SlideShare a Scribd company logo

Software-Defined Security: The New School of Security Designed for DevOps

Download as PPTX, PDF
VMware Tanzu, profile picture
VMware Tanzu

The document discusses the importance of data security in the context of increasing data breaches, highlighting that 95% of breaches involve unencrypted data. It emphasizes the inadequacy of traditional security measures and presents the BOSH platform as a more effective solution for data encryption and protection. Additionally, it notes the significance of compliance and the need for innovative approaches to protect sensitive information in various sectors.

Software
Related topics:
Software Developer
1 of 19
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
Zettaset XCrypt Service Encryption October 7–10, 2019 Austin Convention Center Tim Reilly, COO Maksim Yankovskiy, VP Engineering
Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software, Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Never has DATA been so IMPORTANT
Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software, Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ of the world’s data has been created in the last 2 years 90%
Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software, Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ 16 Zettabytes (16x1021)
The world’s largest taxi company, owns no vehicles. Uber The world’s most popular media owner, creates no content. Alibaba The world’s largest accommodation provider, owns no real estate. Facebook Airbnb The most valuable retailer, has no inventory
Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software, Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Source: Visual Capitalist, Q4 2018
Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software, Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Digital Disruption 10x 1/10th More Innovation The Cost 100xThe Power
Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software, Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ DATARECORDS LOST OR STOLEN SINCE2013 6 million perday onaverage Technology 32% Government 10% Retail 9% Financial 4% Entertainment 3% Healthcare 2% Education 1% Other 39% Every type of organization is exposed Traditional security is no longer sufficient Breaches are growing year-on-year across all sectors Source: Gemalto breachlevelindex, Q1 2018
Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software, Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ UNENCRYPTED DATA 95% of breaches involved unencrypted data Source: breachlevelindex, Q1 2018 Main cause of damages
Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software, Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Largest component of data breach is lost business2018 Survey • Data breaches will increase in frequency & diminish shareholder value • Pessimistic about ability to protect from cyber threats • Cybersecurity is still not considered a strategic priority • Unsecured IoT devices will likely cause a data breach • More investment to achieve regulatory compliance Data Breaches Are Frequent & Costly
Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software, Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ DevOps & Data • Storage platforms – scalable, automated & dynamic • Development data is still data • Dev environment security lags behind production
Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software, Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ How Do Systems Get Breached?
Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software, Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ The Foundation is Trust in Data
Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software, Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Security & Compliance Requirements
Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software, Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Why Not Just Use Traditional Data Protection Tools? • Centralized • Scalability issues • Not data service agnostic • Not cloud native • Complicated
Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software, Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Better Data Protection Through BOSH • Transparency! • Encrypt at runtime • Data service agnostic: work with any data service • Key management – separate but automated • Scales with Pivotal Platform – set up, tear down • No changes to existing processes
Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software, Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ XCrypt BOSH Platform Architecture 1 7 Data Service Instance MySQL, Redis, etc. Virtual Key Manager (KMIP), Soft HSM (PKCS#11) BOSH Release License Server BOSH Release XCrypt Encryption Client for BOSH Add-On persistent storage (encrypted) BOSH Director * deployment key exchange BOSH Agent* * modified CF components, contributed to open-source CF Certificate Authority BOSH Release
Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software, Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ A Word About Containers
Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software, Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Thank you!

More Related Content

PDF
What is a Bot and why you should care
Elisabeth Bitsch-Christensen
 
PPTX
Internet of Things Security: IBM HorizonWatch 2016 Trend Brief
Bill Chamberlin
 
PDF
The UK's Code of Practice for Security in Consumer IoT Products and Services ...
44CON
 
PPTX
The Internet Report: Episode 7 Week of May 4 - May 10
ThousandEyes
 
PDF
Cybersecurity | Cylus: Railway Cybersecurity
Vertex Holdings
 
PPTX
Building Data Environments for Production Microservices with Geode
VMware Tanzu
 
PDF
Cloudflare Partner Program 2020
Dan Hollinger
 
PDF
Capital FM Arena
Cisco Case Studies
 
What is a Bot and why you should care
Elisabeth Bitsch-Christensen
 
Internet of Things Security: IBM HorizonWatch 2016 Trend Brief
Bill Chamberlin
 
The UK's Code of Practice for Security in Consumer IoT Products and Services ...
44CON
 
