SlideShare ist ein Scribd-Unternehmen logo

Cloud security

Als PPTX, PDF herunterladen
François Boucher
François Boucher

The document discusses security best practices for cloud platforms like AWS and Azure. It covers topics like network security using services like VPC and Virtual Network, identity management with IAM and Azure AD, encryption tools, and security monitoring solutions. Best practices for the cloud include enforcing multi-factor authentication, role-based access control, data encryption, and using security tools to inspect configurations and detect vulnerabilities.

Technologie
1 von 20
Cloud Security What’s so Funny About PaaS Love & Understanding?
About Us ijaghmani@lixar.com ca.linkedin.com/in/ismail-jaghmani-58a3858 Frank Boucher Cloud Solution Architect Microsoft Azure MVP P-Seller Technical Solution Professional Ismail Jaghmani Sr. Cloud Developer fboucher@lixar.com linkedin.com/in/fboucheros frankysnotes.com
Agenda l Quick Context of Security in the cloud l General Best Practices l Networking Services l Security and Identity Services l Management Tools
SECURITY IS A HOT TOPIC
Security is Shared Responsibility Cloud ProviderCustomer Application & Data Identity & Access Management Operating System, Network & firewall configuration Compute Storage Databases Availability Zones Regions Services Cloud Infrastructure
Application and Data Security Best Practices l Enforce multi-factor authentication l Use role based access control l Use hardware security modules l Manage with Secure Workstations l Enable data encryption
Network Services AWS Virtual Private Cloud (VPC) Azure Virtual Network Description -Network isolation. -Defined rules to satisfy your security needs. -Filter and inspect the outbound and inbound traffic. ExpressRouteDirect Connect Establishes a dedicated, private network connection from a location to the cloud.
Identity Management AWS Identity & Access Management Azure AD/Role-based access control AzureDescription Provides fine-grained access to resources in could. Multi-Factor Authentication Multi-Factor Authentication More than one method of authentication.
Azure Active Directory
AWS IAM
Tools and Data protection AWS Encryption Encryption Description Client Side Encryption Data in transit encryption Storage encryption VM encryption Key Vault Key management services CloudHSM Creates, controls, and protects encryption keys. HSM provides hardware-based key storage. Inspector Security Center Automatically assess Network, VMs, OS and applications configuration for vulnerabilities or deviations from best practices. Azure
Azure Security Center
AWS Inspector
Tools and Data protection AWS CloudTrail CloudWatch Description Collect, track, store, analyze, and deliver metrics and log files. Trusted Advisor Provides analysis of cloud resource configuration and security in compliance with the best practices. Availability, Performance, Security and cost. Azure Log Analytics Advisor
Log Analytics
CloudWatch
AWS Advisor
Azure Advisor
References ● Common Vulnerabilities and Exposures https://cve.mitre.org/index.html ● Center for Internet Security (CIS) Benchmarks https://benchmarks.cisecurity.org ● Azure security best practices and patterns https://docs.microsoft.com/en- us/azure/security/security-best-practices-and-patterns ● Microsoft Docs https://docs.microsoft.com
Cloud security

Empfohlen

Cloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsCloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsViresh Suri
 
Security in cloud computing
Security in cloud computingSecurity in cloud computing
Security in cloud computingveena venugopal
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityNinh Nguyen
 
Cloud Computing Security Issues
Cloud Computing Security IssuesCloud Computing Security Issues
Cloud Computing Security IssuesStelios Krasadakis
 
Cloud Security
Cloud SecurityCloud Security
Cloud SecurityAWS User Group Bengaluru
 
Cloud Security: A New Perspective
Cloud Security: A New PerspectiveCloud Security: A New Perspective
Cloud Security: A New PerspectiveWen-Pai Lu
 
Cloud security
Cloud security Cloud security
Cloud security Mohamed Shalash
 
Cloud security and security architecture
Cloud security and security architectureCloud security and security architecture
Cloud security and security architectureVladimir Jirasek
 

Empfohlen

Cloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsCloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsViresh Suri
 
Security in cloud computing
Security in cloud computingSecurity in cloud computing
Security in cloud computingveena venugopal
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityNinh Nguyen
 
