SlideShare ist ein Scribd-Unternehmen logo

Confraria Security 17 June - Cloud Security

Vitor Domingos
Vitor Domingos

Cloud Computing Security in Confraria Security & IT, 3rd meeting in Lisbon

Technologie
1 von 21
Downloaden Sie, um offline zu lesen
Cloud Computing Security by Vitor Domingos intrepid and professional basher http://vitordomingos.com
* as seen on regular weather channel
Cloud Computing is ? - Network as a “cloud” - Network is the computer (SUN moto) - TCP/IP abstraction (1st cloud) - www data abstraction (2nd cloud) - Virtualization (3rd cloud) Bottom line: - Virtualization done right, with webservices
Cloud Computing is ! - on-demand self-service - ubiquitous network access - location independent resource pooling - rapid elasticity - measured service - pay as you go - abstract resources
CCaaS - Software as a Service - SalesForce - Platform as a Service - Google App Engine - Microsoft Azure - Infrastructure as a Service - Rackspace Mosso - Amazon Web Services
Cloud Computing leverages - Virtualization - Multi-Tenancy - Massive Scale - Autonomic Computing - Distributed Environment - Security Technologies - Service Oriented
Security in the Cloud
Only the paranoid survive! - Key issues trust, trust, multi-tenancy, trust, encryption, compliance - Massive complex systems running on functional units - Certification & Audit - Loss of physical control - Interoperability - Accountability
please, keep in mind that - Shared hell: - Hardware - Memory - Disks - NIC's (Virtual) - Cache Snooping - Hypervisor Attacks - Persistent Root Kits - Password Cracking - Broken or stolen key rings / authorization federation - Never ending logs
Great things do come - Provisioning - Rapid reconstitution of services - Storage fragmented - Security layers (auth, firewall, logging, …) - Network and Security perimeters - Virtual Zoning - Fault tolerance
Challenges - Data dispersal and international privacy laws - Isolation management & Multi-Tenancy - Certification (SAS 70 Type II audits and ISO 27001) - Data ownership - QoS & SLA's garantees - Secure Hypervisors
Challenges - Massive outages - Service bottle necks; DNS as your best friend - Encryption needs cloud resources, applications, storage, services - Disaster recovery and contingency plans - If you have it on Auto mode, you won't see it coming - Honey for hackers
ToDo - Network with VPN and VLAN's - SLA's; read the fine prints - Backup and recover often; Risk assessment - Log (out of there) as if the world ended tomorrow - Plan for failure - YOU secure!!! - Sandbox, Sandbox, Sandbox
You're not alone - Security Groups IBM; SUN; Amazon; ISV - Cloud Security Alliance (awesome guide!!) - OpenCloud Manifesto & Amazon Security Paper - Cloud Computing ML at Google Groups - Legal Cloud's - Vivek Kundra, USA CTO, did it, so as Facebook, New York Times and Nasdaq (on AWS)
Wrap up - Plan - Encrypt - Backup - Secure - Audit - Sandbox (check my last year sapo codebits talk) - http://codebits.sapo.pt/files/aws_23.pdf - Trust
mail: vd@prt.sc ? site: http://vitordomingos.com

Empfohlen

ISACA Cloud Security Presentation 2013-09-24
ISACA Cloud Security Presentation 2013-09-24ISACA Cloud Security Presentation 2013-09-24
ISACA Cloud Security Presentation 2013-09-24Major Hayden
 
Is your distributed system secure?
Is your distributed system secure?Is your distributed system secure?
Is your distributed system secure?Lacey Trebaol
 
Decentralized Cloud Storage-Storjio
Decentralized Cloud Storage-StorjioDecentralized Cloud Storage-Storjio
Decentralized Cloud Storage-StorjioAlireza Nouri
 
Webair-Facilities
Webair-FacilitiesWebair-Facilities
Webair-FacilitiesAndrew Paladino
 
The Cloud Done Right
The Cloud Done RightThe Cloud Done Right
The Cloud Done RightIntel Corporation
 
