SlideShare a Scribd company logo

Staying Secure When Moving to the Cloud - Dave Millier

TriNimbus
TriNimbus

Presentation from Toronto's 2016 Canadian Executive Cloud & DevOps Summit on Friday, November 4th. Speaker: Dave Millier, Chief Executive Officer, Uzado, Inc. Title: Rogue Development: Staying Secure When Moving to the Cloud

Technology
1 of 23
Download to read offline
DON’T LOSE SIGHT! STAYING SECURE WHEN MOVING TO THE CLOUD DAVE MILLIER, CEO UZADO, CSO QUICK INTELLIGENCE, CEO MIDAC SOLUTIONS AUTHOR OF THE SECURITY NOVEL, “BREACHED!”
AGENDA FOR TODAY • Quick intro to Dave • Security Challenges Moving to the Cloud • Visibility Today • Maintaining Visibility In The Cloud • Cloud Security Alliance Cloud Controls Matrix • Call to Action (yes, this means you!)
• Serial Entrepreneur, bought and sold 10+ companies over past 20 years • Currently owns 3 IT-related Companies: MIDAC, Qi, Uzado • Sold InfoSec company in 2014 to Robert Herjavec from Shark Tank • Involved in Networking & InfoSec/Cybersecurity for about 25 years • Loves tech! • Loves dirt biking, owns a dirt bike and ATV training school! ABOUT DAVE
• A lot of people simply don’t understand what the cloud is (or isn’t!) • More companies moving more services to the cloud every day • Migration isn’t always done in a coordinated, well thought-out fashion • Cloud is supposed to streamline things, but getting there isn’t always painless SOME OF THE BIGGEST CHALLENGES
WHAT ARE THE SECURITY CONSIDERATIONS? • Managing users access, permissions • Protecting our data at rest • Ensuring secure access to data (the right people at the right time) • Knowing who is accessing what when • Understanding where our data will reside (data residency issues)
VISIBILITY!!! WHAT’S THE CORE FOR MANY OF THESE ITEMS?
“You can’t manage what you can’t measure.” - Peter Drucker, known as the Founder of Modern Management
VISIBILITY TODAY • Logs from our servers, network devices, security devices • Logs from our authentication devices / vpn devices • Real-time network monitoring from security tools on the wire • Logs from our applications • Vulnerability scan results from our assets
• Lack of visibility into what’s happening (can’t always get logs) • Lack of control over users (corporate accounts and permissions don’t usually carry over) • Lack of understanding of what data is being stored where • Data Residency WHAT DO WE LOSE?
HERE’S ONE SOLUTION – BLOCK ACCESS
HOSTING PROVIDER VISIBILITY • AWS and other providers give you access to a wealth of security and operational information (AWS CloudTrail for example) • Incorporate the information into your existing data sources • Redesign your incident response process to use these data sources as part of an investigation • Figure out what information you have access to now, and map that to “new” source(s) of information provided by the cloud provider • Make them part of your incident response process!!!
SECURITY TOOLS VISIBILITY • Virtual appliances (firewalls, IPS, WAF, etc.) - located elsewhere but use the information they provide as you would if it was local • If security is outsourced to hosting provider or to another 3rd party, ensure they have comparable visibility into your new environment as they had before • Providers like CloudCheckr have automated and streamlined the visibility into AWS, leverage the heck out of them!
USER VISIBILITY • Leverage federated identity management solutions where possible. Less accounts for users, easier to migrate to cloud (assuming provider supports) • Make sure that you maintain visibility into encrypted sessions (who’s logging in from where when, what did they do?) • Determine current levels of user behaviour visibility and try to maintain that level of detail when you move the user workloads to the cloud
SERVER AND APPLICATION VISIBILITY • Hosted servers still generate logs, collect them if at all possible • Determine what you’re logging on local servers and configure hosted servers the same • Make sure your web apps have proper logging! • Applications need to have proper auditing built in; even if you don’t see the user activity you can recreate sessions with proper app logging • Logging invalid activity just as important (don’t just log what was successful, log what failed!)
CLOUD SECURITY ALLIANCE • Cloud Controls Matrix • Control framework based on 13 security and operational domains • Foundation is mapped to industry recognized standards and frameworks such as COBIT, ISO 27001/27002, PCI, NIST, NERC CIP, PIPEDA, HIPAA • Tailors Information Security practices to the cloud • Helps companies evaluate cloud vendor security • Helps companies make decisions on their own cloud security requirements
USING THE CSA MATRIX • Use the matrix to do a self-assessment against your organization, identifying areas of criticality • Use the matrix to perform an evaluation against a potential cloud vendor • Compare results from cloud vendors against your areas of concern/focus • Use gap analysis results to make educated informed decisions. • May address findings by augmenting YOUR security, may choose a different provider, may work with provider to identify potential shortcomings
DEFENSE IN DEPTH • Don’t rely on a single security solution to protect your cloud deployment • Many virtual firewalls/security devices have A/V and anti-malware scanners built into them, use them! Along with host-based protection you now have multiple controls in place complementing each other, so that even if one of them fails another one can compensate • Each layer of defense should support each other and provide an additional level of protection (“Defense in Depth”)
WHAT DO YOU NEED TO DO NEXT? • Go back to your office and ask questions • What type of visibility do we have into our systems, our user activity, our security devices, and our applications today? (same question whether locally hosted or already in the cloud) • Have we used the CSA Cloud Controls Matrix to evaluate our vendors/partners? • How do we ensure we keep the same level of visibility we have today in the cloud? • How well do we understand our data, where it resides and what we are doing to protect it? • There are a lot more questions that could be asked, but hopefully this helps get you started!
FINAL THOUGHT Secure it before you regret it!
Questions? Dave Millier www.davemillier.com dmillier@Uzado.com

Recommended

The New Normal - Eric Gales, AWS Canada
The New Normal - Eric Gales, AWS CanadaThe New Normal - Eric Gales, AWS Canada
The New Normal - Eric Gales, AWS Canada
TriNimbus
 
Eric_Gales_Amazon_June_9_2017_presentation
Eric_Gales_Amazon_June_9_2017_presentationEric_Gales_Amazon_June_9_2017_presentation
Eric_Gales_Amazon_June_9_2017_presentation
TriNimbus
 
Virtual Desktops on AWS by Mike Burke, Farm Credit Canada
Virtual Desktops on AWS by Mike Burke, Farm Credit CanadaVirtual Desktops on AWS by Mike Burke, Farm Credit Canada
Virtual Desktops on AWS by Mike Burke, Farm Credit Canada
TriNimbus
 
Justin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentation
Justin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentationJustin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentation
Justin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentation
TriNimbus
 
Dan Crawford - Canadian Executive Cloud & DevOps Summit Presentation
Dan Crawford - Canadian Executive Cloud & DevOps Summit PresentationDan Crawford - Canadian Executive Cloud & DevOps Summit Presentation
Dan Crawford - Canadian Executive Cloud & DevOps Summit Presentation
TriNimbus
 
Darin Briskman_Amazon_June_9_2017_Presentation
Darin Briskman_Amazon_June_9_2017_PresentationDarin Briskman_Amazon_June_9_2017_Presentation
Darin Briskman_Amazon_June_9_2017_Presentation
TriNimbus
 