Cloud Computing Security Issues
Cloud Computing Security IssuesCloud Computing Security Issues
Cloud Computing Security IssuesStelios Krasadakis
 
Cloud Security
Cloud SecurityCloud Security
Cloud SecurityAWS User Group Bengaluru
 
Cloud Security: A New Perspective
Cloud Security: A New PerspectiveCloud Security: A New Perspective
Cloud Security: A New PerspectiveWen-Pai Lu
 
Cloud security
Cloud security Cloud security
Cloud security Mohamed Shalash
 
Cloud security and security architecture
Cloud security and security architectureCloud security and security architecture
Cloud security and security architectureVladimir Jirasek
 
AWS for Backup and Recovery
AWS for Backup and RecoveryAWS for Backup and Recovery
AWS for Backup and RecoveryAmazon Web Services
 
Cloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingCloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingJim Geovedi
 
Cloud Security And Privacy
Cloud Security And PrivacyCloud Security And Privacy
Cloud Security And Privacytmather
 
Chap 6 cloud security
Chap 6 cloud securityChap 6 cloud security
Chap 6 cloud securityRaj Sarode
 
Cloud Privacy & Security compliance
Cloud Privacy & Security complianceCloud Privacy & Security compliance
Cloud Privacy & Security complianceBryan Starbuck
 
security Issues of cloud computing
security Issues of cloud computingsecurity Issues of cloud computing
security Issues of cloud computingprachupanchal
 
Cloud computing and data security
Cloud computing and data securityCloud computing and data security
Cloud computing and data securityMohammed Fazuluddin
 
Cloud computing security
Cloud computing security Cloud computing security
Cloud computing security Akhila Param
 
cloud security ppt
cloud security ppt cloud security ppt
cloud security ppt Devyani Vaidya
 
AWS Cloud Security Fundamentals
AWS Cloud Security FundamentalsAWS Cloud Security Fundamentals
AWS Cloud Security FundamentalsAmazon Web Services
 
Cloud computing-security-issues
Cloud computing-security-issuesCloud computing-security-issues
Cloud computing-security-issuesAleem Mohammed
 
Hybrid- and Multi-Cloud by design - IBM Cloud and your journey to Cloud
Hybrid- and Multi-Cloud by design - IBM Cloud and your journey to CloudHybrid- and Multi-Cloud by design - IBM Cloud and your journey to Cloud
Hybrid- and Multi-Cloud by design - IBM Cloud and your journey to CloudAleksandar Francuz
 
Multi cloud security architecture
Multi cloud security architecture Multi cloud security architecture
Multi cloud security architecture Maganathin Veeraragaloo
 
cloud computing architecture.pptx
cloud computing architecture.pptxcloud computing architecture.pptx
cloud computing architecture.pptxSourodeepChakraborty3
 
Cloud computing and its security issues
Cloud computing and its security issuesCloud computing and its security issues
Cloud computing and its security issuesJyoti Srivastava
 
5 Steps to a Zero Trust Network - From Theory to Practice
5 Steps to a Zero Trust Network - From Theory to Practice5 Steps to a Zero Trust Network - From Theory to Practice
5 Steps to a Zero Trust Network - From Theory to PracticeAlgoSec
 
Cloud Security Strategy
Cloud Security StrategyCloud Security Strategy
Cloud Security StrategyCapgemini
 
Top challenges in cloud computing
Top challenges in cloud computingTop challenges in cloud computing
Top challenges in cloud computingTISEE
 
Multi Cloud Architecture Approach
Multi Cloud Architecture ApproachMulti Cloud Architecture Approach
Multi Cloud Architecture ApproachMaganathin Veeraragaloo
 
Data security in the cloud
Data security in the cloud Data security in the cloud
Data security in the cloud IBM Security
 
Azure Redis Cache - Cache on Steroids!
Azure Redis Cache - Cache on Steroids!Azure Redis Cache - Cache on Steroids!
Azure Redis Cache - Cache on Steroids!François Boucher
 
Application Insights - Real time telemetry for your cross platform applications
Application Insights - Real time telemetry for your cross platform applicationsApplication Insights - Real time telemetry for your cross platform applications
Application Insights - Real time telemetry for your cross platform applicationsAbhijit Jana
 

Weitere ähnliche Inhalte

Was ist angesagt?

Cloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingCloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingJim Geovedi
 
Cloud Security And Privacy
Cloud Security And PrivacyCloud Security And Privacy
Cloud Security And Privacytmather
 
Chap 6 cloud security
Chap 6 cloud securityChap 6 cloud security
Chap 6 cloud securityRaj Sarode
 
Cloud Privacy & Security compliance
Cloud Privacy & Security complianceCloud Privacy & Security compliance
Cloud Privacy & Security complianceBryan Starbuck
 
security Issues of cloud computing
security Issues of cloud computingsecurity Issues of cloud computing
security Issues of cloud computingprachupanchal
 
Cloud computing and data security
Cloud computing and data securityCloud computing and data security
Cloud computing and data securityMohammed Fazuluddin
 
Cloud computing security
Cloud computing security Cloud computing security
Cloud computing security Akhila Param
 
Cloud computing-security-issues
Cloud computing-security-issuesCloud computing-security-issues
Cloud computing-security-issuesAleem Mohammed
 
Hybrid- and Multi-Cloud by design - IBM Cloud and your journey to Cloud
Hybrid- and Multi-Cloud by design - IBM Cloud and your journey to CloudHybrid- and Multi-Cloud by design - IBM Cloud and your journey to Cloud
Hybrid- and Multi-Cloud by design - IBM Cloud and your journey to CloudAleksandar Francuz
 
Cloud computing and its security issues
Cloud computing and its security issuesCloud computing and its security issues
Cloud computing and its security issuesJyoti Srivastava
 
5 Steps to a Zero Trust Network - From Theory to Practice
5 Steps to a Zero Trust Network - From Theory to Practice5 Steps to a Zero Trust Network - From Theory to Practice
5 Steps to a Zero Trust Network - From Theory to PracticeAlgoSec
 
Cloud Security Strategy
Cloud Security StrategyCloud Security Strategy
Cloud Security StrategyCapgemini
 
Top challenges in cloud computing
Top challenges in cloud computingTop challenges in cloud computing
Top challenges in cloud computingTISEE
 
Data security in the cloud
Data security in the cloud Data security in the cloud
Data security in the cloud IBM Security
 

Was ist angesagt? (20)

AWS for Backup and Recovery
AWS for Backup and RecoveryAWS for Backup and Recovery
AWS for Backup and Recovery
 
Cloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingCloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud Computing
 
Cloud Security And Privacy
Cloud Security And PrivacyCloud Security And Privacy
Cloud Security And Privacy
 
Chap 6 cloud security
Chap 6 cloud securityChap 6 cloud security
Chap 6 cloud security
 
Cloud Privacy & Security compliance
Cloud Privacy & Security complianceCloud Privacy & Security compliance
Cloud Privacy & Security compliance
 
security Issues of cloud computing
security Issues of cloud computingsecurity Issues of cloud computing
security Issues of cloud computing
 
Cloud computing and data security
Cloud computing and data securityCloud computing and data security
Cloud computing and data security
 
Cloud computing security
Cloud computing security Cloud computing security
Cloud computing security
 
cloud security ppt
cloud security ppt cloud security ppt
cloud security ppt
 
AWS Cloud Security Fundamentals
AWS Cloud Security FundamentalsAWS Cloud Security Fundamentals
AWS Cloud Security Fundamentals
 
Cloud computing-security-issues
Cloud computing-security-issuesCloud computing-security-issues
Cloud computing-security-issues
 
Hybrid- and Multi-Cloud by design - IBM Cloud and your journey to Cloud
Hybrid- and Multi-Cloud by design - IBM Cloud and your journey to CloudHybrid- and Multi-Cloud by design - IBM Cloud and your journey to Cloud
Hybrid- and Multi-Cloud by design - IBM Cloud and your journey to Cloud
 
Multi cloud security architecture
Multi cloud security architecture Multi cloud security architecture
Multi cloud security architecture
 
cloud computing architecture.pptx
cloud computing architecture.pptxcloud computing architecture.pptx
cloud computing architecture.pptx
 
