SlideShare uma empresa Scribd logo

Wall-Street Technology Association (WSTA) Feb-2012

Transferir como PPTX, PDF
Joshua McKenty
Joshua McKenty
TecnologiaNegócios
1 de 15
―If you think technology can solve your security problems, then you don’t understand the problems and you don’t understand the technology.‖ – Bruce Schneier
EVERYTHING OLD IS NEW AGAIN: Risk, Compliance, and Complexity Me: Joshua McKenty Twitter: @jmckenty Email: joshua@pistoncloud.com Former Chief Architect, NASA Nebula Founding Member, OpenStack OpenStack Project Policy Board CEO, Piston Cloud Computing, Inc.
Step 1: Define Cloud ―Self-service provisioning of multi-tenant IT infrastructure and applications via HTTP.‖ Step 2: Consider Your Cloud Options Public Cloud Community Cloud Hosted Private Cloud On-premise Private cloud
Step 3: Examine the risks Increased Insider Threat Complexity Risk Compliance Challenges Liability and Forensics ―…security and compliance costs continue to grow at a rate three times faster than that of IT budgets.‖ - IBM
Five-Actor Model Vendor End-User Operator DevOps Auditor User
Off Premise IT: A Matrix of Insiders Physical Host Access Guest Access Application Access Access Your Employees X X Your Contractors X X Managed Services ? X Provider Cloud Service X X X Providers External Auditor X X X Other Cloud ? ? Users DC Operators X ?
Complexity Risk ―If we don’t understand the cross-cutting effects and inherent contradictions in all of the stringent standards now being written into final form, we risk doing real damage to the sound, stable and — yes — profitable financial industry regulators say they support and the economies sorely need.‖ - Karen Petrou, Federal Financial Analytics ―Complexity is holding our industry back right now. A lot of what is bought and paid for doesn't get implemented because of complexity. Maybe this is the industry's biggest challenge.‖ - Ray Lane, Kleiner Perkins Caufield & Byers
YOUR VENDOR IS THE ENEMY Trivial Solution: Add a root kit Guest Agent == Root Kit SaaS Logging == Root Kit Cloud Orchestration Agent == Root Kit Monitoring Agent == Root Kit Real Solution: Attack Complexity Cloud can be evolutionary (not revolutionary) Fight sprawl with strong standards Use automation and standards to reduce the number of privileged users and applications Limit choice – one hypervisor, two base O/S, three application stacks
Logging in Depth Network Host Operating System Guest Operating System User and application events Cloud Orchestration Application Layer
Audit in Depth, with Standards Audit at all layers Host Environment Cloud Management Guest Environment Orchestration Trust no one – even in Test and Dev Data-at-rest encryption Data integrity validation Hardened base O/S images
The Stack of Concerns Application DevOps Application Server Guest OS Hypervisor Operator Storage Infrastructure Host OS Physical Server
Key Takeaways Complexity is the enemy Adding rootkits is the wrong solution Use automation to limit access Simplify services using Pareto’s Law
Piston Enterprise OS Secure Cloud Operating System Designed for Enterprise Private Clouds Built on OpenStack Piston Cloud Computing, Inc. Former NASA Researchers Developed first FISMA-certified Cloud Founders of OpenStack
Opinionated Software One hypervisor No host OS access One reference architecture
Questions? ―We can only see a short distance ahead, but we can see plenty there that needs to be done.‖ – Alan Turing

Recomendados

Rik Ferguson
Rik FergusonRik Ferguson
Rik FergusonCloudExpoEurope
 
Security automation in virtual and cloud environments v2
Security automation in virtual and cloud environments v2Security automation in virtual and cloud environments v2
Security automation in virtual and cloud environments v2rpark31
 
SECURE CLOUD ARCHITECTURE
SECURE CLOUD ARCHITECTURESECURE CLOUD ARCHITECTURE
SECURE CLOUD ARCHITECTUREacijjournal
 
CLOUD NATIVE SECURITY
CLOUD NATIVE SECURITYCLOUD NATIVE SECURITY
CLOUD NATIVE SECURITYMaganathin Veeraragaloo
 
Open Source and Security: Engineering Security by Design - Prague, December 2011
Open Source and Security: Engineering Security by Design - Prague, December 2011Open Source and Security: Engineering Security by Design - Prague, December 2011
Open Source and Security: Engineering Security by Design - Prague, December 2011Jeremy Brown
 
Cloud Security
Cloud SecurityCloud Security
Cloud SecurityRashmi Agale
 
Can Cloud Solutions Transform Network Security
Can Cloud Solutions Transform Network SecurityCan Cloud Solutions Transform Network Security
Can Cloud Solutions Transform Network SecurityEC-Council
 
Collaborative Contingency in the Cloud
Collaborative Contingency in the CloudCollaborative Contingency in the Cloud
Collaborative Contingency in the CloudGlen Roberts, CISSP
 

