SlideShare a Scribd company logo

Confraria Security 17 June - Cloud Security

Vitor Domingos
Vitor Domingos

Cloud computing provides on-demand access to shared computing resources like networks, servers, storage, applications and services. While it offers advantages like flexibility and cost savings, security is a major concern due to issues like loss of physical control of data and systems, multi-tenancy, and the complexity of massive cloud systems. Key challenges include isolation management between tenants, data encryption, disaster recovery planning and secure virtualization. Organizations should plan for security, encrypt data, backup regularly, audit systems and sandbox applications to help address risks in the cloud.

Technology
1 of 21
Download to read offline
Cloud Computing Security by Vitor Domingos intrepid and professional basher http://vitordomingos.com
* as seen on regular weather channel
Cloud Computing is ? - Network as a “cloud” - Network is the computer (SUN moto) - TCP/IP abstraction (1st cloud) - www data abstraction (2nd cloud) - Virtualization (3rd cloud) Bottom line: - Virtualization done right, with webservices
Cloud Computing is ! - on-demand self-service - ubiquitous network access - location independent resource pooling - rapid elasticity - measured service - pay as you go - abstract resources
CCaaS - Software as a Service - SalesForce - Platform as a Service - Google App Engine - Microsoft Azure - Infrastructure as a Service - Rackspace Mosso - Amazon Web Services
Cloud Computing leverages - Virtualization - Multi-Tenancy - Massive Scale - Autonomic Computing - Distributed Environment - Security Technologies - Service Oriented
Security in the Cloud
Only the paranoid survive! - Key issues trust, trust, multi-tenancy, trust, encryption, compliance - Massive complex systems running on functional units - Certification & Audit - Loss of physical control - Interoperability - Accountability
please, keep in mind that - Shared hell: - Hardware - Memory - Disks - NIC's (Virtual) - Cache Snooping - Hypervisor Attacks - Persistent Root Kits - Password Cracking - Broken or stolen key rings / authorization federation - Never ending logs
Great things do come - Provisioning - Rapid reconstitution of services - Storage fragmented - Security layers (auth, firewall, logging, …) - Network and Security perimeters - Virtual Zoning - Fault tolerance
Challenges - Data dispersal and international privacy laws - Isolation management & Multi-Tenancy - Certification (SAS 70 Type II audits and ISO 27001) - Data ownership - QoS & SLA's garantees - Secure Hypervisors
Challenges - Massive outages - Service bottle necks; DNS as your best friend - Encryption needs cloud resources, applications, storage, services - Disaster recovery and contingency plans - If you have it on Auto mode, you won't see it coming - Honey for hackers
ToDo - Network with VPN and VLAN's - SLA's; read the fine prints - Backup and recover often; Risk assessment - Log (out of there) as if the world ended tomorrow - Plan for failure - YOU secure!!! - Sandbox, Sandbox, Sandbox
You're not alone - Security Groups IBM; SUN; Amazon; ISV - Cloud Security Alliance (awesome guide!!) - OpenCloud Manifesto & Amazon Security Paper - Cloud Computing ML at Google Groups - Legal Cloud's - Vivek Kundra, USA CTO, did it, so as Facebook, New York Times and Nasdaq (on AWS)
Wrap up - Plan - Encrypt - Backup - Secure - Audit - Sandbox (check my last year sapo codebits talk) - http://codebits.sapo.pt/files/aws_23.pdf - Trust
mail: vd@prt.sc ? site: http://vitordomingos.com

Recommended

ISACA Cloud Security Presentation 2013-09-24
ISACA Cloud Security Presentation 2013-09-24ISACA Cloud Security Presentation 2013-09-24
ISACA Cloud Security Presentation 2013-09-24
Major Hayden
 
Is your distributed system secure?
Is your distributed system secure?Is your distributed system secure?
Is your distributed system secure?
Lacey Trebaol
 
Decentralized Cloud Storage-Storjio
Decentralized Cloud Storage-StorjioDecentralized Cloud Storage-Storjio
Decentralized Cloud Storage-Storjio
Alireza Nouri
 
Webair-Facilities
Webair-FacilitiesWebair-Facilities
Webair-FacilitiesAndrew Paladino
 
