SlideShare a Scribd company logo

Cloud security: Accelerating cloud adoption

Dell World
Dell World

Organizations now have an opportunity to more rapidly overcome their security concerns by using third-party cloud platforms. In this session, Dell SecureWorks security experts discuss the Shared Security Responsibility model, how organizations need to think about security architecture in the cloud, and new Dell SecureWorks services that are helping organizations plan, architect, manage and respond to threats in the cloud.

Technology
1 of 15
Download to read offline
MT 37 Cloud Security Accelerating Cloud Adoption
Here’s How It Sometimes Goes • Someone says “Hey! Cloud is faster. Cloud is less expensive. Cloud is easier. Let’s do cloud!” – And what they mean is usually public cloud • So a cloud initiative is created • The security function, if they are consulted at all, has to catch up as this is often a done deal long before security is considered
Another Way It Sometimes Goes • Someone says “Hey! Cloud is faster. Cloud is less expensive. Cloud is easier. Let’s do cloud!” • But someone else says “Wait! What about security! Do we really want to put our <important apps and data> in someone else’s data center?” • And the security function gets blamed for saying “no” and standing in the way of “business process innovation”. – Or the security function says “no”, everybody pauses, and then says “Let’s do it anyway!”
Yet Another Way It Sometimes Goes • CEO or CFO suddenly “notices” public cloud spend o Gets a bill from a provider o Sees a number of expenses from same place • Says “Wow! Why are we spending so much on cloud?” o Then comes a phase where the company creates an intentional strategy about using cloud • Again, the security function must catch up to what has happened
Either Way, You Are Not Alone • Security is one of the biggest challenges in the transition into cloud o Added on as an afterthought o Or treated as a roadblock • This presentation: o Talks about how clients adopt cloud – Five phases of adoption – Things to consider at each phase – When you’re too big for cloud o Discusses the shared security responsibility model o How you should manage your cloud security – Do it yourself – Get help
The Five Stages of Cloud Adoption Virtualized datacenters, but no active plan for 3rd- party cloud Recognition of need for plan, but not there yet. Plan in development Active projects to move individual workstreams to cloud, often for new internally-developed applications. No formal security architecture yet Design for cloud as primary or exclusive datacenter. Accompanied by a thought- out security strategy Cloud does not offer cost savings at massive scale Likelihood of Shadow IT
Two Epiphanies 1 2 • “Hey, we’re spending a lot on cloud already – we should have a plan.” • “Hey, this cloud really delivers a lot of advantages. We should have a plan.” • “Hey, we’re spending so much on cloud and we’re not really seeing the savings we expected. Maybe we should bring this back in house?” • Relatively few organizations will get here.
Things to Think About At Each Phase Plan • Create a security reference architecture for your cloud presence • Select multiple cloud providers and evaluate their security approaches & their terms • Create a governance model for what data is allowed in the cloud and what is not Transition • Reconsider the architecture of your applications (forklift v. redesign) • Test your applications once they’re in cloud (pen test, red team) • Extend your security operations model (scanning, patching) to include cloud Dept/Dev • You generally care about the same security controls in cloud as in traditional data center • Consider how your security model needs to change in response to cloud (pets v. cattle) • Consider incident response planning and/or retainer All-In • Your security operational model must be fully implemented in this phase • Forensics readiness is very important – will you know what to do if there’s an incident Too Big • Security for pets v. Security for cattle • Incident Response and Threat Intelligence become even more critical here
Shared Security Responsibility Model
What This Means • Cloud Providers generally have excellent cloud infrastructure security o It is designed to protect THEM; it is NOT DESIGNED to protect YOU • Security of YOUR application and YOUR data in the cloud is YOUR responsibility • If you put an unpatched Windows server on a public IP address in a well-defended public cloud, it will be compromised in seconds
How to Manage Your Cloud Security – Option A • Public cloud security infrastructure MUST be managed and monitored just like anything else. • You can certainly do it yourself • 10 things to consider:…
Security in Public Clouds: 10 Things To Consider 1. Make sure you understand where your provider's responsibilities end and yours begin. Understand how your service provide is willing to work with you. Understand the role they play in your operational security. Understand their security & limits on their liability. 2. Make sure you have the right to audit your environment. 3. Make sure your data and applications are mobile and not locked into a proprietary format. 4. Make sure you have a method for retrieving/removing your application(s) and data. 5. Encrypt your data where possible. Encrypt your data where impossible. Ensure your cloud provider does not have keys. 6. Monitor everything -- server activity, user activity, device activity, data in motion. 7. Make sure your identity and access management solution is robust and cloud-aware. Tie it into your existing systems for increased user adoption and lower management costs. 8. Back up your data and applications regularly – when it’s gone in cloud, it’s gone forever. 9. Ensure you have incident response plan and adequate forensics data. Forensics in cloud can be harder. 10. Ensure that you budget for your security infrastructure. Don’t get surprised by unexpected compute, storage, or network transfer costs associated with your security infrastructure.
How to Manage Your Cloud Security – Option B Incident ManagementManaged Security Security and Risk Consulting Managed Vulnerability & Web App Scanning Managed Network IPS Security Design & Architecture Service Cloud Security Strategy & Risk Assessment Incident Management Retainer Penetration Tests WASA for Cloud Web API Testing Cloud Vendor Security Assessment Advanced Penetration Tests Remote Red Team PCI, HIPAA, GLBA, FISMA, EI3PA Emergency Incident Response Monitored Firewall Monitored WAF Monitored Elastic Server Group Logs
Resources Browse: • dell.com/security • powermore.dell.com • Secureworks.com Watch: Dell YouTube Channel Interact: @DellSecurity @DellSecureWorks
Thanks!