Recomendados

Rik Ferguson
Rik FergusonRik Ferguson
Rik FergusonCloudExpoEurope
 
Security automation in virtual and cloud environments v2
Security automation in virtual and cloud environments v2Security automation in virtual and cloud environments v2
Security automation in virtual and cloud environments v2rpark31
 
SECURE CLOUD ARCHITECTURE
SECURE CLOUD ARCHITECTURESECURE CLOUD ARCHITECTURE
SECURE CLOUD ARCHITECTUREacijjournal
 
CLOUD NATIVE SECURITY
CLOUD NATIVE SECURITYCLOUD NATIVE SECURITY
CLOUD NATIVE SECURITYMaganathin Veeraragaloo
 
Open Source and Security: Engineering Security by Design - Prague, December 2011
Open Source and Security: Engineering Security by Design - Prague, December 2011Open Source and Security: Engineering Security by Design - Prague, December 2011
Open Source and Security: Engineering Security by Design - Prague, December 2011Jeremy Brown
 
Cloud Security
Cloud SecurityCloud Security
Cloud SecurityRashmi Agale
 
Can Cloud Solutions Transform Network Security
Can Cloud Solutions Transform Network SecurityCan Cloud Solutions Transform Network Security
Can Cloud Solutions Transform Network SecurityEC-Council
 
Collaborative Contingency in the Cloud
Collaborative Contingency in the CloudCollaborative Contingency in the Cloud
Collaborative Contingency in the CloudGlen Roberts, CISSP
 
Cisco's 2016 Annual Security report
Cisco's 2016 Annual Security reportCisco's 2016 Annual Security report
Cisco's 2016 Annual Security reportCisco Canada
 
Twistlock: 7 Experts on Cloud-Native Security
Twistlock: 7 Experts on Cloud-Native SecurityTwistlock: 7 Experts on Cloud-Native Security
Twistlock: 7 Experts on Cloud-Native SecurityMighty Guides, Inc.
 
Security As A Service
Security As A ServiceSecurity As A Service
Security As A ServiceGeorge Fares
 
Avoid Meltdown from the Spectre - How to measure impact and track remediation
Avoid Meltdown from the Spectre - How to measure impact and track remediationAvoid Meltdown from the Spectre - How to measure impact and track remediation
Avoid Meltdown from the Spectre - How to measure impact and track remediationQualys
 
Cloud Security for U.S. Military Agencies
Cloud Security for U.S. Military AgenciesCloud Security for U.S. Military Agencies
Cloud Security for U.S. Military AgenciesNJVC, LLC
 
Dressing up the ICS Kill Chain
Dressing up the ICS Kill ChainDressing up the ICS Kill Chain
Dressing up the ICS Kill ChainDragos, Inc.
 
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?EC-Council
 
Case_Study__Juniper_Expedient_2015
Case_Study__Juniper_Expedient_2015Case_Study__Juniper_Expedient_2015
Case_Study__Juniper_Expedient_2015John White
 
Sharing the Cloud
Sharing the CloudSharing the Cloud
Sharing the CloudGlen Roberts, CISSP
 
VMware Technical Overview (2012)
VMware Technical Overview (2012)VMware Technical Overview (2012)
VMware Technical Overview (2012)Steven Aiello
 
Kaspersky security for virtualization light agent launch presentation
Kaspersky security for virtualization light agent launch presentationKaspersky security for virtualization light agent launch presentation
Kaspersky security for virtualization light agent launch presentationShapeBlue
 
Threats and risks to cloud computing
Threats and risks to cloud computingThreats and risks to cloud computing
Threats and risks to cloud computingRyo Matsumoto
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud ComputingNazish Mohammed
 
From Physical to Virtual to Cloud
From Physical to Virtual to CloudFrom Physical to Virtual to Cloud
From Physical to Virtual to CloudCisco Security
 
Cloud Computing Security Threats and Responses
Cloud Computing Security Threats and ResponsesCloud Computing Security Threats and Responses
Cloud Computing Security Threats and Responsesshafzonly
 
Effectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing ParadigmEffectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing Paradigmfanc1985
 
KASPERSKY SECURITY CENTER IMPLEMENTATION
KASPERSKY SECURITY CENTER IMPLEMENTATIONKASPERSKY SECURITY CENTER IMPLEMENTATION
KASPERSKY SECURITY CENTER IMPLEMENTATIONGS CHO
 
Cloud security Presentation
Cloud security PresentationCloud security Presentation
Cloud security PresentationAjay p
 
Defending the Data Center: Managing Users from the Edge to the Application
Defending the Data Center: Managing Users from the Edge to the ApplicationDefending the Data Center: Managing Users from the Edge to the Application
Defending the Data Center: Managing Users from the Edge to the ApplicationCisco Security
 
Webcast Series #3: GDPR Deadline Readiness and Impact to Global Organizations...
Webcast Series #3: GDPR Deadline Readiness and Impact to Global Organizations...Webcast Series #3: GDPR Deadline Readiness and Impact to Global Organizations...
Webcast Series #3: GDPR Deadline Readiness and Impact to Global Organizations...Qualys
 
The Psychology Of Security Bruce Schneier
The Psychology Of Security Bruce SchneierThe Psychology Of Security Bruce Schneier
The Psychology Of Security Bruce SchneierLarry Taylor Ph.D.
 