Cloud computing and its security issues
Cloud computing and its security issuesCloud computing and its security issues
Cloud computing and its security issues
 
5 Steps to a Zero Trust Network - From Theory to Practice
5 Steps to a Zero Trust Network - From Theory to Practice5 Steps to a Zero Trust Network - From Theory to Practice
5 Steps to a Zero Trust Network - From Theory to Practice
 
Cloud Security Strategy
Cloud Security StrategyCloud Security Strategy
Cloud Security Strategy
 
Top challenges in cloud computing
Top challenges in cloud computingTop challenges in cloud computing
Top challenges in cloud computing
 
Multi Cloud Architecture Approach
Multi Cloud Architecture ApproachMulti Cloud Architecture Approach
Multi Cloud Architecture Approach
 
Data security in the cloud
Data security in the cloud Data security in the cloud
Data security in the cloud
 

Andere mochten auch

Azure Redis Cache - Cache on Steroids!
Azure Redis Cache - Cache on Steroids!Azure Redis Cache - Cache on Steroids!
Azure Redis Cache - Cache on Steroids!François Boucher
 
Application Insights - Real time telemetry for your cross platform applications
Application Insights - Real time telemetry for your cross platform applicationsApplication Insights - Real time telemetry for your cross platform applications
Application Insights - Real time telemetry for your cross platform applicationsAbhijit Jana
 
Connect the Impossible with Azure Logic App
Connect the Impossible with Azure Logic AppConnect the Impossible with Azure Logic App
Connect the Impossible with Azure Logic AppFrançois Boucher
 
Application Insights - Campinas .NET - Março/2017
Application Insights - Campinas .NET - Março/2017Application Insights - Campinas .NET - Março/2017
Application Insights - Campinas .NET - Março/2017Renato Groff
 
Load testing with Visual Studio and Azure - Andrew Siemer
Load testing with Visual Studio and Azure - Andrew SiemerLoad testing with Visual Studio and Azure - Andrew Siemer
Load testing with Visual Studio and Azure - Andrew SiemerAndrew Siemer
 
Performance testing with 100,000 concurrent users in AWS
Performance testing with 100,000 concurrent users in AWSPerformance testing with 100,000 concurrent users in AWS
Performance testing with 100,000 concurrent users in AWSMatthias Matook
 
DevOps@Work 2017 - Application insights more control, more power
DevOps@Work 2017 - Application insights more control, more powerDevOps@Work 2017 - Application insights more control, more power
DevOps@Work 2017 - Application insights more control, more powerRoberto Albano
 
Deep-Dive to Application Insights
Deep-Dive to Application Insights Deep-Dive to Application Insights
Deep-Dive to Application Insights Gunnar Peipman
 
Introduction to Performance testing
Introduction to Performance testingIntroduction to Performance testing
Introduction to Performance testingsilviasiqueirahp
 
An Introduction to Performance Testing
An Introduction to Performance TestingAn Introduction to Performance Testing
An Introduction to Performance TestingSWAAM Tech
 
Introduction to performance testing
Introduction to performance testingIntroduction to performance testing
Introduction to performance testingTharinda Liyanage
 
Performance and load testing
Performance and load testingPerformance and load testing
Performance and load testingsonukalpana
 

Andere mochten auch (13)

Azure Redis Cache - Cache on Steroids!
Azure Redis Cache - Cache on Steroids!Azure Redis Cache - Cache on Steroids!
Azure Redis Cache - Cache on Steroids!
 