Recommended

4.5.cloud security
4.5.cloud security4.5.cloud security
4.5.cloud securityDrRajapraveenkN
 
Datacenter 2014: Trend Micro - Bill MCGee
Datacenter 2014: Trend Micro - Bill MCGeeDatacenter 2014: Trend Micro - Bill MCGee
Datacenter 2014: Trend Micro - Bill MCGeeMediehuset Ingeniøren Live
 
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Odds
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At OddsJervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Odds
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Oddscentralohioissa
 
Security and governance in the cloud
Security and governance in the cloudSecurity and governance in the cloud
Security and governance in the cloudJulian Knight
 
MT50 Data is the new currency: Protect it!
MT50 Data is the new currency: Protect it!MT50 Data is the new currency: Protect it!
MT50 Data is the new currency: Protect it!Dell EMC World
 
Cloud Security
Cloud SecurityCloud Security
Cloud SecurityThe TNS Group
 
Keys to success and security in the cloud
Keys to success and security in the cloudKeys to success and security in the cloud
Keys to success and security in the cloudScalar Decisions
 
MT 117 Key Innovations in Cybersecurity
MT 117 Key Innovations in CybersecurityMT 117 Key Innovations in Cybersecurity
MT 117 Key Innovations in CybersecurityDell EMC World
 

Recommended

4.5.cloud security
4.5.cloud security4.5.cloud security
4.5.cloud securityDrRajapraveenkN
 
Datacenter 2014: Trend Micro - Bill MCGee
Datacenter 2014: Trend Micro - Bill MCGeeDatacenter 2014: Trend Micro - Bill MCGee
Datacenter 2014: Trend Micro - Bill MCGeeMediehuset Ingeniøren Live
 
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Odds
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At OddsJervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Odds
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Oddscentralohioissa
 
Security and governance in the cloud
Security and governance in the cloudSecurity and governance in the cloud
Security and governance in the cloudJulian Knight
 
MT50 Data is the new currency: Protect it!
MT50 Data is the new currency: Protect it!MT50 Data is the new currency: Protect it!
MT50 Data is the new currency: Protect it!Dell EMC World
 
Cloud Security
Cloud SecurityCloud Security
Cloud SecurityThe TNS Group
 
Keys to success and security in the cloud
Keys to success and security in the cloudKeys to success and security in the cloud
Keys to success and security in the cloudScalar Decisions
 
MT 117 Key Innovations in Cybersecurity
MT 117 Key Innovations in CybersecurityMT 117 Key Innovations in Cybersecurity
MT 117 Key Innovations in CybersecurityDell EMC World
 
Data security in the cloud
Data security in the cloud Data security in the cloud
Data security in the cloud IBM Security
 
Key Security Insights: Examining 2014 to predict emerging threats
Key Security Insights: Examining 2014 to predict emerging threats Key Security Insights: Examining 2014 to predict emerging threats
Key Security Insights: Examining 2014 to predict emerging threats Dell World
 
Client Security Strategies To Defeat Advanced Threats
Client Security Strategies To Defeat Advanced ThreatsClient Security Strategies To Defeat Advanced Threats
Client Security Strategies To Defeat Advanced ThreatsDell World
 
Cloud security
Cloud securityCloud security
Cloud securityAdeel Javaid
 
Cloud security
Cloud securityCloud security
Cloud securityTushar Kayande
 
MT81 Keys to Successful Enterprise IoT Initiatives
MT81 Keys to Successful Enterprise IoT InitiativesMT81 Keys to Successful Enterprise IoT Initiatives
MT81 Keys to Successful Enterprise IoT InitiativesDell EMC World
 
Security As A Service In Cloud(SECaaS)
Security As A Service In Cloud(SECaaS)Security As A Service In Cloud(SECaaS)
Security As A Service In Cloud(SECaaS)أحلام انصارى
 
RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...
RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...
RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...RightScale
 
CCSK Certificate of Cloud Computing Knowledge - overview
CCSK Certificate of Cloud Computing Knowledge - overviewCCSK Certificate of Cloud Computing Knowledge - overview
CCSK Certificate of Cloud Computing Knowledge - overviewPeter HJ van Eijk
 
Security in the Cloud: Tips on How to Protect Your Data
Security in the Cloud: Tips on How to Protect Your DataSecurity in the Cloud: Tips on How to Protect Your Data
Security in the Cloud: Tips on How to Protect Your DataProcore Technologies
 
Jack Nichelson - Information Security Metrics - Practical Security Metrics
Jack Nichelson - Information Security Metrics - Practical Security MetricsJack Nichelson - Information Security Metrics - Practical Security Metrics
Jack Nichelson - Information Security Metrics - Practical Security Metricscentralohioissa
 
Getting Your IT Security Learners Ready for the Cloud with CCSK Certification
Getting Your IT Security Learners Ready for the Cloud with CCSK CertificationGetting Your IT Security Learners Ready for the Cloud with CCSK Certification
Getting Your IT Security Learners Ready for the Cloud with CCSK CertificationITpreneurs
 
Bil Harmer - Myths of Cloud Security Debunked!
Bil Harmer - Myths of Cloud Security Debunked!Bil Harmer - Myths of Cloud Security Debunked!
Bil Harmer - Myths of Cloud Security Debunked!centralohioissa
 
Lisa Guess - Embracing the Cloud
Lisa Guess - Embracing the CloudLisa Guess - Embracing the Cloud
Lisa Guess - Embracing the Cloudcentralohioissa
 
