SlideShare a Scribd company logo

Portuguese Cloud Computing Architects - 2nd Meeting

Download as ODP, PDF
Vitor Domingos, profile picture
Vitor Domingos

- The document discusses cloud computing and security issues related to cloud computing. It provides definitions of cloud computing and examples of different cloud service models like SaaS, PaaS, and IaaS. - Key security issues mentioned include trust, multi-tenancy, encryption, compliance, loss of physical control, and accountability. Challenges discussed include data privacy laws, isolation management, certification, data ownership, and service outages. - Recommendations provided include using VPNs and VLANs, carefully reading SLA terms, backing up data often, logging out securely, sandboxing, and trusting only after planning, encrypting, backing up, securing, and auditing.

Technology
1 of 41
Downloaded 13 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
- Weather forecast - partly cloudy, cooler and with some fog by Vitor Domingos weatherman
Vitor Domingos [email_address] http://vitordomingos.com - cloud computing & security consultant - thenextweb.com editor - mobilemonday.net PT founder - videocaster (http://alt.prt.sc) - ex failed entrepreneur - ex ITIJ / MJ - ex CGD - ex forumB2B - ex Maxitel - ex Jazztel
 
 
 
 
* as seen on regular weather channel
 
 
 
 
 
 
 
 
Cloud Computing is ? - Network as a “cloud” - Network is the computer (SUN moto) - TCP/IP abstraction (1 st cloud) - www data abstraction (2 nd cloud) - Virtualization (3 rd cloud) Bottom line: - Virtualization done right, with webservices
Cloud Computing is ! - on-demand self-service - ubiquitous network access - location independent resource pooling - rapid elasticity and capacity - measured service - pay as you go - abstract resources
 
CCaaS - Software as a Service - SalesForce - Platform as a Service - Google App Engine - Microsoft Azure - Infrastructure as a Service - Rackspace Mosso - Amazon Web Services
 
Cloud Computing leverages - Virtualization - Multi-Tenancy - Massive Scale - Autonomic Computing - Distributed Environment - Security Technologies - Service Oriented
 
Security in the Cloud
Only the paranoid survive! - Key issues trust, trust, multi-tenancy, trust, encryption, compliance - Massive complex systems running on functional units - Certification & Audit - Loss of physical control - Interoperability - Accountability
please, keep in mind that - Shared hell: - Hardware - Memory - Disks - NIC's (Virtual) - Cache Snooping - Hypervisor Attacks - Persistent Root Kits - Password Cracking - Broken or stolen key rings / authorization federation - Never ending logs
 
Great things do come - Provisioning and fault tolerance - Rapid reconstitution of services - Storage fragmented - Security layers (auth, firewall, logging, …) - Network and Security perimeters - Virtual Zoning - Think it all over again
 
Challenges - Data dispersal and international privacy laws - Isolation management & Multi-Tenancy - Certification (SAS 70 Type II audits and ISO 27001) - Data ownership - QoS & SLA's garantees - Secure Hypervisors - Credentials
 
 
Challenges - Massive outages - Service bottle necks; DNS as your best friend - Encryption needs cloud resources, applications, storage, services - Disaster recovery and contingency plans - If you have it on Auto mode, you won't see it coming - Honey for hackers
 
 
 
 
ToDo - Network with VPN and VLAN's - SLA's; read the fine prints - Backup and recover often; Risk assessment - Log (out of there) as if the world ended tomorrow - Plan for failure - YOU secure!!! Encrypt data before transmission!!! - Sandbox, Sandbox, Sandbox
You're not alone - Security Groups IBM; SUN Oracle ; Amazon; PCCA; ICCV - Cloud Security Alliance (awesome guide!!) - OpenCloud Manifesto & Amazon Security Paper - Cloud Computing ML at Google Groups - Legal Cloud's - Vivek Kundra - USA CTO, did it, so as Facebook, New York Times and Nasdaq (on AWS)
 
Wrap up - Plan - Encrypt - Backup - Secure - Audit - Sandbox (check my sapo codebits talk) - http://codebits.sapo.pt/files/aws_23.pdf - Trust
? mail: [email_address] site: http://vitordomingos.com