The Cloud Done Right
The Cloud Done RightThe Cloud Done Right
The Cloud Done Right
Intel Corporation
 
Cloud computing
Cloud computingCloud computing
Cloud computingHaniel Zadok
 
N cryptedcloud
N cryptedcloudN cryptedcloud
N cryptedcloud
davish107
 
CipherWire Networks - SafeNet KeySecure
CipherWire Networks - SafeNet KeySecureCipherWire Networks - SafeNet KeySecure
CipherWire Networks - SafeNet KeySecure
cnnetwork
 

Recommended

ISACA Cloud Security Presentation 2013-09-24
ISACA Cloud Security Presentation 2013-09-24ISACA Cloud Security Presentation 2013-09-24
ISACA Cloud Security Presentation 2013-09-24
Major Hayden
 
Is your distributed system secure?
Is your distributed system secure?Is your distributed system secure?
Is your distributed system secure?
Lacey Trebaol
 
Decentralized Cloud Storage-Storjio
Decentralized Cloud Storage-StorjioDecentralized Cloud Storage-Storjio
Decentralized Cloud Storage-Storjio
Alireza Nouri
 
Webair-Facilities
Webair-FacilitiesWebair-Facilities
Webair-FacilitiesAndrew Paladino
 
The Cloud Done Right
The Cloud Done RightThe Cloud Done Right
The Cloud Done Right
Intel Corporation
 
Cloud computing
Cloud computingCloud computing
Cloud computingHaniel Zadok
 
N cryptedcloud
N cryptedcloudN cryptedcloud
N cryptedcloud
davish107
 
CipherWire Networks - SafeNet KeySecure
CipherWire Networks - SafeNet KeySecureCipherWire Networks - SafeNet KeySecure
CipherWire Networks - SafeNet KeySecure
cnnetwork
 
年轻人媒体主张
年轻人媒体主张年轻人媒体主张
年轻人媒体主张Kantar Media CIC
 
Iwom watch 2nd half year review 2006:“You”— Time’s Person of the Year - also ...
Iwom watch 2nd half year review 2006:“You”— Time’s Person of the Year - also ...Iwom watch 2nd half year review 2006:“You”— Time’s Person of the Year - also ...
Iwom watch 2nd half year review 2006:“You”— Time’s Person of the Year - also ...Kantar Media CIC
 
Resultados twitter Curling Nevada Barcelona 1
Resultados twitter Curling Nevada Barcelona 1Resultados twitter Curling Nevada Barcelona 1
Resultados twitter Curling Nevada Barcelona 1
Selva Orejón
 
Buckets and Vessels
Buckets and VesselsBuckets and Vessels
Buckets and Vessels
Aaron Cope
 
Web 2.0 Business Models
Web 2.0 Business ModelsWeb 2.0 Business Models
Web 2.0 Business Models
Anabelle P
 
ETech 09, notes and links
ETech 09, notes and linksETech 09, notes and links
ETech 09, notes and links
Aaron Cope
 
we need / MOAR dragons
we need / MOAR dragonswe need / MOAR dragons
we need / MOAR dragonsAaron Cope
 
信息图:2008 - 2014 CIC中国社会化媒体格局图的变迁
信息图:2008 - 2014 CIC中国社会化媒体格局图的变迁信息图:2008 - 2014 CIC中国社会化媒体格局图的变迁
信息图:2008 - 2014 CIC中国社会化媒体格局图的变迁Kantar Media CIC
 
Agency Is the Intelligent Design of the Internet
Agency Is the Intelligent Design of the InternetAgency Is the Intelligent Design of the Internet
Agency Is the Intelligent Design of the InternetAaron Cope
 
Portuguese Cloud Computing Architects - 2nd Meeting
Portuguese Cloud Computing Architects - 2nd MeetingPortuguese Cloud Computing Architects - 2nd Meeting
Portuguese Cloud Computing Architects - 2nd Meeting
Vitor Domingos
 
Why the cloud is more secure than your existing systems
Why the cloud is more secure than your existing systemsWhy the cloud is more secure than your existing systems
Why the cloud is more secure than your existing systems
Ernest Mueller
 
