Downloaded 15 times
Uploaded byMajor Hayden
ISACA Cloud Security Presentation 2013-09-24
Major Hayden is a chief security architect at Rackspace who has over 5 years of experience in cloud operations. In his presentation, he discusses cloud hosting and the shift from managing computers to utilizing computing resources. He outlines the different types of cloud deployments including public, private, and hybrid clouds. Hayden also addresses common security questions about selecting cloud providers, contractual agreements, risks of company-owned servers, public cloud networking risks, and securely storing data in the cloud.
More Related Content
![[Cisco Connect 2018 - Vietnam] Anh duc le building a secure data center](https://cdn.slidesharecdn.com/ss_thumbnails/anhduclebuildingasecuredatacenter-180504035351-thumbnail.jpg?width=640&height=640&fit=bounds)
Similar to ISACA Cloud Security Presentation 2013-09-24
![[BDD 2025 - Full-Stack Development] The Modern Stack: Building Web & AI Appli...](https://cdn.slidesharecdn.com/ss_thumbnails/fs-themodernstackbuildingwebaiapplicationswithserverless-251124030844-388cf04f-thumbnail.jpg?width=640&height=640&fit=bounds)
![[BDD 2025 - Full-Stack Development] Agentic AI Architecture: Redefining Syste...](https://cdn.slidesharecdn.com/ss_thumbnails/fs-agenticaiarchitectureredefiningsystemcommunication-251124030838-e6c70cc2-thumbnail.jpg?width=640&height=640&fit=bounds)
![[DevFest Strasbourg 2025] - NodeJs Can do that !!](https://cdn.slidesharecdn.com/ss_thumbnails/devfeststrasbourg2025-nodejscandothat-251127142731-da65b6fd-thumbnail.jpg?width=640&height=640&fit=bounds)
![[BDD 2025 - Full-Stack Development] PHP in AI Age: The Laravel Way. (Rizqy Hi...](https://cdn.slidesharecdn.com/ss_thumbnails/fs-phpinaiagethelaravelway-251125012602-ef9d330e-thumbnail.jpg?width=640&height=640&fit=bounds)
![Support, Monitoring, Continuous Improvement & Scaling Agentic Automation [3/3]](https://cdn.slidesharecdn.com/ss_thumbnails/agenticcommunityseries-day3-cfd-251120170304-ddef8112-thumbnail.jpg?width=640&height=640&fit=bounds)
![[BDD 2025 - Mobile Development] Crafting Immersive UI with E2E and AGSL Shade...](https://cdn.slidesharecdn.com/ss_thumbnails/md-craftingimmersiveuiwithe2eandagslshaderveronicaputrianggraini-251124030840-0c677f44-thumbnail.jpg?width=640&height=640&fit=bounds)
ISACA Cloud Security Presentation 2013-09-24
- 1. Cloud Security Major Hayden,Rackspace
- 2. Why are wehere today? Cloud Security // ISACA San Antonio 2013-09-24 2
- 3. Who am I? Chief Security Architect at Rackspace Red Hat Certified Architect and MySQL DBA Five years of cloud operations experience Integrated Slicehost with Rackspace Launched Rackspace’s Cloud Servers product based on Slicehost technology Launched Rackspace’s Open Cloud Servers powered by OpenStack Cloud Security // ISACA San Antonio 2013-09-24 3
- 4. Today’s big three 1.An understandable and repeatable definition of cloud really does exist (and I’ll help you learn it) 2. There are different cloud deployment strategies and you can secure each of them 3. Cloud hosting risks are very similar to the risks from other IT hosting methods Cloud Security // ISACA San Antonio 2013-09-24 4
- 5. What is cloudhosting? Cloud Security // ISACA San Antonio 2013-09-24 5
- 6. Cloud hosting isa shift from managing computers to utilizing computing resources Cloud Security // ISACA San Antonio 2013-09-24 6
- 7. Cloud Security //ISACA San Antonio 2013-09-24 7
- 8. Cloud Security //ISACA San Antonio 2013-09-24 8 Colocation Dedicated Managed Cloud
- 9. Cloud Security //ISACA San Antonio 2013-09-24 9 Colocation Dedicated Managed Cloud
- 10. Cloud Security //ISACA San Antonio 2013-09-24 10 Colocation Dedicated Managed Cloud
- 11. Cloud Security //ISACA San Antonio 2013-09-24 11 Colocation Dedicated Managed Cloud
- 12. Key points Resourcesare always available Pay for what you use Fewer fixed costs, more variable costs Maintain business focus Cloud Security // ISACA San Antonio 2013-09-24 12
- 13. Cloud hosting brings newchallenges Cloud Security // ISACA San Antonio 2013-09-24 13