Cloud computing
Cloud computingCloud computing
Cloud computingHaniel Zadok
 
N cryptedcloud
N cryptedcloudN cryptedcloud
N cryptedclouddavish107
 
CipherWire Networks - SafeNet KeySecure
CipherWire Networks - SafeNet KeySecureCipherWire Networks - SafeNet KeySecure
CipherWire Networks - SafeNet KeySecurecnnetwork
 

Empfohlen

ISACA Cloud Security Presentation 2013-09-24
ISACA Cloud Security Presentation 2013-09-24ISACA Cloud Security Presentation 2013-09-24
ISACA Cloud Security Presentation 2013-09-24Major Hayden
 
Is your distributed system secure?
Is your distributed system secure?Is your distributed system secure?
Is your distributed system secure?Lacey Trebaol
 
Decentralized Cloud Storage-Storjio
Decentralized Cloud Storage-StorjioDecentralized Cloud Storage-Storjio
Decentralized Cloud Storage-StorjioAlireza Nouri
 
Webair-Facilities
Webair-FacilitiesWebair-Facilities
Webair-FacilitiesAndrew Paladino
 
The Cloud Done Right
The Cloud Done RightThe Cloud Done Right
The Cloud Done RightIntel Corporation
 
Cloud computing
Cloud computingCloud computing
Cloud computingHaniel Zadok
 
N cryptedcloud
N cryptedcloudN cryptedcloud
N cryptedclouddavish107
 
CipherWire Networks - SafeNet KeySecure
CipherWire Networks - SafeNet KeySecureCipherWire Networks - SafeNet KeySecure
CipherWire Networks - SafeNet KeySecurecnnetwork
 
年轻人媒体主张
年轻人媒体主张年轻人媒体主张
年轻人媒体主张Kantar Media CIC
 
Iwom watch 2nd half year review 2006:“You”— Time’s Person of the Year - also ...
Iwom watch 2nd half year review 2006:“You”— Time’s Person of the Year - also ...Iwom watch 2nd half year review 2006:“You”— Time’s Person of the Year - also ...
Iwom watch 2nd half year review 2006:“You”— Time’s Person of the Year - also ...Kantar Media CIC
 
Resultados twitter Curling Nevada Barcelona 1
Resultados twitter Curling Nevada Barcelona 1Resultados twitter Curling Nevada Barcelona 1
Resultados twitter Curling Nevada Barcelona 1Selva Orejón
 
Buckets and Vessels
Buckets and VesselsBuckets and Vessels
Buckets and VesselsAaron Cope
 
Web 2.0 Business Models
Web 2.0 Business ModelsWeb 2.0 Business Models
Web 2.0 Business ModelsAnabelle P
 
ETech 09, notes and links
ETech 09, notes and linksETech 09, notes and links
ETech 09, notes and linksAaron Cope
 
we need / MOAR dragons
we need / MOAR dragonswe need / MOAR dragons
we need / MOAR dragonsAaron Cope
 
信息图:2008 - 2014 CIC中国社会化媒体格局图的变迁
信息图:2008 - 2014 CIC中国社会化媒体格局图的变迁信息图:2008 - 2014 CIC中国社会化媒体格局图的变迁
信息图:2008 - 2014 CIC中国社会化媒体格局图的变迁Kantar Media CIC
 
Agency Is the Intelligent Design of the Internet
Agency Is the Intelligent Design of the InternetAgency Is the Intelligent Design of the Internet
Agency Is the Intelligent Design of the InternetAaron Cope
 
Portuguese Cloud Computing Architects - 2nd Meeting
Portuguese Cloud Computing Architects - 2nd MeetingPortuguese Cloud Computing Architects - 2nd Meeting
Portuguese Cloud Computing Architects - 2nd MeetingVitor Domingos
 
Why the cloud is more secure than your existing systems
Why the cloud is more secure than your existing systemsWhy the cloud is more secure than your existing systems
Why the cloud is more secure than your existing systemsErnest Mueller
 