Agility and Control from AWS [FutureStack16]
Agility and Control from AWS [FutureStack16]Agility and Control from AWS [FutureStack16]
Agility and Control from AWS [FutureStack16]
New Relic
 
Smaller is Better - Exploiting Microservice Architectures on AWS - Technical 201
Smaller is Better - Exploiting Microservice Architectures on AWS - Technical 201Smaller is Better - Exploiting Microservice Architectures on AWS - Technical 201
Smaller is Better - Exploiting Microservice Architectures on AWS - Technical 201
Amazon Web Services
 

Recommended

The New Normal - Eric Gales, AWS Canada
The New Normal - Eric Gales, AWS CanadaThe New Normal - Eric Gales, AWS Canada
The New Normal - Eric Gales, AWS Canada
TriNimbus
 
Eric_Gales_Amazon_June_9_2017_presentation
Eric_Gales_Amazon_June_9_2017_presentationEric_Gales_Amazon_June_9_2017_presentation
Eric_Gales_Amazon_June_9_2017_presentation
TriNimbus
 
Virtual Desktops on AWS by Mike Burke, Farm Credit Canada
Virtual Desktops on AWS by Mike Burke, Farm Credit CanadaVirtual Desktops on AWS by Mike Burke, Farm Credit Canada
Virtual Desktops on AWS by Mike Burke, Farm Credit Canada
TriNimbus
 
Justin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentation
Justin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentationJustin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentation
Justin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentation
TriNimbus
 
Dan Crawford - Canadian Executive Cloud & DevOps Summit Presentation
Dan Crawford - Canadian Executive Cloud & DevOps Summit PresentationDan Crawford - Canadian Executive Cloud & DevOps Summit Presentation
Dan Crawford - Canadian Executive Cloud & DevOps Summit Presentation
TriNimbus
 
Darin Briskman_Amazon_June_9_2017_Presentation
Darin Briskman_Amazon_June_9_2017_PresentationDarin Briskman_Amazon_June_9_2017_Presentation
Darin Briskman_Amazon_June_9_2017_Presentation
TriNimbus
 
Agility and Control from AWS [FutureStack16]
Agility and Control from AWS [FutureStack16]Agility and Control from AWS [FutureStack16]
Agility and Control from AWS [FutureStack16]
New Relic
 
Smaller is Better - Exploiting Microservice Architectures on AWS - Technical 201
Smaller is Better - Exploiting Microservice Architectures on AWS - Technical 201Smaller is Better - Exploiting Microservice Architectures on AWS - Technical 201
Smaller is Better - Exploiting Microservice Architectures on AWS - Technical 201
Amazon Web Services
 
DevOps and Cloud Tips and Techniques to Revolutionize Your SDLC
DevOps and Cloud Tips and Techniques to Revolutionize Your SDLCDevOps and Cloud Tips and Techniques to Revolutionize Your SDLC
DevOps and Cloud Tips and Techniques to Revolutionize Your SDLC
CA Technologies
 
Security at the Speed of Software Development
Security at the Speed of Software DevelopmentSecurity at the Speed of Software Development
Security at the Speed of Software Development
DevOps.com
 
Delivering DevOps on AWS: Accelerating Software Delivery with AWS Developer T...
Delivering DevOps on AWS: Accelerating Software Delivery with AWS Developer T...Delivering DevOps on AWS: Accelerating Software Delivery with AWS Developer T...
Delivering DevOps on AWS: Accelerating Software Delivery with AWS Developer T...
Amazon Web Services
 
AWS re:Invent 2016: Leverage the Power of the Crowd To Work with Amazon Mecha...
AWS re:Invent 2016: Leverage the Power of the Crowd To Work with Amazon Mecha...AWS re:Invent 2016: Leverage the Power of the Crowd To Work with Amazon Mecha...
AWS re:Invent 2016: Leverage the Power of the Crowd To Work with Amazon Mecha...
Amazon Web Services
 
Patterns of Cloud Native Architecture
Patterns of Cloud Native ArchitecturePatterns of Cloud Native Architecture
Patterns of Cloud Native Architecture
Andrew Shafer
 
DevOps in the Cloud with Microsoft Azure
DevOps in the Cloud with Microsoft AzureDevOps in the Cloud with Microsoft Azure
DevOps in the Cloud with Microsoft Azure
gjuljo
 
ITLCHN 18 - Automation & DevOps - Automic
ITLCHN 18 - Automation & DevOps - AutomicITLCHN 18 - Automation & DevOps - Automic
ITLCHN 18 - Automation & DevOps - Automic
IT Expert Club
 
Visibility and Control in the Cloud: How to Get your Boss Comfortable with AW...
Visibility and Control in the Cloud: How to Get your Boss Comfortable with AW...Visibility and Control in the Cloud: How to Get your Boss Comfortable with AW...
Visibility and Control in the Cloud: How to Get your Boss Comfortable with AW...
Amazon Web Services
 
Azure Security Center
Azure Security CenterAzure Security Center
Azure Security Center
Udaiappa Ramachandran
 
Enforcing Your Security Policy at Scale - Technical 301
Enforcing Your Security Policy at Scale - Technical 301Enforcing Your Security Policy at Scale - Technical 301
Enforcing Your Security Policy at Scale - Technical 301
Amazon Web Services
 
devops, microservices, and platforms, oh my!
devops, microservices, and platforms, oh my!devops, microservices, and platforms, oh my!
devops, microservices, and platforms, oh my!
Andrew Shafer
 
Implementing DevSecOps
Implementing DevSecOpsImplementing DevSecOps
Implementing DevSecOps
Amazon Web Services
 
DevOps in the Cloud
DevOps in the CloudDevOps in the Cloud
DevOps in the Cloud
Eran Stiller
 
DevOps at Scale: How Datadog is using AWS and PagerDuty to Keep Pace with Gr...
DevOps at Scale: How Datadog is using AWS and PagerDuty to Keep Pace with Gr...DevOps at Scale: How Datadog is using AWS and PagerDuty to Keep Pace with Gr...
DevOps at Scale: How Datadog is using AWS and PagerDuty to Keep Pace with Gr...
Amazon Web Services
 
Microsoft Azure Cloud and DevOps
Microsoft Azure Cloud and DevOpsMicrosoft Azure Cloud and DevOps
Microsoft Azure Cloud and DevOps
Ravikanth Chaganti
 
Devops the Microsoft Way
Devops the Microsoft WayDevops the Microsoft Way
Devops the Microsoft Way
Patrick Chanezon
 
Your Journey to Cloud-Native Begins with DevOps, Microservices, and Containers
Your Journey to Cloud-Native Begins with DevOps, Microservices, and ContainersYour Journey to Cloud-Native Begins with DevOps, Microservices, and Containers
Your Journey to Cloud-Native Begins with DevOps, Microservices, and Containers
Atlassian
 
The eBay Architecture: Striking a Balance between Site Stability, Feature Ve...
The eBay Architecture: Striking a Balance between Site Stability, Feature Ve...The eBay Architecture: Striking a Balance between Site Stability, Feature Ve...
The eBay Architecture: Striking a Balance between Site Stability, Feature Ve...
Randy Shoup
 
