source:  Cloud  Security  Alliance,  “HOW  CLOUD  IS  BEING   USED  IN  THE  FINANCIAL  SECTOR”  SURVEY  REPORT  – March  2015
©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   7 Successful  Client  Outcomes Rapid  Deployment  &   Flexibility Higher  Return  on   Technology  Spend Matching   CapEx/OpEx  to  the   Budget Lower  Cost  of   Development Measurable   Outcomes
“Multi-­Cloud  Platform  approach…not  all   workloads  are  the  same…and  not  all  clouds  are     the  same!”
STRATEGIC  PARTNERS
©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Our  approach  and  strategic  cloud  partnerships § Partner  with  Multiple  Providers  (multi-­cloud) § Amazon  Web  Services  (AWS) § Microsoft  Azure § IBM  Softlayer § Provide  consistent-­feel  managed  services  across  client  deployment  options § Scalar  Owned/Operated § Client  Owned/Operated § HyperScale Provider § Traditional  Hosting  Provider Implement  automation,  policy  and   governance  consistent  across   deployment  option 10
©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   11 Getting  Started Assess Perform  a  visibility   assessment Classify  applications  &   data  for  public  and   private  approaches Design Design  architecture   &  approach Design  for  loose-­coupling,   scaling  &  security  with   spend  management Deploy Select  a  provider  &   deploy  an  application Manage  &  monitor  the   environment  like  any   other  infrastructure
Scalar  Cloud  Offerings SELF-MANAGED CLOUD 1 CONSULTING & ADVISORY 2 MANAGED CLOUD 3
CONSULTING  AND  ADVISORY1 READINESS GOVERNANCEDESIGN TRANSFORMATION
©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   14 Consulting  and  Advisory  -­ Service  Offerings Scalar  Consulting  and  Advisory  services  help  customers  plan,  execute,  and  derive   maximum  value  from  their  cloud  environment.    Engagements  are  typically   project/deliverable-­based,  and  include  services  such  as: • Cloud  migration  planning • Cloud  readiness  assessments • Workload  analysis • Architecture  and  design • Deployment  services • Cloud  optimization • Training
SELF-­MANAGED  CLOUD BILLING SUPPORT CONTROL 2
©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   16 Self-­managed  Cloud  -­ Service  Offerings • Itemized  billing   • Customer  Billing  Portal  with  chargeback  reporting • Scalar-­led  support  and  escalation Self-­management  appeals  to  customers  who  have  the  ability  to  manage  their  own   cloud-­based  environment,  and  for  whom  maintaining  that  level  of  control  is  preferred.     Customers  select  Scalar  as  their  resell  partner  of  choice,  but  otherwise  access  and   manage  the  cloud  via  the  selected  Cloud  Provider’s  portal.    There  are  3  distinct   values  to  purchasing  your  public  cloud  resources  through  Scalar:
MANAGED  CLOUD3 MIGRATE SECURE MANAGE OPTIMIZE
©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   18 Scalar  Managed  Cloud  -­ Service  Offerings STANDARD -­ Includes  basic  deployment  and  monitoring  services  with  SLO-­backed  response,  and  is  generally   appropriate  for  non-­mission  critical  workloads. PREMIUM -­ Provides  a  complete  monitoring  and  optimization  suite,  along  with  rapid,  SLA-­backed  response  suitable  for   production  workloads  and  other  mission-­critical  environments. Designed  for  customers  who  prefer  to  have  Scalar  provide  management  of  their  cloud   infrastructure.  Scalar  provisions  and  manages  cloud  resources  on  the  customer’s  behalf  along   with  providing  access  management,  24x7  monitoring  and  incident  response,  and  continuous   optimization.  Cloud  Management  comes  in  2  tiers:  
©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   19 Today’s  Security  Landscape Traditional   Countermeasures  are   Proving  Ineffective Rapidly  Changing  Threat   Types Regulatory  Compliance  &   Corporate  Governance   Demands  are  Increasing Security  Budgets  are   Often  Insufficient Many  Organizations  are   Blind  to  Security  Threats   that  are  Already  Known Hackers  are  Increasingly   Motivated ! ! 0 1 0 0 1 0 0 0 0 0 1 0
CLOUD  &  SECURITY
©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   21 Why  Security  Breaches  Continue  to  be  Prevalent Every  technology   eventually  fails Compliance  programs   often  ignore  business  risk Trying  to  keep  hackers   out  is  a  losing  battle !
©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   22 Cyber  Incidents  by  Industry Source:  IBM  Cyber  Security  Intelligence  Index
©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   23 Cloud  Security  Elements Global  Threat  Intelligence  &   Research Advanced  Analytics Protect  Critical  Assets Robust  Incident   Handling Understand  Business   Impact Continuous  Validation  of   Controls !
©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Understand  the  Security  Continuum Integration  &  Middleware Facilities Hardware APIs Data Metadata Content Applications APIs Presentation Modality Presentation Platform Abstraction Core Connection  &  Delivery Integration  &  Middleware Facilities Hardware APIs Abstraction Core Connection  &  Delivery Facilities Hardware APIs Abstraction Core Connection  &  Delivery IaaS INFRASTRUCTURE AS  A  SERVICE PaaS PLATFORM  AS  A  SERVICE SaaS SOFTWARE  AS  A  SERVICE Service  Provider  Security Your  Security 24
©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Unmanaged  Shared  Responsibility  Model 25
©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Cloud Provider Responsibility Your Responsibility Foundation Services Global Infrastructure Endpoints Compute Storage Database Networking Regions Availability Zones Edge Locations Operating System & Network Configuration at Rest Platform & Application Management Customer Data Client-side Data Encryption & Data Integrity Authentication Server-side Encryption Provided by the Platform / Protection of Data at Rest Network Traffic Protection Provided by the Platform / Protection of Data in Transit Optional – Opaque Data OS (in transit / at rest) Identity&AccessManagement Managed Shared Responsibility Model 26
SECURITY  BY  DESIGN PREPARE DEFEND RESPOND
©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Getting  Started Prepare Perform  a  risk   assessment Build  an  effective   security  program Defend Deploy  security   infrastructure Properly  configure   and  continuously  tune   security  elements Respond Detect  &  respond  to   incidents  quickly Continuously  validate  the   effectiveness  of  security   controls 28
©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Steps  forward…. 1. Ensure  effective  governance,  risk,  and  compliance  processes  exist 2. Audit  operational  &  business  processes 3. Manage,  people,  roles  and  identities 4. Ensure  proper  protection  of  data 5. Enforce  privacy  policies 6. Assess  security  provisions  for  cloud  applications 7. Ensure  secure  cloud  networks  and  connections 8. Evaluate  security  of  physical  infrastructure  and  facilities 9. Manage  security  terms  in  the  service  agreement 10.Understand  the  security  requirements  of  the  exit  process 29
©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Step  1  -­ Ensure  effective  Governance,  Risk,  and  Compliance   Governance Risk Compliance Ensure that  you  have  a   data  asset  inventory  and   it  is  classified  based  on  its   CIA  protection   requirements. Established  security  and   compliance  policies  &   procedures.   Assess  vendors,   applications,  processes   and  policies  against  a formalized  threat-­risk-­ assessment  process. Identify  and  map regulatory   and  legislative  requirements.   FedRAMP,  ITAR FFIEC,GLBA,  OSFI,  PIPEDA 30
©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Step  2  -­ Audit  operational  &  business  processes   Assurance   Certification Audit Review  independent auditor’s  report  on  cloud   provider’s  operations.   SSAE16  SOC2  Type  2 CSAE3416,  ISAE3402 Beyond  audit  assurance   reports.  Review  current   security certifications.   ISO27001 ISO27018 Ensure  access to  the   corporate  audit  trail. Shared  Information  Gathering   (SIG)  Questionnaire CSA  Cloud  Controls  Matrix   3.0.1 31
©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Step  3  – Manage  People,  Roles,  and  Identities Identity and   Access   Management Authentication Role,  Entitlement   and  Policy Management Federated  Identity   Management,   Provisioning  and delegation, Single  Sign-­On,  and   Identity &  Access  Audit. Ensure  support  for  strong, multi-­factor  authentication. Ensure provider  is  able  to   describe  and  enforce  security   policies,  user  roles,  and   groups  based  on   requirements. 32
©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Step  4  – Ensure  protection  of  data Encryption  /   Tokenization Create  a  data   asset  catalog Consider all   forms  of  data Encrypted  for  data  privacy   with  approved  algorithms   and  long,  random  keys;; Encrypted  before  it  passes   from  the  enterprise  to  the   cloud  provider;; Should  remain  encrypted  in   transit,  at  rest,  and  in  use;; Provider  should  never  have   access  to  decryption  keys Identify all  data  assets,   classify  them  in  terms  of   business  criticality,   ownership.  Identify   relationships  between  data   assets. Unstructured vs  Structured   data. 33
©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Step  5  – Enforce  privacy  policies PIPEDA Security  Privacy   Standards Ensure  privacy requirements   within  the  SLA June  2015 -­ new  data   breach  notification   provisions,  with  the   enactment  of  the  Digital   Privacy  Act.   ISO /  IEC  27018  standard   addresses  the  controls   required  for  the  protection   of  PII. Specific  clauses around   privacy  of  information. 34
©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Step  6  – Assess  security  provisions  for  cloud  applications IaaS PaaS SaaS Customer has  responsibility   for  the  complete  software   stack  including  security. Focus  on  provider’s  network,   physical  environment,  audit,   authorization,  and   authentication   considerations. Customer  has  responsibility   for  application  development   and  securing  application.   Focus  on  audit,  authorization,   and  authentication   considerations. Provider is  responsible  for   application-­tier  security  and  are   dependent  upon  terms  in  the   SLA. Understand  the  provider’s   patching  schedule,  controls   against  malware,  and  release   cycle. 35
©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Step  7  – Ensure  secure  cloud  networks  and  connections External   Network Internal Network Traffic  screening DOS  protection Intrusion   Detection/Prevention Logging  and  Notification Client  separation and   protection  from  one  another Monitoring  for  intrusion   attempts 36
©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Step  8  – Evaluate  security  of  physical  infrastructure  and  facilities Facilities Continuity  Plans Human   Resources Security  controls  related  to   facilities. Environmental,   Equipment,   telecommunications,  etc.   Continuity  of  service  in  the   face  of  environmental  threats   or  equipment  failures Security  controls  on  their  staff. Background  checks  /  screening,   role  changes,  termination.   Security  Awareness  and  Training 37
©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Step  9  – Manage  security  terms  in  the  service  agreement Breach   Notification Incident Response Measuring Performance Include  pertinent  information   with  regards  to  notification Containment  of  security   incidents Restoration  of  secure  access   Forensics  in  investigating   circumstances  and  causes  of   breach. Metrics  and  standards  for   measuring  performance  and   effectiveness  of  information   security  should  be  established  in   the  service  agreement.   ISO27004:2009 ISO19086 NIST  800-­55  Rev.1 38
©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Step  10  – Understand  the  security  requirements  of  the  exit  process Exit  Process   Data  Destruction Documented  exit  process  as   part  of  the  service   agreement. Customer  data  is  deleted  from   the  provider’s  environment  at   the  end  of  the  exit  process. 39
©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Setting  yourself  up  for  success Leveraging  cloud  providers  can  enable  companies  in  being*more*  secure  and  compliant   than  before,  in  contrast  to  leveraging  your  own  on  premise  systems. Spend  sufficient  time  to  ensure: § Information  Governance  Policy/Programs  are  defined  and  in  place § Services  are  Policy  Compliant § Improved  Security  Awareness  &  Actions  Plans  documented 40
Thank  You