What is Email Header - Understanding Email Anatomy
What is Email Header - Understanding Email AnatomyWhat is Email Header - Understanding Email Anatomy
What is Email Header - Understanding Email Anatomyemail_header
 

Mais conteúdo relacionado

Mais procurados

Cisco's 2016 Annual Security report
Cisco's 2016 Annual Security reportCisco's 2016 Annual Security report
Cisco's 2016 Annual Security reportCisco Canada
 
Twistlock: 7 Experts on Cloud-Native Security
Twistlock: 7 Experts on Cloud-Native SecurityTwistlock: 7 Experts on Cloud-Native Security
Twistlock: 7 Experts on Cloud-Native SecurityMighty Guides, Inc.
 
Security As A Service
Security As A ServiceSecurity As A Service
Security As A ServiceGeorge Fares
 
Avoid Meltdown from the Spectre - How to measure impact and track remediation
Avoid Meltdown from the Spectre - How to measure impact and track remediationAvoid Meltdown from the Spectre - How to measure impact and track remediation
Avoid Meltdown from the Spectre - How to measure impact and track remediationQualys
 
Cloud Security for U.S. Military Agencies
Cloud Security for U.S. Military AgenciesCloud Security for U.S. Military Agencies
Cloud Security for U.S. Military AgenciesNJVC, LLC
 
Dressing up the ICS Kill Chain
Dressing up the ICS Kill ChainDressing up the ICS Kill Chain
Dressing up the ICS Kill ChainDragos, Inc.
 
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?EC-Council
 
Case_Study__Juniper_Expedient_2015
Case_Study__Juniper_Expedient_2015Case_Study__Juniper_Expedient_2015
Case_Study__Juniper_Expedient_2015John White
 
VMware Technical Overview (2012)
VMware Technical Overview (2012)VMware Technical Overview (2012)
VMware Technical Overview (2012)Steven Aiello
 
Kaspersky security for virtualization light agent launch presentation
Kaspersky security for virtualization light agent launch presentationKaspersky security for virtualization light agent launch presentation
Kaspersky security for virtualization light agent launch presentationShapeBlue
 
Threats and risks to cloud computing
Threats and risks to cloud computingThreats and risks to cloud computing
Threats and risks to cloud computingRyo Matsumoto
 
From Physical to Virtual to Cloud
From Physical to Virtual to CloudFrom Physical to Virtual to Cloud
From Physical to Virtual to CloudCisco Security
 
Cloud Computing Security Threats and Responses
Cloud Computing Security Threats and ResponsesCloud Computing Security Threats and Responses
Cloud Computing Security Threats and Responsesshafzonly
 
Effectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing ParadigmEffectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing Paradigmfanc1985
 
KASPERSKY SECURITY CENTER IMPLEMENTATION
KASPERSKY SECURITY CENTER IMPLEMENTATIONKASPERSKY SECURITY CENTER IMPLEMENTATION
KASPERSKY SECURITY CENTER IMPLEMENTATIONGS CHO
 
Cloud security Presentation
Cloud security PresentationCloud security Presentation
Cloud security PresentationAjay p
 
Defending the Data Center: Managing Users from the Edge to the Application
Defending the Data Center: Managing Users from the Edge to the ApplicationDefending the Data Center: Managing Users from the Edge to the Application
Defending the Data Center: Managing Users from the Edge to the ApplicationCisco Security
 
Webcast Series #3: GDPR Deadline Readiness and Impact to Global Organizations...
Webcast Series #3: GDPR Deadline Readiness and Impact to Global Organizations...Webcast Series #3: GDPR Deadline Readiness and Impact to Global Organizations...
Webcast Series #3: GDPR Deadline Readiness and Impact to Global Organizations...Qualys
 

Mais procurados (20)

Cisco's 2016 Annual Security report
Cisco's 2016 Annual Security reportCisco's 2016 Annual Security report
Cisco's 2016 Annual Security report
 
Twistlock: 7 Experts on Cloud-Native Security
Twistlock: 7 Experts on Cloud-Native SecurityTwistlock: 7 Experts on Cloud-Native Security
Twistlock: 7 Experts on Cloud-Native Security
 
Security As A Service
Security As A ServiceSecurity As A Service
Security As A Service
 
Avoid Meltdown from the Spectre - How to measure impact and track remediation
Avoid Meltdown from the Spectre - How to measure impact and track remediationAvoid Meltdown from the Spectre - How to measure impact and track remediation
Avoid Meltdown from the Spectre - How to measure impact and track remediation
 
Cloud Security for U.S. Military Agencies
Cloud Security for U.S. Military AgenciesCloud Security for U.S. Military Agencies
Cloud Security for U.S. Military Agencies
 
Dressing up the ICS Kill Chain
Dressing up the ICS Kill ChainDressing up the ICS Kill Chain
Dressing up the ICS Kill Chain
 
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?
 