Why AvePoint chose Azure for its Office 365 solutions
Why AvePoint chose Azure for its Office 365 solutionsWhy AvePoint chose Azure for its Office 365 solutions
Why AvePoint chose Azure for its Office 365 solutions
nj-azure
 
Resilience and Security @ Scale: Lessons Learned
Resilience and Security @ Scale: Lessons LearnedResilience and Security @ Scale: Lessons Learned
Resilience and Security @ Scale: Lessons Learned
Jason Chan
 
Journey Through The Cloud - Security Best Practices
Journey Through The Cloud - Security Best Practices Journey Through The Cloud - Security Best Practices
Journey Through The Cloud - Security Best Practices
Amazon Web Services
 
Security in cloud computing
Security in cloud computingSecurity in cloud computing
Security in cloud computing
veena venugopal
 

More Related Content

What's hot

DevOps and Cloud Tips and Techniques to Revolutionize Your SDLC
DevOps and Cloud Tips and Techniques to Revolutionize Your SDLCDevOps and Cloud Tips and Techniques to Revolutionize Your SDLC
DevOps and Cloud Tips and Techniques to Revolutionize Your SDLC
CA Technologies
 
Security at the Speed of Software Development
Security at the Speed of Software DevelopmentSecurity at the Speed of Software Development
Security at the Speed of Software Development
DevOps.com
 
Delivering DevOps on AWS: Accelerating Software Delivery with AWS Developer T...
Delivering DevOps on AWS: Accelerating Software Delivery with AWS Developer T...Delivering DevOps on AWS: Accelerating Software Delivery with AWS Developer T...
Delivering DevOps on AWS: Accelerating Software Delivery with AWS Developer T...
Amazon Web Services
 
AWS re:Invent 2016: Leverage the Power of the Crowd To Work with Amazon Mecha...
AWS re:Invent 2016: Leverage the Power of the Crowd To Work with Amazon Mecha...AWS re:Invent 2016: Leverage the Power of the Crowd To Work with Amazon Mecha...
AWS re:Invent 2016: Leverage the Power of the Crowd To Work with Amazon Mecha...
Amazon Web Services
 
Patterns of Cloud Native Architecture
Patterns of Cloud Native ArchitecturePatterns of Cloud Native Architecture
Patterns of Cloud Native Architecture
Andrew Shafer
 
DevOps in the Cloud with Microsoft Azure
DevOps in the Cloud with Microsoft AzureDevOps in the Cloud with Microsoft Azure
DevOps in the Cloud with Microsoft Azure
gjuljo
 
ITLCHN 18 - Automation & DevOps - Automic
ITLCHN 18 - Automation & DevOps - AutomicITLCHN 18 - Automation & DevOps - Automic
ITLCHN 18 - Automation & DevOps - Automic
IT Expert Club
 
Visibility and Control in the Cloud: How to Get your Boss Comfortable with AW...
Visibility and Control in the Cloud: How to Get your Boss Comfortable with AW...Visibility and Control in the Cloud: How to Get your Boss Comfortable with AW...
Visibility and Control in the Cloud: How to Get your Boss Comfortable with AW...
Amazon Web Services
 
Azure Security Center
Azure Security CenterAzure Security Center
Azure Security Center
Udaiappa Ramachandran
 
Enforcing Your Security Policy at Scale - Technical 301
Enforcing Your Security Policy at Scale - Technical 301Enforcing Your Security Policy at Scale - Technical 301
Enforcing Your Security Policy at Scale - Technical 301
Amazon Web Services
 
devops, microservices, and platforms, oh my!
devops, microservices, and platforms, oh my!devops, microservices, and platforms, oh my!
devops, microservices, and platforms, oh my!
Andrew Shafer
 
Implementing DevSecOps
Implementing DevSecOpsImplementing DevSecOps
Implementing DevSecOps
Amazon Web Services
 
DevOps in the Cloud
DevOps in the CloudDevOps in the Cloud
DevOps in the Cloud
Eran Stiller
 
DevOps at Scale: How Datadog is using AWS and PagerDuty to Keep Pace with Gr...
DevOps at Scale: How Datadog is using AWS and PagerDuty to Keep Pace with Gr...DevOps at Scale: How Datadog is using AWS and PagerDuty to Keep Pace with Gr...
DevOps at Scale: How Datadog is using AWS and PagerDuty to Keep Pace with Gr...
Amazon Web Services
 
Microsoft Azure Cloud and DevOps
Microsoft Azure Cloud and DevOpsMicrosoft Azure Cloud and DevOps
Microsoft Azure Cloud and DevOps
Ravikanth Chaganti
 
Devops the Microsoft Way
Devops the Microsoft WayDevops the Microsoft Way
Devops the Microsoft Way
Patrick Chanezon
 
Your Journey to Cloud-Native Begins with DevOps, Microservices, and Containers
Your Journey to Cloud-Native Begins with DevOps, Microservices, and ContainersYour Journey to Cloud-Native Begins with DevOps, Microservices, and Containers
Your Journey to Cloud-Native Begins with DevOps, Microservices, and Containers
Atlassian
 
The eBay Architecture: Striking a Balance between Site Stability, Feature Ve...
The eBay Architecture: Striking a Balance between Site Stability, Feature Ve...The eBay Architecture: Striking a Balance between Site Stability, Feature Ve...
The eBay Architecture: Striking a Balance between Site Stability, Feature Ve...
Randy Shoup
 
Why AvePoint chose Azure for its Office 365 solutions
Why AvePoint chose Azure for its Office 365 solutionsWhy AvePoint chose Azure for its Office 365 solutions
Why AvePoint chose Azure for its Office 365 solutions
nj-azure
 
Resilience and Security @ Scale: Lessons Learned
Resilience and Security @ Scale: Lessons LearnedResilience and Security @ Scale: Lessons Learned
Resilience and Security @ Scale: Lessons Learned
Jason Chan
 

What's hot (20)

DevOps and Cloud Tips and Techniques to Revolutionize Your SDLC
DevOps and Cloud Tips and Techniques to Revolutionize Your SDLCDevOps and Cloud Tips and Techniques to Revolutionize Your SDLC
DevOps and Cloud Tips and Techniques to Revolutionize Your SDLC
 
Security at the Speed of Software Development
Security at the Speed of Software DevelopmentSecurity at the Speed of Software Development
Security at the Speed of Software Development
 
Delivering DevOps on AWS: Accelerating Software Delivery with AWS Developer T...
Delivering DevOps on AWS: Accelerating Software Delivery with AWS Developer T...Delivering DevOps on AWS: Accelerating Software Delivery with AWS Developer T...
Delivering DevOps on AWS: Accelerating Software Delivery with AWS Developer T...
 
AWS re:Invent 2016: Leverage the Power of the Crowd To Work with Amazon Mecha...
AWS re:Invent 2016: Leverage the Power of the Crowd To Work with Amazon Mecha...AWS re:Invent 2016: Leverage the Power of the Crowd To Work with Amazon Mecha...
AWS re:Invent 2016: Leverage the Power of the Crowd To Work with Amazon Mecha...
 
