SlideShare a Scribd company logo

Cloud security

Download as PPTX, PDF
Franรงois Boucher, profile picture
Franรงois Boucher

The document discusses security best practices for cloud platforms like AWS and Azure. It covers topics like network security using services like VPC and Virtual Network, identity management with IAM and Azure AD, encryption tools, and security monitoring solutions. Best practices for the cloud include enforcing multi-factor authentication, role-based access control, data encryption, and using security tools to inspect configurations and detect vulnerabilities.

Technology
1 of 20
Downloaded 76 times
1
2
3
4
5
Most read
6
Most read
7
8
9
10
11
12
13
14
15
16
17
18
19
20
Cloud Security Whatโ€™s so Funny About PaaS Love & Understanding?
About Us ijaghmani@lixar.com ca.linkedin.com/in/ismail-jaghmani-58a3858 Frank Boucher Cloud Solution Architect Microsoft Azure MVP P-Seller Technical Solution Professional Ismail Jaghmani Sr. Cloud Developer fboucher@lixar.com linkedin.com/in/fboucheros frankysnotes.com
Agenda l Quick Context of Security in the cloud l General Best Practices l Networking Services l Security and Identity Services l Management Tools
SECURITY IS A HOT TOPIC
Security is Shared Responsibility Cloud ProviderCustomer Application & Data Identity & Access Management Operating System, Network & firewall configuration Compute Storage Databases Availability Zones Regions Services Cloud Infrastructure
Application and Data Security Best Practices l Enforce multi-factor authentication l Use role based access control l Use hardware security modules l Manage with Secure Workstations l Enable data encryption
Network Services AWS Virtual Private Cloud (VPC) Azure Virtual Network Description -Network isolation. -Defined rules to satisfy your security needs. -Filter and inspect the outbound and inbound traffic. ExpressRouteDirect Connect Establishes a dedicated, private network connection from a location to the cloud.
Identity Management AWS Identity & Access Management Azure AD/Role-based access control AzureDescription Provides fine-grained access to resources in could. Multi-Factor Authentication Multi-Factor Authentication More than one method of authentication.
Azure Active Directory
AWS IAM
Tools and Data protection AWS Encryption Encryption Description Client Side Encryption Data in transit encryption Storage encryption VM encryption Key Vault Key management services CloudHSM Creates, controls, and protects encryption keys. HSM provides hardware-based key storage. Inspector Security Center Automatically assess Network, VMs, OS and applications configuration for vulnerabilities or deviations from best practices. Azure
Azure Security Center
AWS Inspector
Tools and Data protection AWS CloudTrail CloudWatch Description Collect, track, store, analyze, and deliver metrics and log files. Trusted Advisor Provides analysis of cloud resource configuration and security in compliance with the best practices. Availability, Performance, Security and cost. Azure Log Analytics Advisor
Log Analytics
CloudWatch
AWS Advisor
Azure Advisor
References โ— Common Vulnerabilities and Exposures https://cve.mitre.org/index.html โ— Center for Internet Security (CIS) Benchmarks https://benchmarks.cisecurity.org โ— Azure security best practices and patterns https://docs.microsoft.com/en- us/azure/security/security-best-practices-and-patterns โ— Microsoft Docs https://docs.microsoft.com
Cloud security

More Related Content

PDF
Introduction to Microsoft Azure Cloud
Dinesh Kumar Wickramasinghe
ย 
PDF
Cloud Security: A New Perspective
Wen-Pai Lu
ย 
PPTX
Cloud Security
AWS User Group Bengaluru
ย 
PDF
Microsoft Azure Cloud Services
David J Rosenthal
ย 
PPTX
AWS Cloud Security
AWS Riyadh User Group
ย 
PPT
Intro to Amazon S3
Yu Lun Teo
ย 
PPTX
Azure storage
Raju Kumar
ย 
PPTX
CASB: Securing your cloud applications
Forcepoint LLC
ย 
Introduction to Microsoft Azure Cloud
Dinesh Kumar Wickramasinghe
ย 
Cloud Security: A New Perspective
Wen-Pai Lu
ย 
Cloud Security
AWS User Group Bengaluru
ย 
Microsoft Azure Cloud Services
David J Rosenthal
ย 
AWS Cloud Security
AWS Riyadh User Group
ย 
Intro to Amazon S3
Yu Lun Teo
ย 
Azure storage
Raju Kumar
ย 
CASB: Securing your cloud applications
Forcepoint LLC
ย 

