Upload File

best practice public cloud security

13
Best Practice: Public Cloud Security Joel Friedman Chief Technology and Security Officer, Datapipe

Upload: jason-singh

Post on 11-Jan-2017

263 views

Category:

Technology


3 download

Report

TRANSCRIPT

Page 1: Best Practice Public Cloud Security

BestPractice:PublicCloudSecurityJoelFriedmanChiefTechnologyandSecurityOfficer,Datapipe

Page 2: Best Practice Public Cloud Security

Cloudsecurityispartofyourwidersecuritystrategy

DATACENTERASASERVICE

COLOCATION CLOUDCOMPUTING

INFRASTRUCTUREASASERVICE

MANAGEDSERVICES

GLOBALFACILITIES

2

Page 3: Best Practice Public Cloud Security

3

ONPREMISE COLOCATION HYBRIDCLOUD PUBLICCLOUD

LOW APPETITEFORRISK HIGH

Page 4: Best Practice Public Cloud Security

3pillarsofcloudsecurity

4

Platform Security

Instance Security

Governance

Page 5: Best Practice Public Cloud Security

DatapipeAccessControlModuleforAWS(DACMA)

• ClientsretainownershipoftheirAWSrootaccountcredentials

• DoesnotrequireDatapipeaccesstotheclientaccountkeys

• Providesanadditionalsecuritylayerforenterpriseclients

• RequiresnoextrastepsoncesetupandreducestheriskofdisruptionofserviceordatabreachduetounauthorizedaccessofanAWSenvironmentfromsupportpersonnel

5

Page 6: Best Practice Public Cloud Security

HowDACMAworks

6

BrowserorApplication

DATAPIPE

1UseraccessesCMS

DatapipeCloudManagementSystem(CMS)

Signinwithtoken

SSO 2

AWSPLATFORM

DatapipeAWSAccount

EmployeeIAM EmployeeIAM…

EmployeeIAM

DatapipeRole

AWSManagementConsole

5

KeyVaultTokenSeeds APIKeys

Retrieve AWSlogindata

4

“Client”AWSAccount

STS

5

5

6

LDAP

Retrievedepartmentattributes

3

DatapipeSupportPersonnelAWSrolebasedpermissionspassedviaLDAP

Page 7: Best Practice Public Cloud Security

Governance:SystemLifecycle

Monitoring/Queuing Event

Auto Scaling

Server Images

New Instance

Code Repository

Elastic LoadBalancer

Configuration Management

Web Zone

Security Console

Role Registration

Policy Maintainer

11

• Securitycontroldeploymentintegrateddirectly intothesystemlifecycle

• Appropriatecontrolsautomaticallydeployedduringserverpersonalizationprocess

• Puppet,user-data,customservertemplatesallusedinconjunctiontofacilitatedynamicsystemdeployments

Page 8: Best Practice Public Cloud Security

DatapipeSecurityApproach

8

Page 9: Best Practice Public Cloud Security

Completeendtoendassessmentandmanagement

Datapipe Security Controls

Physical Controls

Technical Controls

Administrative Controls

Page 10: Best Practice Public Cloud Security

Bestofbreedsecuritypartnersatyourfingertips

10

Page 11: Best Practice Public Cloud Security

Andacompletesetofcomplianceservices

• Industry-leadingcompliantsolutions optimizedfor:

• WegobeyondtherequirementsdictatedbyHIPAA,PCIDSS,SOXandFISMA

• Ourgoalistoensureacontinuous compliance record thatreaffirmsthesecurityandintegrityofyourorganization

• Ourstaffarehighlyskilledwithindustrysecuritycertificationsincluding:CISSP,CISA,CISM,CCSK,MCSE:Security,PCIISA,C|EH,C|CISO,ISO27001LeadAuditor,andSecurity+Certifications

11

HEALTHCARE E-COMMERCE GOVERNMENT FINANCIALSERVICES

Page 12: Best Practice Public Cloud Security

Mitigatetheriskinvolvedwithhybriddeployments

1. Securitymanagementbycloudsecurityexperts2. Securitybestpracticesdeployedtoreducerisk3. Securityintegrationwiththesystemlifecycle4. Innovationwithinthecloudsecurityarena