The Internet Report: Episode 7 Week of May 4 - May 10
ThousandEyes
 
Cybersecurity | Cylus: Railway Cybersecurity
Vertex Holdings
 
Building Data Environments for Production Microservices with Geode
VMware Tanzu
 
Cloudflare Partner Program 2020
Dan Hollinger
 
Capital FM Arena
Cisco Case Studies
 

What's hot (17)

PPTX
Innovate for Cyber Resilience
accenture
 
PDF
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec
 
PPTX
Cisco IoT World Forum 2014: Airwatch Breakout Session
Basil Hashem
 
PPTX
Going Beyond the Cloud to Modernize Your Banking Infrastructure
Cloudflare
 
PDF
The Secure Path to Value in the Cloud by Denny Heaberlin
Cloud Expo
 
PDF
Security, Compliance and Cloud - Jelecos
Erin_Jelecos
 
PDF
Keynotes Akamai Trust No One City Tour
Elisabeth Bitsch-Christensen
 
PDF
Social Engineering and other Foes in the GDPR Year
Massimo Chirivì
 
PDF
Cybersecurity | D-fend: Counter drone solution for urban environments
Vertex Holdings
 
PPTX
[Cisco Connect 2018 - Vietnam] Brink sanders cisco connect opening_keynote_vn_v4
Nur Shiqim Chok
 
PDF
Chris Swan's presentation from the London Tech Entrepreneurs' Meetup
Cohesive Networks
 
PDF
How to Counter Cybersecurity Attacks - Trust No One
Elisabeth Bitsch-Christensen
 
PPTX
Ben goodman cybersecurity in the iiot
MassTLC
 
PPTX
Drones and logistics - What legal issues and how to handle them
Giulio Coraggio
 
PDF
IoT Update | Hoe implementeer je IoT Schaalbaar in je IT landschap
IoT Academy
 
PPTX
Living In a World of Data Exploitation - CPDP 2017
Frederike Kaltheuner
 
PPTX
IoT, arquitectura de solución y cómo enriquecerlo con Confluent
mimacom
 
Innovate for Cyber Resilience
accenture
 
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec
 
Cisco IoT World Forum 2014: Airwatch Breakout Session
Basil Hashem
 
Going Beyond the Cloud to Modernize Your Banking Infrastructure
Cloudflare
 
The Secure Path to Value in the Cloud by Denny Heaberlin
Cloud Expo
 
Security, Compliance and Cloud - Jelecos
Erin_Jelecos
 
Keynotes Akamai Trust No One City Tour
Elisabeth Bitsch-Christensen
 
Social Engineering and other Foes in the GDPR Year
Massimo Chirivì
 
Cybersecurity | D-fend: Counter drone solution for urban environments
Vertex Holdings
 
[Cisco Connect 2018 - Vietnam] Brink sanders cisco connect opening_keynote_vn_v4
Nur Shiqim Chok
 
Chris Swan's presentation from the London Tech Entrepreneurs' Meetup
Cohesive Networks
 
How to Counter Cybersecurity Attacks - Trust No One
Elisabeth Bitsch-Christensen
 
Ben goodman cybersecurity in the iiot
MassTLC
 
Drones and logistics - What legal issues and how to handle them
Giulio Coraggio
 
IoT Update | Hoe implementeer je IoT Schaalbaar in je IT landschap
IoT Academy
 
Living In a World of Data Exploitation - CPDP 2017
Frederike Kaltheuner
 
IoT, arquitectura de solución y cómo enriquecerlo con Confluent
mimacom
 
Ad

Similar to Software-Defined Security: The New School of Security Designed for DevOps (20)

PPTX
Monoliths, Microservices, Events, Functions: What It Takes to Go Through the ...
VMware Tanzu
 
PDF
Beyond Caching: Extending Redis Enterprise for Real-Time Streams Processing
VMware Tanzu
 