Cloud Breach - Forensics Audit Planning
Cloud Breach - Forensics Audit PlanningCloud Breach - Forensics Audit Planning
Cloud Breach - Forensics Audit PlanningValdez Ladd MBA, CISSP, CISA,
 
Best Practices in Secure Cloud Migration
Best Practices in Secure Cloud MigrationBest Practices in Secure Cloud Migration
Best Practices in Secure Cloud MigrationCloudHesive
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computingharit66
 
Architecting Data Services for the Cloud: Security Considerations and Best Pr...
Architecting Data Services for the Cloud: Security Considerations and Best Pr...Architecting Data Services for the Cloud: Security Considerations and Best Pr...
Architecting Data Services for the Cloud: Security Considerations and Best Pr...Adnene Guabtni
 
Cloud Computing E-Lect.ppt
Cloud Computing E-Lect.pptCloud Computing E-Lect.ppt
Cloud Computing E-Lect.pptarunimaarunima1
 
A Cloud Security Ghost Story Craig Balding
A Cloud Security Ghost Story Craig BaldingA Cloud Security Ghost Story Craig Balding
A Cloud Security Ghost Story Craig Baldingcraigbalding
 
Cloud Spotting 2017: An overview of cloud computing
Cloud Spotting 2017: An overview of cloud computingCloud Spotting 2017: An overview of cloud computing
Cloud Spotting 2017: An overview of cloud computingPatrice Kerremans
 
Zubair
ZubairZubair
ZubairMuhammad Zubair
 
Cloud and its job oppertunities
Cloud and its job oppertunitiesCloud and its job oppertunities
Cloud and its job oppertunitiesRamya SK
 
Building A Cloud Security Strategy for Scale
Building A Cloud Security Strategy for ScaleBuilding A Cloud Security Strategy for Scale
Building A Cloud Security Strategy for ScaleChris Farris
 
Get Your Head in the Cloud: A Practical Model for Enterprise Cloud Security
Get Your Head in the Cloud: A Practical Model for Enterprise Cloud SecurityGet Your Head in the Cloud: A Practical Model for Enterprise Cloud Security
Get Your Head in the Cloud: A Practical Model for Enterprise Cloud SecuritySymantec
 

Weitere ähnliche Inhalte

Andere mochten auch

Iwom watch 2nd half year review 2006:“You”— Time’s Person of the Year - also ...
Iwom watch 2nd half year review 2006:“You”— Time’s Person of the Year - also ...Iwom watch 2nd half year review 2006:“You”— Time’s Person of the Year - also ...
Iwom watch 2nd half year review 2006:“You”— Time’s Person of the Year - also ...Kantar Media CIC
 
Resultados twitter Curling Nevada Barcelona 1
Resultados twitter Curling Nevada Barcelona 1Resultados twitter Curling Nevada Barcelona 1
Resultados twitter Curling Nevada Barcelona 1Selva Orejón
 
Buckets and Vessels
Buckets and VesselsBuckets and Vessels
Buckets and VesselsAaron Cope
 
Web 2.0 Business Models
Web 2.0 Business ModelsWeb 2.0 Business Models
Web 2.0 Business ModelsAnabelle P
 
ETech 09, notes and links
ETech 09, notes and linksETech 09, notes and links
ETech 09, notes and linksAaron Cope
 
we need / MOAR dragons
we need / MOAR dragonswe need / MOAR dragons
we need / MOAR dragonsAaron Cope
 
信息图:2008 - 2014 CIC中国社会化媒体格局图的变迁
信息图:2008 - 2014 CIC中国社会化媒体格局图的变迁信息图:2008 - 2014 CIC中国社会化媒体格局图的变迁
信息图:2008 - 2014 CIC中国社会化媒体格局图的变迁Kantar Media CIC
 
Agency Is the Intelligent Design of the Internet
Agency Is the Intelligent Design of the InternetAgency Is the Intelligent Design of the Internet
Agency Is the Intelligent Design of the InternetAaron Cope
 

Andere mochten auch (9)

年轻人媒体主张
年轻人媒体主张年轻人媒体主张
年轻人媒体主张
 
Iwom watch 2nd half year review 2006:“You”— Time’s Person of the Year - also ...
Iwom watch 2nd half year review 2006:“You”— Time’s Person of the Year - also ...Iwom watch 2nd half year review 2006:“You”— Time’s Person of the Year - also ...
Iwom watch 2nd half year review 2006:“You”— Time’s Person of the Year - also ...
 
