Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cloud Security Planning

Published byHorst Franke Modified over 6 years ago

Similar presentations

Presentation on theme: "Cloud Security Planning"— Presentation transcript:

1 Cloud Security Planning
Scott Morley – Principal Application Architect

2 Agenda Understanding the Cloud perimeter Default insecurity
Defense in depth RBAC importance Encryption Azure Security Center vCISO

3 OneNeck® IT Solutions at a Glance
Providing hybrid IT Solutions to mid-market & enterprise-sized companies Backed by the Fortune 1000® strength of Telephone and Data Systems [NYSE: TDS] Formed in 2010 through strategic acquisitions; each doing business over 15 years Headquartered in Madison, Wisconsin Nearly 550 employees 8 data centers in 6 states Coast-to-coast presence  OneNeck IT Solutions at a Glance A little about us … We provide hybrid IT Solutions to mid-market and enterprise-sized companies We are backed by Telephone and Data Systems, #504 on the most recent Fortune 1000 list Though OneNeck IT Solutions (as it’s known today) was just formed in 2014, the companies which make up OneNeck have been doing business for more than 20 years, dating back to 1993. We have a presence in 15 states and 9 data centers strategically located across the country We employ more than 600 people and have over 400 technical resources

4 Setting the Baseline VS

5 The Perimeter Internet/ExpressRoute VPN/RDP/HTTPs VPN

6 Open by Default RDP or HTTPS open to the world
Can be adjusted by templates ACLs are generally IP based VPN/Express Route/Direct Connect

7 Defense in Depth Maintained security policies and standards
Employee training and awareness Network perimeter defenses (ACL) Malware defenses Risk assessments Vulnerability management Penetration Testing Data encryption (in motion and at rest) MFA Backups

8 Role Based Authentication
RBAC is more for subscription level access Different for OS/Application level Easy to get out of control Main roles: Owner/Admin Contributor Billing Read Only

9 Encryption File system Drives Databases Communication
Implement a key management practice

10 Azure Security Center Cross location security monitoring
Cross location security monitoring Includes traditional security systems Uses advanced ML/AI capabilities Tracks usage patterns

11 Virtual Chief Information Security Officer
vCISO Security as a Service Can’t justify full time position Prevent head in the sand syndrome Benefit of group knowledge Understanding of your business

12

Download ppt "Cloud Security Planning"

Similar presentations

Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.

Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.
Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.

Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.
Didzis Balodis, CISSP, Head of IT Security and Infrastructure at SQUALIO Using the Cloud - practical security implications.

Didzis Balodis, CISSP, Head of IT Security and Infrastructure at SQUALIO Using the Cloud - practical security implications.
Cloud Computing How secure is it? Author: Marziyeh Arabnejad Revised/Edited: James Childress April 2014 Tandy School of Computer Science.

Cloud Computing How secure is it? Author: Marziyeh Arabnejad Revised/Edited: James Childress April 2014 Tandy School of Computer Science.
Chapter 2 Information Security Overview The Executive Guide to Information Security manual.

Chapter 2 Information Security Overview The Executive Guide to Information Security manual.
Current Job Components Information Technology Department Network Systems Administration Telecommunications Database Design and Administration.

Current Job Components Information Technology Department Network Systems Administration Telecommunications Database Design and Administration.
Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.

Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.
Enterprise Risk Management & IT Compliance March 30, 2010 Presented by: Ken Rowe, Director Enterprise Systems Assurance & Chief Security Officer University.

Enterprise Risk Management & IT Compliance March 30, 2010 Presented by: Ken Rowe, Director Enterprise Systems Assurance & Chief Security Officer University.
Kacper Rams, Matt Starr, Megan Stephens. Overview BYOD Introduction Risks Controls.

Kacper Rams, Matt Starr, Megan Stephens. Overview BYOD Introduction Risks Controls.
Put your company logo here Confidential Data Upgrade from 8.x to 9.0.

Put your company logo here Confidential Data Upgrade from 8.x to 9.0.
12 Steps to Cloud Security A guide to securing your Cloud Deployment Vishnu Vettrivel Principal Engineering Lead,

12 Steps to Cloud Security A guide to securing your Cloud Deployment Vishnu Vettrivel Principal Engineering Lead,
CIO Perspectives on Security Fabrício Brasileiro Regional Sales Manager.

CIO Perspectives on Security Fabrício Brasileiro Regional Sales Manager.
Nov 22/26 Tech Forum 2015 Roberto Trinconi Cloud the New Path to the Business Leadership.

Nov 22/26 Tech Forum 2015 Roberto Trinconi Cloud the New Path to the Business Leadership.
BYOD: An IT Security Perspective. What is BYOD? Bring your own device - refers to the policy of permitting employees to bring personally owned mobile.

BYOD: An IT Security Perspective. What is BYOD? Bring your own device - refers to the policy of permitting employees to bring personally owned mobile.
© ITT Educational Services, Inc. All rights reserved. IS3220 Information Technology Infrastructure Security Unit 10 Network Security Management.

© ITT Educational Services, Inc. All rights reserved. IS3220 Information Technology Infrastructure Security Unit 10 Network Security Management.
Chapter 15 Telecommunication Department Management.

Chapter 15 Telecommunication Department Management.
WINDOWS AZURE AND THE HYBRID CLOUD. Hybrid Concepts and Cloud Services.

WINDOWS AZURE AND THE HYBRID CLOUD. Hybrid Concepts and Cloud Services.
Clouding with Microsoft Azure

Clouding with Microsoft Azure
Azure Stack Foundation

Azure Stack Foundation
EAST AFRICAN DATA HANDLERS DATA SECURITY/MOBILITY

EAST AFRICAN DATA HANDLERS DATA SECURITY/MOBILITY

Similar presentations

Ads by Google