SlideShare a Scribd company logo

RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices and Security Considerations

RightScale
RightScale

Businesses who want to stay ahead of the curve and achieve maximum efficiency and consistency are adopting cloud infrastructure. Keeping up with dynamic cloud environments, achieving scalable, automated, flexible, and secure cloud infrastructures means increased business agility. But how can you manage security as you migrate to cloud infrastructures? Join Rishi Vaish, VP of Product at RightScale & Amrit Williams, CTO at CloudPassage as they discuss: 1. Recent findings from RightScale's State of the Cloud survey 2. Why hybrid cloud is the standard of choice 3. Three strategies for existing cloud server workloads 4. Benefits and security challenges of migrating to cloud infrastructures 5. Choosing a hybrid strategy - management and security practices to get the utmost resource flexibility

Technology
1 of 29
Download to read offline
COPING WITH CLOUD MIGRATION CHALLENGES: BEST PRACTICES AND SECURITY CONSIDERATIONS
Agenda & Speakers ® Rishi Vaish VP of Product Amrit Williams CTO • RightScale’s State of the Cloud survey • Why hybrid cloud is the standard of choice • 3 strategies for existing cloud server workloads • Benefits and security challenges of migrating to cloud infrastructures • Choosing a hybrid strategy
Cloud Usage is Ubiquitous…
Enterprises are Choosing Multiple Clouds
0% 20% 40% 60% 80% 100% Cloud Beginners Cloud Explorers Cloud Focused %ofRespondents Benefits Grow with Cloud Maturity % of Respondents Reporting these Benefits CapEx to OpEx Business continuity IT staff efficiency Geographic reach Higher performance Cost savings Faster time-to-market Higher availability Faster access to infrastructure Greater scalability Adoption is Driven by Clear Benefits Source: RightScale 2014 State of the Cloud Report
What about Existing Workloads? How can I migrate existing workloads to the cloud?
What Everyone Wants vSphere AWS or other clouds Greenfield workloads Migrated workloads
Best Practice 1; Understand the realities Best Practice: Understand the Realities
• Newer OS versions • SSL termination • Clustering of LBs • App clustering • Multi-cast • Shared Filesystems • Static IPs 14 Considerations for Migration 8 • Licensing • Tenancy • Scale-down Logic • Bandwidth • Virtual IP requirements • Multi-master DB • Database I/O requirements
Three Strategies for Existing Workloads 9 Manage natively Migrate elsewhere Make portable
Best Practice: Be Smart about Strategy Photo: stevendepolo
Segment Your App Portfolio • Web architecture • Elastic design • Monolithic • Legacy • Traditional vendors Cloud-Ready • Greenfield • Designed for cloud Elastic Web Traditional
Assess Apps for Cloud Readiness 12 REFACTOR DON’T MIGRATE HOLD OFF QUICK WINS Technical Fit BusinessImpact App 1 App 7 App 3 App 12 App 4 App 6 App 2 App 5 App 8 App 11 App 10 App 9
Best Practice 3; Consider portability Best Practice: Plan for Portability
• Lifecycle-based multi-cloud deployment • Dev vs. Test vs. Staging vs. Prod • New (Unpredictable) vs. Mature (Steady-State) • Disaster Recovery • Private for primary, Public for backup • Geographic Reach • Use clouds in different geographies • Arbitrage costs • Leverage different clouds based on costs • Cloudbursting • Base capacity in private, burst to public Why Portability? 14
How to Make Portable Apps 15
RIghtScale Cloud-Enables your Enterprise Your Cloud Portfolio Self-Service Cloud AnalyticsCloud Management Manage Govern Optimize RightScale Cloud Portfolio Management Public Clouds Private Clouds Virtualized Environments
What about Security and Compliance?
Place Cloud Beginners Cloud Focused #1 Security (31%) Compliance (18%) #2 Compliance (30%) Cost (17%) #3 Managing multiple cloud services (28%) Performance (15%) #4 Integration to internal systems (28%) Managing multiple cloud services (13%) #5 Governance/Control (26%) Security (13%) Top 5 Challenges Change with Maturity Top 5 Challenges Change with Cloud Maturity Source: RightScale 2014 State of the Cloud Report
What makes cloud infrastructure great also breaks existing security approaches 19 Virtualized networks New topologies Highly Portable Highly dynamic Shared infrastructure These cloud “pros” become security “cons”
The days of simple infrastructure security… 20
… have given way to tremendous complexity. 21
The problem becomes more challenging in multi- cloud environments 22 Cloud Provider A Cloud Provider B Private Datacenter www- 4 ! www- 5 ! www- 6 ! www- 7 ! www- 8 ! www- 9 ! www-10 ! www- 7 ! www- 8 ! www- 9 ! www-10 ! www-1 www-2 www-3 www-4 Workloads become highly transient across multiple cloud environments. ww w-4 ww w-4 ww w-4 ww w-4
Traditional Security Solutions Break… 23 Endpoint Security • Resource intensive • Licensing models • Do not work across disparate cloud environments Virtual Appliances • No hardware acceleration • No gateway to deploy against • Do not well work across disparate cloud environments Hypervisor Security • Affects density of virtualized environments • Limited visibility into workloads themselves • Cannot deploy into public cloud infrastructures
Cloud Security Responsibility Has Added More Complexity 24 Customer Responsibility Provider Responsibili ty Physical Facilities Compute & Storage Shared Network Hypervisor Virtual Machine Data App Code App Framework Operating System “…the customer should assume responsibility and management of, but not limited to, the guest operating system.. and associated application software...” “it is possible for customers to enhance security and/or meet more stringent compliance requirements with the addition of… host based firewalls, host based intrusion detection/prevention, encryption and key management.” Amazon Web Services: Overview of Security Processes Shared Responsibility Model
Addressing security & compliance needs as infrastructure models migrate to cloud 25 • Strong access control – User-auditing, privilege access monitoring, multi-factor authentication, device verification, etc… • Exposure management – Vulnerability assessment, configuration security monitoring, file integrity monitoring, etc… • Compromise prevention – Firewall management, application whitelisting, intrusion detection / prevention, data leak prevention, etc. • Security & compliance intelligence, adherence to corporate policies – Reporting and analytics, auditing, and standardized policy implementation, etc. Needs Haven’t Changed • Must work anywhere – Traditional environments, public cloud infrastructures, private cloud infrastructures and hybrid cloud environments • Diminished to no visibility and control – Underlying security and control maintained by the infrastructure provider • Hardware device limitations – Traditional network appliance or security approaches that leverage underlying hardware are not effective or appropriate • Dramatically higher rate of code & infrastructure change – Highly transient workloads often in a Delivery Parameters Have
CloudPassage Halo 26 • Highly automated security & compliance platform • Builds security directly into compute workloads • Secures any compute workloads, at any scale • Supports any cloud or datacenter environment • SaaS delivery model
Halo secure workloads anywhere at any scale and extends existing security investments 27 Halo API Halo Portal
#28# #rightscale Q & A and Resources Access the 2014 State of the Cloud Report: RightScale.com/lp/2014-state-of-the-cloud-report Start a Free Trial of Halo CloudPassage.com/halo Check out our blogs rightscale.com/blog blog.cloudpassage.com ®