Cloud Breach - Forensics Audit Planning
Cloud Breach - Forensics Audit PlanningCloud Breach - Forensics Audit Planning
Cloud Breach - Forensics Audit Planning
Valdez Ladd MBA, CISSP, CISA,
 
Best Practices in Secure Cloud Migration
Best Practices in Secure Cloud MigrationBest Practices in Secure Cloud Migration
Best Practices in Secure Cloud Migration
CloudHesive
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
harit66
 
Architecting Data Services for the Cloud: Security Considerations and Best Pr...
Architecting Data Services for the Cloud: Security Considerations and Best Pr...Architecting Data Services for the Cloud: Security Considerations and Best Pr...
Architecting Data Services for the Cloud: Security Considerations and Best Pr...
Adnene Guabtni
 
Cloud Computing E-Lect.ppt
Cloud Computing E-Lect.pptCloud Computing E-Lect.ppt
Cloud Computing E-Lect.ppt
arunimaarunima1
 
A Cloud Security Ghost Story Craig Balding
A Cloud Security Ghost Story Craig BaldingA Cloud Security Ghost Story Craig Balding
A Cloud Security Ghost Story Craig Balding
craigbalding
 
Cloud Spotting 2017: An overview of cloud computing
Cloud Spotting 2017: An overview of cloud computingCloud Spotting 2017: An overview of cloud computing
Cloud Spotting 2017: An overview of cloud computing
Patrice Kerremans
 
Zubair
ZubairZubair
ZubairMuhammad Zubair
 
Cloud and its job oppertunities
Cloud and its job oppertunitiesCloud and its job oppertunities
Cloud and its job oppertunities
Ramya SK
 
Building A Cloud Security Strategy for Scale
Building A Cloud Security Strategy for ScaleBuilding A Cloud Security Strategy for Scale
Building A Cloud Security Strategy for Scale
Chris Farris
 
Get Your Head in the Cloud: A Practical Model for Enterprise Cloud Security
Get Your Head in the Cloud: A Practical Model for Enterprise Cloud SecurityGet Your Head in the Cloud: A Practical Model for Enterprise Cloud Security
Get Your Head in the Cloud: A Practical Model for Enterprise Cloud Security
Symantec
 

More Related Content

Viewers also liked

Iwom watch 2nd half year review 2006:“You”— Time’s Person of the Year - also ...
Iwom watch 2nd half year review 2006:“You”— Time’s Person of the Year - also ...Iwom watch 2nd half year review 2006:“You”— Time’s Person of the Year - also ...
Iwom watch 2nd half year review 2006:“You”— Time’s Person of the Year - also ...Kantar Media CIC
 
Resultados twitter Curling Nevada Barcelona 1
Resultados twitter Curling Nevada Barcelona 1Resultados twitter Curling Nevada Barcelona 1
Resultados twitter Curling Nevada Barcelona 1
Selva Orejón
 
Buckets and Vessels
Buckets and VesselsBuckets and Vessels
Buckets and Vessels
Aaron Cope
 
Web 2.0 Business Models
Web 2.0 Business ModelsWeb 2.0 Business Models
Web 2.0 Business Models
Anabelle P
 
ETech 09, notes and links
ETech 09, notes and linksETech 09, notes and links
ETech 09, notes and links
Aaron Cope
 
we need / MOAR dragons
we need / MOAR dragonswe need / MOAR dragons
we need / MOAR dragonsAaron Cope
 
信息图:2008 - 2014 CIC中国社会化媒体格局图的变迁
信息图:2008 - 2014 CIC中国社会化媒体格局图的变迁信息图:2008 - 2014 CIC中国社会化媒体格局图的变迁
信息图:2008 - 2014 CIC中国社会化媒体格局图的变迁Kantar Media CIC
 
Agency Is the Intelligent Design of the Internet
Agency Is the Intelligent Design of the InternetAgency Is the Intelligent Design of the Internet
Agency Is the Intelligent Design of the InternetAaron Cope
 

Viewers also liked (9)

年轻人媒体主张
年轻人媒体主张年轻人媒体主张
年轻人媒体主张
 
Iwom watch 2nd half year review 2006:“You”— Time’s Person of the Year - also ...
Iwom watch 2nd half year review 2006:“You”— Time’s Person of the Year - also ...Iwom watch 2nd half year review 2006:“You”— Time’s Person of the Year - also ...
Iwom watch 2nd half year review 2006:“You”— Time’s Person of the Year - also ...
 