MT54 Better security is better business
MT54 Better security is better businessMT54 Better security is better business
MT54 Better security is better businessDell EMC World
 
Optimize IT Infrastructure
Optimize IT InfrastructureOptimize IT Infrastructure
Optimize IT InfrastructureScalar Decisions
 
The Notorious 9 Cloud Computing Threats - CSA Congress, San Jose
The Notorious 9 Cloud Computing Threats - CSA Congress, San JoseThe Notorious 9 Cloud Computing Threats - CSA Congress, San Jose
The Notorious 9 Cloud Computing Threats - CSA Congress, San JoseMoshe Ferber
 
Cloud Security & Privacy Standard Slide
Cloud Security & Privacy Standard SlideCloud Security & Privacy Standard Slide
Cloud Security & Privacy Standard Slideacinfotec
 
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......centralohioissa
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityNithin Raj
 
Pbl Intro
Pbl IntroPbl Intro
Pbl IntroT Norfar
 
Materi perdana 24_02_2014
Materi perdana 24_02_2014Materi perdana 24_02_2014
Materi perdana 24_02_2014sulaiman yunus
 

More Related Content

What's hot

Data security in the cloud
Data security in the cloud Data security in the cloud
Data security in the cloud IBM Security
 
Key Security Insights: Examining 2014 to predict emerging threats
Key Security Insights: Examining 2014 to predict emerging threats Key Security Insights: Examining 2014 to predict emerging threats
Key Security Insights: Examining 2014 to predict emerging threats Dell World
 
Client Security Strategies To Defeat Advanced Threats
Client Security Strategies To Defeat Advanced ThreatsClient Security Strategies To Defeat Advanced Threats
Client Security Strategies To Defeat Advanced ThreatsDell World
 
MT81 Keys to Successful Enterprise IoT Initiatives
MT81 Keys to Successful Enterprise IoT InitiativesMT81 Keys to Successful Enterprise IoT Initiatives
MT81 Keys to Successful Enterprise IoT InitiativesDell EMC World
 
RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...
RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...
RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...RightScale
 
CCSK Certificate of Cloud Computing Knowledge - overview
CCSK Certificate of Cloud Computing Knowledge - overviewCCSK Certificate of Cloud Computing Knowledge - overview
CCSK Certificate of Cloud Computing Knowledge - overviewPeter HJ van Eijk
 
Security in the Cloud: Tips on How to Protect Your Data
Security in the Cloud: Tips on How to Protect Your DataSecurity in the Cloud: Tips on How to Protect Your Data
Security in the Cloud: Tips on How to Protect Your DataProcore Technologies
 
Jack Nichelson - Information Security Metrics - Practical Security Metrics
Jack Nichelson - Information Security Metrics - Practical Security MetricsJack Nichelson - Information Security Metrics - Practical Security Metrics
Jack Nichelson - Information Security Metrics - Practical Security Metricscentralohioissa
 
Getting Your IT Security Learners Ready for the Cloud with CCSK Certification
Getting Your IT Security Learners Ready for the Cloud with CCSK CertificationGetting Your IT Security Learners Ready for the Cloud with CCSK Certification
Getting Your IT Security Learners Ready for the Cloud with CCSK CertificationITpreneurs
 
Bil Harmer - Myths of Cloud Security Debunked!
Bil Harmer - Myths of Cloud Security Debunked!Bil Harmer - Myths of Cloud Security Debunked!
Bil Harmer - Myths of Cloud Security Debunked!centralohioissa
 
Lisa Guess - Embracing the Cloud
Lisa Guess - Embracing the CloudLisa Guess - Embracing the Cloud
Lisa Guess - Embracing the Cloudcentralohioissa
 
MT54 Better security is better business
MT54 Better security is better businessMT54 Better security is better business
MT54 Better security is better businessDell EMC World
 
Optimize IT Infrastructure
Optimize IT InfrastructureOptimize IT Infrastructure
Optimize IT InfrastructureScalar Decisions
 
The Notorious 9 Cloud Computing Threats - CSA Congress, San Jose
The Notorious 9 Cloud Computing Threats - CSA Congress, San JoseThe Notorious 9 Cloud Computing Threats - CSA Congress, San Jose
The Notorious 9 Cloud Computing Threats - CSA Congress, San JoseMoshe Ferber
 
Cloud Security & Privacy Standard Slide
Cloud Security & Privacy Standard SlideCloud Security & Privacy Standard Slide
Cloud Security & Privacy Standard Slideacinfotec
 
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......centralohioissa
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityNithin Raj
 

What's hot (20)

Data security in the cloud
Data security in the cloud Data security in the cloud
Data security in the cloud
 
Key Security Insights: Examining 2014 to predict emerging threats
Key Security Insights: Examining 2014 to predict emerging threats Key Security Insights: Examining 2014 to predict emerging threats
Key Security Insights: Examining 2014 to predict emerging threats
 
Client Security Strategies To Defeat Advanced Threats
Client Security Strategies To Defeat Advanced ThreatsClient Security Strategies To Defeat Advanced Threats
Client Security Strategies To Defeat Advanced Threats
 
Cloud security
Cloud securityCloud security
Cloud security
 
Cloud security
Cloud securityCloud security
Cloud security
 
MT81 Keys to Successful Enterprise IoT Initiatives
MT81 Keys to Successful Enterprise IoT InitiativesMT81 Keys to Successful Enterprise IoT Initiatives
MT81 Keys to Successful Enterprise IoT Initiatives
 
Security As A Service In Cloud(SECaaS)
Security As A Service In Cloud(SECaaS)Security As A Service In Cloud(SECaaS)
Security As A Service In Cloud(SECaaS)
 
RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...
RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...
RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...
 