What's hot (20)

PPTX
Cloud Security (Domain1- 5)
Maganathin Veeraragaloo
ย 
PPTX
SEIM-Microsoft Sentinel.pptx
AmrMousa51
ย 
PPTX
Cloud security and security architecture
Vladimir Jirasek
ย 
PDF
Introduction to Azure
Robert Crane
ย 
PPTX
Cloud security Presentation
Ajay p
ย 
PDF
Microsoft Defender and Azure Sentinel
David J Rosenthal
ย 
PPTX
Chap 6 cloud security
Raj Sarode
ย 
PDF
Microsoft Azure Active Directory
David J Rosenthal
ย 
PPTX
Identity and Access Management Introduction
Aidy Tificate
ย 
PDF
Microsoft Zero Trust
David J Rosenthal
ย 
PPTX
Microsoft Cloud Adoption Framework for Azure: Governance Conversation
Nicholas Vossburg
ย 
PPTX
Introduction to Amazon S3
Ashay Shirwadkar
ย 
PPTX
Azure Identity and access management
Dinusha Kumarasiri
ย 
PPTX
Cloud Security
AWS User Group Bengaluru
ย 
PPTX
Azure Security and Management
Allen Brokken
ย 
PPTX
Cloud Security Architecture.pptx
Moshe Ferber
ย 
PDF
Zero Trust Model Presentation
Gowdhaman Jothilingam
ย 
PPSX
Key Challenges In CLOUD COMPUTING
Atul Chounde
ย 
PDF
Aryaka Bringing SASE to Life with a Zero Trust WAN.pdf
KlausSchwegler
ย 
PDF
CISSP Cheatsheet.pdf
shyedshahriar
ย 
Cloud Security (Domain1- 5)
Maganathin Veeraragaloo
ย 
SEIM-Microsoft Sentinel.pptx
AmrMousa51
ย 
Cloud security and security architecture
Vladimir Jirasek
ย 
Introduction to Azure
Robert Crane
ย 
Cloud security Presentation
Ajay p
ย 
Microsoft Defender and Azure Sentinel
David J Rosenthal
ย 
Chap 6 cloud security
Raj Sarode
ย 
Microsoft Azure Active Directory
David J Rosenthal
ย 
Identity and Access Management Introduction
Aidy Tificate
ย 
Microsoft Zero Trust
David J Rosenthal
ย 
Microsoft Cloud Adoption Framework for Azure: Governance Conversation
Nicholas Vossburg
ย 
Introduction to Amazon S3
Ashay Shirwadkar
ย 
Azure Identity and access management
Dinusha Kumarasiri
ย 
Cloud Security
AWS User Group Bengaluru
ย 
Azure Security and Management
Allen Brokken
ย 
Cloud Security Architecture.pptx
Moshe Ferber
ย 
Zero Trust Model Presentation
Gowdhaman Jothilingam
ย 
Key Challenges In CLOUD COMPUTING
Atul Chounde
ย 
Aryaka Bringing SASE to Life with a Zero Trust WAN.pdf
KlausSchwegler
ย 
CISSP Cheatsheet.pdf
shyedshahriar
ย 
Ad

Viewers also liked (13)

PPTX
Azure Redis Cache - Cache on Steroids!
Franรงois Boucher
ย 
PPTX
Application Insights - Real time telemetry for your cross platform applications
Abhijit Jana
ย 
PPTX
Connect the Impossible with Azure Logic App
Franรงois Boucher
ย 
PPTX
Application Insights - Campinas .NET - Marรงo/2017
Renato Groff
ย 
PPTX
Load testing with Visual Studio and Azure - Andrew Siemer
Andrew Siemer
ย 
PPTX
Performance testing with 100,000 concurrent users in AWS
Matthias Matook
ย 
PPTX
DevOps@Work 2017 - Application insights more control, more power
Roberto Albano
ย 
PPTX
Deep-Dive to Application Insights
Gunnar Peipman
ย 
PPTX
Microsoft Azure catch-up
Franรงois Boucher
ย 
PDF
Introduction to Performance testing
silviasiqueirahp
ย 
PPTX
An Introduction to Performance Testing
SWAAM Tech
ย 
PPTX
Introduction to performance testing
Tharinda Liyanage
ย 
PPT
Performance and load testing
sonukalpana
ย 
Azure Redis Cache - Cache on Steroids!
Franรงois Boucher
ย 
Application Insights - Real time telemetry for your cross platform applications
Abhijit Jana
ย 
Connect the Impossible with Azure Logic App
Franรงois Boucher
ย 
Application Insights - Campinas .NET - Marรงo/2017
Renato Groff
ย 
Load testing with Visual Studio and Azure - Andrew Siemer
Andrew Siemer
ย 
Performance testing with 100,000 concurrent users in AWS
Matthias Matook
ย 
DevOps@Work 2017 - Application insights more control, more power
Roberto Albano
ย 
Deep-Dive to Application Insights
Gunnar Peipman
ย 
Microsoft Azure catch-up
Franรงois Boucher
ย 
Introduction to Performance testing
silviasiqueirahp
ย 
An Introduction to Performance Testing
SWAAM Tech
ย 
Introduction to performance testing
Tharinda Liyanage
ย 
Performance and load testing
sonukalpana
ย 
Ad