Application Insights - Real time telemetry for your cross platform applications
Application Insights - Real time telemetry for your cross platform applicationsApplication Insights - Real time telemetry for your cross platform applications
Application Insights - Real time telemetry for your cross platform applications
 
Connect the Impossible with Azure Logic App
Connect the Impossible with Azure Logic AppConnect the Impossible with Azure Logic App
Connect the Impossible with Azure Logic App
 
Application Insights - Campinas .NET - Março/2017
Application Insights - Campinas .NET - Março/2017Application Insights - Campinas .NET - Março/2017
Application Insights - Campinas .NET - Março/2017
 
Load testing with Visual Studio and Azure - Andrew Siemer
Load testing with Visual Studio and Azure - Andrew SiemerLoad testing with Visual Studio and Azure - Andrew Siemer
Load testing with Visual Studio and Azure - Andrew Siemer
 
Performance testing with 100,000 concurrent users in AWS
Performance testing with 100,000 concurrent users in AWSPerformance testing with 100,000 concurrent users in AWS
Performance testing with 100,000 concurrent users in AWS
 
DevOps@Work 2017 - Application insights more control, more power
DevOps@Work 2017 - Application insights more control, more powerDevOps@Work 2017 - Application insights more control, more power
DevOps@Work 2017 - Application insights more control, more power
 
Deep-Dive to Application Insights
Deep-Dive to Application Insights Deep-Dive to Application Insights
Deep-Dive to Application Insights
 
Microsoft Azure catch-up
Microsoft Azure catch-upMicrosoft Azure catch-up
Microsoft Azure catch-up
 
Introduction to Performance testing
Introduction to Performance testingIntroduction to Performance testing
Introduction to Performance testing
 
An Introduction to Performance Testing
An Introduction to Performance TestingAn Introduction to Performance Testing
An Introduction to Performance Testing
 
Introduction to performance testing
Introduction to performance testingIntroduction to performance testing
Introduction to performance testing
 
Performance and load testing
Performance and load testingPerformance and load testing
Performance and load testing
 

Ähnlich wie Cloud security

Fundamentals of Microsoft 365 Security , Identity and Compliance
Fundamentals of Microsoft 365 Security , Identity and ComplianceFundamentals of Microsoft 365 Security , Identity and Compliance
Fundamentals of Microsoft 365 Security , Identity and ComplianceVignesh Ganesan I Microsoft MVP
 
Compliance in the Cloud Using Security by Design
Compliance in the Cloud Using Security by DesignCompliance in the Cloud Using Security by Design
Compliance in the Cloud Using Security by DesignAmazon Web Services
 
talk6securingcloudamarprusty-191030091632.pptx
talk6securingcloudamarprusty-191030091632.pptxtalk6securingcloudamarprusty-191030091632.pptx
talk6securingcloudamarprusty-191030091632.pptxTrongMinhHoang1
 
Best Professional Courses After Graduation - Get Started Now
Best Professional Courses After Graduation - Get Started NowBest Professional Courses After Graduation - Get Started Now
Best Professional Courses After Graduation - Get Started NowNetwork Kings
 
CloudPassage Best Practices for Automatic Security Scaling
CloudPassage Best Practices for Automatic Security ScalingCloudPassage Best Practices for Automatic Security Scaling
CloudPassage Best Practices for Automatic Security ScalingAmazon Web Services
 
Cloud security comparisons between aws and azure
Cloud security comparisons between aws and azureCloud security comparisons between aws and azure
Cloud security comparisons between aws and azureAbdul Khan
 
Microsoft Azure Security Infographic
Microsoft Azure Security InfographicMicrosoft Azure Security Infographic
Microsoft Azure Security InfographicMicrosoft Azure
 
Compliance in the Cloud Using Security by Design
Compliance in the Cloud Using Security by DesignCompliance in the Cloud Using Security by Design
Compliance in the Cloud Using Security by DesignAmazon Web Services
 
Palo Alto Networks: Protection for Security & Compliance
Palo Alto Networks: Protection for Security & CompliancePalo Alto Networks: Protection for Security & Compliance
Palo Alto Networks: Protection for Security & ComplianceAmazon Web Services
 
AWS Frederick Meetup 07192016
AWS Frederick Meetup 07192016AWS Frederick Meetup 07192016
AWS Frederick Meetup 07192016Gaurav "GP" Pal
 
Cloud Reference Architecture - Part 1 Foundation
Cloud Reference Architecture - Part 1 FoundationCloud Reference Architecture - Part 1 Foundation
Cloud Reference Architecture - Part 1 FoundationAmmar Hasayen
 
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft CloudEuropean Collaboration Summit
 