Resultados twitter Curling Nevada Barcelona 1
Resultados twitter Curling Nevada Barcelona 1Resultados twitter Curling Nevada Barcelona 1
Resultados twitter Curling Nevada Barcelona 1
 
Buckets and Vessels
Buckets and VesselsBuckets and Vessels
Buckets and Vessels
 
Web 2.0 Business Models
Web 2.0 Business ModelsWeb 2.0 Business Models
Web 2.0 Business Models
 
ETech 09, notes and links
ETech 09, notes and linksETech 09, notes and links
ETech 09, notes and links
 
we need / MOAR dragons
we need / MOAR dragonswe need / MOAR dragons
we need / MOAR dragons
 
信息图:2008 - 2014 CIC中国社会化媒体格局图的变迁
信息图:2008 - 2014 CIC中国社会化媒体格局图的变迁信息图:2008 - 2014 CIC中国社会化媒体格局图的变迁
信息图:2008 - 2014 CIC中国社会化媒体格局图的变迁
 
Agency Is the Intelligent Design of the Internet
Agency Is the Intelligent Design of the InternetAgency Is the Intelligent Design of the Internet
Agency Is the Intelligent Design of the Internet
 

Ähnlich wie Confraria Security 17 June - Cloud Security

Portuguese Cloud Computing Architects - 2nd Meeting
Portuguese Cloud Computing Architects - 2nd MeetingPortuguese Cloud Computing Architects - 2nd Meeting
Portuguese Cloud Computing Architects - 2nd MeetingVitor Domingos
 
Why the cloud is more secure than your existing systems
Why the cloud is more secure than your existing systemsWhy the cloud is more secure than your existing systems
Why the cloud is more secure than your existing systemsErnest Mueller
 
Best Practices in Secure Cloud Migration
Best Practices in Secure Cloud MigrationBest Practices in Secure Cloud Migration
Best Practices in Secure Cloud MigrationCloudHesive
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computingharit66
 
Architecting Data Services for the Cloud: Security Considerations and Best Pr...
Architecting Data Services for the Cloud: Security Considerations and Best Pr...Architecting Data Services for the Cloud: Security Considerations and Best Pr...
Architecting Data Services for the Cloud: Security Considerations and Best Pr...Adnene Guabtni
 
Cloud Computing E-Lect.ppt
Cloud Computing E-Lect.pptCloud Computing E-Lect.ppt
Cloud Computing E-Lect.pptarunimaarunima1
 
A Cloud Security Ghost Story Craig Balding
A Cloud Security Ghost Story Craig BaldingA Cloud Security Ghost Story Craig Balding
A Cloud Security Ghost Story Craig Baldingcraigbalding
 
Cloud Spotting 2017: An overview of cloud computing
Cloud Spotting 2017: An overview of cloud computingCloud Spotting 2017: An overview of cloud computing
Cloud Spotting 2017: An overview of cloud computingPatrice Kerremans
 
Cloud and its job oppertunities
Cloud and its job oppertunitiesCloud and its job oppertunities
Cloud and its job oppertunitiesRamya SK
 
Building A Cloud Security Strategy for Scale
Building A Cloud Security Strategy for ScaleBuilding A Cloud Security Strategy for Scale
Building A Cloud Security Strategy for ScaleChris Farris
 
Get Your Head in the Cloud: A Practical Model for Enterprise Cloud Security
Get Your Head in the Cloud: A Practical Model for Enterprise Cloud SecurityGet Your Head in the Cloud: A Practical Model for Enterprise Cloud Security
Get Your Head in the Cloud: A Practical Model for Enterprise Cloud SecuritySymantec
 