Resultados twitter Curling Nevada Barcelona 1
Resultados twitter Curling Nevada Barcelona 1Resultados twitter Curling Nevada Barcelona 1
Resultados twitter Curling Nevada Barcelona 1
 
Buckets and Vessels
Buckets and VesselsBuckets and Vessels
Buckets and Vessels
 
Web 2.0 Business Models
Web 2.0 Business ModelsWeb 2.0 Business Models
Web 2.0 Business Models
 
ETech 09, notes and links
ETech 09, notes and linksETech 09, notes and links
ETech 09, notes and links
 
we need / MOAR dragons
we need / MOAR dragonswe need / MOAR dragons
we need / MOAR dragons
 
信息图:2008 - 2014 CIC中国社会化媒体格局图的变迁
信息图:2008 - 2014 CIC中国社会化媒体格局图的变迁信息图:2008 - 2014 CIC中国社会化媒体格局图的变迁
信息图:2008 - 2014 CIC中国社会化媒体格局图的变迁
 
Agency Is the Intelligent Design of the Internet
Agency Is the Intelligent Design of the InternetAgency Is the Intelligent Design of the Internet
Agency Is the Intelligent Design of the Internet
 

Similar to Confraria Security 17 June - Cloud Security

Portuguese Cloud Computing Architects - 2nd Meeting
Portuguese Cloud Computing Architects - 2nd MeetingPortuguese Cloud Computing Architects - 2nd Meeting
Portuguese Cloud Computing Architects - 2nd Meeting
Vitor Domingos
 
Why the cloud is more secure than your existing systems
Why the cloud is more secure than your existing systemsWhy the cloud is more secure than your existing systems
Why the cloud is more secure than your existing systems
Ernest Mueller
 
Cloud Breach - Forensics Audit Planning
Cloud Breach - Forensics Audit PlanningCloud Breach - Forensics Audit Planning
Cloud Breach - Forensics Audit Planning
Valdez Ladd MBA, CISSP, CISA,
 
Best Practices in Secure Cloud Migration
Best Practices in Secure Cloud MigrationBest Practices in Secure Cloud Migration
Best Practices in Secure Cloud Migration
CloudHesive
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
harit66
 
Architecting Data Services for the Cloud: Security Considerations and Best Pr...
Architecting Data Services for the Cloud: Security Considerations and Best Pr...Architecting Data Services for the Cloud: Security Considerations and Best Pr...
Architecting Data Services for the Cloud: Security Considerations and Best Pr...
Adnene Guabtni
 
Cloud Computing E-Lect.ppt
Cloud Computing E-Lect.pptCloud Computing E-Lect.ppt
Cloud Computing E-Lect.ppt
arunimaarunima1
 
A Cloud Security Ghost Story Craig Balding
A Cloud Security Ghost Story Craig BaldingA Cloud Security Ghost Story Craig Balding
A Cloud Security Ghost Story Craig Balding
craigbalding
 
Cloud Spotting 2017: An overview of cloud computing
Cloud Spotting 2017: An overview of cloud computingCloud Spotting 2017: An overview of cloud computing
Cloud Spotting 2017: An overview of cloud computing
Patrice Kerremans
 
Cloud and its job oppertunities
Cloud and its job oppertunitiesCloud and its job oppertunities
Cloud and its job oppertunities
Ramya SK
 
Building A Cloud Security Strategy for Scale
Building A Cloud Security Strategy for ScaleBuilding A Cloud Security Strategy for Scale
Building A Cloud Security Strategy for Scale
Chris Farris
 
Get Your Head in the Cloud: A Practical Model for Enterprise Cloud Security
Get Your Head in the Cloud: A Practical Model for Enterprise Cloud SecurityGet Your Head in the Cloud: A Practical Model for Enterprise Cloud Security
Get Your Head in the Cloud: A Practical Model for Enterprise Cloud Security
Symantec
 
