protect your infrastructure: basics of cloud security | fpwebinar
DESCRIPTION
Presentation from our 7th webinar entitled "Protect Your Infrastructure: Basics of Cloud Security", a short, yet in-depth look at the ins and outs of data center security, network security and even application security.TRANSCRIPT
Please direct any questions to us via Twitter using hashtag
#fpwebinar
Protect Your Infrastructure: The Basics of Cloud Security
#fpwebinar
#fpwebinar
Protect Your Infrastructure: The Basics of Cloud Security
Please direct any questions to us via Twitter using hashtag
#fpwebinar
We want to hear from you!
#fpwebinar
What’s in this Fpwebinar? !
Physical security - gated parking, cameras, sensors, lack of signage, biometrics, etc.
Network security - Routing protocols, patching, firewalls, logging, etc.
Application security - port access, HTTPS, segmentation, sync user accounts, etc.
#fpwebinar
Chris Schwab President
Matt Kinder Infrastructure Manager
#fpwebinar
Types of Security: !
!
Physical, Network and Application
#fpwebinar
Physical Security !
!
Gated parking
Security cameras
Lack of signage
Staffed or unstaffed
Door sensors
Data Centers go to a great extent to cloak even the parking garage
#fpwebinar
#fpwebinar
Physical Security !
!
Check-in for access using a badge or biometrics
The more money you spend, the easier it is to audit and control your physical security
Most breeches occur when someone is standing in front of the system
#fpwebinar
Physical Security !
!
Create a fly-trap area for deliveries, etc.
#fpwebinar
Network Security !
Edge of network, Routing protocol, Server Security
#fpwebinar
Network Security !
!
Once in and servers are set up,
it is paramount to use rigid blueprints for everything you stand up
#fpwebinar
Network Security !
Edge of network - where public access begins
Routing protocol protects from the outside in
Maintain patch levels
Firewall layers can be as robust or narrow as you’d like
Keep up with bugs
Network Logging !
!
Most enterprises have the ability to log every transaction
Retain as much data as you need
Flag any keywords or anomalies if possible
If an event or breech occurs, you’ll know quickly if logging is tied into alerting
Do your homework before deployment
Make sure you have all information you need
#fpwebinar
Application Security !
!
Port access - only keep needed ports open
Audit open ports and close any not being used
IDS/IPS behind firewalls only see traffic getting through
#fpwebinar
Application Security !
HTTPS - Get an SSL Certificate
Make sure SQL is not accessible directly from the web
Segmentation will reduce risk
Sync user accounts
Implement and audit virus/malware scanner
#fpwebinar
#fpwebinar
Summary !
Described types of security: Physical, Network and Application
Physical security - gated parking, cameras, sensors, lack of signage, biometrics, etc.
Network security - Routing protocols, patching, firewalls, logging, etc.
Application security - port access, HTTPS, segmentation, sync user accounts, etc.
Follow processes, audit processes
Please direct any questions to us via Twitter using hashtag
#fpwebinar#fpwebinar
Q&A
Protect Your Infrastructure: The Basics of Cloud Security
Thank you! !
Twitter @fpweb • [email protected] • www.fpweb.net !
Please fill out the survey as you exit the webinar and help us choose the next topic!
#fpwebinar