Patterns of Cloud Native Architecture
Patterns of Cloud Native ArchitecturePatterns of Cloud Native Architecture
Patterns of Cloud Native Architecture
 
DevOps in the Cloud with Microsoft Azure
DevOps in the Cloud with Microsoft AzureDevOps in the Cloud with Microsoft Azure
DevOps in the Cloud with Microsoft Azure
 
ITLCHN 18 - Automation & DevOps - Automic
ITLCHN 18 - Automation & DevOps - AutomicITLCHN 18 - Automation & DevOps - Automic
ITLCHN 18 - Automation & DevOps - Automic
 
Visibility and Control in the Cloud: How to Get your Boss Comfortable with AW...
Visibility and Control in the Cloud: How to Get your Boss Comfortable with AW...Visibility and Control in the Cloud: How to Get your Boss Comfortable with AW...
Visibility and Control in the Cloud: How to Get your Boss Comfortable with AW...
 
Azure Security Center
Azure Security CenterAzure Security Center
Azure Security Center
 
Enforcing Your Security Policy at Scale - Technical 301
Enforcing Your Security Policy at Scale - Technical 301Enforcing Your Security Policy at Scale - Technical 301
Enforcing Your Security Policy at Scale - Technical 301
 
devops, microservices, and platforms, oh my!
devops, microservices, and platforms, oh my!devops, microservices, and platforms, oh my!
devops, microservices, and platforms, oh my!
 
Implementing DevSecOps
Implementing DevSecOpsImplementing DevSecOps
Implementing DevSecOps
 
DevOps in the Cloud
DevOps in the CloudDevOps in the Cloud
DevOps in the Cloud
 
DevOps at Scale: How Datadog is using AWS and PagerDuty to Keep Pace with Gr...
DevOps at Scale: How Datadog is using AWS and PagerDuty to Keep Pace with Gr...DevOps at Scale: How Datadog is using AWS and PagerDuty to Keep Pace with Gr...
DevOps at Scale: How Datadog is using AWS and PagerDuty to Keep Pace with Gr...
 
Microsoft Azure Cloud and DevOps
Microsoft Azure Cloud and DevOpsMicrosoft Azure Cloud and DevOps
Microsoft Azure Cloud and DevOps
 
Devops the Microsoft Way
Devops the Microsoft WayDevops the Microsoft Way
Devops the Microsoft Way
 
Your Journey to Cloud-Native Begins with DevOps, Microservices, and Containers
Your Journey to Cloud-Native Begins with DevOps, Microservices, and ContainersYour Journey to Cloud-Native Begins with DevOps, Microservices, and Containers
Your Journey to Cloud-Native Begins with DevOps, Microservices, and Containers
 
The eBay Architecture: Striking a Balance between Site Stability, Feature Ve...
The eBay Architecture: Striking a Balance between Site Stability, Feature Ve...The eBay Architecture: Striking a Balance between Site Stability, Feature Ve...
The eBay Architecture: Striking a Balance between Site Stability, Feature Ve...
 
Why AvePoint chose Azure for its Office 365 solutions
Why AvePoint chose Azure for its Office 365 solutionsWhy AvePoint chose Azure for its Office 365 solutions
Why AvePoint chose Azure for its Office 365 solutions
 
Resilience and Security @ Scale: Lessons Learned
Resilience and Security @ Scale: Lessons LearnedResilience and Security @ Scale: Lessons Learned
Resilience and Security @ Scale: Lessons Learned
 

Viewers also liked

Journey Through The Cloud - Security Best Practices
Journey Through The Cloud - Security Best Practices Journey Through The Cloud - Security Best Practices
Journey Through The Cloud - Security Best Practices
Amazon Web Services
 
Security in cloud computing
Security in cloud computingSecurity in cloud computing
Security in cloud computing
veena venugopal
 
Choosing the Right Clouds for your Business
Choosing the Right Clouds for your BusinessChoosing the Right Clouds for your Business
Choosing the Right Clouds for your Business
Mike Kavis
 
Distinguishing, Evaluating, and Selecting Cloud Service Providers
Distinguishing, Evaluating, and Selecting Cloud Service ProvidersDistinguishing, Evaluating, and Selecting Cloud Service Providers
Distinguishing, Evaluating, and Selecting Cloud Service Providers
GartnerJessica
 
Introduction to Cloud Security
Introduction to Cloud SecurityIntroduction to Cloud Security
Introduction to Cloud Security
Legal Services National Technology Assistance Project (LSNTAP)
 
5 Points to Consider - Enterprise Road Map to AWS Cloud
5 Points to Consider - Enterprise Road Map to AWS Cloud5 Points to Consider - Enterprise Road Map to AWS Cloud
5 Points to Consider - Enterprise Road Map to AWS Cloud
Blazeclan Technologies Private Limited
 
Cloud security
Cloud security Cloud security
Cloud security
Mohamed Shalash
 
Security & Compliance in AWS
Security & Compliance in AWSSecurity & Compliance in AWS
Security & Compliance in AWS
Amazon Web Services
 
The New Economics of Cloud Security
The New Economics of Cloud SecurityThe New Economics of Cloud Security
The New Economics of Cloud Security
Alert Logic
 
AWS Security Best Practices and Design Patterns
AWS Security Best Practices and Design PatternsAWS Security Best Practices and Design Patterns
AWS Security Best Practices and Design Patterns
Amazon Web Services
 
Introduction to cloud computing
Introduction to cloud computingIntroduction to cloud computing
Introduction to cloud computing
Vipin Batra
 
Security Best Practices on AWS
Security Best Practices on AWSSecurity Best Practices on AWS
Security Best Practices on AWS
Amazon Web Services
 
Defining Your Cloud Strategy
Defining Your Cloud StrategyDefining Your Cloud Strategy
Defining Your Cloud Strategy
Amazon Web Services
 
Security and Compliance in the Cloud
Security and Compliance in the Cloud Security and Compliance in the Cloud
Security and Compliance in the Cloud
Amazon Web Services
 
Cloud Computing Security Issues
Cloud Computing Security Issues Cloud Computing Security Issues
Cloud Computing Security Issues
Discover Cloud Computing
 
Cloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingCloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud Computing
Jim Geovedi
 
Cloud security ppt
Cloud security pptCloud security ppt
Cloud security ppt
Venkatesh Chary
 
K.I.S.S In The Cloud with AWS
K.I.S.S In The Cloud with AWSK.I.S.S In The Cloud with AWS
K.I.S.S In The Cloud with AWS
Amazon Web Services
 
Introduction to AWS Cloud Computing
Introduction to AWS Cloud ComputingIntroduction to AWS Cloud Computing
Introduction to AWS Cloud Computing
Amazon Web Services
 
AWS re:Invent 2016: Identifying Your Migration Options: the 6 Rs (ENT311)
AWS re:Invent 2016: Identifying Your Migration Options: the 6 Rs (ENT311)AWS re:Invent 2016: Identifying Your Migration Options: the 6 Rs (ENT311)
AWS re:Invent 2016: Identifying Your Migration Options: the 6 Rs (ENT311)
Amazon Web Services
 

Viewers also liked (20)

Journey Through The Cloud - Security Best Practices
Journey Through The Cloud - Security Best Practices Journey Through The Cloud - Security Best Practices
Journey Through The Cloud - Security Best Practices
 