CloudCamp London 3 - 451 Group - William Fellows
CloudCamp London 3 - 451 Group - William FellowsCloudCamp London 3 - 451 Group - William Fellows
CloudCamp London 3 - 451 Group - William Fellows
Chris Purrington
 
Cyberoam-Techsheet
Cyberoam-TechsheetCyberoam-Techsheet
Cyberoam-TechsheetBaqar Kazmi
 
Issues in cloud computing
Issues in cloud computingIssues in cloud computing
Issues in cloud computing
ronak patel
 
Good-cyber-hygiene-at-scale-and-speed
Good-cyber-hygiene-at-scale-and-speedGood-cyber-hygiene-at-scale-and-speed
Good-cyber-hygiene-at-scale-and-speed
James '​-- Mckinlay
 
AWS Cloud Security From the Point of View of the Compliance
AWS Cloud Security From the Point of View of the ComplianceAWS Cloud Security From the Point of View of the Compliance
AWS Cloud Security From the Point of View of the Compliance
Yury Chemerkin
 
Implementing Private Clouds
Implementing Private CloudsImplementing Private Clouds
Implementing Private Clouds
John Pritchard
 
Cloud computing & aws concepts
Cloud computing & aws conceptsCloud computing & aws concepts
Cloud computing & aws concepts
ABHINAV ANAND
 

Similar to Confraria Security 17 June - Cloud Security (20)

Portuguese Cloud Computing Architects - 2nd Meeting
Portuguese Cloud Computing Architects - 2nd MeetingPortuguese Cloud Computing Architects - 2nd Meeting
Portuguese Cloud Computing Architects - 2nd Meeting
 
Why the cloud is more secure than your existing systems
Why the cloud is more secure than your existing systemsWhy the cloud is more secure than your existing systems
Why the cloud is more secure than your existing systems
 
Cloud Breach - Forensics Audit Planning
Cloud Breach - Forensics Audit PlanningCloud Breach - Forensics Audit Planning
Cloud Breach - Forensics Audit Planning
 
Best Practices in Secure Cloud Migration
Best Practices in Secure Cloud MigrationBest Practices in Secure Cloud Migration
Best Practices in Secure Cloud Migration
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
Architecting Data Services for the Cloud: Security Considerations and Best Pr...
Architecting Data Services for the Cloud: Security Considerations and Best Pr...Architecting Data Services for the Cloud: Security Considerations and Best Pr...
Architecting Data Services for the Cloud: Security Considerations and Best Pr...
 
Cloud Computing E-Lect.ppt
Cloud Computing E-Lect.pptCloud Computing E-Lect.ppt
Cloud Computing E-Lect.ppt
 
A Cloud Security Ghost Story Craig Balding
A Cloud Security Ghost Story Craig BaldingA Cloud Security Ghost Story Craig Balding
A Cloud Security Ghost Story Craig Balding
 
Cloud Spotting 2017: An overview of cloud computing
Cloud Spotting 2017: An overview of cloud computingCloud Spotting 2017: An overview of cloud computing
Cloud Spotting 2017: An overview of cloud computing
 
Zubair
ZubairZubair
Zubair
 
Cloud and its job oppertunities
Cloud and its job oppertunitiesCloud and its job oppertunities
Cloud and its job oppertunities
 
Building A Cloud Security Strategy for Scale
Building A Cloud Security Strategy for ScaleBuilding A Cloud Security Strategy for Scale
Building A Cloud Security Strategy for Scale
 
Get Your Head in the Cloud: A Practical Model for Enterprise Cloud Security
Get Your Head in the Cloud: A Practical Model for Enterprise Cloud SecurityGet Your Head in the Cloud: A Practical Model for Enterprise Cloud Security
Get Your Head in the Cloud: A Practical Model for Enterprise Cloud Security
 
CloudCamp London 3 - 451 Group - William Fellows
CloudCamp London 3 - 451 Group - William FellowsCloudCamp London 3 - 451 Group - William Fellows
CloudCamp London 3 - 451 Group - William Fellows
 