Recommended

Scalar Security Roadshow: Toronto Presentation - April 15, 2015
Scalar Security Roadshow: Toronto Presentation - April 15, 2015Scalar Security Roadshow: Toronto Presentation - April 15, 2015
Scalar Security Roadshow: Toronto Presentation - April 15, 2015Scalar Decisions
 
Scalar cloud study2016_slideshare
Scalar cloud study2016_slideshareScalar cloud study2016_slideshare
Scalar cloud study2016_slideshareScalar Decisions
 
Keys to success and security in the cloud
Keys to success and security in the cloudKeys to success and security in the cloud
Keys to success and security in the cloudScalar Decisions
 
Scalar - a brief introduction
Scalar - a brief introductionScalar - a brief introduction
Scalar - a brief introductionScalar Decisions
 
Scalar Security Roadshow April 2015
Scalar Security Roadshow April 2015Scalar Security Roadshow April 2015
Scalar Security Roadshow April 2015Scalar Decisions
 
Optimize IT Infrastructure
Optimize IT InfrastructureOptimize IT Infrastructure
Optimize IT InfrastructureScalar Decisions
 
Workshop on CASB Part 2
Workshop on CASB Part 2Workshop on CASB Part 2
Workshop on CASB Part 2Priyanka Aash
 
RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...
RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...
RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...RightScale
 

Recommended

Scalar Security Roadshow: Toronto Presentation - April 15, 2015
Scalar Security Roadshow: Toronto Presentation - April 15, 2015Scalar Security Roadshow: Toronto Presentation - April 15, 2015
Scalar Security Roadshow: Toronto Presentation - April 15, 2015Scalar Decisions
 
Scalar cloud study2016_slideshare
Scalar cloud study2016_slideshareScalar cloud study2016_slideshare
Scalar cloud study2016_slideshareScalar Decisions
 
Keys to success and security in the cloud
Keys to success and security in the cloudKeys to success and security in the cloud
Keys to success and security in the cloudScalar Decisions
 
Scalar - a brief introduction
Scalar - a brief introductionScalar - a brief introduction
Scalar - a brief introductionScalar Decisions
 
Scalar Security Roadshow April 2015
Scalar Security Roadshow April 2015Scalar Security Roadshow April 2015
Scalar Security Roadshow April 2015Scalar Decisions
 
Optimize IT Infrastructure
Optimize IT InfrastructureOptimize IT Infrastructure
Optimize IT InfrastructureScalar Decisions
 
Workshop on CASB Part 2
Workshop on CASB Part 2Workshop on CASB Part 2
Workshop on CASB Part 2Priyanka Aash
 
RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...
RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...
RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...RightScale
 
Cloud security: Accelerating cloud adoption
Cloud security: Accelerating cloud adoption Cloud security: Accelerating cloud adoption
Cloud security: Accelerating cloud adoption Dell World
 
Ofer Maor - Security Automation in the SDLC - Real World Cases
Ofer Maor - Security Automation in the SDLC - Real World CasesOfer Maor - Security Automation in the SDLC - Real World Cases
Ofer Maor - Security Automation in the SDLC - Real World Casescentralohioissa
 
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Odds
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At OddsJervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Odds
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Oddscentralohioissa
 
Security and governance in the cloud
Security and governance in the cloudSecurity and governance in the cloud
Security and governance in the cloudJulian Knight
 
Cloud computing
Cloud computingCloud computing
Cloud computingjhoejoe
 
Owasp top 10_proactive_controls_v3
Owasp top 10_proactive_controls_v3Owasp top 10_proactive_controls_v3
Owasp top 10_proactive_controls_v3RazaMehmood7
 
Multi cloud webinar 2019 - slideshare
Multi cloud webinar 2019 - slideshareMulti cloud webinar 2019 - slideshare
Multi cloud webinar 2019 - slideshareThousandEyes
 
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......centralohioissa
 
IT Security As A Service
IT Security As A ServiceIT Security As A Service
IT Security As A ServiceMichael Davis
 
Implementing zero trust architecture in azure hybrid cloud
Implementing zero trust architecture in azure hybrid cloudImplementing zero trust architecture in azure hybrid cloud
Implementing zero trust architecture in azure hybrid cloudAjit Bhingarkar
 
Security as a Service in a Financial Institution: Reality or Chimera?
Security as a Service in a Financial Institution: Reality or Chimera?Security as a Service in a Financial Institution: Reality or Chimera?
Security as a Service in a Financial Institution: Reality or Chimera?Javier Losa
 
Compliance in the Cloud
Compliance in the CloudCompliance in the Cloud
Compliance in the CloudRapidScale
 
63 Requirements for CASB
63 Requirements for CASB63 Requirements for CASB
63 Requirements for CASBKyle Watson
 
Softchoice - Microsoft Office 365 - Discussing legal concerns and informatio...
Softchoice - Microsoft Office 365 - Discussing legal concerns and informatio...Softchoice - Microsoft Office 365 - Discussing legal concerns and informatio...
Softchoice - Microsoft Office 365 - Discussing legal concerns and informatio...Softchoice Corporation
 