CloudCamp London 3 - 451 Group - William Fellows
CloudCamp London 3 - 451 Group - William FellowsCloudCamp London 3 - 451 Group - William Fellows
CloudCamp London 3 - 451 Group - William FellowsChris Purrington
 
Cyberoam-Techsheet
Cyberoam-TechsheetCyberoam-Techsheet
Cyberoam-TechsheetBaqar Kazmi
 
Issues in cloud computing
Issues in cloud computingIssues in cloud computing
Issues in cloud computingronak patel
 
Good-cyber-hygiene-at-scale-and-speed
Good-cyber-hygiene-at-scale-and-speedGood-cyber-hygiene-at-scale-and-speed
Good-cyber-hygiene-at-scale-and-speedJames '​-- Mckinlay
 
AWS Cloud Security From the Point of View of the Compliance
AWS Cloud Security From the Point of View of the ComplianceAWS Cloud Security From the Point of View of the Compliance
AWS Cloud Security From the Point of View of the ComplianceYury Chemerkin
 
Implementing Private Clouds
Implementing Private CloudsImplementing Private Clouds
Implementing Private CloudsJohn Pritchard
 
Cloud computing & aws concepts
Cloud computing & aws conceptsCloud computing & aws concepts
Cloud computing & aws conceptsABHINAV ANAND
 

Ähnlich wie Confraria Security 17 June - Cloud Security (20)

Portuguese Cloud Computing Architects - 2nd Meeting
Portuguese Cloud Computing Architects - 2nd MeetingPortuguese Cloud Computing Architects - 2nd Meeting
Portuguese Cloud Computing Architects - 2nd Meeting
 
Why the cloud is more secure than your existing systems
Why the cloud is more secure than your existing systemsWhy the cloud is more secure than your existing systems
Why the cloud is more secure than your existing systems
 
Cloud Breach - Forensics Audit Planning
Cloud Breach - Forensics Audit PlanningCloud Breach - Forensics Audit Planning
Cloud Breach - Forensics Audit Planning
 
Best Practices in Secure Cloud Migration
Best Practices in Secure Cloud MigrationBest Practices in Secure Cloud Migration
Best Practices in Secure Cloud Migration
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
Architecting Data Services for the Cloud: Security Considerations and Best Pr...
Architecting Data Services for the Cloud: Security Considerations and Best Pr...Architecting Data Services for the Cloud: Security Considerations and Best Pr...
Architecting Data Services for the Cloud: Security Considerations and Best Pr...
 
Cloud Computing E-Lect.ppt
Cloud Computing E-Lect.pptCloud Computing E-Lect.ppt
Cloud Computing E-Lect.ppt
 
A Cloud Security Ghost Story Craig Balding
A Cloud Security Ghost Story Craig BaldingA Cloud Security Ghost Story Craig Balding
A Cloud Security Ghost Story Craig Balding
 
Cloud Spotting 2017: An overview of cloud computing
Cloud Spotting 2017: An overview of cloud computingCloud Spotting 2017: An overview of cloud computing
Cloud Spotting 2017: An overview of cloud computing
 
Zubair
ZubairZubair
Zubair
 
Cloud and its job oppertunities
Cloud and its job oppertunitiesCloud and its job oppertunities
Cloud and its job oppertunities
 
Building A Cloud Security Strategy for Scale
Building A Cloud Security Strategy for ScaleBuilding A Cloud Security Strategy for Scale
Building A Cloud Security Strategy for Scale
 
Get Your Head in the Cloud: A Practical Model for Enterprise Cloud Security
Get Your Head in the Cloud: A Practical Model for Enterprise Cloud SecurityGet Your Head in the Cloud: A Practical Model for Enterprise Cloud Security
Get Your Head in the Cloud: A Practical Model for Enterprise Cloud Security
 