CCSK Certificate of Cloud Computing Knowledge - overview
CCSK Certificate of Cloud Computing Knowledge - overviewCCSK Certificate of Cloud Computing Knowledge - overview
CCSK Certificate of Cloud Computing Knowledge - overview
 
Security in the Cloud: Tips on How to Protect Your Data
Security in the Cloud: Tips on How to Protect Your DataSecurity in the Cloud: Tips on How to Protect Your Data
Security in the Cloud: Tips on How to Protect Your Data
 
Jack Nichelson - Information Security Metrics - Practical Security Metrics
Jack Nichelson - Information Security Metrics - Practical Security MetricsJack Nichelson - Information Security Metrics - Practical Security Metrics
Jack Nichelson - Information Security Metrics - Practical Security Metrics
 
Getting Your IT Security Learners Ready for the Cloud with CCSK Certification
Getting Your IT Security Learners Ready for the Cloud with CCSK CertificationGetting Your IT Security Learners Ready for the Cloud with CCSK Certification
Getting Your IT Security Learners Ready for the Cloud with CCSK Certification
 
Bil Harmer - Myths of Cloud Security Debunked!
Bil Harmer - Myths of Cloud Security Debunked!Bil Harmer - Myths of Cloud Security Debunked!
Bil Harmer - Myths of Cloud Security Debunked!
 
Lisa Guess - Embracing the Cloud
Lisa Guess - Embracing the CloudLisa Guess - Embracing the Cloud
Lisa Guess - Embracing the Cloud
 
MT54 Better security is better business
MT54 Better security is better businessMT54 Better security is better business
MT54 Better security is better business
 
Optimize IT Infrastructure
Optimize IT InfrastructureOptimize IT Infrastructure
Optimize IT Infrastructure
 
The Notorious 9 Cloud Computing Threats - CSA Congress, San Jose
The Notorious 9 Cloud Computing Threats - CSA Congress, San JoseThe Notorious 9 Cloud Computing Threats - CSA Congress, San Jose
The Notorious 9 Cloud Computing Threats - CSA Congress, San Jose
 
Cloud Security & Privacy Standard Slide
Cloud Security & Privacy Standard SlideCloud Security & Privacy Standard Slide
Cloud Security & Privacy Standard Slide
 
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Security
 

Viewers also liked

Materi perdana 24_02_2014
Materi perdana 24_02_2014Materi perdana 24_02_2014
Materi perdana 24_02_2014sulaiman yunus
 
Finding a Simpler Path to Cloud
Finding a Simpler Path to CloudFinding a Simpler Path to Cloud
Finding a Simpler Path to CloudDell World
 
What is RSS? or Rich Site Syndication?
What is RSS? or Rich Site Syndication?What is RSS? or Rich Site Syndication?
What is RSS? or Rich Site Syndication?Yogesh M. A.
 
Education on the Cloud: Researching Student-Centred Cloud-Based Learning Pros...
Education on the Cloud: Researching Student-Centred Cloud-Based Learning Pros...Education on the Cloud: Researching Student-Centred Cloud-Based Learning Pros...
Education on the Cloud: Researching Student-Centred Cloud-Based Learning Pros...Karl Donert
 
Conozcamos Cloud Learning
Conozcamos Cloud LearningConozcamos Cloud Learning
Conozcamos Cloud LearningBea Sa
 
HP Cloud System Definition
HP Cloud System DefinitionHP Cloud System Definition
HP Cloud System DefinitionRien du Pre
 
Cloud Learning: Learning Environments in the Cloud Era
Cloud Learning: Learning Environments in the Cloud EraCloud Learning: Learning Environments in the Cloud Era
Cloud Learning: Learning Environments in the Cloud EraTeemu Arina
 
HP Cloud System Matrix Overview
HP Cloud System Matrix OverviewHP Cloud System Matrix Overview
HP Cloud System Matrix OverviewRien du Pre
 
Mercè tomàs tasca4.pres
Mercè tomàs tasca4.presMercè tomàs tasca4.pres
Mercè tomàs tasca4.presMercè Tomàs
 

Viewers also liked (11)

Pbl Intro
Pbl IntroPbl Intro
Pbl Intro
 
Materi perdana 24_02_2014
Materi perdana 24_02_2014Materi perdana 24_02_2014
Materi perdana 24_02_2014
 
Finding a Simpler Path to Cloud
Finding a Simpler Path to CloudFinding a Simpler Path to Cloud
Finding a Simpler Path to Cloud
 
What is RSS? or Rich Site Syndication?
What is RSS? or Rich Site Syndication?What is RSS? or Rich Site Syndication?
What is RSS? or Rich Site Syndication?
 
Education on the Cloud: Researching Student-Centred Cloud-Based Learning Pros...
Education on the Cloud: Researching Student-Centred Cloud-Based Learning Pros...Education on the Cloud: Researching Student-Centred Cloud-Based Learning Pros...
Education on the Cloud: Researching Student-Centred Cloud-Based Learning Pros...
 