RapidScale CloudRecovery
RapidScale CloudRecoveryRapidScale CloudRecovery
RapidScale CloudRecoveryRapidScale
 
HARTMANN and Cloudflare Learn how healthcare providers can build resilient in...
HARTMANN and Cloudflare Learn how healthcare providers can build resilient in...HARTMANN and Cloudflare Learn how healthcare providers can build resilient in...
HARTMANN and Cloudflare Learn how healthcare providers can build resilient in...Cloudflare
 
Microsoft Cloud
Microsoft CloudMicrosoft Cloud
Microsoft CloudConnor Russo
 
Multitenant, Dedicated or Hybrid - Which cloud to choose?
Multitenant, Dedicated or Hybrid - Which cloud to choose?Multitenant, Dedicated or Hybrid - Which cloud to choose?
Multitenant, Dedicated or Hybrid - Which cloud to choose?RapidScale
 
Opportunity to Peek: A Longitudinal Investigation of Unauthorized Access Atte...
Opportunity to Peek: A Longitudinal Investigation of Unauthorized Access Atte...Opportunity to Peek: A Longitudinal Investigation of Unauthorized Access Atte...
Opportunity to Peek: A Longitudinal Investigation of Unauthorized Access Atte...Lerner College of Business and Economics, University of Delaware
 
Biznet Gio Presentation - Database Security
Biznet Gio Presentation - Database SecurityBiznet Gio Presentation - Database Security
Biznet Gio Presentation - Database SecurityYusuf Hadiwinata Sutandar
 
2016 Scalar Security Study Roadshow
2016 Scalar Security Study Roadshow2016 Scalar Security Study Roadshow
2016 Scalar Security Study RoadshowScalar Decisions
 
Scalar Case Study: Strong Project Management Helps McMaster University Succes...
Scalar Case Study: Strong Project Management Helps McMaster University Succes...Scalar Case Study: Strong Project Management Helps McMaster University Succes...
Scalar Case Study: Strong Project Management Helps McMaster University Succes...Scalar Decisions
 

More Related Content

What's hot

Cloud security: Accelerating cloud adoption
Cloud security: Accelerating cloud adoption Cloud security: Accelerating cloud adoption
Cloud security: Accelerating cloud adoption Dell World
 
Ofer Maor - Security Automation in the SDLC - Real World Cases
Ofer Maor - Security Automation in the SDLC - Real World CasesOfer Maor - Security Automation in the SDLC - Real World Cases
Ofer Maor - Security Automation in the SDLC - Real World Casescentralohioissa
 
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Odds
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At OddsJervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Odds
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Oddscentralohioissa
 
Security and governance in the cloud
Security and governance in the cloudSecurity and governance in the cloud
Security and governance in the cloudJulian Knight
 
Cloud computing
Cloud computingCloud computing
Cloud computingjhoejoe
 
Owasp top 10_proactive_controls_v3
Owasp top 10_proactive_controls_v3Owasp top 10_proactive_controls_v3
Owasp top 10_proactive_controls_v3RazaMehmood7
 
Multi cloud webinar 2019 - slideshare
Multi cloud webinar 2019 - slideshareMulti cloud webinar 2019 - slideshare
Multi cloud webinar 2019 - slideshareThousandEyes
 
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......centralohioissa
 
IT Security As A Service
IT Security As A ServiceIT Security As A Service
IT Security As A ServiceMichael Davis
 
Implementing zero trust architecture in azure hybrid cloud
Implementing zero trust architecture in azure hybrid cloudImplementing zero trust architecture in azure hybrid cloud
Implementing zero trust architecture in azure hybrid cloudAjit Bhingarkar
 
Security as a Service in a Financial Institution: Reality or Chimera?
Security as a Service in a Financial Institution: Reality or Chimera?Security as a Service in a Financial Institution: Reality or Chimera?
Security as a Service in a Financial Institution: Reality or Chimera?Javier Losa
 
Compliance in the Cloud
Compliance in the CloudCompliance in the Cloud
Compliance in the CloudRapidScale
 
63 Requirements for CASB
63 Requirements for CASB63 Requirements for CASB
63 Requirements for CASBKyle Watson
 
Softchoice - Microsoft Office 365 - Discussing legal concerns and informatio...
Softchoice - Microsoft Office 365 - Discussing legal concerns and informatio...Softchoice - Microsoft Office 365 - Discussing legal concerns and informatio...
Softchoice - Microsoft Office 365 - Discussing legal concerns and informatio...Softchoice Corporation
 
RapidScale CloudRecovery
RapidScale CloudRecoveryRapidScale CloudRecovery
RapidScale CloudRecoveryRapidScale
 
HARTMANN and Cloudflare Learn how healthcare providers can build resilient in...
HARTMANN and Cloudflare Learn how healthcare providers can build resilient in...HARTMANN and Cloudflare Learn how healthcare providers can build resilient in...
HARTMANN and Cloudflare Learn how healthcare providers can build resilient in...Cloudflare
 
Multitenant, Dedicated or Hybrid - Which cloud to choose?
Multitenant, Dedicated or Hybrid - Which cloud to choose?Multitenant, Dedicated or Hybrid - Which cloud to choose?
Multitenant, Dedicated or Hybrid - Which cloud to choose?RapidScale
 

What's hot (20)

Cloud security: Accelerating cloud adoption
Cloud security: Accelerating cloud adoption Cloud security: Accelerating cloud adoption
Cloud security: Accelerating cloud adoption
 
Ofer Maor - Security Automation in the SDLC - Real World Cases
Ofer Maor - Security Automation in the SDLC - Real World CasesOfer Maor - Security Automation in the SDLC - Real World Cases
Ofer Maor - Security Automation in the SDLC - Real World Cases
 
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Odds
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At OddsJervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Odds
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Odds
 
Security and governance in the cloud
Security and governance in the cloudSecurity and governance in the cloud
Security and governance in the cloud
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Owasp top 10_proactive_controls_v3
Owasp top 10_proactive_controls_v3Owasp top 10_proactive_controls_v3
Owasp top 10_proactive_controls_v3
 
Multi cloud webinar 2019 - slideshare
Multi cloud webinar 2019 - slideshareMulti cloud webinar 2019 - slideshare
Multi cloud webinar 2019 - slideshare
 
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......
 
IT Security As A Service
IT Security As A ServiceIT Security As A Service
IT Security As A Service
 
Implementing zero trust architecture in azure hybrid cloud
Implementing zero trust architecture in azure hybrid cloudImplementing zero trust architecture in azure hybrid cloud
Implementing zero trust architecture in azure hybrid cloud
 
Security as a Service in a Financial Institution: Reality or Chimera?
Security as a Service in a Financial Institution: Reality or Chimera?Security as a Service in a Financial Institution: Reality or Chimera?
Security as a Service in a Financial Institution: Reality or Chimera?
 
Compliance in the Cloud
Compliance in the CloudCompliance in the Cloud
Compliance in the Cloud
 
63 Requirements for CASB
63 Requirements for CASB63 Requirements for CASB
63 Requirements for CASB
 
Softchoice - Microsoft Office 365 - Discussing legal concerns and informatio...
Softchoice - Microsoft Office 365 - Discussing legal concerns and informatio...Softchoice - Microsoft Office 365 - Discussing legal concerns and informatio...
Softchoice - Microsoft Office 365 - Discussing legal concerns and informatio...
 
RapidScale CloudRecovery
RapidScale CloudRecoveryRapidScale CloudRecovery
RapidScale CloudRecovery
 
HARTMANN and Cloudflare Learn how healthcare providers can build resilient in...
HARTMANN and Cloudflare Learn how healthcare providers can build resilient in...HARTMANN and Cloudflare Learn how healthcare providers can build resilient in...
HARTMANN and Cloudflare Learn how healthcare providers can build resilient in...
 
Microsoft Cloud
Microsoft CloudMicrosoft Cloud
Microsoft Cloud
 
Multitenant, Dedicated or Hybrid - Which cloud to choose?
Multitenant, Dedicated or Hybrid - Which cloud to choose?Multitenant, Dedicated or Hybrid - Which cloud to choose?
Multitenant, Dedicated or Hybrid - Which cloud to choose?
 