Case_Study__Juniper_Expedient_2015
Case_Study__Juniper_Expedient_2015Case_Study__Juniper_Expedient_2015
Case_Study__Juniper_Expedient_2015
 
Sharing the Cloud
Sharing the CloudSharing the Cloud
Sharing the Cloud
 
VMware Technical Overview (2012)
VMware Technical Overview (2012)VMware Technical Overview (2012)
VMware Technical Overview (2012)
 
Kaspersky security for virtualization light agent launch presentation
Kaspersky security for virtualization light agent launch presentationKaspersky security for virtualization light agent launch presentation
Kaspersky security for virtualization light agent launch presentation
 
Threats and risks to cloud computing
Threats and risks to cloud computingThreats and risks to cloud computing
Threats and risks to cloud computing
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
From Physical to Virtual to Cloud
From Physical to Virtual to CloudFrom Physical to Virtual to Cloud
From Physical to Virtual to Cloud
 
Cloud Computing Security Threats and Responses
Cloud Computing Security Threats and ResponsesCloud Computing Security Threats and Responses
Cloud Computing Security Threats and Responses
 
Effectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing ParadigmEffectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing Paradigm
 
KASPERSKY SECURITY CENTER IMPLEMENTATION
KASPERSKY SECURITY CENTER IMPLEMENTATIONKASPERSKY SECURITY CENTER IMPLEMENTATION
KASPERSKY SECURITY CENTER IMPLEMENTATION
 
Cloud security Presentation
Cloud security PresentationCloud security Presentation
Cloud security Presentation
 
Defending the Data Center: Managing Users from the Edge to the Application
Defending the Data Center: Managing Users from the Edge to the ApplicationDefending the Data Center: Managing Users from the Edge to the Application
Defending the Data Center: Managing Users from the Edge to the Application
 
Webcast Series #3: GDPR Deadline Readiness and Impact to Global Organizations...
Webcast Series #3: GDPR Deadline Readiness and Impact to Global Organizations...Webcast Series #3: GDPR Deadline Readiness and Impact to Global Organizations...
Webcast Series #3: GDPR Deadline Readiness and Impact to Global Organizations...
 

Destaque

The Psychology Of Security Bruce Schneier
The Psychology Of Security Bruce SchneierThe Psychology Of Security Bruce Schneier
The Psychology Of Security Bruce SchneierLarry Taylor Ph.D.
 
What is Email Header - Understanding Email Anatomy
What is Email Header - Understanding Email AnatomyWhat is Email Header - Understanding Email Anatomy
What is Email Header - Understanding Email Anatomyemail_header
 
Collision vulnerability for hash data structures in web platforms
Collision vulnerability for hash data structures in web platformsCollision vulnerability for hash data structures in web platforms
Collision vulnerability for hash data structures in web platformsBerescu Ionut
 
Ch03 Ch06 Des And Others
Ch03 Ch06 Des And OthersCh03 Ch06 Des And Others
Ch03 Ch06 Des And Othersnathanurag
 
Hash Function & Analysis
Hash Function & AnalysisHash Function & Analysis
Hash Function & AnalysisPawandeep Kaur
 
Two factor authentication presentation mcit
Two factor authentication presentation mcitTwo factor authentication presentation mcit
Two factor authentication presentation mcitmmubashirkhan
 

Destaque (10)

The Psychology Of Security Bruce Schneier
The Psychology Of Security Bruce SchneierThe Psychology Of Security Bruce Schneier
The Psychology Of Security Bruce Schneier
 
What is Email Header - Understanding Email Anatomy
What is Email Header - Understanding Email AnatomyWhat is Email Header - Understanding Email Anatomy
What is Email Header - Understanding Email Anatomy
 
Hash crypto
Hash cryptoHash crypto
Hash crypto
 
Collision vulnerability for hash data structures in web platforms
Collision vulnerability for hash data structures in web platformsCollision vulnerability for hash data structures in web platforms
Collision vulnerability for hash data structures in web platforms
 
Hash DoS Attack
Hash DoS AttackHash DoS Attack
Hash DoS Attack
 
Ch03 Ch06 Des And Others
Ch03 Ch06 Des And OthersCh03 Ch06 Des And Others
Ch03 Ch06 Des And Others
 
Hash Function
Hash FunctionHash Function
Hash Function
 
Hash Function & Analysis
Hash Function & AnalysisHash Function & Analysis
Hash Function & Analysis
 