Conozcamos Cloud Learning
Conozcamos Cloud LearningConozcamos Cloud Learning
Conozcamos Cloud Learning
 
HP Cloud System Definition
HP Cloud System DefinitionHP Cloud System Definition
HP Cloud System Definition
 
Cloud Learning: Learning Environments in the Cloud Era
Cloud Learning: Learning Environments in the Cloud EraCloud Learning: Learning Environments in the Cloud Era
Cloud Learning: Learning Environments in the Cloud Era
 
HP Cloud System Matrix Overview
HP Cloud System Matrix OverviewHP Cloud System Matrix Overview
HP Cloud System Matrix Overview
 
Cloud-Based Learning
Cloud-Based LearningCloud-Based Learning
Cloud-Based Learning
 
Mercè tomàs tasca4.pres
Mercè tomàs tasca4.presMercè tomàs tasca4.pres
Mercè tomàs tasca4.pres
 

Similar to Cloud security: Accelerating cloud adoption

Steve Chambers - Cloud for GrownUps ITSM17
Steve Chambers - Cloud for GrownUps ITSM17Steve Chambers - Cloud for GrownUps ITSM17
Steve Chambers - Cloud for GrownUps ITSM17itSMF UK
 
Simplifying The Cloud Top 10 Questions By SMBs
Simplifying The Cloud Top 10 Questions By SMBsSimplifying The Cloud Top 10 Questions By SMBs
Simplifying The Cloud Top 10 Questions By SMBsSun Digital, Inc.
 
Building Cloud capability for startups
Building Cloud capability for startupsBuilding Cloud capability for startups
Building Cloud capability for startupsSekhar Mohanty
 
Shared responsibility - a model for good cloud security
Shared responsibility - a model for good cloud securityShared responsibility - a model for good cloud security
Shared responsibility - a model for good cloud securityJisc
 
Shared responsibility - a model for good cloud security
Shared responsibility - a model for good cloud securityShared responsibility - a model for good cloud security
Shared responsibility - a model for good cloud securityAndy Powell
 
Navigating through the Cloud - 7 feb 2012 at Institute for Information Manage...
Navigating through the Cloud - 7 feb 2012 at Institute for Information Manage...Navigating through the Cloud - 7 feb 2012 at Institute for Information Manage...
Navigating through the Cloud - 7 feb 2012 at Institute for Information Manage...Livingstone Advisory
 
DOIS22 Why you need Cloud-agnostic practices to fuel your DevSecOps adoption ...
DOIS22 Why you need Cloud-agnostic practices to fuel your DevSecOps adoption ...DOIS22 Why you need Cloud-agnostic practices to fuel your DevSecOps adoption ...
DOIS22 Why you need Cloud-agnostic practices to fuel your DevSecOps adoption ...Turja Narayan Chaudhuri
 
Cheatsheet for your cloud project
Cheatsheet for your cloud projectCheatsheet for your cloud project
Cheatsheet for your cloud projectPetteri Heino
 
110307 cloud security requirements gourley
110307 cloud security requirements gourley110307 cloud security requirements gourley
110307 cloud security requirements gourleyGovCloud Network
 
The wonders of Cloud Computing.pptx
The wonders of Cloud Computing.pptxThe wonders of Cloud Computing.pptx
The wonders of Cloud Computing.pptxOmSatpathy
 
2022 DOI SKILup Days_Your Developers Decide Your Security Posture_Not Your Se...
2022 DOI SKILup Days_Your Developers Decide Your Security Posture_Not Your Se...2022 DOI SKILup Days_Your Developers Decide Your Security Posture_Not Your Se...
2022 DOI SKILup Days_Your Developers Decide Your Security Posture_Not Your Se...Turja Narayan Chaudhuri
 
10-steps to the cloud for SMBs, fasthosts
10-steps to the cloud for SMBs, fasthosts10-steps to the cloud for SMBs, fasthosts
10-steps to the cloud for SMBs, fasthostsInternet World
 
Keynote Information Security days Luxembourg 2015
Keynote Information Security days Luxembourg 2015Keynote Information Security days Luxembourg 2015
Keynote Information Security days Luxembourg 2015Claus Cramon Houmann
 
The End of Security as We Know It - Shannon Lietz
The End of Security as We Know It - Shannon LietzThe End of Security as We Know It - Shannon Lietz
The End of Security as We Know It - Shannon LietzSeniorStoryteller
 
best practices-managing_security_in_the hybrid cloud
best practices-managing_security_in_the hybrid cloud best practices-managing_security_in_the hybrid cloud
best practices-managing_security_in_the hybrid cloudAlgoSec
 
5 Mysteries of the Cloud Revealed
5 Mysteries of the Cloud Revealed5 Mysteries of the Cloud Revealed
5 Mysteries of the Cloud RevealedCloudUniversity
 

Similar to Cloud security: Accelerating cloud adoption (20)

Steve Chambers - Cloud for GrownUps ITSM17
Steve Chambers - Cloud for GrownUps ITSM17Steve Chambers - Cloud for GrownUps ITSM17
Steve Chambers - Cloud for GrownUps ITSM17
 
Simplifying The Cloud Top 10 Questions By SMBs
Simplifying The Cloud Top 10 Questions By SMBsSimplifying The Cloud Top 10 Questions By SMBs
Simplifying The Cloud Top 10 Questions By SMBs
 
Building Cloud capability for startups
Building Cloud capability for startupsBuilding Cloud capability for startups
Building Cloud capability for startups
 
Shared responsibility - a model for good cloud security
Shared responsibility - a model for good cloud securityShared responsibility - a model for good cloud security
Shared responsibility - a model for good cloud security
 
Shared responsibility - a model for good cloud security
Shared responsibility - a model for good cloud securityShared responsibility - a model for good cloud security
Shared responsibility - a model for good cloud security
 
Cloud capability for startups
Cloud capability for startupsCloud capability for startups
Cloud capability for startups
 
Navigating through the Cloud - 7 feb 2012 at Institute for Information Manage...
Navigating through the Cloud - 7 feb 2012 at Institute for Information Manage...Navigating through the Cloud - 7 feb 2012 at Institute for Information Manage...
Navigating through the Cloud - 7 feb 2012 at Institute for Information Manage...
 