Recommended

Cloud Security & Privacy Standard Slide
Cloud Security & Privacy Standard SlideCloud Security & Privacy Standard Slide
Cloud Security & Privacy Standard Slide
acinfotec
 
Best Practices for Multi-Cloud Security and Compliance
Best Practices for Multi-Cloud Security and ComplianceBest Practices for Multi-Cloud Security and Compliance
Best Practices for Multi-Cloud Security and Compliance
RightScale
 
Security and governance in the cloud
Security and governance in the cloudSecurity and governance in the cloud
Security and governance in the cloud
Julian Knight
 
Keys to success and security in the cloud
Keys to success and security in the cloudKeys to success and security in the cloud
Keys to success and security in the cloud
Scalar Decisions
 
How to maintain business equality secured in network and cloud
How to maintain business equality secured in network and cloudHow to maintain business equality secured in network and cloud
How to maintain business equality secured in network and cloud
DATA SECURITY SOLUTIONS
 
Thin Air or Solid Ground? Practical Cloud Security
Thin Air or Solid Ground? Practical Cloud SecurityThin Air or Solid Ground? Practical Cloud Security
Thin Air or Solid Ground? Practical Cloud Security
Dan Fitzgerald, CISSP, CIPM
 
Introduction to Security in the Cloud - Mark Brooks, Alert Logic
Introduction to Security in the Cloud - Mark Brooks, Alert LogicIntroduction to Security in the Cloud - Mark Brooks, Alert Logic
Introduction to Security in the Cloud - Mark Brooks, Alert Logic
Alert Logic
 
Cloud Security: Make Your CISO Successful
Cloud Security: Make Your CISO SuccessfulCloud Security: Make Your CISO Successful
Cloud Security: Make Your CISO Successful
CloudPassage
 

Recommended

Cloud Security & Privacy Standard Slide
Cloud Security & Privacy Standard SlideCloud Security & Privacy Standard Slide
Cloud Security & Privacy Standard Slide
acinfotec
 
Best Practices for Multi-Cloud Security and Compliance
Best Practices for Multi-Cloud Security and ComplianceBest Practices for Multi-Cloud Security and Compliance
Best Practices for Multi-Cloud Security and Compliance
RightScale
 
Security and governance in the cloud
Security and governance in the cloudSecurity and governance in the cloud
Security and governance in the cloud
Julian Knight
 
Keys to success and security in the cloud
Keys to success and security in the cloudKeys to success and security in the cloud
Keys to success and security in the cloud
Scalar Decisions
 