Mission (Not) Impossible: NIST 800-53 High Impact Controls on AWS | AWS Publi...
Mission (Not) Impossible: NIST 800-53 High Impact Controls on AWS | AWS Publi...Mission (Not) Impossible: NIST 800-53 High Impact Controls on AWS | AWS Publi...
Mission (Not) Impossible: NIST 800-53 High Impact Controls on AWS | AWS Publi...Amazon Web Services
 
What is Windows Azure Platform
What is Windows Azure PlatformWhat is Windows Azure Platform
What is Windows Azure PlatformDavid Chou
 
Azure Fundamentals Part 3
Azure Fundamentals Part 3Azure Fundamentals Part 3
Azure Fundamentals Part 3CCG
 
microsoft-cybersecurity-reference-architectures (1).pptx
microsoft-cybersecurity-reference-architectures (1).pptxmicrosoft-cybersecurity-reference-architectures (1).pptx
microsoft-cybersecurity-reference-architectures (1).pptxGenericName6
 
O365Con18 - Red Team vs Blue Team - Sasha Kranjac & Mustafa Toroman
O365Con18 - Red Team vs Blue Team - Sasha Kranjac & Mustafa ToromanO365Con18 - Red Team vs Blue Team - Sasha Kranjac & Mustafa Toroman
O365Con18 - Red Team vs Blue Team - Sasha Kranjac & Mustafa ToromanNCCOMMS
 

Ähnlich wie Cloud security (20)

Fundamentals of Microsoft 365 Security , Identity and Compliance
Fundamentals of Microsoft 365 Security , Identity and ComplianceFundamentals of Microsoft 365 Security , Identity and Compliance
Fundamentals of Microsoft 365 Security , Identity and Compliance
 
Compliance in the Cloud Using Security by Design
Compliance in the Cloud Using Security by DesignCompliance in the Cloud Using Security by Design
Compliance in the Cloud Using Security by Design
 
talk6securingcloudamarprusty-191030091632.pptx
talk6securingcloudamarprusty-191030091632.pptxtalk6securingcloudamarprusty-191030091632.pptx
talk6securingcloudamarprusty-191030091632.pptx
 
Best Professional Courses After Graduation - Get Started Now
Best Professional Courses After Graduation - Get Started NowBest Professional Courses After Graduation - Get Started Now
Best Professional Courses After Graduation - Get Started Now
 
Cloud Breach - Forensics Audit Planning
Cloud Breach - Forensics Audit PlanningCloud Breach - Forensics Audit Planning
Cloud Breach - Forensics Audit Planning
 
CloudPassage Best Practices for Automatic Security Scaling
CloudPassage Best Practices for Automatic Security ScalingCloudPassage Best Practices for Automatic Security Scaling
CloudPassage Best Practices for Automatic Security Scaling
 
Cloud security comparisons between aws and azure
Cloud security comparisons between aws and azureCloud security comparisons between aws and azure
Cloud security comparisons between aws and azure
 
Microsoft Azure Security Infographic
Microsoft Azure Security InfographicMicrosoft Azure Security Infographic
Microsoft Azure Security Infographic
 
Compliance in the Cloud Using Security by Design
Compliance in the Cloud Using Security by DesignCompliance in the Cloud Using Security by Design
Compliance in the Cloud Using Security by Design
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
 
Palo Alto Networks: Protection for Security & Compliance
Palo Alto Networks: Protection for Security & CompliancePalo Alto Networks: Protection for Security & Compliance
Palo Alto Networks: Protection for Security & Compliance
 
AWS Frederick Meetup 07192016
AWS Frederick Meetup 07192016AWS Frederick Meetup 07192016
AWS Frederick Meetup 07192016
 
Cloud Reference Architecture - Part 1 Foundation
Cloud Reference Architecture - Part 1 FoundationCloud Reference Architecture - Part 1 Foundation
Cloud Reference Architecture - Part 1 Foundation
 
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
 
Mission (Not) Impossible: NIST 800-53 High Impact Controls on AWS | AWS Publi...
Mission (Not) Impossible: NIST 800-53 High Impact Controls on AWS | AWS Publi...Mission (Not) Impossible: NIST 800-53 High Impact Controls on AWS | AWS Publi...
Mission (Not) Impossible: NIST 800-53 High Impact Controls on AWS | AWS Publi...
 