Security in cloud computing
Security in cloud computingSecurity in cloud computing
Security in cloud computing
 
Choosing the Right Clouds for your Business
Choosing the Right Clouds for your BusinessChoosing the Right Clouds for your Business
Choosing the Right Clouds for your Business
 
Distinguishing, Evaluating, and Selecting Cloud Service Providers
Distinguishing, Evaluating, and Selecting Cloud Service ProvidersDistinguishing, Evaluating, and Selecting Cloud Service Providers
Distinguishing, Evaluating, and Selecting Cloud Service Providers
 
Introduction to Cloud Security
Introduction to Cloud SecurityIntroduction to Cloud Security
Introduction to Cloud Security
 
5 Points to Consider - Enterprise Road Map to AWS Cloud
5 Points to Consider - Enterprise Road Map to AWS Cloud5 Points to Consider - Enterprise Road Map to AWS Cloud
5 Points to Consider - Enterprise Road Map to AWS Cloud
 
Cloud security
Cloud security Cloud security
Cloud security
 
Security & Compliance in AWS
Security & Compliance in AWSSecurity & Compliance in AWS
Security & Compliance in AWS
 
The New Economics of Cloud Security
The New Economics of Cloud SecurityThe New Economics of Cloud Security
The New Economics of Cloud Security
 
AWS Security Best Practices and Design Patterns
AWS Security Best Practices and Design PatternsAWS Security Best Practices and Design Patterns
AWS Security Best Practices and Design Patterns
 
Introduction to cloud computing
Introduction to cloud computingIntroduction to cloud computing
Introduction to cloud computing
 
Security Best Practices on AWS
Security Best Practices on AWSSecurity Best Practices on AWS
Security Best Practices on AWS
 
Defining Your Cloud Strategy
Defining Your Cloud StrategyDefining Your Cloud Strategy
Defining Your Cloud Strategy
 
Security and Compliance in the Cloud
Security and Compliance in the Cloud Security and Compliance in the Cloud
Security and Compliance in the Cloud
 
Cloud Computing Security Issues
Cloud Computing Security Issues Cloud Computing Security Issues
Cloud Computing Security Issues
 
Cloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingCloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud Computing
 
Cloud security ppt
Cloud security pptCloud security ppt
Cloud security ppt
 
K.I.S.S In The Cloud with AWS
K.I.S.S In The Cloud with AWSK.I.S.S In The Cloud with AWS
K.I.S.S In The Cloud with AWS
 
Introduction to AWS Cloud Computing
Introduction to AWS Cloud ComputingIntroduction to AWS Cloud Computing
Introduction to AWS Cloud Computing
 
AWS re:Invent 2016: Identifying Your Migration Options: the 6 Rs (ENT311)
AWS re:Invent 2016: Identifying Your Migration Options: the 6 Rs (ENT311)AWS re:Invent 2016: Identifying Your Migration Options: the 6 Rs (ENT311)
AWS re:Invent 2016: Identifying Your Migration Options: the 6 Rs (ENT311)
 

Similar to Staying Secure When Moving to the Cloud - Dave Millier

Security in the cloud Workshop HSTC 2014
Security in the cloud Workshop HSTC 2014Security in the cloud Workshop HSTC 2014
Security in the cloud Workshop HSTC 2014
Akash Mahajan
 
110307 cloud security requirements gourley
110307 cloud security requirements gourley110307 cloud security requirements gourley
110307 cloud security requirements gourley
GovCloud Network
 
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment modeCloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Himani Singh
 
Cloud Analytics and VDI
Cloud Analytics and VDICloud Analytics and VDI
Cloud Analytics and VDI
Dr Neelesh Jain
 
(SEC320) Leveraging the Power of AWS to Automate Security & Compliance
(SEC320) Leveraging the Power of AWS to Automate Security & Compliance(SEC320) Leveraging the Power of AWS to Automate Security & Compliance
(SEC320) Leveraging the Power of AWS to Automate Security & Compliance
Amazon Web Services
 
Cloud Security Zen: Principles to Meditate On
Cloud Security Zen: Principles to Meditate OnCloud Security Zen: Principles to Meditate On
Cloud Security Zen: Principles to Meditate On
Samuel Reed
 
Cloud Security: A matter of trust?
Cloud Security: A matter of trust?Cloud Security: A matter of trust?
Cloud Security: A matter of trust?
Mark Williams
 
The do's and dont's of cloud computing - StatPro Cloud Summit 2012
The do's and dont's of cloud computing - StatPro Cloud Summit 2012The do's and dont's of cloud computing - StatPro Cloud Summit 2012
The do's and dont's of cloud computing - StatPro Cloud Summit 2012
StatPro Group
 
Evaluating the Cloud
Evaluating the CloudEvaluating the Cloud
Evaluating the Cloud
SociusPartner
 
Cisco + AWS Stronger Security & Greater AWS Adoption
Cisco + AWS Stronger Security & Greater AWS Adoption Cisco + AWS Stronger Security & Greater AWS Adoption
Cisco + AWS Stronger Security & Greater AWS Adoption
Amazon Web Services
 
Cloud Security: Make Your CISO Successful
Cloud Security: Make Your CISO SuccessfulCloud Security: Make Your CISO Successful
Cloud Security: Make Your CISO Successful
CloudPassage
 
(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0
Amazon Web Services
 
The most trusted, proven enterprise-class Cloud:Closer than you think
The most trusted, proven enterprise-class Cloud:Closer than you think The most trusted, proven enterprise-class Cloud:Closer than you think
The most trusted, proven enterprise-class Cloud:Closer than you think
Uni Systems S.M.S.A.
 
Security Spotlight: The Coca Cola Company - CSS ATX 2017
Security Spotlight: The Coca Cola Company - CSS ATX 2017Security Spotlight: The Coca Cola Company - CSS ATX 2017
Security Spotlight: The Coca Cola Company - CSS ATX 2017
Alert Logic
 
Security as an Enabler – Cloud Security
Security as an Enabler – Cloud SecuritySecurity as an Enabler – Cloud Security
Security as an Enabler – Cloud Security
Tom Laszewski
 
Infrastructure for SaaS Applications
Infrastructure for SaaS ApplicationsInfrastructure for SaaS Applications
Infrastructure for SaaS Applications
Ejaz Siddiqui
 
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
Amazon Web Services
 
Transforming cloud security into an advantage
Transforming cloud security into an advantageTransforming cloud security into an advantage
Transforming cloud security into an advantage
Moshe Ferber
 
Security - A Digital Transformation Enabler
Security - A Digital Transformation EnablerSecurity - A Digital Transformation Enabler
Security - A Digital Transformation Enabler
Alexander Akinjayeju. MSc, CISM, Prince2
 
Cloud Computing and Data Center Futures
Cloud Computing and Data Center FuturesCloud Computing and Data Center Futures
Cloud Computing and Data Center Futures
Martin Hingley
 

Similar to Staying Secure When Moving to the Cloud - Dave Millier (20)

Security in the cloud Workshop HSTC 2014
Security in the cloud Workshop HSTC 2014Security in the cloud Workshop HSTC 2014
Security in the cloud Workshop HSTC 2014
 
110307 cloud security requirements gourley
110307 cloud security requirements gourley110307 cloud security requirements gourley
110307 cloud security requirements gourley
 
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment modeCloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
 
Cloud Analytics and VDI
Cloud Analytics and VDICloud Analytics and VDI
Cloud Analytics and VDI
 
(SEC320) Leveraging the Power of AWS to Automate Security & Compliance
(SEC320) Leveraging the Power of AWS to Automate Security & Compliance(SEC320) Leveraging the Power of AWS to Automate Security & Compliance
(SEC320) Leveraging the Power of AWS to Automate Security & Compliance
 
Cloud Security Zen: Principles to Meditate On
Cloud Security Zen: Principles to Meditate OnCloud Security Zen: Principles to Meditate On
Cloud Security Zen: Principles to Meditate On
 
Cloud Security: A matter of trust?
Cloud Security: A matter of trust?Cloud Security: A matter of trust?
Cloud Security: A matter of trust?
 