How to maintain business equality secured in network and cloud
How to maintain business equality secured in network and cloudHow to maintain business equality secured in network and cloud
How to maintain business equality secured in network and cloud
DATA SECURITY SOLUTIONS
 
Thin Air or Solid Ground? Practical Cloud Security
Thin Air or Solid Ground? Practical Cloud SecurityThin Air or Solid Ground? Practical Cloud Security
Thin Air or Solid Ground? Practical Cloud Security
Dan Fitzgerald, CISSP, CIPM
 
Introduction to Security in the Cloud - Mark Brooks, Alert Logic
Introduction to Security in the Cloud - Mark Brooks, Alert LogicIntroduction to Security in the Cloud - Mark Brooks, Alert Logic
Introduction to Security in the Cloud - Mark Brooks, Alert Logic
Alert Logic
 
Cloud Security: Make Your CISO Successful
Cloud Security: Make Your CISO SuccessfulCloud Security: Make Your CISO Successful
Cloud Security: Make Your CISO Successful
CloudPassage
 
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment modeCloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Himani Singh
 
CASB — Your new best friend for safe cloud adoption?
CASB — Your new best friend for safe cloud adoption? CASB — Your new best friend for safe cloud adoption?
CASB — Your new best friend for safe cloud adoption?
Digital Transformation EXPO Event Series
 
CASB: Securing your cloud applications
CASB: Securing your cloud applicationsCASB: Securing your cloud applications
CASB: Securing your cloud applications
Forcepoint LLC
 
C-Level tools for Cloud security
C-Level tools for Cloud securityC-Level tools for Cloud security
C-Level tools for Cloud security
Vladimir Jirasek
 
5 Highest-Impact CASB Use Cases
5 Highest-Impact CASB Use Cases5 Highest-Impact CASB Use Cases
5 Highest-Impact CASB Use Cases
Netskope
 
Optimize IT Infrastructure
Optimize IT InfrastructureOptimize IT Infrastructure
Optimize IT Infrastructure
Scalar Decisions
 
Cloud Security Demystified
Cloud Security DemystifiedCloud Security Demystified
Cloud Security Demystified
Michael Torres
 
2016, A new era of OS and Cloud Security
2016, A new era of OS and Cloud Security2016, A new era of OS and Cloud Security
2016, A new era of OS and Cloud Security
Tudor Damian
 
Netskope Threat Labs: Cloud As an Attack Vector
Netskope Threat Labs: Cloud As an Attack VectorNetskope Threat Labs: Cloud As an Attack Vector
Netskope Threat Labs: Cloud As an Attack Vector
Netskope
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
The TNS Group
 
Workshop on CASB Part 2
Workshop on CASB Part 2Workshop on CASB Part 2
Workshop on CASB Part 2
Priyanka Aash
 
Enterprise Cloud Governance: A Frictionless Approach
Enterprise Cloud Governance: A Frictionless ApproachEnterprise Cloud Governance: A Frictionless Approach
Enterprise Cloud Governance: A Frictionless Approach
RightScale
 
AWS Summit Singapore - Best Practices for Cloud Security in the Cloud Adoptio...
AWS Summit Singapore - Best Practices for Cloud Security in the Cloud Adoptio...AWS Summit Singapore - Best Practices for Cloud Security in the Cloud Adoptio...
AWS Summit Singapore - Best Practices for Cloud Security in the Cloud Adoptio...
Amazon Web Services
 
Alert Logic: Realities of Security in the Cloud
Alert Logic: Realities of Security in the CloudAlert Logic: Realities of Security in the Cloud
Alert Logic: Realities of Security in the Cloud
Alert Logic
 
Cloud risk and business continuity v21
Cloud risk and business continuity v21Cloud risk and business continuity v21
Cloud risk and business continuity v21
Jorge Sebastiao
 
Cloud Security 101 by Madhav Chablani
Cloud Security 101 by Madhav ChablaniCloud Security 101 by Madhav Chablani
Cloud Security 101 by Madhav Chablani
OWASP Delhi
 
NIST Cyber Security Framework: 4 Steps for CIOs - Deloitte CIO - WSJ
NIST Cyber Security Framework: 4 Steps for CIOs - Deloitte CIO - WSJNIST Cyber Security Framework: 4 Steps for CIOs - Deloitte CIO - WSJ
NIST Cyber Security Framework: 4 Steps for CIOs - Deloitte CIO - WSJ
Sherry Jones
 
Shared responsibility - a model for good cloud security
Shared responsibility - a model for good cloud securityShared responsibility - a model for good cloud security
Shared responsibility - a model for good cloud security
Andy Powell
 
Owasp top 10_proactive_controls_v3
Owasp top 10_proactive_controls_v3Owasp top 10_proactive_controls_v3
Owasp top 10_proactive_controls_v3
RazaMehmood7
 
Modernizing Technology Governance
Modernizing Technology GovernanceModernizing Technology Governance
Modernizing Technology Governance
Alert Logic
 
Not actually a DevOps Talk
Not actually a DevOps TalkNot actually a DevOps Talk
Not actually a DevOps Talk
VMware Tanzu
 