What is Windows Azure Platform
What is Windows Azure PlatformWhat is Windows Azure Platform
What is Windows Azure Platform
 
Azure Fundamentals Part 3
Azure Fundamentals Part 3Azure Fundamentals Part 3
Azure Fundamentals Part 3
 
microsoft-cybersecurity-reference-architectures (1).pptx
microsoft-cybersecurity-reference-architectures (1).pptxmicrosoft-cybersecurity-reference-architectures (1).pptx
microsoft-cybersecurity-reference-architectures (1).pptx
 
O365Con18 - Red Team vs Blue Team - Sasha Kranjac & Mustafa Toroman
O365Con18 - Red Team vs Blue Team - Sasha Kranjac & Mustafa ToromanO365Con18 - Red Team vs Blue Team - Sasha Kranjac & Mustafa Toroman
O365Con18 - Red Team vs Blue Team - Sasha Kranjac & Mustafa Toroman
 
Cloud Security Alliance's GRC Stack Overview
Cloud Security Alliance's GRC Stack OverviewCloud Security Alliance's GRC Stack Overview
Cloud Security Alliance's GRC Stack Overview
 

Kürzlich hochgeladen

Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024TopCSSGallery
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Kaya Weers
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxGenerative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxfnnc6jmgwh
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Nikki Chapple
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesBernd Ruecker
 

Kürzlich hochgeladen (20)

Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxGenerative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architectures
 

Cloud security

  • 1. Cloud Security What’s so Funny About PaaS Love & Understanding?
  • 2. About Us ijaghmani@lixar.com ca.linkedin.com/in/ismail-jaghmani-58a3858 Frank Boucher Cloud Solution Architect Microsoft Azure MVP P-Seller Technical Solution Professional Ismail Jaghmani Sr. Cloud Developer fboucher@lixar.com linkedin.com/in/fboucheros frankysnotes.com
  • 3. Agenda l Quick Context of Security in the cloud l General Best Practices l Networking Services l Security and Identity Services l Management Tools
  • 4. SECURITY IS A HOT TOPIC
  • 5. Security is Shared Responsibility Cloud ProviderCustomer Application & Data Identity & Access Management Operating System, Network & firewall configuration Compute Storage Databases Availability Zones Regions Services Cloud Infrastructure
  • 6. Application and Data Security Best Practices l Enforce multi-factor authentication l Use role based access control l Use hardware security modules l Manage with Secure Workstations l Enable data encryption
  • 7. Network Services AWS Virtual Private Cloud (VPC) Azure Virtual Network Description -Network isolation. -Defined rules to satisfy your security needs. -Filter and inspect the outbound and inbound traffic. ExpressRouteDirect Connect Establishes a dedicated, private network connection from a location to the cloud.
  • 8. Identity Management AWS Identity & Access Management Azure AD/Role-based access control AzureDescription Provides fine-grained access to resources in could. Multi-Factor Authentication Multi-Factor Authentication More than one method of authentication.
  • 11. Tools and Data protection AWS Encryption Encryption Description Client Side Encryption Data in transit encryption Storage encryption VM encryption Key Vault Key management services CloudHSM Creates, controls, and protects encryption keys. HSM provides hardware-based key storage. Inspector Security Center Automatically assess Network, VMs, OS and applications configuration for vulnerabilities or deviations from best practices. Azure
  • 14. Tools and Data protection AWS CloudTrail CloudWatch Description Collect, track, store, analyze, and deliver metrics and log files. Trusted Advisor Provides analysis of cloud resource configuration and security in compliance with the best practices. Availability, Performance, Security and cost. Azure Log Analytics Advisor
  • 19. References ● Common Vulnerabilities and Exposures https://cve.mitre.org/index.html ● Center for Internet Security (CIS) Benchmarks https://benchmarks.cisecurity.org ● Azure security best practices and patterns https://docs.microsoft.com/en- us/azure/security/security-best-practices-and-patterns ● Microsoft Docs https://docs.microsoft.com

Hinweis der Redaktion

  1. We need to a Security image here
  2. Ismal