Similar to Cloud security (20)

PPTX
Practical Security for the Cloud
Chirag Joshi, CISA, CISM, CRISC
ย 
PPTX
Automating your AWS Security Operations
Evident.io
ย 
PDF
Top Cloud Infrastructure Practices And Strategies For Maximum Security.pdf
Forgeahead Solutions
ย 
PPTX
Cloud Security By Dr. Anton Ravindran
GSTF
ย 
DOCX
How to implement cloud computing security
Randall Spence
ย 
PDF
Top 20 Cloud Security Professional Interview Questions and Answers
priyanshamadhwal2
ย 
PDF
Ready to Ace Your Cloud Security Interview.
InfosecTrain
ย 
PDF
Top 20 Cloud Security Professional Interview Q&A.pdf
infosecTrain
ย 
PPTX
A Throwaway Deck for Cloud Security Essentials 2.0 delivered at RSA 2016
Shannon Lietz
ย 
PDF
Cloud security: Accelerating cloud adoption
Dell World
ย 
PPTX
Cloud Security_ Unit 4
Integral university, India
ย 
PPT
What Everyone Ought To Know About Cloud Security
craigbalding
ย 
PDF
The 3 Recommendations for Cloud Security
VAST
ย 
PDF
How We Protect Our Business in the Cloud (The Smart Way)
CyberShield IT
ย 
PDF
Cloud Security - Types, Common Threats & Tips To Mitigate.pdf
DataSpace Academy
ย 
PDF
Cloud_security_v2_chpater_9_s_version.pdf
alkabarala01
ย 
PPTX
Transforming cloud security into an advantage
Moshe Ferber
ย 
PPTX
CSS17: Atlanta - Realities of Security in the Cloud
Alert Logic
ย 
PDF
Azure 101: Shared responsibility in the Azure Cloud
Paulo Renato
ย 
PPT
Cloud computing security - Insights
giorgiacaleffi
ย 
Practical Security for the Cloud
Chirag Joshi, CISA, CISM, CRISC
ย 
Automating your AWS Security Operations
Evident.io
ย 
Top Cloud Infrastructure Practices And Strategies For Maximum Security.pdf
Forgeahead Solutions
ย 
Cloud Security By Dr. Anton Ravindran
GSTF
ย 
How to implement cloud computing security
Randall Spence
ย 
Top 20 Cloud Security Professional Interview Questions and Answers
priyanshamadhwal2
ย 
Ready to Ace Your Cloud Security Interview.
InfosecTrain
ย 
Top 20 Cloud Security Professional Interview Q&A.pdf
infosecTrain
ย 
A Throwaway Deck for Cloud Security Essentials 2.0 delivered at RSA 2016
Shannon Lietz
ย 
Cloud security: Accelerating cloud adoption
Dell World
ย 
Cloud Security_ Unit 4
Integral university, India
ย 
What Everyone Ought To Know About Cloud Security
craigbalding
ย 
The 3 Recommendations for Cloud Security
VAST
ย 
How We Protect Our Business in the Cloud (The Smart Way)
CyberShield IT
ย 
Cloud Security - Types, Common Threats & Tips To Mitigate.pdf
DataSpace Academy
ย 
Cloud_security_v2_chpater_9_s_version.pdf
alkabarala01
ย 
Transforming cloud security into an advantage
Moshe Ferber
ย 
CSS17: Atlanta - Realities of Security in the Cloud
Alert Logic
ย 
Azure 101: Shared responsibility in the Azure Cloud
Paulo Renato
ย 
Cloud computing security - Insights
giorgiacaleffi
ย 