Opportunity to Peek: A Longitudinal Investigation of Unauthorized Access Atte...
Opportunity to Peek: A Longitudinal Investigation of Unauthorized Access Atte...Opportunity to Peek: A Longitudinal Investigation of Unauthorized Access Atte...
Opportunity to Peek: A Longitudinal Investigation of Unauthorized Access Atte...
 
Biznet Gio Presentation - Database Security
Biznet Gio Presentation - Database SecurityBiznet Gio Presentation - Database Security
Biznet Gio Presentation - Database Security
 

Viewers also liked

2016 Scalar Security Study Roadshow
2016 Scalar Security Study Roadshow2016 Scalar Security Study Roadshow
2016 Scalar Security Study RoadshowScalar Decisions
 
Scalar Case Study: Strong Project Management Helps McMaster University Succes...
Scalar Case Study: Strong Project Management Helps McMaster University Succes...Scalar Case Study: Strong Project Management Helps McMaster University Succes...
Scalar Case Study: Strong Project Management Helps McMaster University Succes...Scalar Decisions
 
Cyber Security trends and tactics for 2015
Cyber Security trends and tactics for 2015Cyber Security trends and tactics for 2015
Cyber Security trends and tactics for 2015Scalar Decisions
 
Executive Summary of the 2016 Scalar Security Study
Executive Summary of the 2016 Scalar Security StudyExecutive Summary of the 2016 Scalar Security Study
Executive Summary of the 2016 Scalar Security StudyScalar Decisions
 
Task Incident Readiness with Veris, Judy Nowak at TASK Toronto, April 27, 2...
Task Incident Readiness with Veris, Judy Nowak at TASK Toronto, April 27, 2...Task Incident Readiness with Veris, Judy Nowak at TASK Toronto, April 27, 2...
Task Incident Readiness with Veris, Judy Nowak at TASK Toronto, April 27, 2...patmisasi
 
Vancouver security road show master deck final
Vancouver security road show master deck finalVancouver security road show master deck final
Vancouver security road show master deck finalScalar Decisions
 
Scalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Decisions
 
Scalar customer case study: Rainmaker Entertainment
Scalar customer case study: Rainmaker EntertainmentScalar customer case study: Rainmaker Entertainment
Scalar customer case study: Rainmaker EntertainmentScalar Decisions
 
Scalar Security Roadshow - Toronto Stop
Scalar Security Roadshow - Toronto StopScalar Security Roadshow - Toronto Stop
Scalar Security Roadshow - Toronto StopScalar Decisions
 
Scalar Technical session - Network Functions Virtualization leveraging Brocade
Scalar Technical session - Network Functions Virtualization leveraging BrocadeScalar Technical session - Network Functions Virtualization leveraging Brocade
Scalar Technical session - Network Functions Virtualization leveraging BrocadeScalar Decisions
 
Scalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary PresentationScalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary PresentationScalar Decisions
 
Scalar Decisions: Emerging Trends and Technologies in Storage
Scalar Decisions: Emerging Trends and Technologies in StorageScalar Decisions: Emerging Trends and Technologies in Storage
Scalar Decisions: Emerging Trends and Technologies in Storagepatmisasi
 
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...centralohioissa
 
Connect the Dots: Draw a Clear Picture of Social’s Impact on Business Results
Connect the Dots: Draw a Clear Picture of Social’s Impact on Business ResultsConnect the Dots: Draw a Clear Picture of Social’s Impact on Business Results
Connect the Dots: Draw a Clear Picture of Social’s Impact on Business ResultsSpredfast
 
Calgary security road show master deck final
Calgary security road show master deck finalCalgary security road show master deck final
Calgary security road show master deck finalScalar Decisions
 
Scalar Security Roadshow - Toronto Presentation
Scalar Security Roadshow - Toronto PresentationScalar Security Roadshow - Toronto Presentation
Scalar Security Roadshow - Toronto PresentationScalar Decisions
 
Scalar Decisions 2013 Overview
Scalar Decisions 2013 OverviewScalar Decisions 2013 Overview
Scalar Decisions 2013 Overviewpatmisasi
 
Design Thinking: Beyond the Bounds of Your Own Head (a phenomenological persp...
Design Thinking: Beyond the Bounds of Your Own Head (a phenomenological persp...Design Thinking: Beyond the Bounds of Your Own Head (a phenomenological persp...
Design Thinking: Beyond the Bounds of Your Own Head (a phenomenological persp...Thomas Wendt
 

Viewers also liked (20)

2016 Scalar Security Study Roadshow
2016 Scalar Security Study Roadshow2016 Scalar Security Study Roadshow
2016 Scalar Security Study Roadshow
 
Scalar Case Study: Strong Project Management Helps McMaster University Succes...
Scalar Case Study: Strong Project Management Helps McMaster University Succes...Scalar Case Study: Strong Project Management Helps McMaster University Succes...
Scalar Case Study: Strong Project Management Helps McMaster University Succes...
 
Cyber Security trends and tactics for 2015
Cyber Security trends and tactics for 2015Cyber Security trends and tactics for 2015
Cyber Security trends and tactics for 2015
 
Executive Summary of the 2016 Scalar Security Study
Executive Summary of the 2016 Scalar Security StudyExecutive Summary of the 2016 Scalar Security Study
Executive Summary of the 2016 Scalar Security Study
 
Task Incident Readiness with Veris, Judy Nowak at TASK Toronto, April 27, 2...
Task Incident Readiness with Veris, Judy Nowak at TASK Toronto, April 27, 2...Task Incident Readiness with Veris, Judy Nowak at TASK Toronto, April 27, 2...
Task Incident Readiness with Veris, Judy Nowak at TASK Toronto, April 27, 2...
 
Vancouver security road show master deck final
Vancouver security road show master deck finalVancouver security road show master deck final
Vancouver security road show master deck final
 
Scalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver Presentation
 
Alfa Tech VestAsia 2012
Alfa Tech VestAsia 2012Alfa Tech VestAsia 2012
Alfa Tech VestAsia 2012
 
Scalar customer case study: Rainmaker Entertainment
Scalar customer case study: Rainmaker EntertainmentScalar customer case study: Rainmaker Entertainment
Scalar customer case study: Rainmaker Entertainment
 
Scalar Security Roadshow - Toronto Stop
Scalar Security Roadshow - Toronto StopScalar Security Roadshow - Toronto Stop
Scalar Security Roadshow - Toronto Stop
 
Scalar Technical session - Network Functions Virtualization leveraging Brocade
Scalar Technical session - Network Functions Virtualization leveraging BrocadeScalar Technical session - Network Functions Virtualization leveraging Brocade
Scalar Technical session - Network Functions Virtualization leveraging Brocade
 
Scalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary PresentationScalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary Presentation
 
Scalar Decisions: Emerging Trends and Technologies in Storage
Scalar Decisions: Emerging Trends and Technologies in StorageScalar Decisions: Emerging Trends and Technologies in Storage
Scalar Decisions: Emerging Trends and Technologies in Storage
 
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
 
12210943 pss7
12210943 pss712210943 pss7
12210943 pss7
 
Connect the Dots: Draw a Clear Picture of Social’s Impact on Business Results
Connect the Dots: Draw a Clear Picture of Social’s Impact on Business ResultsConnect the Dots: Draw a Clear Picture of Social’s Impact on Business Results
Connect the Dots: Draw a Clear Picture of Social’s Impact on Business Results
 
Calgary security road show master deck final
Calgary security road show master deck finalCalgary security road show master deck final
Calgary security road show master deck final
 
Scalar Security Roadshow - Toronto Presentation
Scalar Security Roadshow - Toronto PresentationScalar Security Roadshow - Toronto Presentation
Scalar Security Roadshow - Toronto Presentation
 
Scalar Decisions 2013 Overview
Scalar Decisions 2013 OverviewScalar Decisions 2013 Overview
Scalar Decisions 2013 Overview
 
Design Thinking: Beyond the Bounds of Your Own Head (a phenomenological persp...
Design Thinking: Beyond the Bounds of Your Own Head (a phenomenological persp...Design Thinking: Beyond the Bounds of Your Own Head (a phenomenological persp...
Design Thinking: Beyond the Bounds of Your Own Head (a phenomenological persp...
 