The do's and dont's of cloud computing - StatPro Cloud Summit 2012
The do's and dont's of cloud computing - StatPro Cloud Summit 2012The do's and dont's of cloud computing - StatPro Cloud Summit 2012
The do's and dont's of cloud computing - StatPro Cloud Summit 2012
 
Evaluating the Cloud
Evaluating the CloudEvaluating the Cloud
Evaluating the Cloud
 
Cisco + AWS Stronger Security & Greater AWS Adoption
Cisco + AWS Stronger Security & Greater AWS Adoption Cisco + AWS Stronger Security & Greater AWS Adoption
Cisco + AWS Stronger Security & Greater AWS Adoption
 
Cloud Security: Make Your CISO Successful
Cloud Security: Make Your CISO SuccessfulCloud Security: Make Your CISO Successful
Cloud Security: Make Your CISO Successful
 
(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0
 
The most trusted, proven enterprise-class Cloud:Closer than you think
The most trusted, proven enterprise-class Cloud:Closer than you think The most trusted, proven enterprise-class Cloud:Closer than you think
The most trusted, proven enterprise-class Cloud:Closer than you think
 
Security Spotlight: The Coca Cola Company - CSS ATX 2017
Security Spotlight: The Coca Cola Company - CSS ATX 2017Security Spotlight: The Coca Cola Company - CSS ATX 2017
Security Spotlight: The Coca Cola Company - CSS ATX 2017
 
Security as an Enabler – Cloud Security
Security as an Enabler – Cloud SecuritySecurity as an Enabler – Cloud Security
Security as an Enabler – Cloud Security
 
Infrastructure for SaaS Applications
Infrastructure for SaaS ApplicationsInfrastructure for SaaS Applications
Infrastructure for SaaS Applications
 
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
 
Transforming cloud security into an advantage
Transforming cloud security into an advantageTransforming cloud security into an advantage
Transforming cloud security into an advantage
 
Security - A Digital Transformation Enabler
Security - A Digital Transformation EnablerSecurity - A Digital Transformation Enabler
Security - A Digital Transformation Enabler
 
Cloud Computing and Data Center Futures
Cloud Computing and Data Center FuturesCloud Computing and Data Center Futures
Cloud Computing and Data Center Futures
 

More from TriNimbus

Convergence of Containers and Serverless by Mency Woo
Convergence of Containers and Serverless by Mency WooConvergence of Containers and Serverless by Mency Woo
Convergence of Containers and Serverless by Mency Woo
TriNimbus
 
Juni_Mukherjee_The_DevSecOps_Journey_AntiPatterns_Analytics_and_Insights
Juni_Mukherjee_The_DevSecOps_Journey_AntiPatterns_Analytics_and_InsightsJuni_Mukherjee_The_DevSecOps_Journey_AntiPatterns_Analytics_and_Insights
Juni_Mukherjee_The_DevSecOps_Journey_AntiPatterns_Analytics_and_Insights
TriNimbus
 
Teri_Radichel_Top_5_Priorities_for_Cloud_Security
Teri_Radichel_Top_5_Priorities_for_Cloud_SecurityTeri_Radichel_Top_5_Priorities_for_Cloud_Security
Teri_Radichel_Top_5_Priorities_for_Cloud_Security
TriNimbus
 
Peter_Smith_PhD_ACL_10000_Foot_View_of_Big_Data
Peter_Smith_PhD_ACL_10000_Foot_View_of_Big_DataPeter_Smith_PhD_ACL_10000_Foot_View_of_Big_Data
Peter_Smith_PhD_ACL_10000_Foot_View_of_Big_Data
TriNimbus
 
Darin_Briskman_AWS_Machine_Learning_Beyond_the_Hype
Darin_Briskman_AWS_Machine_Learning_Beyond_the_HypeDarin_Briskman_AWS_Machine_Learning_Beyond_the_Hype
Darin_Briskman_AWS_Machine_Learning_Beyond_the_Hype
TriNimbus
 
Amazon Elastic Container Service for Kubernetes (EKS), AWS Fargate and Beyond
Amazon Elastic Container Service for Kubernetes (EKS), AWS Fargate and BeyondAmazon Elastic Container Service for Kubernetes (EKS), AWS Fargate and Beyond
Amazon Elastic Container Service for Kubernetes (EKS), AWS Fargate and Beyond
TriNimbus
 
Using Active Directory in AWS
Using Active Directory in AWSUsing Active Directory in AWS
Using Active Directory in AWS
TriNimbus
 
AWS 2017 re:Invent re:Cap - TriNimbus Presentation Slides
AWS 2017 re:Invent re:Cap - TriNimbus Presentation SlidesAWS 2017 re:Invent re:Cap - TriNimbus Presentation Slides
AWS 2017 re:Invent re:Cap - TriNimbus Presentation Slides
TriNimbus
 
Performance Optimization of Cloud Based Applications by Peter Smith, ACL
Performance Optimization of Cloud Based Applications by Peter Smith, ACLPerformance Optimization of Cloud Based Applications by Peter Smith, ACL
Performance Optimization of Cloud Based Applications by Peter Smith, ACL
TriNimbus
 
Building and Operating AI Services at Scale by Randall Hunt, Amazon Web Services
Building and Operating AI Services at Scale by Randall Hunt, Amazon Web ServicesBuilding and Operating AI Services at Scale by Randall Hunt, Amazon Web Services
Building and Operating AI Services at Scale by Randall Hunt, Amazon Web Services
TriNimbus
 
Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017
TriNimbus
 
VMware + Amazon Web Services
VMware + Amazon Web ServicesVMware + Amazon Web Services
VMware + Amazon Web Services
TriNimbus
 
DevOps in the Amazon Warehouse - Shawn Gandhi
DevOps in the Amazon Warehouse - Shawn GandhiDevOps in the Amazon Warehouse - Shawn Gandhi
DevOps in the Amazon Warehouse - Shawn Gandhi
TriNimbus
 
Goran (Kima) Kimovski, Beyond Virtualization: IT In a World of Software Defin...
Goran (Kima) Kimovski, Beyond Virtualization: IT In a World of Software Defin...Goran (Kima) Kimovski, Beyond Virtualization: IT In a World of Software Defin...
Goran (Kima) Kimovski, Beyond Virtualization: IT In a World of Software Defin...
TriNimbus
 