A Federated Multi-Cloud PaaS Infrasctructure
A Federated Multi-Cloud PaaS InfrasctructureA Federated Multi-Cloud PaaS Infrasctructure
A Federated Multi-Cloud PaaS Infrasctructure
Fawaz Fernand PARAISO
 

More Related Content

What's hot

NIST Cyber Security Framework: 4 Steps for CIOs - Deloitte CIO - WSJ
NIST Cyber Security Framework: 4 Steps for CIOs - Deloitte CIO - WSJNIST Cyber Security Framework: 4 Steps for CIOs - Deloitte CIO - WSJ
NIST Cyber Security Framework: 4 Steps for CIOs - Deloitte CIO - WSJ
Sherry Jones
 

What's hot (20)

Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment modeCloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
 
CASB — Your new best friend for safe cloud adoption?
CASB — Your new best friend for safe cloud adoption? CASB — Your new best friend for safe cloud adoption?
CASB — Your new best friend for safe cloud adoption?
 
CASB: Securing your cloud applications
CASB: Securing your cloud applicationsCASB: Securing your cloud applications
CASB: Securing your cloud applications
 
C-Level tools for Cloud security
C-Level tools for Cloud securityC-Level tools for Cloud security
C-Level tools for Cloud security
 
5 Highest-Impact CASB Use Cases
5 Highest-Impact CASB Use Cases5 Highest-Impact CASB Use Cases
5 Highest-Impact CASB Use Cases
 
Optimize IT Infrastructure
Optimize IT InfrastructureOptimize IT Infrastructure
Optimize IT Infrastructure
 
Cloud Security Demystified
Cloud Security DemystifiedCloud Security Demystified
Cloud Security Demystified
 
2016, A new era of OS and Cloud Security
2016, A new era of OS and Cloud Security2016, A new era of OS and Cloud Security
2016, A new era of OS and Cloud Security
 
Netskope Threat Labs: Cloud As an Attack Vector
Netskope Threat Labs: Cloud As an Attack VectorNetskope Threat Labs: Cloud As an Attack Vector
Netskope Threat Labs: Cloud As an Attack Vector
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
 
Workshop on CASB Part 2
Workshop on CASB Part 2Workshop on CASB Part 2
Workshop on CASB Part 2
 
Enterprise Cloud Governance: A Frictionless Approach
Enterprise Cloud Governance: A Frictionless ApproachEnterprise Cloud Governance: A Frictionless Approach
Enterprise Cloud Governance: A Frictionless Approach
 
AWS Summit Singapore - Best Practices for Cloud Security in the Cloud Adoptio...
AWS Summit Singapore - Best Practices for Cloud Security in the Cloud Adoptio...AWS Summit Singapore - Best Practices for Cloud Security in the Cloud Adoptio...
AWS Summit Singapore - Best Practices for Cloud Security in the Cloud Adoptio...
 
Alert Logic: Realities of Security in the Cloud
Alert Logic: Realities of Security in the CloudAlert Logic: Realities of Security in the Cloud
Alert Logic: Realities of Security in the Cloud
 
Cloud risk and business continuity v21
Cloud risk and business continuity v21Cloud risk and business continuity v21
Cloud risk and business continuity v21
 
Cloud Security 101 by Madhav Chablani
Cloud Security 101 by Madhav ChablaniCloud Security 101 by Madhav Chablani
Cloud Security 101 by Madhav Chablani
 
NIST Cyber Security Framework: 4 Steps for CIOs - Deloitte CIO - WSJ
NIST Cyber Security Framework: 4 Steps for CIOs - Deloitte CIO - WSJNIST Cyber Security Framework: 4 Steps for CIOs - Deloitte CIO - WSJ
NIST Cyber Security Framework: 4 Steps for CIOs - Deloitte CIO - WSJ
 
Shared responsibility - a model for good cloud security
Shared responsibility - a model for good cloud securityShared responsibility - a model for good cloud security
Shared responsibility - a model for good cloud security
 
Owasp top 10_proactive_controls_v3
Owasp top 10_proactive_controls_v3Owasp top 10_proactive_controls_v3
Owasp top 10_proactive_controls_v3
 
Modernizing Technology Governance
Modernizing Technology GovernanceModernizing Technology Governance
Modernizing Technology Governance
 

Viewers also liked

A Federated Multi-Cloud PaaS Infrasctructure
A Federated Multi-Cloud PaaS InfrasctructureA Federated Multi-Cloud PaaS Infrasctructure
A Federated Multi-Cloud PaaS Infrasctructure
Fawaz Fernand PARAISO
 
How to Scale Operations for a Multi-Cloud Platform using PCF
How to Scale Operations for a Multi-Cloud Platform using PCFHow to Scale Operations for a Multi-Cloud Platform using PCF
How to Scale Operations for a Multi-Cloud Platform using PCF
VMware Tanzu
 

Viewers also liked (6)

Not actually a DevOps Talk
Not actually a DevOps TalkNot actually a DevOps Talk
Not actually a DevOps Talk
 
A Federated Multi-Cloud PaaS Infrasctructure
A Federated Multi-Cloud PaaS InfrasctructureA Federated Multi-Cloud PaaS Infrasctructure
A Federated Multi-Cloud PaaS Infrasctructure
 
Architecting Multi-Cloud Applications - Myth or Reality?
Architecting Multi-Cloud Applications - Myth or Reality?Architecting Multi-Cloud Applications - Myth or Reality?
Architecting Multi-Cloud Applications - Myth or Reality?
 