Recently uploaded (20)

PPT
Teaching material agriculture food technology
LiaRayya
ย 
PDF
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
ย 
PDF
CIFDAQ's Market Insight: SEC Turns Pro Crypto
CIFDAQ
ย 
PDF
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
ย 
PPTX
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
ย 
PDF
Encapsulation_ Review paper, used for researhc scholars
gurumoop
ย 
DOCX
The AUB Centre for AI in Media Proposal.docx
GAONE9
ย 
PDF
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
ย 
PDF
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
ย 
PDF
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
ย 
PDF
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
ย 
PPTX
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
ย 
PDF
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
ย 
PDF
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
ย 
PPTX
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
ย 
PDF
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
ย 
PDF
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
ย 
PDF
KodekX | Application Modernization Development
KodekX
ย 
PDF
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
ย 
PPTX
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
ย 
Teaching material agriculture food technology
LiaRayya
ย 
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
ย 
CIFDAQ's Market Insight: SEC Turns Pro Crypto
CIFDAQ
ย 
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
ย 
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
ย 
Encapsulation_ Review paper, used for researhc scholars
gurumoop
ย 
The AUB Centre for AI in Media Proposal.docx
GAONE9
ย 
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
ย 
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
ย 
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
ย 
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
ย 
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
ย 
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
ย 
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
ย 
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
ย 
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
ย 
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
ย 
KodekX | Application Modernization Development
KodekX
ย 
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
ย 
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
ย 

Cloud security

  • 1. Cloud Security Whatโ€™s so Funny About PaaS Love & Understanding?
  • 2. About Us ijaghmani@lixar.com ca.linkedin.com/in/ismail-jaghmani-58a3858 Frank Boucher Cloud Solution Architect Microsoft Azure MVP P-Seller Technical Solution Professional Ismail Jaghmani Sr. Cloud Developer fboucher@lixar.com linkedin.com/in/fboucheros frankysnotes.com
  • 3. Agenda l Quick Context of Security in the cloud l General Best Practices l Networking Services l Security and Identity Services l Management Tools
  • 4. SECURITY IS A HOT TOPIC
  • 5. Security is Shared Responsibility Cloud ProviderCustomer Application & Data Identity & Access Management Operating System, Network & firewall configuration Compute Storage Databases Availability Zones Regions Services Cloud Infrastructure
  • 6. Application and Data Security Best Practices l Enforce multi-factor authentication l Use role based access control l Use hardware security modules l Manage with Secure Workstations l Enable data encryption
  • 7. Network Services AWS Virtual Private Cloud (VPC) Azure Virtual Network Description -Network isolation. -Defined rules to satisfy your security needs. -Filter and inspect the outbound and inbound traffic. ExpressRouteDirect Connect Establishes a dedicated, private network connection from a location to the cloud.
  • 8. Identity Management AWS Identity & Access Management Azure AD/Role-based access control AzureDescription Provides fine-grained access to resources in could. Multi-Factor Authentication Multi-Factor Authentication More than one method of authentication.
  • 11. Tools and Data protection AWS Encryption Encryption Description Client Side Encryption Data in transit encryption Storage encryption VM encryption Key Vault Key management services CloudHSM Creates, controls, and protects encryption keys. HSM provides hardware-based key storage. Inspector Security Center Automatically assess Network, VMs, OS and applications configuration for vulnerabilities or deviations from best practices. Azure
  • 14. Tools and Data protection AWS CloudTrail CloudWatch Description Collect, track, store, analyze, and deliver metrics and log files. Trusted Advisor Provides analysis of cloud resource configuration and security in compliance with the best practices. Availability, Performance, Security and cost. Azure Log Analytics Advisor
  • 19. References โ— Common Vulnerabilities and Exposures https://cve.mitre.org/index.html โ— Center for Internet Security (CIS) Benchmarks https://benchmarks.cisecurity.org โ— Azure security best practices and patterns https://docs.microsoft.com/en- us/azure/security/security-best-practices-and-patterns โ— Microsoft Docs https://docs.microsoft.com

Editor's Notes

  • #4: We need to a Security image here
  • #6: Ismal