Similar to Cloud Perspectives - Ottawa Seminar - Oct 6

Keys-to-Success-and-Security-in-the-Cloud
Keys-to-Success-and-Security-in-the-CloudKeys-to-Success-and-Security-in-the-Cloud
Keys-to-Success-and-Security-in-the-Cloudpatmisasi
 
May 2013 Federal Cloud Computing Summit Keynote by David Cearly
May 2013 Federal Cloud Computing Summit Keynote by David CearlyMay 2013 Federal Cloud Computing Summit Keynote by David Cearly
May 2013 Federal Cloud Computing Summit Keynote by David CearlyTim Harvey
 
Becomming a cloud governance ninja linthicum interop fall 2013
Becomming a cloud governance ninja linthicum interop fall 2013Becomming a cloud governance ninja linthicum interop fall 2013
Becomming a cloud governance ninja linthicum interop fall 2013David Linthicum
 
Why businesses are moving Oracle applications to the cloud
Why businesses are moving Oracle applications to the cloudWhy businesses are moving Oracle applications to the cloud
Why businesses are moving Oracle applications to the cloudVelocity Technology Solutions
 
Espion and SureSkills Presentation - Your Journey To A Secure Cloud
Espion and SureSkills Presentation - Your Journey To A Secure CloudEspion and SureSkills Presentation - Your Journey To A Secure Cloud
Espion and SureSkills Presentation - Your Journey To A Secure CloudGoogle
 
Which Cloud? It All Starts with Assessing Application Readiness
Which Cloud? It All Starts with Assessing Application ReadinessWhich Cloud? It All Starts with Assessing Application Readiness
Which Cloud? It All Starts with Assessing Application ReadinessGravitant, Inc.
 
Richard Knight: Real world stories from the frontline of enterprise Cloud
Richard Knight: Real world stories from the frontline of enterprise CloudRichard Knight: Real world stories from the frontline of enterprise Cloud
Richard Knight: Real world stories from the frontline of enterprise CloudDe Novo
 
Cloud Options for a Modern Architecture
Cloud Options for a Modern ArchitectureCloud Options for a Modern Architecture
Cloud Options for a Modern ArchitectureProlifics
 
Cloudcomputingppt 12746363271272 Phpapp01
Cloudcomputingppt 12746363271272 Phpapp01Cloudcomputingppt 12746363271272 Phpapp01
Cloudcomputingppt 12746363271272 Phpapp01Chindala Murali
 
Cloud Computing Ppt
Cloud Computing PptCloud Computing Ppt
Cloud Computing PptAnjoum .
 
Selecting the Best VPC Network Architecture (CPN208) | AWS re:Invent 2013
Selecting the Best VPC Network Architecture (CPN208) | AWS re:Invent 2013Selecting the Best VPC Network Architecture (CPN208) | AWS re:Invent 2013
Selecting the Best VPC Network Architecture (CPN208) | AWS re:Invent 2013Amazon Web Services
 
The Ultimate Guide to Cloud Migration - A Whitepaper by RapidValue
The Ultimate Guide to Cloud Migration - A Whitepaper by RapidValueThe Ultimate Guide to Cloud Migration - A Whitepaper by RapidValue
The Ultimate Guide to Cloud Migration - A Whitepaper by RapidValueRapidValue
 
#ALSummit: SCOR Velogica's Journey to SOC2/TYPE2 Via AWS
#ALSummit: SCOR Velogica's Journey to SOC2/TYPE2 Via AWS#ALSummit: SCOR Velogica's Journey to SOC2/TYPE2 Via AWS
#ALSummit: SCOR Velogica's Journey to SOC2/TYPE2 Via AWSAlert Logic
 
ShareResponsibilityModel.pptx
ShareResponsibilityModel.pptxShareResponsibilityModel.pptx
ShareResponsibilityModel.pptxBabatundeAbioye2
 
Towards Hybrid Strategies - 451 Research & Atos
Towards Hybrid Strategies - 451 Research & AtosTowards Hybrid Strategies - 451 Research & Atos
Towards Hybrid Strategies - 451 Research & AtosCsilla Zsigri
 
Indonesia new default short msp client presentation partnership with isv
Indonesia new default short msp client presentation partnership with isvIndonesia new default short msp client presentation partnership with isv
Indonesia new default short msp client presentation partnership with isvPandu W Sastrowardoyo
 
Making Money in the Cloud
Making Money in the CloudMaking Money in the Cloud
Making Money in the CloudGravitant, Inc.
 
Oracle Cloud Computing Strategy
Oracle Cloud Computing StrategyOracle Cloud Computing Strategy
Oracle Cloud Computing StrategyRex Wang
 

Similar to Cloud Perspectives - Ottawa Seminar - Oct 6 (20)

Keys-to-Success-and-Security-in-the-Cloud
Keys-to-Success-and-Security-in-the-CloudKeys-to-Success-and-Security-in-the-Cloud
Keys-to-Success-and-Security-in-the-Cloud
 
May 2013 Federal Cloud Computing Summit Keynote by David Cearly
May 2013 Federal Cloud Computing Summit Keynote by David CearlyMay 2013 Federal Cloud Computing Summit Keynote by David Cearly
May 2013 Federal Cloud Computing Summit Keynote by David Cearly
 
Becomming a cloud governance ninja linthicum interop fall 2013
Becomming a cloud governance ninja linthicum interop fall 2013Becomming a cloud governance ninja linthicum interop fall 2013
Becomming a cloud governance ninja linthicum interop fall 2013
 
Why businesses are moving Oracle applications to the cloud
Why businesses are moving Oracle applications to the cloudWhy businesses are moving Oracle applications to the cloud
Why businesses are moving Oracle applications to the cloud
 
Espion and SureSkills Presentation - Your Journey To A Secure Cloud
Espion and SureSkills Presentation - Your Journey To A Secure CloudEspion and SureSkills Presentation - Your Journey To A Secure Cloud
Espion and SureSkills Presentation - Your Journey To A Secure Cloud
 
Which Cloud? It All Starts with Assessing Application Readiness
Which Cloud? It All Starts with Assessing Application ReadinessWhich Cloud? It All Starts with Assessing Application Readiness
Which Cloud? It All Starts with Assessing Application Readiness
 
Richard Knight: Real world stories from the frontline of enterprise Cloud
Richard Knight: Real world stories from the frontline of enterprise CloudRichard Knight: Real world stories from the frontline of enterprise Cloud
Richard Knight: Real world stories from the frontline of enterprise Cloud
 
Cloud Options for a Modern Architecture
Cloud Options for a Modern ArchitectureCloud Options for a Modern Architecture
Cloud Options for a Modern Architecture
 
Cloudcomputingppt 12746363271272 Phpapp01
Cloudcomputingppt 12746363271272 Phpapp01Cloudcomputingppt 12746363271272 Phpapp01
Cloudcomputingppt 12746363271272 Phpapp01
 
Cloud Computing
Cloud Computing Cloud Computing
Cloud Computing
 
Cloud Computing Ppt
Cloud Computing PptCloud Computing Ppt
Cloud Computing Ppt
 
Selecting the Best VPC Network Architecture (CPN208) | AWS re:Invent 2013
Selecting the Best VPC Network Architecture (CPN208) | AWS re:Invent 2013Selecting the Best VPC Network Architecture (CPN208) | AWS re:Invent 2013
Selecting the Best VPC Network Architecture (CPN208) | AWS re:Invent 2013
 
The Ultimate Guide to Cloud Migration - A Whitepaper by RapidValue
The Ultimate Guide to Cloud Migration - A Whitepaper by RapidValueThe Ultimate Guide to Cloud Migration - A Whitepaper by RapidValue
The Ultimate Guide to Cloud Migration - A Whitepaper by RapidValue
 
Logicalis Cloud Briefing
Logicalis Cloud BriefingLogicalis Cloud Briefing
Logicalis Cloud Briefing
 
#ALSummit: SCOR Velogica's Journey to SOC2/TYPE2 Via AWS
#ALSummit: SCOR Velogica's Journey to SOC2/TYPE2 Via AWS#ALSummit: SCOR Velogica's Journey to SOC2/TYPE2 Via AWS
#ALSummit: SCOR Velogica's Journey to SOC2/TYPE2 Via AWS
 