Multi – tenancy Challenges in Storage Cloud Byte
Multi – tenancy Challenges in Storage Cloud ByteMulti – tenancy Challenges in Storage Cloud Byte
Multi – tenancy Challenges in Storage Cloud Byte
 
E newsletter promise_&_challenges_of_cloud storage-2
E newsletter promise_&_challenges_of_cloud storage-2E newsletter promise_&_challenges_of_cloud storage-2
E newsletter promise_&_challenges_of_cloud storage-2
 
How to Scale Operations for a Multi-Cloud Platform using PCF
How to Scale Operations for a Multi-Cloud Platform using PCFHow to Scale Operations for a Multi-Cloud Platform using PCF
How to Scale Operations for a Multi-Cloud Platform using PCF
 

Similar to RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices and Security Considerations

Security & Compliance in the Cloud [2019]
Security & Compliance in the Cloud [2019]Security & Compliance in the Cloud [2019]
Security & Compliance in the Cloud [2019]
Tudor Damian
 
Guide to security patterns for cloud systems and data security in aws and azure
Guide to security patterns for cloud systems and data security in aws and azureGuide to security patterns for cloud systems and data security in aws and azure
Guide to security patterns for cloud systems and data security in aws and azure
Abdul Khan
 
security and compliance in the cloud
security and compliance in the cloudsecurity and compliance in the cloud
security and compliance in the cloud
Ajay Rathi
 
Security that works with, not against, your SaaS business
Security that works with, not against, your SaaS businessSecurity that works with, not against, your SaaS business
Security that works with, not against, your SaaS business
CloudPassage
 
The most trusted, proven enterprise-class Cloud:Closer than you think
The most trusted, proven enterprise-class Cloud:Closer than you think The most trusted, proven enterprise-class Cloud:Closer than you think
The most trusted, proven enterprise-class Cloud:Closer than you think
Uni Systems S.M.S.A.
 
Risc and velostrata 2 28 2018 lessons_in_cloud_migration
Risc and velostrata 2 28 2018 lessons_in_cloud_migrationRisc and velostrata 2 28 2018 lessons_in_cloud_migration
Risc and velostrata 2 28 2018 lessons_in_cloud_migration
RISC Networks
 
Effectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing ParadigmEffectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing Paradigm
fanc1985
 
RightScale Webinar: The Five Critical Steps to Develop a Cloud Strategy
RightScale Webinar: The Five Critical Steps to Develop a Cloud StrategyRightScale Webinar: The Five Critical Steps to Develop a Cloud Strategy
RightScale Webinar: The Five Critical Steps to Develop a Cloud Strategy
RightScale
 
Cloud Computing Fundamentals
Cloud Computing FundamentalsCloud Computing Fundamentals
Cloud Computing Fundamentals
Vikas Sahni
 

Similar to RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices and Security Considerations (20)

Transforming cloud security into an advantage
Transforming cloud security into an advantageTransforming cloud security into an advantage
Transforming cloud security into an advantage
 
Security & Compliance in the Cloud [2019]
Security & Compliance in the Cloud [2019]Security & Compliance in the Cloud [2019]
Security & Compliance in the Cloud [2019]
 
Guide to security patterns for cloud systems and data security in aws and azure
Guide to security patterns for cloud systems and data security in aws and azureGuide to security patterns for cloud systems and data security in aws and azure
Guide to security patterns for cloud systems and data security in aws and azure
 
security and compliance in the cloud
security and compliance in the cloudsecurity and compliance in the cloud
security and compliance in the cloud
 
Security Considerations When Using Cloud Infrastructure Services.pdf
Security Considerations When Using Cloud Infrastructure Services.pdfSecurity Considerations When Using Cloud Infrastructure Services.pdf
Security Considerations When Using Cloud Infrastructure Services.pdf
 
Gitex journey to the cloud
Gitex journey to the cloudGitex journey to the cloud
Gitex journey to the cloud
 
4831586.ppt
4831586.ppt4831586.ppt
4831586.ppt
 
Security that works with, not against, your SaaS business
Security that works with, not against, your SaaS businessSecurity that works with, not against, your SaaS business
Security that works with, not against, your SaaS business
 
ShareResponsibilityModel.pptx
ShareResponsibilityModel.pptxShareResponsibilityModel.pptx
ShareResponsibilityModel.pptx
 