More Related Content

ODP
Blockchain @ Descon 2016
P-e-t-a-r
 
PPTX
DevOps for a Dummy
Rory Gibson
 
PPTX
ISACA Cloud Security Presentation 2013-09-24
Major Hayden
 
PDF
Cloudoc supermicro mini_svr_appliance_Eng
sang yoo
 
PPTX
Eurocsys weather forecast
Karen Salas Perez
 
PPT
Morning Weather News Report
Ivonne Corichi
 
PPT
Weather Maps and Symbols
Elizabeth Cortez
 
PDF
Present Like A Newscaster
Empowered Presentations
 
Blockchain @ Descon 2016
P-e-t-a-r
 
DevOps for a Dummy
Rory Gibson
 
ISACA Cloud Security Presentation 2013-09-24
Major Hayden
 
Cloudoc supermicro mini_svr_appliance_Eng
sang yoo
 
Eurocsys weather forecast
Karen Salas Perez
 
Morning Weather News Report
Ivonne Corichi
 
Weather Maps and Symbols
Elizabeth Cortez
 
Present Like A Newscaster
Empowered Presentations
 

Similar to Portuguese Cloud Computing Architects - 2nd Meeting (20)

PDF
Confraria Security 17 June - Cloud Security
Vitor Domingos
 
PPTX
Why the cloud is more secure than your existing systems
Ernest Mueller
 
PDF
Cloud Breach - Forensics Audit Planning
Valdez Ladd MBA, CISSP, CISA,
 
PPTX
Gluing the IoT world with Java and LoRaWAN
Pance Cavkovski
 
PDF
Good-cyber-hygiene-at-scale-and-speed
James '​-- Mckinlay
 
PPTX
Automate or die! Rootedcon 2017
Toni de la Fuente
 
PPTX
Toni de la Fuente - Automate or die! How to survive to an attack in the Cloud...
RootedCON
 
PPTX
Control the Creep: Streamline Security and Compliance by Sharing the Workload
aregnerus
 
PDF
JOSA TechTalks - Downgrade your Costs
Jordan Open Source Association
 
PDF
CloudCamp Chicago Jan 2015 - The Guts of the Cloud (full slides)
CloudCamp Chicago
 
PDF
Usage Based Metering in the Cloud (Subscribed13)
Zuora, Inc.
 
PDF
Securing Millions of Devices
Kai Hudalla
 
PDF
OpenNebulaConf 2014 - From private cloud to laaS public services for Catalan ...
OpenNebula Project
 
PDF
OpenNebula Conf 2014 | From private cloud to laaS public services for Catalan...
NETWAYS
 
PDF
Cloud Computing
harit66
 
PDF
Cloud Computing and Security - by KLC Consulting
kylelai
 
PDF
Cloud Standards and Virtualization
Peter Tröger
 
PDF
[OpenStack Day in Korea 2015] Keynote 2 - Leveraging OpenStack to Realize the...
OpenStack Korea Community
 
PPTX
Cloud Spotting 2017: An overview of cloud computing
Patrice Kerremans
 
PPTX
Best Practices in Secure Cloud Migration
CloudHesive
 
Confraria Security 17 June - Cloud Security
Vitor Domingos
 
Why the cloud is more secure than your existing systems
Ernest Mueller
 
Cloud Breach - Forensics Audit Planning
Valdez Ladd MBA, CISSP, CISA,
 
Gluing the IoT world with Java and LoRaWAN
Pance Cavkovski
 
Good-cyber-hygiene-at-scale-and-speed
James '​-- Mckinlay
 
Automate or die! Rootedcon 2017
Toni de la Fuente
 
Toni de la Fuente - Automate or die! How to survive to an attack in the Cloud...
RootedCON
 
Control the Creep: Streamline Security and Compliance by Sharing the Workload
aregnerus
 
JOSA TechTalks - Downgrade your Costs
Jordan Open Source Association
 
CloudCamp Chicago Jan 2015 - The Guts of the Cloud (full slides)
CloudCamp Chicago
 
Usage Based Metering in the Cloud (Subscribed13)
Zuora, Inc.
 
Securing Millions of Devices
Kai Hudalla
 
OpenNebulaConf 2014 - From private cloud to laaS public services for Catalan ...
OpenNebula Project
 
OpenNebula Conf 2014 | From private cloud to laaS public services for Catalan...
NETWAYS
 
Cloud Computing
harit66
 
Cloud Computing and Security - by KLC Consulting
kylelai
 
Cloud Standards and Virtualization
Peter Tröger
 
[OpenStack Day in Korea 2015] Keynote 2 - Leveraging OpenStack to Realize the...
OpenStack Korea Community
 
Cloud Spotting 2017: An overview of cloud computing
Patrice Kerremans
 
Best Practices in Secure Cloud Migration
CloudHesive
 
Ad

More from Vitor Domingos (15)