Cyberoam-Techsheet
Cyberoam-TechsheetCyberoam-Techsheet
Cyberoam-Techsheet
 
Issues in cloud computing
Issues in cloud computingIssues in cloud computing
Issues in cloud computing
 
Good-cyber-hygiene-at-scale-and-speed
Good-cyber-hygiene-at-scale-and-speedGood-cyber-hygiene-at-scale-and-speed
Good-cyber-hygiene-at-scale-and-speed
 
AWS Cloud Security From the Point of View of the Compliance
AWS Cloud Security From the Point of View of the ComplianceAWS Cloud Security From the Point of View of the Compliance
AWS Cloud Security From the Point of View of the Compliance
 
Implementing Private Clouds
Implementing Private CloudsImplementing Private Clouds
Implementing Private Clouds
 
Cloud computing & aws concepts
Cloud computing & aws conceptsCloud computing & aws concepts
Cloud computing & aws concepts
 

More from Vitor Domingos

Methods Digital Away Day at Guildford - Cloud Computing
Methods Digital Away Day at Guildford - Cloud ComputingMethods Digital Away Day at Guildford - Cloud Computing
Methods Digital Away Day at Guildford - Cloud ComputingVitor Domingos
 
Harvardmd comunication
Harvardmd comunicationHarvardmd comunication
Harvardmd comunicationVitor Domingos
 
Failure the mother of all success
Failure the mother of all successFailure the mother of all success
Failure the mother of all success
Vitor Domingos
 
How to crunch data into beautiful graphics
How to crunch data into beautiful graphicsHow to crunch data into beautiful graphics
How to crunch data into beautiful graphics
Vitor Domingos
 
Social Network Panorama
Social Network PanoramaSocial Network Panorama
Social Network Panorama
Vitor Domingos
 
PT Google Technical User Group - Google TV
PT Google Technical User Group - Google TVPT Google Technical User Group - Google TV
PT Google Technical User Group - Google TV
Vitor Domingos
 
Security is sexy again
Security is sexy againSecurity is sexy again
Security is sexy again
Vitor Domingos
 
Confraria Security & IT - Mobile Security
Confraria Security & IT - Mobile SecurityConfraria Security & IT - Mobile Security
Confraria Security & IT - Mobile Security
Vitor Domingos
 
Open Data
Open DataOpen Data
Open Data
Vitor Domingos
 
Security As A Service
Security As A ServiceSecurity As A Service
Security As A Service
Vitor Domingos
 
handivi presentation
handivi presentationhandivi presentation
handivi presentation
Vitor Domingos
 
Products, Services or Platforms
Products, Services or PlatformsProducts, Services or Platforms
Products, Services or Platforms
Vitor Domingos
 
AWS ground zero; EC2 & S3 hands-on
AWS ground zero; EC2 & S3 hands-onAWS ground zero; EC2 & S3 hands-on
AWS ground zero; EC2 & S3 hands-on
Vitor Domingos
 

More from Vitor Domingos (15)

Methods Digital Away Day at Guildford - Cloud Computing
Methods Digital Away Day at Guildford - Cloud ComputingMethods Digital Away Day at Guildford - Cloud Computing
Methods Digital Away Day at Guildford - Cloud Computing
 
My experience
My experienceMy experience
My experience
 
Catolica EBP - Talk
Catolica EBP - TalkCatolica EBP - Talk
Catolica EBP - Talk
 
Harvardmd comunication
Harvardmd comunicationHarvardmd comunication
Harvardmd comunication
 
Failure the mother of all success
Failure the mother of all successFailure the mother of all success
Failure the mother of all success
 
How to crunch data into beautiful graphics
How to crunch data into beautiful graphicsHow to crunch data into beautiful graphics
How to crunch data into beautiful graphics
 
Social Network Panorama
Social Network PanoramaSocial Network Panorama
Social Network Panorama
 
PT Google Technical User Group - Google TV
PT Google Technical User Group - Google TVPT Google Technical User Group - Google TV
PT Google Technical User Group - Google TV
 
Security is sexy again
Security is sexy againSecurity is sexy again
Security is sexy again
 
Confraria Security & IT - Mobile Security
Confraria Security & IT - Mobile SecurityConfraria Security & IT - Mobile Security
Confraria Security & IT - Mobile Security
 