The most trusted, proven enterprise-class Cloud:Closer than you think
The most trusted, proven enterprise-class Cloud:Closer than you think The most trusted, proven enterprise-class Cloud:Closer than you think
The most trusted, proven enterprise-class Cloud:Closer than you think
 
Moving Enterprise Applications to the Cloud
Moving Enterprise Applications to the CloudMoving Enterprise Applications to the Cloud
Moving Enterprise Applications to the Cloud
 
Secure Cloud Hosting: Real Requirements to Protect your Data
Secure Cloud Hosting: Real Requirements to Protect your DataSecure Cloud Hosting: Real Requirements to Protect your Data
Secure Cloud Hosting: Real Requirements to Protect your Data
 
chapitre1-cloud security basics-23 (1).pptx
chapitre1-cloud security basics-23 (1).pptxchapitre1-cloud security basics-23 (1).pptx
chapitre1-cloud security basics-23 (1).pptx
 
Risc and velostrata 2 28 2018 lessons_in_cloud_migration
Risc and velostrata 2 28 2018 lessons_in_cloud_migrationRisc and velostrata 2 28 2018 lessons_in_cloud_migration
Risc and velostrata 2 28 2018 lessons_in_cloud_migration
 
Effectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing ParadigmEffectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing Paradigm
 
3.pptx
3.pptx3.pptx
3.pptx
 
Accelarting Hybrid Cloud Adoption through Use Cases in vCloud Air
Accelarting Hybrid Cloud Adoption through Use Cases in vCloud AirAccelarting Hybrid Cloud Adoption through Use Cases in vCloud Air
Accelarting Hybrid Cloud Adoption through Use Cases in vCloud Air
 
RightScale Webinar: The Five Critical Steps to Develop a Cloud Strategy
RightScale Webinar: The Five Critical Steps to Develop a Cloud StrategyRightScale Webinar: The Five Critical Steps to Develop a Cloud Strategy
RightScale Webinar: The Five Critical Steps to Develop a Cloud Strategy
 
Cloud Computing Fundamentals
Cloud Computing FundamentalsCloud Computing Fundamentals
Cloud Computing Fundamentals
 
best practices-managing_security_in_the hybrid cloud
best practices-managing_security_in_the hybrid cloud best practices-managing_security_in_the hybrid cloud
best practices-managing_security_in_the hybrid cloud
 

More from RightScale

More from RightScale (20)

10 Must-Have Automated Cloud Policies for IT Governance
10 Must-Have Automated Cloud Policies for IT Governance10 Must-Have Automated Cloud Policies for IT Governance
10 Must-Have Automated Cloud Policies for IT Governance
 
Kubernetes and Terraform in the Cloud: How RightScale Does DevOps
Kubernetes and Terraform in the Cloud: How RightScale Does DevOpsKubernetes and Terraform in the Cloud: How RightScale Does DevOps
Kubernetes and Terraform in the Cloud: How RightScale Does DevOps
 
Optimize Software, SaaS, and Cloud with Flexera and RightScale
Optimize Software, SaaS, and Cloud with Flexera and RightScaleOptimize Software, SaaS, and Cloud with Flexera and RightScale
Optimize Software, SaaS, and Cloud with Flexera and RightScale
 
Prepare Your Enterprise Cloud Strategy for 2019: 7 Things to Think About Now
Prepare Your Enterprise Cloud Strategy for 2019: 7 Things to Think About NowPrepare Your Enterprise Cloud Strategy for 2019: 7 Things to Think About Now
Prepare Your Enterprise Cloud Strategy for 2019: 7 Things to Think About Now
 
How to Set Up a Cloud Cost Optimization Process for your Enterprise
How to Set Up a Cloud Cost Optimization Process for your EnterpriseHow to Set Up a Cloud Cost Optimization Process for your Enterprise
How to Set Up a Cloud Cost Optimization Process for your Enterprise
 
Multi-Cloud Management with RightScale CMP (Demo)
Multi-Cloud Management with RightScale CMP (Demo)Multi-Cloud Management with RightScale CMP (Demo)
Multi-Cloud Management with RightScale CMP (Demo)
 
Comparing Cloud VM Types and Prices: AWS vs Azure vs Google vs IBM
Comparing Cloud VM Types and Prices: AWS vs Azure vs Google vs IBMComparing Cloud VM Types and Prices: AWS vs Azure vs Google vs IBM
Comparing Cloud VM Types and Prices: AWS vs Azure vs Google vs IBM
 
How to Allocate and Report Cloud Costs with RightScale Optima
How to Allocate and Report Cloud Costs with RightScale OptimaHow to Allocate and Report Cloud Costs with RightScale Optima
How to Allocate and Report Cloud Costs with RightScale Optima
 
Should You Move Between AWS, Azure, or Google Clouds? Considerations, Pros an...
Should You Move Between AWS, Azure, or Google Clouds? Considerations, Pros an...Should You Move Between AWS, Azure, or Google Clouds? Considerations, Pros an...
Should You Move Between AWS, Azure, or Google Clouds? Considerations, Pros an...
 