PPTX
Methods Digital Away Day at Guildford - Cloud Computing
Vitor Domingos
 
PPTX
My experience
Vitor Domingos
 
PDF
Catolica EBP - Talk
Vitor Domingos
 
PPTX
Harvardmd comunication
Vitor Domingos
 
PPTX
Failure the mother of all success
Vitor Domingos
 
PPTX
How to crunch data into beautiful graphics
Vitor Domingos
 
PPTX
Social Network Panorama
Vitor Domingos
 
PPTX
PT Google Technical User Group - Google TV
Vitor Domingos
 
ODP
Security is sexy again
Vitor Domingos
 
ODP
Confraria Security & IT - Mobile Security
Vitor Domingos
 
PPT
Open Data
Vitor Domingos
 
PDF
Security As A Service
Vitor Domingos
 
PDF
handivi presentation
Vitor Domingos
 
ODP
Products, Services or Platforms
Vitor Domingos
 
ODP
AWS ground zero; EC2 & S3 hands-on
Vitor Domingos
 
Methods Digital Away Day at Guildford - Cloud Computing
Vitor Domingos
 
My experience
Vitor Domingos
 
Catolica EBP - Talk
Vitor Domingos
 
Harvardmd comunication
Vitor Domingos
 
Failure the mother of all success
Vitor Domingos
 
How to crunch data into beautiful graphics
Vitor Domingos
 
Social Network Panorama
Vitor Domingos
 
PT Google Technical User Group - Google TV
Vitor Domingos
 
Security is sexy again
Vitor Domingos
 
Confraria Security & IT - Mobile Security
Vitor Domingos
 
Open Data
Vitor Domingos
 
Security As A Service
Vitor Domingos
 
handivi presentation
Vitor Domingos
 
Products, Services or Platforms
Vitor Domingos
 
AWS ground zero; EC2 & S3 hands-on
Vitor Domingos
 
Ad

Recently uploaded (20)

PDF
How ambidextrous entrepreneurial leaders react to the artificial intelligence...
IAESIJAI
 
PDF
2021 HotChips TSMC Packaging Technologies for Chiplets and 3D_0819 publish_pu...
KeXue5
 
PDF
Developing a website for English-speaking practice to English as a foreign la...
IAESIJAI
 
PPTX
Final SEM Unit 1 for mit wpu at pune .pptx
anishtilekar08
 
PDF
Architecture types and enterprise applications.pdf
ChristopherTHyatt
 
PDF
Hybrid model detection and classification of lung cancer
IAESIJAI
 
PPTX
cloud_computing_Infrastucture_as_cloud_p
mainakbhattacharya20
 
PDF
Zenith AI: Advanced Artificial Intelligence
Biz Preneurs
 
PDF
TrustArc Webinar - Click, Consent, Trust: Winning the Privacy Game
TrustArc
 
PDF
Univ-Connecticut-ChatGPT-Presentaion.pdf
ry7r52mzb4
 
PPTX
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
PDF
Getting started with AI Agents and Multi-Agent Systems
Maxim Salnikov
 
PDF
Assigned Numbers - 2025 - Bluetooth® Document
Bloombase
 
PPTX
The various Industrial Revolutions .pptx
bandileshozi3
 
PDF
Enhancing emotion recognition model for a student engagement use case through...
IAESIJAI
 
PPTX
O2C Customer Invoices to Receipt V15A.pptx
ssuserbfa915
 
PPTX
OMC Textile Division Presentation 2021.pptx
JahangirAlam816069
 
PPTX
1. Introduction to Computer Programming.pptx
bonakiduza1024
 
PDF
gpt5_lecture_notes_comprehensive_20250812015547.pdf
Chinchu40
 
PPTX
MicrosoftCybserSecurityReferenceArchitecture-April-2025.pptx
SilvioHayashi
 
How ambidextrous entrepreneurial leaders react to the artificial intelligence...
IAESIJAI
 
2021 HotChips TSMC Packaging Technologies for Chiplets and 3D_0819 publish_pu...
KeXue5
 
Developing a website for English-speaking practice to English as a foreign la...
IAESIJAI
 
Final SEM Unit 1 for mit wpu at pune .pptx
anishtilekar08
 
Architecture types and enterprise applications.pdf
ChristopherTHyatt
 
Hybrid model detection and classification of lung cancer
IAESIJAI
 
cloud_computing_Infrastucture_as_cloud_p
mainakbhattacharya20
 
Zenith AI: Advanced Artificial Intelligence
Biz Preneurs
 
TrustArc Webinar - Click, Consent, Trust: Winning the Privacy Game
TrustArc
 
Univ-Connecticut-ChatGPT-Presentaion.pdf
ry7r52mzb4
 
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
Getting started with AI Agents and Multi-Agent Systems
Maxim Salnikov
 