DOIS22 Why you need Cloud-agnostic practices to fuel your DevSecOps adoption ...
DOIS22 Why you need Cloud-agnostic practices to fuel your DevSecOps adoption ...DOIS22 Why you need Cloud-agnostic practices to fuel your DevSecOps adoption ...
DOIS22 Why you need Cloud-agnostic practices to fuel your DevSecOps adoption ...
 
Cheatsheet for your cloud project
Cheatsheet for your cloud projectCheatsheet for your cloud project
Cheatsheet for your cloud project
 
110307 cloud security requirements gourley
110307 cloud security requirements gourley110307 cloud security requirements gourley
110307 cloud security requirements gourley
 
3.pptx
3.pptx3.pptx
3.pptx
 
The wonders of Cloud Computing.pptx
The wonders of Cloud Computing.pptxThe wonders of Cloud Computing.pptx
The wonders of Cloud Computing.pptx
 
2022 DOI SKILup Days_Your Developers Decide Your Security Posture_Not Your Se...
2022 DOI SKILup Days_Your Developers Decide Your Security Posture_Not Your Se...2022 DOI SKILup Days_Your Developers Decide Your Security Posture_Not Your Se...
2022 DOI SKILup Days_Your Developers Decide Your Security Posture_Not Your Se...
 
Discovering cloudnine
Discovering cloudnineDiscovering cloudnine
Discovering cloudnine
 
10-steps to the cloud for SMBs, fasthosts
10-steps to the cloud for SMBs, fasthosts10-steps to the cloud for SMBs, fasthosts
10-steps to the cloud for SMBs, fasthosts
 
6 Effective Ways to Evaluate Your On-Premise Law Software
6 Effective Ways to Evaluate Your On-Premise Law Software6 Effective Ways to Evaluate Your On-Premise Law Software
6 Effective Ways to Evaluate Your On-Premise Law Software
 
Keynote Information Security days Luxembourg 2015
Keynote Information Security days Luxembourg 2015Keynote Information Security days Luxembourg 2015
Keynote Information Security days Luxembourg 2015
 
The End of Security as We Know It - Shannon Lietz
The End of Security as We Know It - Shannon LietzThe End of Security as We Know It - Shannon Lietz
The End of Security as We Know It - Shannon Lietz
 
best practices-managing_security_in_the hybrid cloud
best practices-managing_security_in_the hybrid cloud best practices-managing_security_in_the hybrid cloud
best practices-managing_security_in_the hybrid cloud
 
5 Mysteries of the Cloud Revealed
5 Mysteries of the Cloud Revealed5 Mysteries of the Cloud Revealed
5 Mysteries of the Cloud Revealed
 

More from Dell World

Dell Data Center Networking Overview
Dell Data Center Networking OverviewDell Data Center Networking Overview
Dell Data Center Networking OverviewDell World
 
Dell Storage Management
Dell Storage ManagementDell Storage Management
Dell Storage ManagementDell World
 
Dell Networking Wired, Wireless and Security Solutions Lab
Dell Networking Wired, Wireless and Security Solutions LabDell Networking Wired, Wireless and Security Solutions Lab
Dell Networking Wired, Wireless and Security Solutions LabDell World
 
2020 Vision For Your Network
2020 Vision For Your Network2020 Vision For Your Network
2020 Vision For Your NetworkDell World
 
Dell Cloud Manager Overview
Dell Cloud Manager OverviewDell Cloud Manager Overview
Dell Cloud Manager OverviewDell World
 
Dell PowerEdge Zero Touch Provisioning
Dell PowerEdge Zero Touch ProvisioningDell PowerEdge Zero Touch Provisioning
Dell PowerEdge Zero Touch ProvisioningDell World
 
Simplifying Systems Management
Simplifying Systems ManagementSimplifying Systems Management
Simplifying Systems ManagementDell World
 
Channel Partners: Lead with Dell Software Solutions
Channel Partners: Lead with Dell Software SolutionsChannel Partners: Lead with Dell Software Solutions
Channel Partners: Lead with Dell Software SolutionsDell World
 
Innovating Teaching & Learning: Next Generation Student Access Model
Innovating Teaching & Learning: Next Generation Student Access ModelInnovating Teaching & Learning: Next Generation Student Access Model
Innovating Teaching & Learning: Next Generation Student Access ModelDell World
 
Executing on the promise of the Internet of Things (IoT)
Executing on the promise of the Internet of Things (IoT)Executing on the promise of the Internet of Things (IoT)
Executing on the promise of the Internet of Things (IoT)Dell World
 
Focus on business, not backups
Focus on business, not backupsFocus on business, not backups
Focus on business, not backupsDell World
 
NVMe PCIe and TLC V-NAND It’s about Time
NVMe PCIe and TLC V-NAND It’s about TimeNVMe PCIe and TLC V-NAND It’s about Time
NVMe PCIe and TLC V-NAND It’s about TimeDell World
 
The Keys To A Successful Identity And Access Management Program: How Does You...
The Keys To A Successful Identity And Access Management Program: How Does You...The Keys To A Successful Identity And Access Management Program: How Does You...
The Keys To A Successful Identity And Access Management Program: How Does You...Dell World
 