Using RightScale CMP with Cloud Provider Tools
Using RightScale CMP with Cloud Provider ToolsUsing RightScale CMP with Cloud Provider Tools
Using RightScale CMP with Cloud Provider Tools
 
Automating Multi-Cloud Policies for AWS, Azure, Google, and More
Automating Multi-Cloud Policies for AWS, Azure, Google, and MoreAutomating Multi-Cloud Policies for AWS, Azure, Google, and More
Automating Multi-Cloud Policies for AWS, Azure, Google, and More
 
The 5 Stages of Cloud Management for Enterprises
The 5 Stages of Cloud Management for EnterprisesThe 5 Stages of Cloud Management for Enterprises
The 5 Stages of Cloud Management for Enterprises
 
9 Ways to Reduce Cloud Storage Costs
9 Ways to Reduce Cloud Storage Costs9 Ways to Reduce Cloud Storage Costs
9 Ways to Reduce Cloud Storage Costs
 
Serverless Comparison: AWS vs Azure vs Google vs IBM
Serverless Comparison: AWS vs Azure vs Google vs IBMServerless Comparison: AWS vs Azure vs Google vs IBM
Serverless Comparison: AWS vs Azure vs Google vs IBM
 
Best Practices for Cloud Managed Services Providers: The Path to CMP Success
Best Practices for Cloud Managed Services Providers: The Path to CMP SuccessBest Practices for Cloud Managed Services Providers: The Path to CMP Success
Best Practices for Cloud Managed Services Providers: The Path to CMP Success
 
Cloud Storage Comparison: AWS vs Azure vs Google vs IBM
Cloud Storage Comparison: AWS vs Azure vs Google vs IBMCloud Storage Comparison: AWS vs Azure vs Google vs IBM
Cloud Storage Comparison: AWS vs Azure vs Google vs IBM
 
2018 Cloud Trends: RightScale State of the Cloud Report
2018 Cloud Trends: RightScale State of the Cloud Report2018 Cloud Trends: RightScale State of the Cloud Report
2018 Cloud Trends: RightScale State of the Cloud Report
 
Got a Multi-Cloud Strategy? How RightScale CMP Helps
Got a Multi-Cloud Strategy? How RightScale CMP HelpsGot a Multi-Cloud Strategy? How RightScale CMP Helps
Got a Multi-Cloud Strategy? How RightScale CMP Helps
 
How to Manage Cloud Costs with RightScale Optima
How to Manage Cloud Costs with RightScale OptimaHow to Manage Cloud Costs with RightScale Optima
How to Manage Cloud Costs with RightScale Optima
 
Top 10 Cloud Trends for 2018 and Actions You Can Take Now
Top 10 Cloud Trends for 2018 and Actions You Can Take NowTop 10 Cloud Trends for 2018 and Actions You Can Take Now
Top 10 Cloud Trends for 2018 and Actions You Can Take Now
 

Recently uploaded

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 

Recently uploaded (20)

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 

RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices and Security Considerations