ShareResponsibilityModel.pptx
ShareResponsibilityModel.pptxShareResponsibilityModel.pptx
ShareResponsibilityModel.pptx
 
Towards Hybrid Strategies - 451 Research & Atos
Towards Hybrid Strategies - 451 Research & AtosTowards Hybrid Strategies - 451 Research & Atos
Towards Hybrid Strategies - 451 Research & Atos
 
Indonesia new default short msp client presentation partnership with isv
Indonesia new default short msp client presentation partnership with isvIndonesia new default short msp client presentation partnership with isv
Indonesia new default short msp client presentation partnership with isv
 
Making Money in the Cloud
Making Money in the CloudMaking Money in the Cloud
Making Money in the Cloud
 
Oracle Cloud Computing Strategy
Oracle Cloud Computing StrategyOracle Cloud Computing Strategy
Oracle Cloud Computing Strategy
 

More from Scalar Decisions

La transformation numérique de Scalar
La transformation numérique de ScalarLa transformation numérique de Scalar
La transformation numérique de ScalarScalar Decisions
 
2017 Scalar Security Study Summary
2017 Scalar Security Study Summary2017 Scalar Security Study Summary
2017 Scalar Security Study SummaryScalar Decisions
 
Résumé de l’étude sur la sécurité de Scalar 2016
Résumé de l’étude sur la sécurité de Scalar 2016Résumé de l’étude sur la sécurité de Scalar 2016
Résumé de l’étude sur la sécurité de Scalar 2016Scalar Decisions
 
2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...
2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...
2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...Scalar Decisions
 
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Scalar Decisions
 
Web scale with-nutanix_rev
Web scale with-nutanix_revWeb scale with-nutanix_rev
Web scale with-nutanix_revScalar Decisions
 
Hyperconverged Infrastructure: The Leading Edge of Virtualization
Hyperconverged Infrastructure: The Leading Edge of VirtualizationHyperconverged Infrastructure: The Leading Edge of Virtualization
Hyperconverged Infrastructure: The Leading Edge of VirtualizationScalar Decisions
 
The road to clustered data ontap.
The road to clustered data ontap.The road to clustered data ontap.
The road to clustered data ontap.Scalar Decisions
 
The Cyber Security Readiness of Canadian Organizations
The Cyber Security Readiness of Canadian OrganizationsThe Cyber Security Readiness of Canadian Organizations
The Cyber Security Readiness of Canadian OrganizationsScalar Decisions
 
Where Technology Meets Medicine: SickKids High Performance Computing Data Centre
Where Technology Meets Medicine: SickKids High Performance Computing Data CentreWhere Technology Meets Medicine: SickKids High Performance Computing Data Centre
Where Technology Meets Medicine: SickKids High Performance Computing Data CentreScalar Decisions
 
Scalar Customer Case Study: Toronto 2015 Pan Am/Parapan Am Games
Scalar Customer Case Study: Toronto 2015 Pan Am/Parapan Am GamesScalar Customer Case Study: Toronto 2015 Pan Am/Parapan Am Games
Scalar Customer Case Study: Toronto 2015 Pan Am/Parapan Am GamesScalar Decisions
 
Scalar Security Roadshow - Ottawa Presentation
Scalar Security Roadshow - Ottawa PresentationScalar Security Roadshow - Ottawa Presentation
Scalar Security Roadshow - Ottawa PresentationScalar Decisions
 
Sheridan College: Scalar Customer Case Study
Sheridan College: Scalar Customer Case StudySheridan College: Scalar Customer Case Study
Sheridan College: Scalar Customer Case StudyScalar Decisions
 
City of Airdrie: Scalar Customer Case Study
City of Airdrie: Scalar Customer Case StudyCity of Airdrie: Scalar Customer Case Study
City of Airdrie: Scalar Customer Case StudyScalar Decisions
 

More from Scalar Decisions (17)

La transformation numérique de Scalar
La transformation numérique de ScalarLa transformation numérique de Scalar
La transformation numérique de Scalar
 
Digital Transformation
Digital TransformationDigital Transformation
Digital Transformation
 
2017 Scalar Security Study Summary
2017 Scalar Security Study Summary2017 Scalar Security Study Summary
2017 Scalar Security Study Summary
 
Résumé de l’étude sur la sécurité de Scalar 2016
Résumé de l’étude sur la sécurité de Scalar 2016Résumé de l’étude sur la sécurité de Scalar 2016
Résumé de l’étude sur la sécurité de Scalar 2016
 
2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...
2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...
2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...
 
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
 
Web scale with-nutanix_rev
Web scale with-nutanix_revWeb scale with-nutanix_rev
Web scale with-nutanix_rev
 
Cloudforms Workshop
Cloudforms WorkshopCloudforms Workshop
Cloudforms Workshop
 
XtremIO
XtremIOXtremIO
XtremIO
 
Hyperconverged Infrastructure: The Leading Edge of Virtualization
Hyperconverged Infrastructure: The Leading Edge of VirtualizationHyperconverged Infrastructure: The Leading Edge of Virtualization
Hyperconverged Infrastructure: The Leading Edge of Virtualization
 
The road to clustered data ontap.
The road to clustered data ontap.The road to clustered data ontap.
The road to clustered data ontap.
 
The Cyber Security Readiness of Canadian Organizations
The Cyber Security Readiness of Canadian OrganizationsThe Cyber Security Readiness of Canadian Organizations
The Cyber Security Readiness of Canadian Organizations
 
Where Technology Meets Medicine: SickKids High Performance Computing Data Centre
Where Technology Meets Medicine: SickKids High Performance Computing Data CentreWhere Technology Meets Medicine: SickKids High Performance Computing Data Centre
Where Technology Meets Medicine: SickKids High Performance Computing Data Centre
 
Scalar Customer Case Study: Toronto 2015 Pan Am/Parapan Am Games
Scalar Customer Case Study: Toronto 2015 Pan Am/Parapan Am GamesScalar Customer Case Study: Toronto 2015 Pan Am/Parapan Am Games
Scalar Customer Case Study: Toronto 2015 Pan Am/Parapan Am Games
 
Scalar Security Roadshow - Ottawa Presentation
Scalar Security Roadshow - Ottawa PresentationScalar Security Roadshow - Ottawa Presentation
Scalar Security Roadshow - Ottawa Presentation
 
Sheridan College: Scalar Customer Case Study
Sheridan College: Scalar Customer Case StudySheridan College: Scalar Customer Case Study
Sheridan College: Scalar Customer Case Study
 
City of Airdrie: Scalar Customer Case Study
City of Airdrie: Scalar Customer Case StudyCity of Airdrie: Scalar Customer Case Study
City of Airdrie: Scalar Customer Case Study
 

Recently uploaded

Microsoft Copilot AI for Everyone - created by AI
Microsoft Copilot AI for Everyone - created by AIMicrosoft Copilot AI for Everyone - created by AI
Microsoft Copilot AI for Everyone - created by AITatiana Gurgel
 
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...NETWAYS
 
Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...
Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...
Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...NETWAYS
 
Open Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdf
Open Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdfOpen Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdf
Open Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdfhenrik385807
 
OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...
OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...
OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...NETWAYS
 
Call Girls in Rohini Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Rohini Delhi 💯Call Us 🔝8264348440🔝Call Girls in Rohini Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Rohini Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Russian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...
CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...
CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...henrik385807
 
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara Services
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara ServicesVVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara Services
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara ServicesPooja Nehwal
 
George Lever - eCommerce Day Chile 2024
George Lever - eCommerce Day Chile 2024George Lever - eCommerce Day Chile 2024
George Lever - eCommerce Day Chile 2024eCommerce Institute
 
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...Salam Al-Karadaghi
 
Motivation and Theory Maslow and Murray pdf
Motivation and Theory Maslow and Murray pdfMotivation and Theory Maslow and Murray pdf
Motivation and Theory Maslow and Murray pdfakankshagupta7348026
 
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝soniya singh
 
Philippine History cavite Mutiny Report.ppt
Philippine History cavite Mutiny Report.pptPhilippine History cavite Mutiny Report.ppt
Philippine History cavite Mutiny Report.pptssuser319dad
 
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...NETWAYS
 
Genesis part 2 Isaiah Scudder 04-24-2024.pptx
Genesis part 2 Isaiah Scudder 04-24-2024.pptxGenesis part 2 Isaiah Scudder 04-24-2024.pptx
Genesis part 2 Isaiah Scudder 04-24-2024.pptxFamilyWorshipCenterD
 
Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...
Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...
Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...Pooja Nehwal
 
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdf
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdfCTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdf
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdfhenrik385807
 
OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur für Container und Kubern...
OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur für Container und Kubern...OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur für Container und Kubern...
OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur für Container und Kubern...NETWAYS
 
LANDMARKS AND MONUMENTS IN NIGERIA.pptx
LANDMARKS AND MONUMENTS IN NIGERIA.pptxLANDMARKS AND MONUMENTS IN NIGERIA.pptx
LANDMARKS AND MONUMENTS IN NIGERIA.pptxBasil Achie
 

Recently uploaded (20)

Microsoft Copilot AI for Everyone - created by AI
Microsoft Copilot AI for Everyone - created by AIMicrosoft Copilot AI for Everyone - created by AI
Microsoft Copilot AI for Everyone - created by AI
 
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...
 
Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...
Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...
Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...
 
Open Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdf
Open Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdfOpen Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdf
Open Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdf
 
OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...
OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...
OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...
 
Call Girls in Rohini Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Rohini Delhi 💯Call Us 🔝8264348440🔝Call Girls in Rohini Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Rohini Delhi 💯Call Us 🔝8264348440🔝
 
Russian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...
CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...
CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...
 
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara Services
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara ServicesVVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara Services
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara Services
 
George Lever - eCommerce Day Chile 2024
George Lever - eCommerce Day Chile 2024George Lever - eCommerce Day Chile 2024
George Lever - eCommerce Day Chile 2024
 
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...
 
Motivation and Theory Maslow and Murray pdf
Motivation and Theory Maslow and Murray pdfMotivation and Theory Maslow and Murray pdf
Motivation and Theory Maslow and Murray pdf
 
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝
 
Philippine History cavite Mutiny Report.ppt
Philippine History cavite Mutiny Report.pptPhilippine History cavite Mutiny Report.ppt
Philippine History cavite Mutiny Report.ppt
 
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
 
Genesis part 2 Isaiah Scudder 04-24-2024.pptx
Genesis part 2 Isaiah Scudder 04-24-2024.pptxGenesis part 2 Isaiah Scudder 04-24-2024.pptx
Genesis part 2 Isaiah Scudder 04-24-2024.pptx
 
Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...
Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...
Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...
 
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdf
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdfCTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdf
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdf
 
OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur für Container und Kubern...
OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur für Container und Kubern...OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur für Container und Kubern...
OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur für Container und Kubern...
 
LANDMARKS AND MONUMENTS IN NIGERIA.pptx
LANDMARKS AND MONUMENTS IN NIGERIA.pptxLANDMARKS AND MONUMENTS IN NIGERIA.pptx
LANDMARKS AND MONUMENTS IN NIGERIA.pptx
 