What a data-centric strategy gives you that others do not
What a data-centric strategy gives you that others do notWhat a data-centric strategy gives you that others do not
What a data-centric strategy gives you that others do notDell World
 
Cloud: To Build or Buy - Can You Justify On-Premises IT?
Cloud: To Build or Buy - Can You Justify On-Premises IT?Cloud: To Build or Buy - Can You Justify On-Premises IT?
Cloud: To Build or Buy - Can You Justify On-Premises IT?Dell World
 
Detecting advanced and evasive threats on the network
Detecting advanced and evasive threats on the networkDetecting advanced and evasive threats on the network
Detecting advanced and evasive threats on the networkDell World
 
So You Need To Build A Private Cloud. What Now? Best Practices For Building Y...
So You Need To Build A Private Cloud. What Now? Best Practices For Building Y...So You Need To Build A Private Cloud. What Now? Best Practices For Building Y...
So You Need To Build A Private Cloud. What Now? Best Practices For Building Y...Dell World
 
Client solutions for the modern workforce
Client solutions for the modern workforceClient solutions for the modern workforce
Client solutions for the modern workforceDell World
 
Prescriptive Cloud Services for the Future Ready Enterprise
Prescriptive Cloud Services for the Future Ready EnterprisePrescriptive Cloud Services for the Future Ready Enterprise
Prescriptive Cloud Services for the Future Ready EnterpriseDell World
 
Data Movement, Management and Governance In The Cloud: DocuSign Case Study
Data Movement, Management and Governance In The Cloud: DocuSign Case StudyData Movement, Management and Governance In The Cloud: DocuSign Case Study
Data Movement, Management and Governance In The Cloud: DocuSign Case StudyDell World
 

More from Dell World (20)

Dell Data Center Networking Overview
Dell Data Center Networking OverviewDell Data Center Networking Overview
Dell Data Center Networking Overview
 
Dell Storage Management
Dell Storage ManagementDell Storage Management
Dell Storage Management
 
Dell Networking Wired, Wireless and Security Solutions Lab
Dell Networking Wired, Wireless and Security Solutions LabDell Networking Wired, Wireless and Security Solutions Lab
Dell Networking Wired, Wireless and Security Solutions Lab
 
2020 Vision For Your Network
2020 Vision For Your Network2020 Vision For Your Network
2020 Vision For Your Network
 
Dell Cloud Manager Overview
Dell Cloud Manager OverviewDell Cloud Manager Overview
Dell Cloud Manager Overview
 
Dell PowerEdge Zero Touch Provisioning
Dell PowerEdge Zero Touch ProvisioningDell PowerEdge Zero Touch Provisioning
Dell PowerEdge Zero Touch Provisioning
 
Simplifying Systems Management
Simplifying Systems ManagementSimplifying Systems Management
Simplifying Systems Management
 
Channel Partners: Lead with Dell Software Solutions
Channel Partners: Lead with Dell Software SolutionsChannel Partners: Lead with Dell Software Solutions
Channel Partners: Lead with Dell Software Solutions
 
Innovating Teaching & Learning: Next Generation Student Access Model
Innovating Teaching & Learning: Next Generation Student Access ModelInnovating Teaching & Learning: Next Generation Student Access Model
Innovating Teaching & Learning: Next Generation Student Access Model
 
Executing on the promise of the Internet of Things (IoT)
Executing on the promise of the Internet of Things (IoT)Executing on the promise of the Internet of Things (IoT)
Executing on the promise of the Internet of Things (IoT)
 
Focus on business, not backups
Focus on business, not backupsFocus on business, not backups
Focus on business, not backups
 
NVMe PCIe and TLC V-NAND It’s about Time
NVMe PCIe and TLC V-NAND It’s about TimeNVMe PCIe and TLC V-NAND It’s about Time
NVMe PCIe and TLC V-NAND It’s about Time
 
The Keys To A Successful Identity And Access Management Program: How Does You...
The Keys To A Successful Identity And Access Management Program: How Does You...The Keys To A Successful Identity And Access Management Program: How Does You...
The Keys To A Successful Identity And Access Management Program: How Does You...
 
What a data-centric strategy gives you that others do not
What a data-centric strategy gives you that others do notWhat a data-centric strategy gives you that others do not
What a data-centric strategy gives you that others do not
 
Cloud: To Build or Buy - Can You Justify On-Premises IT?
Cloud: To Build or Buy - Can You Justify On-Premises IT?Cloud: To Build or Buy - Can You Justify On-Premises IT?
Cloud: To Build or Buy - Can You Justify On-Premises IT?
 
Detecting advanced and evasive threats on the network
Detecting advanced and evasive threats on the networkDetecting advanced and evasive threats on the network
Detecting advanced and evasive threats on the network
 
So You Need To Build A Private Cloud. What Now? Best Practices For Building Y...
So You Need To Build A Private Cloud. What Now? Best Practices For Building Y...So You Need To Build A Private Cloud. What Now? Best Practices For Building Y...
So You Need To Build A Private Cloud. What Now? Best Practices For Building Y...
 