CloudCamp London 3 - 451 Group - William Fellows
CloudCamp London 3 - 451 Group - William FellowsCloudCamp London 3 - 451 Group - William Fellows
CloudCamp London 3 - 451 Group - William Fellows
 
Cyberoam-Techsheet
Cyberoam-TechsheetCyberoam-Techsheet
Cyberoam-Techsheet
 
Issues in cloud computing
Issues in cloud computingIssues in cloud computing
Issues in cloud computing
 
Good-cyber-hygiene-at-scale-and-speed
Good-cyber-hygiene-at-scale-and-speedGood-cyber-hygiene-at-scale-and-speed
Good-cyber-hygiene-at-scale-and-speed
 
AWS Cloud Security From the Point of View of the Compliance
AWS Cloud Security From the Point of View of the ComplianceAWS Cloud Security From the Point of View of the Compliance
AWS Cloud Security From the Point of View of the Compliance
 
Implementing Private Clouds
Implementing Private CloudsImplementing Private Clouds
Implementing Private Clouds
 
Cloud computing & aws concepts
Cloud computing & aws conceptsCloud computing & aws concepts
Cloud computing & aws concepts
 

Mehr von Vitor Domingos

Methods Digital Away Day at Guildford - Cloud Computing
Methods Digital Away Day at Guildford - Cloud ComputingMethods Digital Away Day at Guildford - Cloud Computing
Methods Digital Away Day at Guildford - Cloud ComputingVitor Domingos
 
Harvardmd comunication
Harvardmd comunicationHarvardmd comunication
Harvardmd comunicationVitor Domingos
 
Failure the mother of all success
Failure the mother of all successFailure the mother of all success
Failure the mother of all successVitor Domingos
 
How to crunch data into beautiful graphics
How to crunch data into beautiful graphicsHow to crunch data into beautiful graphics
How to crunch data into beautiful graphicsVitor Domingos
 
Social Network Panorama
Social Network PanoramaSocial Network Panorama
Social Network PanoramaVitor Domingos
 
PT Google Technical User Group - Google TV
PT Google Technical User Group - Google TVPT Google Technical User Group - Google TV
PT Google Technical User Group - Google TVVitor Domingos
 
Security is sexy again
Security is sexy againSecurity is sexy again
Security is sexy againVitor Domingos
 
Confraria Security & IT - Mobile Security
Confraria Security & IT - Mobile SecurityConfraria Security & IT - Mobile Security
Confraria Security & IT - Mobile SecurityVitor Domingos
 
Products, Services or Platforms
Products, Services or PlatformsProducts, Services or Platforms
Products, Services or PlatformsVitor Domingos
 
AWS ground zero; EC2 & S3 hands-on
AWS ground zero; EC2 & S3 hands-onAWS ground zero; EC2 & S3 hands-on
AWS ground zero; EC2 & S3 hands-onVitor Domingos
 

Mehr von Vitor Domingos (15)

Methods Digital Away Day at Guildford - Cloud Computing
Methods Digital Away Day at Guildford - Cloud ComputingMethods Digital Away Day at Guildford - Cloud Computing
Methods Digital Away Day at Guildford - Cloud Computing
 
My experience
My experienceMy experience
My experience
 
Catolica EBP - Talk
Catolica EBP - TalkCatolica EBP - Talk
Catolica EBP - Talk
 
Harvardmd comunication
Harvardmd comunicationHarvardmd comunication
Harvardmd comunication
 
Failure the mother of all success
Failure the mother of all successFailure the mother of all success
Failure the mother of all success
 
How to crunch data into beautiful graphics
How to crunch data into beautiful graphicsHow to crunch data into beautiful graphics
How to crunch data into beautiful graphics
 
Social Network Panorama
Social Network PanoramaSocial Network Panorama
Social Network Panorama
 
PT Google Technical User Group - Google TV
PT Google Technical User Group - Google TVPT Google Technical User Group - Google TV
PT Google Technical User Group - Google TV
 
Security is sexy again
Security is sexy againSecurity is sexy again
Security is sexy again
 
