Presented by Michael Scheidell, CISO Security Privateers at the PMI South Florida Day of Excellence.
Common Risks in Desktop, Server, Web, Cloud and Mobile.
Platform Specific Issues
Governance
Cloud Types: Shared, Private, Hybrid
Services to Protect: Authentication, Storage, Processing
4. Spacely Sprockets
We make our Clients go NUTS(tm)
STOCKS ALLOCATED
CLOSE TO
CUSTOMER
SHORT
DELIVERY
TIME
ON LINE HELP
SERVICE CONSULTANS
CALL CENTER
CUSTOMER SUPPORT
SUPPLY CHAIN
FREE UPGRADE
NEW FEATURES
NICE DESIGN
BETTER PRODUCTS
VIRAL
MARKETING/USERS
TIP EACH OTHER
SALES & MARKETING
THINK GREEN IN THE
WHOLE VALUE CHAIN
ATTRACT THE BEST
SALES PEOPLE
SUSTAINABLE
PRICE
BE C02
NEUTRAL
CHEAP?
LUXARY?
AVERAGE?
BUILD RELATIONHIPS
ON LINE
ON AIR
ON TV
PRINT
5. We are NUTS(tm)
•Daily Scrum
•Daily Work
Sprint
Planning
meeting
PREPARATION
•Business case & funding
•Contractual agreement
•Vision
•Initial productbacklog
•Initial release plan
•Stakeholderbuy-in
•Assemble team
Update
product
backlog
Daily
Cycle
SCRUM PROCESS
Product
increment
RELEASE
Sprint
retrospective
Sprint review
Product Management
• Security / Privacy
• Compliance
• Legal
QA -> Production
• Beta Test
• Web App Test
• Source Code Review
12. It’s getting Cloudy now
• SaaS (Applications)
• Office365
• Salesforce
• Google
• Microsoft Azure instances
• PaaS (Windows/LAMP)
• Amazon EC2
• Azure Platforms
• IaaS (Firewalls, Networks, Storage)
• Amazon
• Azure
What is the Cloud?
Where is the Cloud?
The cloud is many things to many
people
There is no cloud
Someone else’s mainframe and NAS
Where is your Data Stored?
Where is your Processing Done?
Where is the Data Flow?
Private, Public, Hybrid
13. It’s getting Cloudy now
• Public Cloud: SaaS
• Non regulated Data
• Standardized application
• Lots of users
• Incremental capacity
• PaaS: Software development
• Private Cloud: PaaS
• Regulated Data
• Strict Security and Control
• Large Company
• Non Standard/Custom Applications
• Hybrid Clouds: SaaS+PaaS
• PaaS for storage
• VPN to SaaS
What is the Cloud?
Where is the Cloud?
The cloud is many things to many
people.
There is no cloud.
Someone else’s mainframe and NAS
Where is your Data Stored?
Where is your Processing Done?
Where is the Data Flow?
Private, Public, Hybrid
14. It’s getting Cloudy now
•
•
•
•
•
•
•
•
Any Device, Anywhere
Storage
Authentication Services
Platform rollout
Geographic Redundancy
Development and Test
Disaster Recovery
Web and Mobile Apps
What is the Cloud?
Where is the Cloud?
Why is the Cloud
The cloud is many things to many
people.
There is no cloud.
Someone else’s mainframe and NAS
Where is your Data Stored?
Where is your Processing Done?
Where is the Data Flow?
What will you use the Cloud for?