Darragh Kennedy, Build Products Not Data Centres
Darragh Kennedy, Build Products Not Data CentresDarragh Kennedy, Build Products Not Data Centres
Darragh Kennedy, Build Products Not Data Centres
TriNimbus
 
Chris Munns, DevOps @ Amazon: Microservices, 2 Pizza Teams, & 50 Million Depl...
Chris Munns, DevOps @ Amazon: Microservices, 2 Pizza Teams, & 50 Million Depl...Chris Munns, DevOps @ Amazon: Microservices, 2 Pizza Teams, & 50 Million Depl...
Chris Munns, DevOps @ Amazon: Microservices, 2 Pizza Teams, & 50 Million Depl...
TriNimbus
 

More from TriNimbus (16)

Convergence of Containers and Serverless by Mency Woo
Convergence of Containers and Serverless by Mency WooConvergence of Containers and Serverless by Mency Woo
Convergence of Containers and Serverless by Mency Woo
 
Juni_Mukherjee_The_DevSecOps_Journey_AntiPatterns_Analytics_and_Insights
Juni_Mukherjee_The_DevSecOps_Journey_AntiPatterns_Analytics_and_InsightsJuni_Mukherjee_The_DevSecOps_Journey_AntiPatterns_Analytics_and_Insights
Juni_Mukherjee_The_DevSecOps_Journey_AntiPatterns_Analytics_and_Insights
 
Teri_Radichel_Top_5_Priorities_for_Cloud_Security
Teri_Radichel_Top_5_Priorities_for_Cloud_SecurityTeri_Radichel_Top_5_Priorities_for_Cloud_Security
Teri_Radichel_Top_5_Priorities_for_Cloud_Security
 
Peter_Smith_PhD_ACL_10000_Foot_View_of_Big_Data
Peter_Smith_PhD_ACL_10000_Foot_View_of_Big_DataPeter_Smith_PhD_ACL_10000_Foot_View_of_Big_Data
Peter_Smith_PhD_ACL_10000_Foot_View_of_Big_Data
 
Darin_Briskman_AWS_Machine_Learning_Beyond_the_Hype
Darin_Briskman_AWS_Machine_Learning_Beyond_the_HypeDarin_Briskman_AWS_Machine_Learning_Beyond_the_Hype
Darin_Briskman_AWS_Machine_Learning_Beyond_the_Hype
 
Amazon Elastic Container Service for Kubernetes (EKS), AWS Fargate and Beyond
Amazon Elastic Container Service for Kubernetes (EKS), AWS Fargate and BeyondAmazon Elastic Container Service for Kubernetes (EKS), AWS Fargate and Beyond
Amazon Elastic Container Service for Kubernetes (EKS), AWS Fargate and Beyond
 
Using Active Directory in AWS
Using Active Directory in AWSUsing Active Directory in AWS
Using Active Directory in AWS
 
AWS 2017 re:Invent re:Cap - TriNimbus Presentation Slides
AWS 2017 re:Invent re:Cap - TriNimbus Presentation SlidesAWS 2017 re:Invent re:Cap - TriNimbus Presentation Slides
AWS 2017 re:Invent re:Cap - TriNimbus Presentation Slides
 
Performance Optimization of Cloud Based Applications by Peter Smith, ACL
Performance Optimization of Cloud Based Applications by Peter Smith, ACLPerformance Optimization of Cloud Based Applications by Peter Smith, ACL
Performance Optimization of Cloud Based Applications by Peter Smith, ACL
 
Building and Operating AI Services at Scale by Randall Hunt, Amazon Web Services
Building and Operating AI Services at Scale by Randall Hunt, Amazon Web ServicesBuilding and Operating AI Services at Scale by Randall Hunt, Amazon Web Services
Building and Operating AI Services at Scale by Randall Hunt, Amazon Web Services
 
Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017
 
VMware + Amazon Web Services
VMware + Amazon Web ServicesVMware + Amazon Web Services
VMware + Amazon Web Services
 
DevOps in the Amazon Warehouse - Shawn Gandhi
DevOps in the Amazon Warehouse - Shawn GandhiDevOps in the Amazon Warehouse - Shawn Gandhi
DevOps in the Amazon Warehouse - Shawn Gandhi
 
Goran (Kima) Kimovski, Beyond Virtualization: IT In a World of Software Defin...
Goran (Kima) Kimovski, Beyond Virtualization: IT In a World of Software Defin...Goran (Kima) Kimovski, Beyond Virtualization: IT In a World of Software Defin...
Goran (Kima) Kimovski, Beyond Virtualization: IT In a World of Software Defin...
 
Darragh Kennedy, Build Products Not Data Centres
Darragh Kennedy, Build Products Not Data CentresDarragh Kennedy, Build Products Not Data Centres
Darragh Kennedy, Build Products Not Data Centres
 
Chris Munns, DevOps @ Amazon: Microservices, 2 Pizza Teams, & 50 Million Depl...
Chris Munns, DevOps @ Amazon: Microservices, 2 Pizza Teams, & 50 Million Depl...Chris Munns, DevOps @ Amazon: Microservices, 2 Pizza Teams, & 50 Million Depl...
Chris Munns, DevOps @ Amazon: Microservices, 2 Pizza Teams, & 50 Million Depl...
 

Recently uploaded

5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides
DanBrown980551
 
Serial Arm Control in Real Time Presentation
Serial Arm Control in Real Time PresentationSerial Arm Control in Real Time Presentation
Serial Arm Control in Real Time Presentation
tolgahangng
 
System Design Case Study: Building a Scalable E-Commerce Platform - Hiike
System Design Case Study: Building a Scalable E-Commerce Platform - HiikeSystem Design Case Study: Building a Scalable E-Commerce Platform - Hiike
System Design Case Study: Building a Scalable E-Commerce Platform - Hiike
Hiike
 
Finale of the Year: Apply for Next One!
Finale of the Year: Apply for Next One!Finale of the Year: Apply for Next One!
Finale of the Year: Apply for Next One!
GDSC PJATK
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
innovationoecd
 
Skybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoptionSkybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoption
Tatiana Kojar
 
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAUHCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
panagenda
 
dbms calicut university B. sc Cs 4th sem.pdf
dbms calicut university B. sc Cs 4th sem.pdfdbms calicut university B. sc Cs 4th sem.pdf
dbms calicut university B. sc Cs 4th sem.pdf
Shinana2
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
kumardaparthi1024
 
A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024
Intelisync
 
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
panagenda
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
Jakub Marek
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
Tomaz Bratanic
 
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development ProvidersYour One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
akankshawande
 
Recommendation System using RAG Architecture
Recommendation System using RAG ArchitectureRecommendation System using RAG Architecture
Recommendation System using RAG Architecture
fredae14
 
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
saastr
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
ssuserfac0301
 
Choosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptxChoosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptx
Brandon Minnick, MBA
 
Fueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte WebinarFueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte Webinar
Zilliz
 
AWS Cloud Cost Optimization Presentation.pptx
AWS Cloud Cost Optimization Presentation.pptxAWS Cloud Cost Optimization Presentation.pptx
AWS Cloud Cost Optimization Presentation.pptx
HarisZaheer8
 