Confraria Security & IT - Mobile Security
Confraria Security & IT - Mobile SecurityConfraria Security & IT - Mobile Security
Confraria Security & IT - Mobile Security
 
Open Data
Open DataOpen Data
Open Data
 
Security As A Service
Security As A ServiceSecurity As A Service
Security As A Service
 
handivi presentation
handivi presentationhandivi presentation
handivi presentation
 
Products, Services or Platforms
Products, Services or PlatformsProducts, Services or Platforms
Products, Services or Platforms
 
AWS ground zero; EC2 & S3 hands-on
AWS ground zero; EC2 & S3 hands-onAWS ground zero; EC2 & S3 hands-on
AWS ground zero; EC2 & S3 hands-on
 

Kürzlich hochgeladen

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 

Kürzlich hochgeladen (20)

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 

Confraria Security 17 June - Cloud Security

  • 1. Cloud Computing Security by Vitor Domingos intrepid and professional basher http://vitordomingos.com
  • 2. * as seen on regular weather channel
  • 3.
  • 4.
  • 5. Cloud Computing is ? - Network as a “cloud” - Network is the computer (SUN moto) - TCP/IP abstraction (1st cloud) - www data abstraction (2nd cloud) - Virtualization (3rd cloud) Bottom line: - Virtualization done right, with webservices
  • 6. Cloud Computing is ! - on-demand self-service - ubiquitous network access - location independent resource pooling - rapid elasticity - measured service - pay as you go - abstract resources
  • 7. CCaaS - Software as a Service - SalesForce - Platform as a Service - Google App Engine - Microsoft Azure - Infrastructure as a Service - Rackspace Mosso - Amazon Web Services
  • 8. Cloud Computing leverages - Virtualization - Multi-Tenancy - Massive Scale - Autonomic Computing - Distributed Environment - Security Technologies - Service Oriented
  • 10. Only the paranoid survive! - Key issues trust, trust, multi-tenancy, trust, encryption, compliance - Massive complex systems running on functional units - Certification & Audit - Loss of physical control - Interoperability - Accountability
  • 11. please, keep in mind that - Shared hell: - Hardware - Memory - Disks - NIC's (Virtual) - Cache Snooping - Hypervisor Attacks - Persistent Root Kits - Password Cracking - Broken or stolen key rings / authorization federation - Never ending logs
  • 12.
  • 13. Great things do come - Provisioning - Rapid reconstitution of services - Storage fragmented - Security layers (auth, firewall, logging, …) - Network and Security perimeters - Virtual Zoning - Fault tolerance
  • 14. Challenges - Data dispersal and international privacy laws - Isolation management & Multi-Tenancy - Certification (SAS 70 Type II audits and ISO 27001) - Data ownership - QoS & SLA's garantees - Secure Hypervisors
  • 15. Challenges - Massive outages - Service bottle necks; DNS as your best friend - Encryption needs cloud resources, applications, storage, services - Disaster recovery and contingency plans - If you have it on Auto mode, you won't see it coming - Honey for hackers
  • 16.
  • 17. ToDo - Network with VPN and VLAN's - SLA's; read the fine prints - Backup and recover often; Risk assessment - Log (out of there) as if the world ended tomorrow - Plan for failure - YOU secure!!! - Sandbox, Sandbox, Sandbox
  • 18. You're not alone - Security Groups IBM; SUN; Amazon; ISV - Cloud Security Alliance (awesome guide!!) - OpenCloud Manifesto & Amazon Security Paper - Cloud Computing ML at Google Groups - Legal Cloud's - Vivek Kundra, USA CTO, did it, so as Facebook, New York Times and Nasdaq (on AWS)
  • 19.
  • 20. Wrap up - Plan - Encrypt - Backup - Secure - Audit - Sandbox (check my last year sapo codebits talk) - http://codebits.sapo.pt/files/aws_23.pdf - Trust
  • 21. mail: vd@prt.sc ? site: http://vitordomingos.com