12

Page 13: Best Practice Public Cloud Security

Questions

JoelFriedmanChiefTechnologyandSecurityOfficer,Datapipe


SECURITY CLOUD

Cloud security: Accelerating cloud adoption

Planning Guide: Cloud Security - Intel · 5 Intel IT Center Planning Guide | Cloud Security The Cloud Security Alliance, an industry group promoting cloud computing security …

Cloud Security Alliance Guide to Cloud Security

Cloud Security - Security Aspects of Cloud Computing

Huawei Cloud Security White Paper€¦ · 1 DevOps is an end-to-end engineering process and tool chain practice from R&D to O&M that has ... Huawei Cloud Security White Paper 1 Cloud

Cloud security

Security kaizen cloud security

Cloud Insights Security : Cloud Insights...Cloud Insights Security Product and customer data security is of utmost importance at NetApp. Cloud Insights follows security best practices

Securing a Large Project with Private Cloud Computing · Cloud Computing Security Challenges • Addressing Security via Private Cloud ... Cloud Computing Security Challenges •

CLOUD SECURITY SPOTLIGHT - Alert Logic · concerned about cloud security, up 11 percentage points from last year’s cloud security survey. The top three cloud security challenges

Cloud Security & Cloud Encryption Explained

Enterprise Cloud Security option · Enterprise Cloud Security option ... waf

On the Security of Data Stored in the Cloud Dr Theo Dimitrakos Head of Security Architectures Research Security Futures Practice BT Innovate & Design Contact:

CLOUD STORAGE SECURITY INTRODUCTION - SNIA Security Concerns with Cloud Understanding how Cloud services provide for the ... cloud computing environment, ... Cloud Storage Security

Best Practice Security in a Cloud Enabled World

Nailing Cloud Security With Pre-Cloud Security Thinking?

Trusted Cloud: Security Practice Guide for VMware Hybrid

Best Practice On AWS Cloud Security

Scaling the Cloud - Cloud Security

Professional Cloud security Manager - wiselearner.com Cloud Security Manager.pdf · Understanding Cloud Computing Vulnerabilities Vulnerability Vulnerabilities and Cloud Risk Cloud

Cloud Security Certification - Certified Cloud Security

Practice Guide for Cloud Computing Security [ISPG-SM04]

Data Security Breach Code of Practice. Data Security Concerns Exponential growth in personal data holdings Increased outsourcing 3 rd countries cloud

Navigating the Changing Cloud Security Landscape · Navigating the Changing Cloud Security Landscape Dell cloud security white paper | September 2013 As cloud security threat levels

SECURITY IN THE ClOUD - British Computer Society · Head of Cloud Computing Practice, ... The myth about security vulnerabilities in the cloud ... of understanding of the various

Cloud Security Strategies - eba.europa.euFabio+Gianotti+-+Cloud+Security+Strategies.pdf · Cloud Security Strategies ... Different approaches to cloud adoption due to ... • Evaluation

Cloud Security ("securing the cloud")

Transforming Security Part 1: Cloud & Virtualization · Transforming Security Part 1: Cloud ... Practitioners Vendors Cloud Infrastructure ... Transforming Security Part 1: Cloud

Challenges and Solutions in Cloud Security · 2017-12-22 · Challenges and Solutions in Cloud Security Jonathan Villa | Practice Director ... Practice Director, Cloud Security [email protected]

IBM Cloud Security for the Cloud · IBM Cloud Security for the Cloud Amr Ismail Security Solutions Sales Leader – Middle East & Pakistan

Best Practices for Cloud Security & Storage Best Practice...Avoid Secrets or Personal ... • Competence includes keeping abreast of ... Best Practices for Cloud Security & Storage

Federated Cloud Security Architecture for Secure and … · Federated Cloud Security Architecture 171 2 Cloud Security We briefly review cloud security [40] and related prior work

National Cyber Security Centre (NCSC) Cloud Security ... · Cloud Security Principle 4: Governance 23 Cloud Security Principle 5: Operational Security 25 Cloud Security Principle