Symmetric and asymmetric key
Symmetric and asymmetric keySymmetric and asymmetric key
Symmetric and asymmetric key
 
Two factor authentication presentation mcit
Two factor authentication presentation mcitTwo factor authentication presentation mcit
Two factor authentication presentation mcit
 

Semelhante a Wall-Street Technology Association (WSTA) Feb-2012

Secure Foundations: Why Red Hat Enterprise Linux is not just another Linux di...
Secure Foundations: Why Red Hat Enterprise Linux is not just another Linux di...Secure Foundations: Why Red Hat Enterprise Linux is not just another Linux di...
Secure Foundations: Why Red Hat Enterprise Linux is not just another Linux di...Lucy Huh Kerner
 
Moving Beyond Migration: Reinventing Process in the Cloud
Moving Beyond Migration: Reinventing Process in the CloudMoving Beyond Migration: Reinventing Process in the Cloud
Moving Beyond Migration: Reinventing Process in the CloudPeter Coffee
 
Sukumar Nayak-Agile-DevOps-Cloud Management
Sukumar Nayak-Agile-DevOps-Cloud ManagementSukumar Nayak-Agile-DevOps-Cloud Management
Sukumar Nayak-Agile-DevOps-Cloud ManagementSukumar Nayak
 
Declare Victory with Big Data
Declare Victory with Big DataDeclare Victory with Big Data
Declare Victory with Big DataJ On The Beach
 
Brighttalk understanding the promise of sde - final
Brighttalk understanding the promise of sde - finalBrighttalk understanding the promise of sde - final
Brighttalk understanding the promise of sde - finalAndrew White
 
Cloud Security: Perception Vs. Reality
Cloud Security: Perception Vs. RealityCloud Security: Perception Vs. Reality
Cloud Security: Perception Vs. RealityInternap
 
Secure design best practices and design patterns
Secure design best practices and design patternsSecure design best practices and design patterns
Secure design best practices and design patternsIntopalo Digital Oy
 
Why the Cloud can be Compliant and Secure
Why the Cloud can be Compliant and SecureWhy the Cloud can be Compliant and Secure
Why the Cloud can be Compliant and SecureInnoTech
 
Evolving Infrastructure and Management for Business Agility
Evolving Infrastructure and Management for Business AgilityEvolving Infrastructure and Management for Business Agility
Evolving Infrastructure and Management for Business AgilityRed Hat India Pvt. Ltd.
 
Plenary_three_Cloud_computing_-_is_social_housing_ready_for_it_-_Phil_Copperw...
Plenary_three_Cloud_computing_-_is_social_housing_ready_for_it_-_Phil_Copperw...Plenary_three_Cloud_computing_-_is_social_housing_ready_for_it_-_Phil_Copperw...
Plenary_three_Cloud_computing_-_is_social_housing_ready_for_it_-_Phil_Copperw...Phil Copperwheat
 
Optimize & Secure Your Hybrid Cloud with Runecast (September 2021)
Optimize & Secure Your Hybrid Cloud with Runecast (September 2021)Optimize & Secure Your Hybrid Cloud with Runecast (September 2021)
Optimize & Secure Your Hybrid Cloud with Runecast (September 2021)Jason Mashak
 
Elastic Security Brochure
Elastic Security BrochureElastic Security Brochure
Elastic Security BrochureJoseph DeFever
 
(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...
(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...
(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...Amazon Web Services
 
Wicsa2011 cloud tutorial
Wicsa2011 cloud tutorialWicsa2011 cloud tutorial
Wicsa2011 cloud tutorialAnna Liu
 
Cloud Is Built, Now Who's Managing It?
Cloud Is Built, Now Who's Managing It?Cloud Is Built, Now Who's Managing It?
Cloud Is Built, Now Who's Managing It?doan_slideshares
 
Predicting the Future of Endpoint Management in a Mobile World
Predicting the Future of Endpoint Management in a Mobile WorldPredicting the Future of Endpoint Management in a Mobile World
Predicting the Future of Endpoint Management in a Mobile WorldQuest
 
Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...
Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...
Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...Cyxtera Technologies
 
[Cloud Summit 2010] Peter Coffee - Sales Force
[Cloud Summit 2010] Peter Coffee - Sales Force[Cloud Summit 2010] Peter Coffee - Sales Force
[Cloud Summit 2010] Peter Coffee - Sales ForceTecla Internet
 

Semelhante a Wall-Street Technology Association (WSTA) Feb-2012 (20)

Secure Foundations: Why Red Hat Enterprise Linux is not just another Linux di...
Secure Foundations: Why Red Hat Enterprise Linux is not just another Linux di...Secure Foundations: Why Red Hat Enterprise Linux is not just another Linux di...
Secure Foundations: Why Red Hat Enterprise Linux is not just another Linux di...
 