Client solutions for the modern workforce
Client solutions for the modern workforceClient solutions for the modern workforce
Client solutions for the modern workforce
 
Prescriptive Cloud Services for the Future Ready Enterprise
Prescriptive Cloud Services for the Future Ready EnterprisePrescriptive Cloud Services for the Future Ready Enterprise
Prescriptive Cloud Services for the Future Ready Enterprise
 
Data Movement, Management and Governance In The Cloud: DocuSign Case Study
Data Movement, Management and Governance In The Cloud: DocuSign Case StudyData Movement, Management and Governance In The Cloud: DocuSign Case Study
Data Movement, Management and Governance In The Cloud: DocuSign Case Study
 

Recently uploaded

Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 

Recently uploaded (20)

Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 

Cloud security: Accelerating cloud adoption

  • 1. MT 37 Cloud Security Accelerating Cloud Adoption
  • 2. Here’s How It Sometimes Goes • Someone says “Hey! Cloud is faster. Cloud is less expensive. Cloud is easier. Let’s do cloud!” – And what they mean is usually public cloud • So a cloud initiative is created • The security function, if they are consulted at all, has to catch up as this is often a done deal long before security is considered
  • 3. Another Way It Sometimes Goes • Someone says “Hey! Cloud is faster. Cloud is less expensive. Cloud is easier. Let’s do cloud!” • But someone else says “Wait! What about security! Do we really want to put our <important apps and data> in someone else’s data center?” • And the security function gets blamed for saying “no” and standing in the way of “business process innovation”. – Or the security function says “no”, everybody pauses, and then says “Let’s do it anyway!”
  • 4. Yet Another Way It Sometimes Goes • CEO or CFO suddenly “notices” public cloud spend o Gets a bill from a provider o Sees a number of expenses from same place • Says “Wow! Why are we spending so much on cloud?” o Then comes a phase where the company creates an intentional strategy about using cloud • Again, the security function must catch up to what has happened
  • 5. Either Way, You Are Not Alone • Security is one of the biggest challenges in the transition into cloud o Added on as an afterthought o Or treated as a roadblock • This presentation: o Talks about how clients adopt cloud – Five phases of adoption – Things to consider at each phase – When you’re too big for cloud o Discusses the shared security responsibility model o How you should manage your cloud security – Do it yourself – Get help
  • 6. The Five Stages of Cloud Adoption Virtualized datacenters, but no active plan for 3rd- party cloud Recognition of need for plan, but not there yet. Plan in development Active projects to move individual workstreams to cloud, often for new internally-developed applications. No formal security architecture yet Design for cloud as primary or exclusive datacenter. Accompanied by a thought- out security strategy Cloud does not offer cost savings at massive scale Likelihood of Shadow IT
  • 7. Two Epiphanies 1 2 • “Hey, we’re spending a lot on cloud already – we should have a plan.” • “Hey, this cloud really delivers a lot of advantages. We should have a plan.” • “Hey, we’re spending so much on cloud and we’re not really seeing the savings we expected. Maybe we should bring this back in house?” • Relatively few organizations will get here.
  • 8. Things to Think About At Each Phase Plan • Create a security reference architecture for your cloud presence • Select multiple cloud providers and evaluate their security approaches & their terms • Create a governance model for what data is allowed in the cloud and what is not Transition • Reconsider the architecture of your applications (forklift v. redesign) • Test your applications once they’re in cloud (pen test, red team) • Extend your security operations model (scanning, patching) to include cloud Dept/Dev • You generally care about the same security controls in cloud as in traditional data center • Consider how your security model needs to change in response to cloud (pets v. cattle) • Consider incident response planning and/or retainer All-In • Your security operational model must be fully implemented in this phase • Forensics readiness is very important – will you know what to do if there’s an incident Too Big • Security for pets v. Security for cattle • Incident Response and Threat Intelligence become even more critical here
  • 10. What This Means • Cloud Providers generally have excellent cloud infrastructure security o It is designed to protect THEM; it is NOT DESIGNED to protect YOU • Security of YOUR application and YOUR data in the cloud is YOUR responsibility • If you put an unpatched Windows server on a public IP address in a well-defended public cloud, it will be compromised in seconds
  • 11. How to Manage Your Cloud Security – Option A • Public cloud security infrastructure MUST be managed and monitored just like anything else. • You can certainly do it yourself • 10 things to consider:…
  • 12. Security in Public Clouds: 10 Things To Consider 1. Make sure you understand where your provider's responsibilities end and yours begin. Understand how your service provide is willing to work with you. Understand the role they play in your operational security. Understand their security & limits on their liability. 2. Make sure you have the right to audit your environment. 3. Make sure your data and applications are mobile and not locked into a proprietary format. 4. Make sure you have a method for retrieving/removing your application(s) and data. 5. Encrypt your data where possible. Encrypt your data where impossible. Ensure your cloud provider does not have keys. 6. Monitor everything -- server activity, user activity, device activity, data in motion. 7. Make sure your identity and access management solution is robust and cloud-aware. Tie it into your existing systems for increased user adoption and lower management costs. 8. Back up your data and applications regularly – when it’s gone in cloud, it’s gone forever. 9. Ensure you have incident response plan and adequate forensics data. Forensics in cloud can be harder. 10. Ensure that you budget for your security infrastructure. Don’t get surprised by unexpected compute, storage, or network transfer costs associated with your security infrastructure.
  • 13. How to Manage Your Cloud Security – Option B Incident ManagementManaged Security Security and Risk Consulting Managed Vulnerability & Web App Scanning Managed Network IPS Security Design & Architecture Service Cloud Security Strategy & Risk Assessment Incident Management Retainer Penetration Tests WASA for Cloud Web API Testing Cloud Vendor Security Assessment Advanced Penetration Tests Remote Red Team PCI, HIPAA, GLBA, FISMA, EI3PA Emergency Incident Response Monitored Firewall Monitored WAF Monitored Elastic Server Group Logs
  • 14. Resources Browse: • dell.com/security • powermore.dell.com • Secureworks.com Watch: Dell YouTube Channel Interact: @DellSecurity @DellSecureWorks