- 14. Homes vs. Apartments CloudSecurity // ISACA San Antonio 2013-09-24 14 Flickr: atelier_tee Flickr: oldtasty
- 15. Key points Can’tchoose your neighbors Fluctuating performance Stay within the confines of the system Service providers can touch your data* Cloud Security // ISACA San Antonio 2013-09-24 15
- 16. Cattle vs. Pets (Creditgoes to Gavin McCance at CERN for this analogy) Cloud Security // ISACA San Antonio 2013-09-24 16
- 17. Key points Relyon automation Use configuration management Build in redundancy based on business needs Cloud Security // ISACA San Antonio 2013-09-24 17
- 18. Cloud types: Public, Private,and Hybrid Cloud Security // ISACA San Antonio 2013-09-24 18
- 19. Benefits Public: easilyexpandable and cheap Private: host with provider or host internally, fewer noisy neighbor issues, compliance is easier Hybrid: helpful for bridging into cloud, allows for the workloads to run where they run best Cloud Security // ISACA San Antonio 2013-09-24 19
- 20. Let’s go through yourquestions Cloud Security // ISACA San Antonio 2013-09-24 20
- 21. What due diligenceshould a company perform when selecting cloud services? Cloud Security // ISACA San Antonio 2013-09-24 21
- 22. Due diligence Easyanswer: Assess a cloud provider just as you would any other provider of IT services Look for business practice and security maturity Test the provider thoroughly ahead of time Monitor the provider’s actions closely around outages or when receiving support Cloud Security // ISACA San Antonio 2013-09-24 22
- 23. What are some goodcontractual agreement clauses? Cloud Security // ISACA San Antonio 2013-09-24 23
- 24. Contractual agreements Confidentialityand security requirements Encryption standards* Service description and SLA’s Indemnification Cloud Security // ISACA San Antonio 2013-09-24 24
- 25. What are therisks if the company owns the servers? Cloud Security // ISACA San Antonio 2013-09-24 25
- 26. Company-owned server risks Similar to self-hosted or vendor-hosted IT services on dedicated equipment IT staff that maintain the servers will have some level of access to virtual machine data Cloud Security // ISACA San Antonio 2013-09-24 26
- 27. Does the internet-facing natureof public cloud create additional risks? Cloud Security // ISACA San Antonio 2013-09-24 27
- 28. Public cloud networkingrisks About the same as internet-facing dedicated hardware Some public clouds may have hardware networking devices such as firewalls or load balancers Other providers might provide a shared firewall or load balancer environment to use Cloud Security // ISACA San Antonio 2013-09-24 28
- 29. How do Isecurely store data in cloud services? Cloud Security // ISACA San Antonio 2013-09-24 29
- 30. Storing data incloud Your data is never fully safe in any storage Understand your most probable threats first Make your data less useful to others Encryption with digital signatures Sharding Tokenization (can help with data transport laws) Hardware Security Module (HSM) Cloud Security // ISACA San Antonio 2013-09-24 30
- 31. Thanks for invitingme! Q&A? Cloud Security // ISACA San Antonio 2013-09-24 31 Have more questions later? major.hayden@rackspace.com http://major.io/
- 32. Cloud Security Major Hayden,Rackspace
Editor's Notes
- #3 What is cloud hosting?What changes does it bring?How can you host applications in cloud safely?
- #8 Evolution of water utilities is similar to the evolution of cloud
- #9 Assemble your own buckets, maintain themSpend time dragging buckets to the river and backAdding water-carrying capacity is hard workAll costs fixed
- #10 Rent buckets, no maintenanceStill spend time dragging buckets to the river and backAdding water-carrying capacity is slightly less difficultAlmost all costs fixed
- #11 Rent buckets, no maintenanceSomeone else hauls your buckets to the river and back for youAdding water-carrying capacity depends on bucket vendor’s capacityAlmost all costs variable
- #12 No more buckets neededWater is transported to a place very close to your homeAdding capacity is quick – just pull more waterAll costs variable