Moving Beyond Migration: Reinventing Process in the Cloud
Moving Beyond Migration: Reinventing Process in the CloudMoving Beyond Migration: Reinventing Process in the Cloud
Moving Beyond Migration: Reinventing Process in the Cloud
 
Sukumar Nayak-Agile-DevOps-Cloud Management
Sukumar Nayak-Agile-DevOps-Cloud ManagementSukumar Nayak-Agile-DevOps-Cloud Management
Sukumar Nayak-Agile-DevOps-Cloud Management
 
Declare Victory with Big Data
Declare Victory with Big DataDeclare Victory with Big Data
Declare Victory with Big Data
 
Brighttalk understanding the promise of sde - final
Brighttalk understanding the promise of sde - finalBrighttalk understanding the promise of sde - final
Brighttalk understanding the promise of sde - final
 
VAS - VMware CMP
VAS - VMware CMPVAS - VMware CMP
VAS - VMware CMP
 
htcia-5-2015
htcia-5-2015htcia-5-2015
htcia-5-2015
 
Cloud Security: Perception Vs. Reality
Cloud Security: Perception Vs. RealityCloud Security: Perception Vs. Reality
Cloud Security: Perception Vs. Reality
 
Secure design best practices and design patterns
Secure design best practices and design patternsSecure design best practices and design patterns
Secure design best practices and design patterns
 
Why the Cloud can be Compliant and Secure
Why the Cloud can be Compliant and SecureWhy the Cloud can be Compliant and Secure
Why the Cloud can be Compliant and Secure
 
Evolving Infrastructure and Management for Business Agility
Evolving Infrastructure and Management for Business AgilityEvolving Infrastructure and Management for Business Agility
Evolving Infrastructure and Management for Business Agility
 
Plenary_three_Cloud_computing_-_is_social_housing_ready_for_it_-_Phil_Copperw...
Plenary_three_Cloud_computing_-_is_social_housing_ready_for_it_-_Phil_Copperw...Plenary_three_Cloud_computing_-_is_social_housing_ready_for_it_-_Phil_Copperw...
Plenary_three_Cloud_computing_-_is_social_housing_ready_for_it_-_Phil_Copperw...
 
Optimize & Secure Your Hybrid Cloud with Runecast (September 2021)
Optimize & Secure Your Hybrid Cloud with Runecast (September 2021)Optimize & Secure Your Hybrid Cloud with Runecast (September 2021)
Optimize & Secure Your Hybrid Cloud with Runecast (September 2021)
 
Elastic Security Brochure
Elastic Security BrochureElastic Security Brochure
Elastic Security Brochure
 
(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...
(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...
(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...
 
Wicsa2011 cloud tutorial
Wicsa2011 cloud tutorialWicsa2011 cloud tutorial
Wicsa2011 cloud tutorial
 
Cloud Is Built, Now Who's Managing It?
Cloud Is Built, Now Who's Managing It?Cloud Is Built, Now Who's Managing It?
Cloud Is Built, Now Who's Managing It?
 
Predicting the Future of Endpoint Management in a Mobile World
Predicting the Future of Endpoint Management in a Mobile WorldPredicting the Future of Endpoint Management in a Mobile World
Predicting the Future of Endpoint Management in a Mobile World
 
Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...
Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...
Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...
 
[Cloud Summit 2010] Peter Coffee - Sales Force
[Cloud Summit 2010] Peter Coffee - Sales Force[Cloud Summit 2010] Peter Coffee - Sales Force
[Cloud Summit 2010] Peter Coffee - Sales Force
 

Mais de Joshua McKenty

Open stack + Cloud Foundry: Palo Alto Meetup February 2015
Open stack + Cloud Foundry: Palo Alto Meetup February 2015Open stack + Cloud Foundry: Palo Alto Meetup February 2015
Open stack + Cloud Foundry: Palo Alto Meetup February 2015Joshua McKenty
 
OpenStackDC and Cloud Foundry Meetup -
OpenStackDC and Cloud Foundry Meetup -OpenStackDC and Cloud Foundry Meetup -
OpenStackDC and Cloud Foundry Meetup -Joshua McKenty
 
OpenStack Foundation Transparency Committee Update - January 2014
OpenStack Foundation Transparency Committee Update - January 2014OpenStack Foundation Transparency Committee Update - January 2014
OpenStack Foundation Transparency Committee Update - January 2014Joshua McKenty
 
But What About Docker?
But What About Docker?But What About Docker?
But What About Docker?Joshua McKenty
 
Scale-out Community: Lessons from OpenStack
Scale-out Community: Lessons from OpenStackScale-out Community: Lessons from OpenStack
Scale-out Community: Lessons from OpenStackJoshua McKenty
 
Cloud Power - The Early OpenStack Architecture
Cloud Power - The Early OpenStack ArchitectureCloud Power - The Early OpenStack Architecture
Cloud Power - The Early OpenStack ArchitectureJoshua McKenty
 
