Published on March 3, 2014
Practical methods to improve your security in the cloud
WHO WE ARE Mark Thomas Solutions Architect Formerly Director of Cloud Professional Services, EMEA at Virtustream, Mark is the Solutions Architect at Databarracks. An expert in cloud technology, data centre infrastructure and virtualisation, Mark has worked with major clients such as HSBC, Field Fisher Waterhouse and Allied Irish Bank. www.databarracks.com | 2
About Databarracks Secure & Compliant • Nuclear bunker data centre, certified & accredited High Performance & Flexibility • Pedigree and understanding of storage www.databarracks.com | 3
Databarracks customers www.databarracks.com | 4
Security – from the service provider
Data centres & locations www.databarracks.com | 6
Certifications • Externally audited yearly • Penetration tested yearly www.databarracks.com | 7
This is what we do – but what can you do?
Pen Testing Supplier testing Your own testing • Required for supplier compliance • May be required for your specific compliance • Testing of the entire platform • Test your exact servers www.databarracks.com | 9
Access THIS IS OFTEN THE WEAKEST LINK Federation • Integrating your AD into access • Manage access across multiple clouds • Works for IaaS, PaaS & SaaS www.databarracks.com | 10
Access 2 factor authentication • Knowledge factor • Possession factor • Again – IaaS, PaaS & SaaS This is now very common – online banking and even Gmail use it = LESS RESISTANCE FROM USERS www.databarracks.com | 11
Firewalls (Just for Infrastructure as a Service) • Ring-fence your environment • Advanced intrusion detection & prevention www.databarracks.com | 12
Encryption What, where and when? • • • • VPNs Arrays Files within the VM The entire VM www.databarracks.com | 13
Encryption VPN • • • • Why? Why not? Already doing it? Can I do it myself? www.databarracks.com | 14
Encryption Array encryption • • • • Why? Why not? Already doing it? Can I do it myself? www.databarracks.com | 15
Encryption Files within the VMs • • • • Why? Why not? Already doing it? Can I do it myself? www.databarracks.com | 16
Encryption The entire VM • • • • Why? Why not? Already doing it? Can I do it myself? www.databarracks.com | 17
Can you take an unsecured cloud and make it secure?
Cloud Expo Europe is the world’s biggest, ... From cloud infrastructure and the internet of things to cloud security and data ... forgotten your password
Cloud Computing Expo 2016 ... Mobility & Security: Containers & Microservices: ... Copyright ©1994-2014 Cloud Expo, Inc.
About IEEE CLOUD 2014 ... If you have any questions or queries on CLOUD 2014, ...
To promote the use of best practices for providing security assurance within Cloud Computing, and provide education on the uses of Cloud Computing to help ...
EuroCloud Expo "Let’s make ... are you looking for your next cloud destination in Europe? ... EuroCloud Europe convenes the European cloud ecosystem ...
Hybrid Cloud. Our Hybrid Cloud solutions combines the security of private cloud and the total flexibility of public clouds. Make your business agile and ...
We want to improve trust in the cloud through ... research artifacts. July 21, 2014 ... you can participate in Cloud Security Alliance's ...
What is the cloud? by David Goldman ... The cloud lets you watch half an episode of Breaking Bad on your TV ... Most cloud companies have ...
Get more value from your data with Microsoft cloud data solutions. Learn more about the power of cloud database services.