Cloud Perspectives - Ottawa Seminar - Oct 6

  • 1. Cloud  Perspectives Neil  Bunn,  P.Eng.    -­ Chief  Technology  Officer Theo  van  Wyk  – Security  Solution  Architect  Manager October  6th ,  2016
  • 2. ©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Defining  Cloud “Cloud  Computing”  by  the  NIST  Definition  is: Cloud  computing  is  a  model  for  enabling ubiquitous, convenient, on-­demand  network  access   to  a shared  pool of  configurable  computing  resources  (e.g.,  networks,  servers,  storage,   applications,  and  services)  that  can  be rapidly  provisioned and released with  minimal   management  effort  or  service  provider  interaction.  This  cloud  model  is  composed  of  five   essential  characteristics, three  service  models,  and  four  deployment  models. Which  really  means….. 2
  • 3. ©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Pragmatic  View  of  Industry  Change § Cloud  is  just  another  delivery  model,  but  largely  predicated  on: § Automation § Elasticity § Pay-­as-­you-­go  (public  cloud) § Cloud  creates  challenges  for  clients  in  security,  processes,  automation,  internal  governance,   and  controls. § Hyperscale IaaS  providers  will  dominate  the  market § Hybrid-­Cloud  (multi-­provider  /  hybridization)  required  for  business  success  and  security § Most  clients  forget  about: § SLAs  &  Service § Governance  and  Financial  controls  -­ lead  to  accidently  “breaking  the  bank” § Security 3
  • 4. ©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   4 Cloud  Primer Broad   Network  Access Automation Flexible  Costing On-­Demand   Self-­Service Resource  Pooling Cloud Characteristics   Software  as  a  Service   (SaaS) Platform  as  a  Service   (PaaS) Infrastructure  as  a   Service  (IaaS) Service  Models Deployment   Models Public  Cloud Hybrid  Cloud Private  Cloud
  • 5. ©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   5 Primary  reasons  for  adopting  cloud Source:  Cloud  Security  Alliance,  “HOW  CLOUD  IS  BEING   USED  IN  THE  FINANCIAL  SECTOR”  SURVEY  REPORT  – March  2015
  • 6. ©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   6 Top  Cloud  Applications  Adopted Source:  Cloud  Security  Alliance,  “HOW  CLOUD  IS  BEING   USED  IN  THE  FINANCIAL  SECTOR”  SURVEY  REPORT  – March  2015
  • 7. ©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   7 Successful  Client  Outcomes Rapid  Deployment  &   Flexibility Higher  Return  on   Technology  Spend Matching   CapEx/OpEx  to  the   Budget Lower  Cost  of   Development Measurable   Outcomes
  • 8. “Multi-­Cloud  Platform  approach…not  all   workloads  are  the  same…and  not  all  clouds  are     the  same!”
  • 10. ©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Our  approach  and  strategic  cloud  partnerships § Partner  with  Multiple  Providers  (multi-­cloud) § Amazon  Web  Services  (AWS) § Microsoft  Azure § IBM  Softlayer § Provide  consistent-­feel  managed  services  across  client  deployment  options § Scalar  Owned/Operated § Client  Owned/Operated § HyperScale Provider § Traditional  Hosting  Provider Implement  automation,  policy  and   governance  consistent  across   deployment  option 10
  • 11. ©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   11 Getting  Started Assess Perform  a  visibility   assessment Classify  applications  &   data  for  public  and   private  approaches Design Design  architecture   &  approach Design  for  loose-­coupling,   scaling  &  security  with   spend  management Deploy Select  a  provider  &   deploy  an  application Manage  &  monitor  the   environment  like  any   other  infrastructure
  • 13. CONSULTING  AND  ADVISORY1 READINESS GOVERNANCEDESIGN TRANSFORMATION
  • 14. ©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   14 Consulting  and  Advisory  -­ Service  Offerings Scalar  Consulting  and  Advisory  services  help  customers  plan,  execute,  and  derive   maximum  value  from  their  cloud  environment.    Engagements  are  typically   project/deliverable-­based,  and  include  services  such  as: • Cloud  migration  planning • Cloud  readiness  assessments • Workload  analysis • Architecture  and  design • Deployment  services • Cloud  optimization • Training
  • 16. ©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   16 Self-­managed  Cloud  -­ Service  Offerings • Itemized  billing   • Customer  Billing  Portal  with  chargeback  reporting • Scalar-­led  support  and  escalation Self-­management  appeals  to  customers  who  have  the  ability  to  manage  their  own   cloud-­based  environment,  and  for  whom  maintaining  that  level  of  control  is  preferred.     Customers  select  Scalar  as  their  resell  partner  of  choice,  but  otherwise  access  and   manage  the  cloud  via  the  selected  Cloud  Provider’s  portal.    There  are  3  distinct   values  to  purchasing  your  public  cloud  resources  through  Scalar:
  • 18. ©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   18 Scalar  Managed  Cloud  -­ Service  Offerings STANDARD -­ Includes  basic  deployment  and  monitoring  services  with  SLO-­backed  response,  and  is  generally   appropriate  for  non-­mission  critical  workloads. PREMIUM -­ Provides  a  complete  monitoring  and  optimization  suite,  along  with  rapid,  SLA-­backed  response  suitable  for   production  workloads  and  other  mission-­critical  environments. Designed  for  customers  who  prefer  to  have  Scalar  provide  management  of  their  cloud   infrastructure.  Scalar  provisions  and  manages  cloud  resources  on  the  customer’s  behalf  along   with  providing  access  management,  24x7  monitoring  and  incident  response,  and  continuous   optimization.  Cloud  Management  comes  in  2  tiers:  
  • 19. ©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   19 Today’s  Security  Landscape Traditional   Countermeasures  are   Proving  Ineffective Rapidly  Changing  Threat   Types Regulatory  Compliance  &   Corporate  Governance   Demands  are  Increasing Security  Budgets  are   Often  Insufficient Many  Organizations  are   Blind  to  Security  Threats   that  are  Already  Known Hackers  are  Increasingly   Motivated ! ! 0 1 0 0 1 0 0 0 0 0 1 0
  • 21. ©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   21 Why  Security  Breaches  Continue  to  be  Prevalent Every  technology   eventually  fails Compliance  programs   often  ignore  business  risk Trying  to  keep  hackers   out  is  a  losing  battle !
  • 22. ©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   22 Cyber  Incidents  by  Industry Source:  IBM  Cyber  Security  Intelligence  Index
  • 23. ©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   23 Cloud  Security  Elements Global  Threat  Intelligence  &   Research Advanced  Analytics Protect  Critical  Assets Robust  Incident   Handling Understand  Business   Impact Continuous  Validation  of   Controls !
  • 24. ©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Understand  the  Security  Continuum Integration  &  Middleware Facilities Hardware APIs Data Metadata Content Applications APIs Presentation Modality Presentation Platform Abstraction Core Connection  &  Delivery Integration  &  Middleware Facilities Hardware APIs Abstraction Core Connection  &  Delivery Facilities Hardware APIs Abstraction Core Connection  &  Delivery IaaS INFRASTRUCTURE AS  A  SERVICE PaaS PLATFORM  AS  A  SERVICE SaaS SOFTWARE  AS  A  SERVICE Service  Provider  Security Your  Security 24
  • 25. ©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Unmanaged  Shared  Responsibility  Model 25
  • 26. ©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Cloud Provider Responsibility Your Responsibility Foundation Services Global Infrastructure Endpoints Compute Storage Database Networking Regions Availability Zones Edge Locations Operating System & Network Configuration at Rest Platform & Application Management Customer Data Client-side Data Encryption & Data Integrity Authentication Server-side Encryption Provided by the Platform / Protection of Data at Rest Network Traffic Protection Provided by the Platform / Protection of Data in Transit Optional – Opaque Data OS (in transit / at rest) Identity&AccessManagement Managed Shared Responsibility Model 26
  • 28. ©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Getting  Started Prepare Perform  a  risk   assessment Build  an  effective   security  program Defend Deploy  security   infrastructure Properly  configure   and  continuously  tune   security  elements Respond Detect  &  respond  to   incidents  quickly Continuously  validate  the   effectiveness  of  security   controls 28
  • 29. ©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Steps  forward…. 1. Ensure  effective  governance,  risk,  and  compliance  processes  exist 2. Audit  operational  &  business  processes 3. Manage,  people,  roles  and  identities 4. Ensure  proper  protection  of  data 5. Enforce  privacy  policies 6. Assess  security  provisions  for  cloud  applications 7. Ensure  secure  cloud  networks  and  connections 8. Evaluate  security  of  physical  infrastructure  and  facilities 9. Manage  security  terms  in  the  service  agreement 10.Understand  the  security  requirements  of  the  exit  process 29
  • 30. ©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Step  1  -­ Ensure  effective  Governance,  Risk,  and  Compliance   Governance Risk Compliance Ensure that  you  have  a   data  asset  inventory  and   it  is  classified  based  on  its   CIA  protection   requirements. Established  security  and   compliance  policies  &   procedures.   Assess  vendors,   applications,  processes   and  policies  against  a formalized  threat-­risk-­ assessment  process. Identify  and  map regulatory   and  legislative  requirements.   FedRAMP,  ITAR FFIEC,GLBA,  OSFI,  PIPEDA 30
  • 31. ©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Step  2  -­ Audit  operational  &  business  processes   Assurance   Certification Audit Review  independent auditor’s  report  on  cloud   provider’s  operations.   SSAE16  SOC2  Type  2 CSAE3416,  ISAE3402 Beyond  audit  assurance   reports.  Review  current   security certifications.   ISO27001 ISO27018 Ensure  access to  the   corporate  audit  trail. Shared  Information  Gathering   (SIG)  Questionnaire CSA  Cloud  Controls  Matrix   3.0.1 31
  • 32. ©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Step  3  – Manage  People,  Roles,  and  Identities Identity and   Access   Management Authentication Role,  Entitlement   and  Policy Management Federated  Identity   Management,   Provisioning  and delegation, Single  Sign-­On,  and   Identity &  Access  Audit. Ensure  support  for  strong, multi-­factor  authentication. Ensure provider  is  able  to   describe  and  enforce  security   policies,  user  roles,  and   groups  based  on   requirements. 32
  • 33. ©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Step  4  – Ensure  protection  of  data Encryption  /   Tokenization Create  a  data   asset  catalog Consider all   forms  of  data Encrypted  for  data  privacy   with  approved  algorithms   and  long,  random  keys;; Encrypted  before  it  passes   from  the  enterprise  to  the   cloud  provider;; Should  remain  encrypted  in   transit,  at  rest,  and  in  use;; Provider  should  never  have   access  to  decryption  keys Identify all  data  assets,   classify  them  in  terms  of   business  criticality,   ownership.  Identify   relationships  between  data   assets. Unstructured vs  Structured   data. 33
  • 34. ©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Step  5  – Enforce  privacy  policies PIPEDA Security  Privacy   Standards Ensure  privacy requirements   within  the  SLA June  2015 -­ new  data   breach  notification   provisions,  with  the   enactment  of  the  Digital   Privacy  Act.   ISO /  IEC  27018  standard   addresses  the  controls   required  for  the  protection   of  PII. Specific  clauses around   privacy  of  information. 34
  • 35. ©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Step  6  – Assess  security  provisions  for  cloud  applications IaaS PaaS SaaS Customer has  responsibility   for  the  complete  software   stack  including  security. Focus  on  provider’s  network,   physical  environment,  audit,   authorization,  and   authentication   considerations. Customer  has  responsibility   for  application  development   and  securing  application.   Focus  on  audit,  authorization,   and  authentication   considerations. Provider is  responsible  for   application-­tier  security  and  are   dependent  upon  terms  in  the   SLA. Understand  the  provider’s   patching  schedule,  controls   against  malware,  and  release   cycle. 35
  • 36. ©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Step  7  – Ensure  secure  cloud  networks  and  connections External   Network Internal Network Traffic  screening DOS  protection Intrusion   Detection/Prevention Logging  and  Notification Client  separation and   protection  from  one  another Monitoring  for  intrusion   attempts 36
  • 37. ©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Step  8  – Evaluate  security  of  physical  infrastructure  and  facilities Facilities Continuity  Plans Human   Resources Security  controls  related  to   facilities. Environmental,   Equipment,   telecommunications,  etc.   Continuity  of  service  in  the   face  of  environmental  threats   or  equipment  failures Security  controls  on  their  staff. Background  checks  /  screening,   role  changes,  termination.   Security  Awareness  and  Training 37
  • 38. ©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Step  9  – Manage  security  terms  in  the  service  agreement Breach   Notification Incident Response Measuring Performance Include  pertinent  information   with  regards  to  notification Containment  of  security   incidents Restoration  of  secure  access   Forensics  in  investigating   circumstances  and  causes  of   breach. Metrics  and  standards  for   measuring  performance  and   effectiveness  of  information   security  should  be  established  in   the  service  agreement.   ISO27004:2009 ISO19086 NIST  800-­55  Rev.1 38
  • 39. ©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Step  10  – Understand  the  security  requirements  of  the  exit  process Exit  Process   Data  Destruction Documented  exit  process  as   part  of  the  service   agreement. Customer  data  is  deleted  from   the  provider’s  environment  at   the  end  of  the  exit  process. 39
  • 40. ©  2015  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Setting  yourself  up  for  success Leveraging  cloud  providers  can  enable  companies  in  being*more*  secure  and  compliant   than  before,  in  contrast  to  leveraging  your  own  on  premise  systems. Spend  sufficient  time  to  ensure: § Information  Governance  Policy/Programs  are  defined  and  in  place § Services  are  Policy  Compliant § Improved  Security  Awareness  &  Actions  Plans  documented 40