MSST-2013 Openstack in the Land of Guilder
MSST-2013 Openstack in the Land of GuilderMSST-2013 Openstack in the Land of Guilder
MSST-2013 Openstack in the Land of GuilderJoshua McKenty
 
vGeek 2013 Tech Talk: Openstack-101
vGeek 2013 Tech Talk: Openstack-101vGeek 2013 Tech Talk: Openstack-101
vGeek 2013 Tech Talk: Openstack-101Joshua McKenty
 
OpenStack: The evolution of computing (Credit Suisse Technology Summit)
OpenStack: The evolution of computing (Credit Suisse Technology Summit)OpenStack: The evolution of computing (Credit Suisse Technology Summit)
OpenStack: The evolution of computing (Credit Suisse Technology Summit)Joshua McKenty
 
WSTA Breakfast Seminar
WSTA Breakfast SeminarWSTA Breakfast Seminar
WSTA Breakfast SeminarJoshua McKenty
 
OpenStack DC - Kickoff Keynote
OpenStack DC - Kickoff KeynoteOpenStack DC - Kickoff Keynote
OpenStack DC - Kickoff KeynoteJoshua McKenty
 
The Power of the Cloud, and Global Risk Modelling in the Open
The Power of the Cloud, and Global Risk Modelling in the OpenThe Power of the Cloud, and Global Risk Modelling in the Open
The Power of the Cloud, and Global Risk Modelling in the OpenJoshua McKenty
 
Open stack security emea launch
Open stack security emea launchOpen stack security emea launch
Open stack security emea launchJoshua McKenty
 
OpenStack Swift - MSST 2011 Tutorial Day
OpenStack Swift - MSST 2011 Tutorial DayOpenStack Swift - MSST 2011 Tutorial Day
OpenStack Swift - MSST 2011 Tutorial DayJoshua McKenty
 
OpenStack: Cloud's Big Tent
OpenStack: Cloud's Big TentOpenStack: Cloud's Big Tent
OpenStack: Cloud's Big TentJoshua McKenty
 
The Space Penguin Odyssey
The Space Penguin OdysseyThe Space Penguin Odyssey
The Space Penguin OdysseyJoshua McKenty
 
Cloud Security - GSFC Presentation, Sept 23 2009
Cloud Security - GSFC Presentation, Sept 23 2009Cloud Security - GSFC Presentation, Sept 23 2009
Cloud Security - GSFC Presentation, Sept 23 2009Joshua McKenty
 

Mais de Joshua McKenty (19)

Open stack + Cloud Foundry: Palo Alto Meetup February 2015
Open stack + Cloud Foundry: Palo Alto Meetup February 2015Open stack + Cloud Foundry: Palo Alto Meetup February 2015
Open stack + Cloud Foundry: Palo Alto Meetup February 2015
 
OpenStackDC and Cloud Foundry Meetup -
OpenStackDC and Cloud Foundry Meetup -OpenStackDC and Cloud Foundry Meetup -
OpenStackDC and Cloud Foundry Meetup -
 
OpenStack Foundation Transparency Committee Update - January 2014
OpenStack Foundation Transparency Committee Update - January 2014OpenStack Foundation Transparency Committee Update - January 2014
OpenStack Foundation Transparency Committee Update - January 2014
 
But What About Docker?
But What About Docker?But What About Docker?
But What About Docker?
 
Scale-out Community: Lessons from OpenStack
Scale-out Community: Lessons from OpenStackScale-out Community: Lessons from OpenStack
Scale-out Community: Lessons from OpenStack
 
Cloud Power - The Early OpenStack Architecture
Cloud Power - The Early OpenStack ArchitectureCloud Power - The Early OpenStack Architecture
Cloud Power - The Early OpenStack Architecture
 
MSST-2013 Openstack in the Land of Guilder
MSST-2013 Openstack in the Land of GuilderMSST-2013 Openstack in the Land of Guilder
MSST-2013 Openstack in the Land of Guilder
 
vGeek 2013 Tech Talk: Openstack-101
vGeek 2013 Tech Talk: Openstack-101vGeek 2013 Tech Talk: Openstack-101
vGeek 2013 Tech Talk: Openstack-101
 
OpenStack: The evolution of computing (Credit Suisse Technology Summit)
OpenStack: The evolution of computing (Credit Suisse Technology Summit)OpenStack: The evolution of computing (Credit Suisse Technology Summit)
OpenStack: The evolution of computing (Credit Suisse Technology Summit)
 
WSTA Breakfast Seminar
WSTA Breakfast SeminarWSTA Breakfast Seminar
WSTA Breakfast Seminar
 
Arista Piston Webinar
Arista Piston WebinarArista Piston Webinar
Arista Piston Webinar
 
Open Stack DC
Open Stack DCOpen Stack DC
Open Stack DC
 
OpenStack DC - Kickoff Keynote
OpenStack DC - Kickoff KeynoteOpenStack DC - Kickoff Keynote
OpenStack DC - Kickoff Keynote
 