Assigned Numbers - 2025 - Bluetooth® Document
Bloombase
 
The various Industrial Revolutions .pptx
bandileshozi3
 
Enhancing emotion recognition model for a student engagement use case through...
IAESIJAI
 
O2C Customer Invoices to Receipt V15A.pptx
ssuserbfa915
 
OMC Textile Division Presentation 2021.pptx
JahangirAlam816069
 
1. Introduction to Computer Programming.pptx
bonakiduza1024
 
gpt5_lecture_notes_comprehensive_20250812015547.pdf
Chinchu40
 
MicrosoftCybserSecurityReferenceArchitecture-April-2025.pptx
SilvioHayashi
 

Portuguese Cloud Computing Architects - 2nd Meeting

  • 1. - Weather forecast - partly cloudy, cooler and with some fog by Vitor Domingos weatherman
  • 2. Vitor Domingos [email_address] http://vitordomingos.com - cloud computing & security consultant - thenextweb.com editor - mobilemonday.net PT founder - videocaster (http://alt.prt.sc) - ex failed entrepreneur - ex ITIJ / MJ - ex CGD - ex forumB2B - ex Maxitel - ex Jazztel
  • 3.  
  • 4.  
  • 5.  
  • 6.  
  • 7. * as seen on regular weather channel
  • 8.  
  • 9.  
  • 10.  
  • 11.  
  • 12.  
  • 13.  
  • 14.  
  • 15.  
  • 16. Cloud Computing is ? - Network as a “cloud” - Network is the computer (SUN moto) - TCP/IP abstraction (1 st cloud) - www data abstraction (2 nd cloud) - Virtualization (3 rd cloud) Bottom line: - Virtualization done right, with webservices
  • 17. Cloud Computing is ! - on-demand self-service - ubiquitous network access - location independent resource pooling - rapid elasticity and capacity - measured service - pay as you go - abstract resources
  • 18.  
  • 19. CCaaS - Software as a Service - SalesForce - Platform as a Service - Google App Engine - Microsoft Azure - Infrastructure as a Service - Rackspace Mosso - Amazon Web Services
  • 20.  
  • 21. Cloud Computing leverages - Virtualization - Multi-Tenancy - Massive Scale - Autonomic Computing - Distributed Environment - Security Technologies - Service Oriented
  • 22.  
  • 24. Only the paranoid survive! - Key issues trust, trust, multi-tenancy, trust, encryption, compliance - Massive complex systems running on functional units - Certification & Audit - Loss of physical control - Interoperability - Accountability
  • 25. please, keep in mind that - Shared hell: - Hardware - Memory - Disks - NIC's (Virtual) - Cache Snooping - Hypervisor Attacks - Persistent Root Kits - Password Cracking - Broken or stolen key rings / authorization federation - Never ending logs
  • 26.  
  • 27. Great things do come - Provisioning and fault tolerance - Rapid reconstitution of services - Storage fragmented - Security layers (auth, firewall, logging, …) - Network and Security perimeters - Virtual Zoning - Think it all over again
  • 28.  
  • 29. Challenges - Data dispersal and international privacy laws - Isolation management & Multi-Tenancy - Certification (SAS 70 Type II audits and ISO 27001) - Data ownership - QoS & SLA's garantees - Secure Hypervisors - Credentials
  • 30.  
  • 31.  
  • 32. Challenges - Massive outages - Service bottle necks; DNS as your best friend - Encryption needs cloud resources, applications, storage, services - Disaster recovery and contingency plans - If you have it on Auto mode, you won't see it coming - Honey for hackers
  • 33.  
  • 34.  
  • 35.  
  • 36.  
  • 37. ToDo - Network with VPN and VLAN's - SLA's; read the fine prints - Backup and recover often; Risk assessment - Log (out of there) as if the world ended tomorrow - Plan for failure - YOU secure!!! Encrypt data before transmission!!! - Sandbox, Sandbox, Sandbox
  • 38. You're not alone - Security Groups IBM; SUN Oracle ; Amazon; PCCA; ICCV - Cloud Security Alliance (awesome guide!!) - OpenCloud Manifesto & Amazon Security Paper - Cloud Computing ML at Google Groups - Legal Cloud's - Vivek Kundra - USA CTO, did it, so as Facebook, New York Times and Nasdaq (on AWS)
  • 39.  
  • 40. Wrap up - Plan - Encrypt - Backup - Secure - Audit - Sandbox (check my sapo codebits talk) - http://codebits.sapo.pt/files/aws_23.pdf - Trust
  • 41. ? mail: [email_address] site: http://vitordomingos.com