Open Data
Open DataOpen Data
Open Data
 
Security As A Service
Security As A ServiceSecurity As A Service
Security As A Service
 
handivi presentation
handivi presentationhandivi presentation
handivi presentation
 
Products, Services or Platforms
Products, Services or PlatformsProducts, Services or Platforms
Products, Services or Platforms
 
AWS ground zero; EC2 & S3 hands-on
AWS ground zero; EC2 & S3 hands-onAWS ground zero; EC2 & S3 hands-on
AWS ground zero; EC2 & S3 hands-on
 

Recently uploaded

DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
Thijs Feryn
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
OnBoard
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
RinaMondal9
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Nexer Digital
 
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfSAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
Peter Spielvogel
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
Product School
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Product School
 
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
UiPathCommunity
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
Cheryl Hung
 
Assure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyesAssure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
nkrafacyberclub
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
Alison B. Lowndes
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 

Recently uploaded (20)

DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
 
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfSAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 
Assure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyesAssure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyes
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 

Confraria Security 17 June - Cloud Security

  • 1. Cloud Computing Security by Vitor Domingos intrepid and professional basher http://vitordomingos.com
  • 2. * as seen on regular weather channel
  • 3.
  • 4.
  • 5. Cloud Computing is ? - Network as a “cloud” - Network is the computer (SUN moto) - TCP/IP abstraction (1st cloud) - www data abstraction (2nd cloud) - Virtualization (3rd cloud) Bottom line: - Virtualization done right, with webservices
  • 6. Cloud Computing is ! - on-demand self-service - ubiquitous network access - location independent resource pooling - rapid elasticity - measured service - pay as you go - abstract resources
  • 7. CCaaS - Software as a Service - SalesForce - Platform as a Service - Google App Engine - Microsoft Azure - Infrastructure as a Service - Rackspace Mosso - Amazon Web Services
  • 8. Cloud Computing leverages - Virtualization - Multi-Tenancy - Massive Scale - Autonomic Computing - Distributed Environment - Security Technologies - Service Oriented
  • 10. Only the paranoid survive! - Key issues trust, trust, multi-tenancy, trust, encryption, compliance - Massive complex systems running on functional units - Certification & Audit - Loss of physical control - Interoperability - Accountability
  • 11. please, keep in mind that - Shared hell: - Hardware - Memory - Disks - NIC's (Virtual) - Cache Snooping - Hypervisor Attacks - Persistent Root Kits - Password Cracking - Broken or stolen key rings / authorization federation - Never ending logs
  • 12.
  • 13. Great things do come - Provisioning - Rapid reconstitution of services - Storage fragmented - Security layers (auth, firewall, logging, …) - Network and Security perimeters - Virtual Zoning - Fault tolerance
  • 14. Challenges - Data dispersal and international privacy laws - Isolation management & Multi-Tenancy - Certification (SAS 70 Type II audits and ISO 27001) - Data ownership - QoS & SLA's garantees - Secure Hypervisors
  • 15. Challenges - Massive outages - Service bottle necks; DNS as your best friend - Encryption needs cloud resources, applications, storage, services - Disaster recovery and contingency plans - If you have it on Auto mode, you won't see it coming - Honey for hackers
  • 16.
  • 17. ToDo - Network with VPN and VLAN's - SLA's; read the fine prints - Backup and recover often; Risk assessment - Log (out of there) as if the world ended tomorrow - Plan for failure - YOU secure!!! - Sandbox, Sandbox, Sandbox
  • 18. You're not alone - Security Groups IBM; SUN; Amazon; ISV - Cloud Security Alliance (awesome guide!!) - OpenCloud Manifesto & Amazon Security Paper - Cloud Computing ML at Google Groups - Legal Cloud's - Vivek Kundra, USA CTO, did it, so as Facebook, New York Times and Nasdaq (on AWS)
  • 19.
  • 20. Wrap up - Plan - Encrypt - Backup - Secure - Audit - Sandbox (check my last year sapo codebits talk) - http://codebits.sapo.pt/files/aws_23.pdf - Trust
  • 21. mail: vd@prt.sc ? site: http://vitordomingos.com