The Power of the Cloud, and Global Risk Modelling in the Open
The Power of the Cloud, and Global Risk Modelling in the OpenThe Power of the Cloud, and Global Risk Modelling in the Open
The Power of the Cloud, and Global Risk Modelling in the Open
 
Open stack security emea launch
Open stack security emea launchOpen stack security emea launch
Open stack security emea launch
 
OpenStack Swift - MSST 2011 Tutorial Day
OpenStack Swift - MSST 2011 Tutorial DayOpenStack Swift - MSST 2011 Tutorial Day
OpenStack Swift - MSST 2011 Tutorial Day
 
OpenStack: Cloud's Big Tent
OpenStack: Cloud's Big TentOpenStack: Cloud's Big Tent
OpenStack: Cloud's Big Tent
 
The Space Penguin Odyssey
The Space Penguin OdysseyThe Space Penguin Odyssey
The Space Penguin Odyssey
 
Cloud Security - GSFC Presentation, Sept 23 2009
Cloud Security - GSFC Presentation, Sept 23 2009Cloud Security - GSFC Presentation, Sept 23 2009
Cloud Security - GSFC Presentation, Sept 23 2009
 

Último

Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 

Último (20)

Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 

Wall-Street Technology Association (WSTA) Feb-2012

  • 1. ―If you think technology can solve your security problems, then you don’t understand the problems and you don’t understand the technology.‖ – Bruce Schneier
  • 2. EVERYTHING OLD IS NEW AGAIN: Risk, Compliance, and Complexity Me: Joshua McKenty Twitter: @jmckenty Email: joshua@pistoncloud.com Former Chief Architect, NASA Nebula Founding Member, OpenStack OpenStack Project Policy Board CEO, Piston Cloud Computing, Inc.
  • 3. Step 1: Define Cloud ―Self-service provisioning of multi-tenant IT infrastructure and applications via HTTP.‖ Step 2: Consider Your Cloud Options Public Cloud Community Cloud Hosted Private Cloud On-premise Private cloud
  • 4. Step 3: Examine the risks Increased Insider Threat Complexity Risk Compliance Challenges Liability and Forensics ―…security and compliance costs continue to grow at a rate three times faster than that of IT budgets.‖ - IBM
  • 5. Five-Actor Model Vendor End-User Operator DevOps Auditor User
  • 6. Off Premise IT: A Matrix of Insiders Physical Host Access Guest Access Application Access Access Your Employees X X Your Contractors X X Managed Services ? X Provider Cloud Service X X X Providers External Auditor X X X Other Cloud ? ? Users DC Operators X ?
  • 7. Complexity Risk ―If we don’t understand the cross-cutting effects and inherent contradictions in all of the stringent standards now being written into final form, we risk doing real damage to the sound, stable and — yes — profitable financial industry regulators say they support and the economies sorely need.‖ - Karen Petrou, Federal Financial Analytics ―Complexity is holding our industry back right now. A lot of what is bought and paid for doesn't get implemented because of complexity. Maybe this is the industry's biggest challenge.‖ - Ray Lane, Kleiner Perkins Caufield & Byers
  • 8. YOUR VENDOR IS THE ENEMY Trivial Solution: Add a root kit Guest Agent == Root Kit SaaS Logging == Root Kit Cloud Orchestration Agent == Root Kit Monitoring Agent == Root Kit Real Solution: Attack Complexity Cloud can be evolutionary (not revolutionary) Fight sprawl with strong standards Use automation and standards to reduce the number of privileged users and applications Limit choice – one hypervisor, two base O/S, three application stacks
  • 9. Logging in Depth Network Host Operating System Guest Operating System User and application events Cloud Orchestration Application Layer
  • 10. Audit in Depth, with Standards Audit at all layers Host Environment Cloud Management Guest Environment Orchestration Trust no one – even in Test and Dev Data-at-rest encryption Data integrity validation Hardened base O/S images
  • 11. The Stack of Concerns Application DevOps Application Server Guest OS Hypervisor Operator Storage Infrastructure Host OS Physical Server
  • 12. Key Takeaways Complexity is the enemy Adding rootkits is the wrong solution Use automation to limit access Simplify services using Pareto’s Law
  • 13. Piston Enterprise OS Secure Cloud Operating System Designed for Enterprise Private Clouds Built on OpenStack Piston Cloud Computing, Inc. Former NASA Researchers Developed first FISMA-certified Cloud Founders of OpenStack
  • 14. Opinionated Software One hypervisor No host OS access One reference architecture
  • 15. Questions? ―We can only see a short distance ahead, but we can see plenty there that needs to be done.‖ – Alan Turing

Notas do Editor

  1. I have 30 minutes for a 2 hour talk, so I’ll cover this at a high level, and I’ll make myself available for more detailed questions afterwards.