Recently uploaded (20)

5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides
 
Serial Arm Control in Real Time Presentation
Serial Arm Control in Real Time PresentationSerial Arm Control in Real Time Presentation
Serial Arm Control in Real Time Presentation
 
System Design Case Study: Building a Scalable E-Commerce Platform - Hiike
System Design Case Study: Building a Scalable E-Commerce Platform - HiikeSystem Design Case Study: Building a Scalable E-Commerce Platform - Hiike
System Design Case Study: Building a Scalable E-Commerce Platform - Hiike
 
Finale of the Year: Apply for Next One!
Finale of the Year: Apply for Next One!Finale of the Year: Apply for Next One!
Finale of the Year: Apply for Next One!
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
 
Skybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoptionSkybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoption
 
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAUHCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
 
dbms calicut university B. sc Cs 4th sem.pdf
dbms calicut university B. sc Cs 4th sem.pdfdbms calicut university B. sc Cs 4th sem.pdf
dbms calicut university B. sc Cs 4th sem.pdf
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
 
A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024
 
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
 
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development ProvidersYour One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
 
Recommendation System using RAG Architecture
Recommendation System using RAG ArchitectureRecommendation System using RAG Architecture
Recommendation System using RAG Architecture
 
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
 
Choosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptxChoosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptx
 
Fueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte WebinarFueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte Webinar
 
AWS Cloud Cost Optimization Presentation.pptx
AWS Cloud Cost Optimization Presentation.pptxAWS Cloud Cost Optimization Presentation.pptx
AWS Cloud Cost Optimization Presentation.pptx
 

Staying Secure When Moving to the Cloud - Dave Millier

  • 1. DON’T LOSE SIGHT! STAYING SECURE WHEN MOVING TO THE CLOUD DAVE MILLIER, CEO UZADO, CSO QUICK INTELLIGENCE, CEO MIDAC SOLUTIONS AUTHOR OF THE SECURITY NOVEL, “BREACHED!”
  • 2. AGENDA FOR TODAY • Quick intro to Dave • Security Challenges Moving to the Cloud • Visibility Today • Maintaining Visibility In The Cloud • Cloud Security Alliance Cloud Controls Matrix • Call to Action (yes, this means you!)
  • 3.
  • 4.
  • 5. • Serial Entrepreneur, bought and sold 10+ companies over past 20 years • Currently owns 3 IT-related Companies: MIDAC, Qi, Uzado • Sold InfoSec company in 2014 to Robert Herjavec from Shark Tank • Involved in Networking & InfoSec/Cybersecurity for about 25 years • Loves tech! • Loves dirt biking, owns a dirt bike and ATV training school! ABOUT DAVE
  • 6.
  • 7. • A lot of people simply don’t understand what the cloud is (or isn’t!) • More companies moving more services to the cloud every day • Migration isn’t always done in a coordinated, well thought-out fashion • Cloud is supposed to streamline things, but getting there isn’t always painless SOME OF THE BIGGEST CHALLENGES
  • 8. WHAT ARE THE SECURITY CONSIDERATIONS? • Managing users access, permissions • Protecting our data at rest • Ensuring secure access to data (the right people at the right time) • Knowing who is accessing what when • Understanding where our data will reside (data residency issues)
  • 9. VISIBILITY!!! WHAT’S THE CORE FOR MANY OF THESE ITEMS?
  • 10. “You can’t manage what you can’t measure.” - Peter Drucker, known as the Founder of Modern Management
  • 11. VISIBILITY TODAY • Logs from our servers, network devices, security devices • Logs from our authentication devices / vpn devices • Real-time network monitoring from security tools on the wire • Logs from our applications • Vulnerability scan results from our assets
  • 12. • Lack of visibility into what’s happening (can’t always get logs) • Lack of control over users (corporate accounts and permissions don’t usually carry over) • Lack of understanding of what data is being stored where • Data Residency WHAT DO WE LOSE?
  • 13. HERE’S ONE SOLUTION – BLOCK ACCESS
  • 14. HOSTING PROVIDER VISIBILITY • AWS and other providers give you access to a wealth of security and operational information (AWS CloudTrail for example) • Incorporate the information into your existing data sources • Redesign your incident response process to use these data sources as part of an investigation • Figure out what information you have access to now, and map that to “new” source(s) of information provided by the cloud provider • Make them part of your incident response process!!!
  • 15. SECURITY TOOLS VISIBILITY • Virtual appliances (firewalls, IPS, WAF, etc.) - located elsewhere but use the information they provide as you would if it was local • If security is outsourced to hosting provider or to another 3rd party, ensure they have comparable visibility into your new environment as they had before • Providers like CloudCheckr have automated and streamlined the visibility into AWS, leverage the heck out of them!
  • 16. USER VISIBILITY • Leverage federated identity management solutions where possible. Less accounts for users, easier to migrate to cloud (assuming provider supports) • Make sure that you maintain visibility into encrypted sessions (who’s logging in from where when, what did they do?) • Determine current levels of user behaviour visibility and try to maintain that level of detail when you move the user workloads to the cloud
  • 17. SERVER AND APPLICATION VISIBILITY • Hosted servers still generate logs, collect them if at all possible • Determine what you’re logging on local servers and configure hosted servers the same • Make sure your web apps have proper logging! • Applications need to have proper auditing built in; even if you don’t see the user activity you can recreate sessions with proper app logging • Logging invalid activity just as important (don’t just log what was successful, log what failed!)
  • 18. CLOUD SECURITY ALLIANCE • Cloud Controls Matrix • Control framework based on 13 security and operational domains • Foundation is mapped to industry recognized standards and frameworks such as COBIT, ISO 27001/27002, PCI, NIST, NERC CIP, PIPEDA, HIPAA • Tailors Information Security practices to the cloud • Helps companies evaluate cloud vendor security • Helps companies make decisions on their own cloud security requirements
  • 19. USING THE CSA MATRIX • Use the matrix to do a self-assessment against your organization, identifying areas of criticality • Use the matrix to perform an evaluation against a potential cloud vendor • Compare results from cloud vendors against your areas of concern/focus • Use gap analysis results to make educated informed decisions. • May address findings by augmenting YOUR security, may choose a different provider, may work with provider to identify potential shortcomings
  • 20. DEFENSE IN DEPTH • Don’t rely on a single security solution to protect your cloud deployment • Many virtual firewalls/security devices have A/V and anti-malware scanners built into them, use them! Along with host-based protection you now have multiple controls in place complementing each other, so that even if one of them fails another one can compensate • Each layer of defense should support each other and provide an additional level of protection (“Defense in Depth”)
  • 21. WHAT DO YOU NEED TO DO NEXT? • Go back to your office and ask questions • What type of visibility do we have into our systems, our user activity, our security devices, and our applications today? (same question whether locally hosted or already in the cloud) • Have we used the CSA Cloud Controls Matrix to evaluate our vendors/partners? • How do we ensure we keep the same level of visibility we have today in the cloud? • How well do we understand our data, where it resides and what we are doing to protect it? • There are a lot more questions that could be asked, but hopefully this helps get you started!
  • 22. FINAL THOUGHT Secure it before you regret it!