  • 1. COPING WITH CLOUD MIGRATION CHALLENGES: BEST PRACTICES AND SECURITY CONSIDERATIONS
  • 2. Agenda & Speakers ® Rishi Vaish VP of Product Amrit Williams CTO • RightScale’s State of the Cloud survey • Why hybrid cloud is the standard of choice • 3 strategies for existing cloud server workloads • Benefits and security challenges of migrating to cloud infrastructures • Choosing a hybrid strategy
  • 3. Cloud Usage is Ubiquitous…
  • 4. Enterprises are Choosing Multiple Clouds
  • 5. 0% 20% 40% 60% 80% 100% Cloud Beginners Cloud Explorers Cloud Focused %ofRespondents Benefits Grow with Cloud Maturity % of Respondents Reporting these Benefits CapEx to OpEx Business continuity IT staff efficiency Geographic reach Higher performance Cost savings Faster time-to-market Higher availability Faster access to infrastructure Greater scalability Adoption is Driven by Clear Benefits Source: RightScale 2014 State of the Cloud Report
  • 6. What about Existing Workloads? How can I migrate existing workloads to the cloud?
  • 7. What Everyone Wants vSphere AWS or other clouds Greenfield workloads Migrated workloads
  • 8. Best Practice 1; Understand the realities Best Practice: Understand the Realities
  • 9. • Newer OS versions • SSL termination • Clustering of LBs • App clustering • Multi-cast • Shared Filesystems • Static IPs 14 Considerations for Migration 8 • Licensing • Tenancy • Scale-down Logic • Bandwidth • Virtual IP requirements • Multi-master DB • Database I/O requirements
  • 10. Three Strategies for Existing Workloads 9 Manage natively Migrate elsewhere Make portable
  • 11. Best Practice: Be Smart about Strategy Photo: stevendepolo
  • 12. Segment Your App Portfolio • Web architecture • Elastic design • Monolithic • Legacy • Traditional vendors Cloud-Ready • Greenfield • Designed for cloud Elastic Web Traditional
  • 13. Assess Apps for Cloud Readiness 12 REFACTOR DON’T MIGRATE HOLD OFF QUICK WINS Technical Fit BusinessImpact App 1 App 7 App 3 App 12 App 4 App 6 App 2 App 5 App 8 App 11 App 10 App 9
  • 14. Best Practice 3; Consider portability Best Practice: Plan for Portability
  • 15. • Lifecycle-based multi-cloud deployment • Dev vs. Test vs. Staging vs. Prod • New (Unpredictable) vs. Mature (Steady-State) • Disaster Recovery • Private for primary, Public for backup • Geographic Reach • Use clouds in different geographies • Arbitrage costs • Leverage different clouds based on costs • Cloudbursting • Base capacity in private, burst to public Why Portability? 14
  • 16. How to Make Portable Apps 15
  • 17. RIghtScale Cloud-Enables your Enterprise Your Cloud Portfolio Self-Service Cloud AnalyticsCloud Management Manage Govern Optimize RightScale Cloud Portfolio Management Public Clouds Private Clouds Virtualized Environments
  • 19. Place Cloud Beginners Cloud Focused #1 Security (31%) Compliance (18%) #2 Compliance (30%) Cost (17%) #3 Managing multiple cloud services (28%) Performance (15%) #4 Integration to internal systems (28%) Managing multiple cloud services (13%) #5 Governance/Control (26%) Security (13%) Top 5 Challenges Change with Maturity Top 5 Challenges Change with Cloud Maturity Source: RightScale 2014 State of the Cloud Report
  • 20. What makes cloud infrastructure great also breaks existing security approaches 19 Virtualized networks New topologies Highly Portable Highly dynamic Shared infrastructure These cloud “pros” become security “cons”
  • 21. The days of simple infrastructure security… 20
  • 22. … have given way to tremendous complexity. 21
  • 23. The problem becomes more challenging in multi- cloud environments 22 Cloud Provider A Cloud Provider B Private Datacenter www- 4 ! www- 5 ! www- 6 ! www- 7 ! www- 8 ! www- 9 ! www-10 ! www- 7 ! www- 8 ! www- 9 ! www-10 ! www-1 www-2 www-3 www-4 Workloads become highly transient across multiple cloud environments. ww w-4 ww w-4 ww w-4 ww w-4
  • 24. Traditional Security Solutions Break… 23 Endpoint Security • Resource intensive • Licensing models • Do not work across disparate cloud environments Virtual Appliances • No hardware acceleration • No gateway to deploy against • Do not well work across disparate cloud environments Hypervisor Security • Affects density of virtualized environments • Limited visibility into workloads themselves • Cannot deploy into public cloud infrastructures
  • 25. Cloud Security Responsibility Has Added More Complexity 24 Customer Responsibility Provider Responsibili ty Physical Facilities Compute & Storage Shared Network Hypervisor Virtual Machine Data App Code App Framework Operating System “…the customer should assume responsibility and management of, but not limited to, the guest operating system.. and associated application software...” “it is possible for customers to enhance security and/or meet more stringent compliance requirements with the addition of… host based firewalls, host based intrusion detection/prevention, encryption and key management.” Amazon Web Services: Overview of Security Processes Shared Responsibility Model
  • 26. Addressing security & compliance needs as infrastructure models migrate to cloud 25 • Strong access control – User-auditing, privilege access monitoring, multi-factor authentication, device verification, etc… • Exposure management – Vulnerability assessment, configuration security monitoring, file integrity monitoring, etc… • Compromise prevention – Firewall management, application whitelisting, intrusion detection / prevention, data leak prevention, etc. • Security & compliance intelligence, adherence to corporate policies – Reporting and analytics, auditing, and standardized policy implementation, etc. Needs Haven’t Changed • Must work anywhere – Traditional environments, public cloud infrastructures, private cloud infrastructures and hybrid cloud environments • Diminished to no visibility and control – Underlying security and control maintained by the infrastructure provider • Hardware device limitations – Traditional network appliance or security approaches that leverage underlying hardware are not effective or appropriate • Dramatically higher rate of code & infrastructure change – Highly transient workloads often in a Delivery Parameters Have
  • 27. CloudPassage Halo 26 • Highly automated security & compliance platform • Builds security directly into compute workloads • Secures any compute workloads, at any scale • Supports any cloud or datacenter environment • SaaS delivery model
  • 28. Halo secure workloads anywhere at any scale and extends existing security investments 27 Halo API Halo Portal
  • 29. #28# #rightscale Q & A and Resources Access the 2014 State of the Cloud Report: RightScale.com/lp/2014-state-of-the-cloud-report Start a Free Trial of Halo CloudPassage.com/halo Check out our blogs rightscale.com/blog blog.cloudpassage.com ®