PPTX
Security in the Hybrid Cloud at Liberty Mutual
VMware Tanzu
 
PPTX
Data Modernization for Spring-Based Microservices on Pivotal Platform
VMware Tanzu
 
PPTX
The Cloud Challenge
VMware Tanzu
 
PDF
Highly Available and Resilient Multi-Site Deployments Using Spinnaker
VMware Tanzu
 
PPTX
It’s a Multi-Cloud World, But What About The Data?
VMware Tanzu
 
PPTX
Tea Ceremonies: Steeping IT Ops in Your Developer's Hot Water
VMware Tanzu
 
PPTX
Experience + Education = Empowerment
VMware Tanzu
 
PDF
Achieving High Throughput With Reliability In Transactional Systems
VMware Tanzu
 
PDF
AutoZone and the Road to Cloud Native
VMware Tanzu
 
PDF
Cross-Platform Observability for Cloud Foundry
VMware Tanzu
 
PPTX
Securing Pivotal Platform at Prime Therapeutics
VMware Tanzu
 
PDF
Fast 5 Things You Can Do Now to Get Ready for the Cloud
VMware Tanzu
 
PDF
Accelerating the Developers' Road to the Cloud at Enterprise Scale
VMware Tanzu
 
PPTX
How to Manage Microservices and APIs with Apigee and Istio
VMware Tanzu
 
PDF
Architectures That Bend but Don't Break
Matt Stine
 
PDF
Spring Cloud Gateway - Stéphane Maldini
VMware Tanzu
 
PDF
Lattice: A Cloud-Native Platform for Your Spring Applications
Matt Stine
 
PDF
Spring Cloud Gateway
Stéphane Maldini
 
Monoliths, Microservices, Events, Functions: What It Takes to Go Through the ...
VMware Tanzu
 
Beyond Caching: Extending Redis Enterprise for Real-Time Streams Processing
VMware Tanzu
 
Security in the Hybrid Cloud at Liberty Mutual
VMware Tanzu
 
Data Modernization for Spring-Based Microservices on Pivotal Platform
VMware Tanzu
 
The Cloud Challenge
VMware Tanzu
 
Highly Available and Resilient Multi-Site Deployments Using Spinnaker
VMware Tanzu
 
It’s a Multi-Cloud World, But What About The Data?
VMware Tanzu
 
Tea Ceremonies: Steeping IT Ops in Your Developer's Hot Water
VMware Tanzu
 
Experience + Education = Empowerment
VMware Tanzu
 
Achieving High Throughput With Reliability In Transactional Systems
VMware Tanzu
 
AutoZone and the Road to Cloud Native
VMware Tanzu
 
Cross-Platform Observability for Cloud Foundry
VMware Tanzu
 
Securing Pivotal Platform at Prime Therapeutics
VMware Tanzu
 
Fast 5 Things You Can Do Now to Get Ready for the Cloud
VMware Tanzu
 
Accelerating the Developers' Road to the Cloud at Enterprise Scale
VMware Tanzu
 
How to Manage Microservices and APIs with Apigee and Istio
VMware Tanzu
 
Architectures That Bend but Don't Break
Matt Stine
 
Spring Cloud Gateway - Stéphane Maldini
VMware Tanzu
 
Lattice: A Cloud-Native Platform for Your Spring Applications
Matt Stine
 
Spring Cloud Gateway
Stéphane Maldini
 
Ad

More from VMware Tanzu (20)

PDF
Spring into AI presented by Dan Vega 5/14
VMware Tanzu
 
PDF
What AI Means For Your Product Strategy And What To Do About It
VMware Tanzu
 
PDF
Make the Right Thing the Obvious Thing at Cardinal Health 2023
VMware Tanzu
 
PPTX
Enhancing DevEx and Simplifying Operations at Scale
VMware Tanzu
 
PDF
Spring Update | July 2023
VMware Tanzu
 
PPTX
Platforms, Platform Engineering, & Platform as a Product
VMware Tanzu
 
PPTX
Building Cloud Ready Apps
VMware Tanzu
 
PDF
Spring Boot 3 And Beyond
VMware Tanzu
 
PDF
Spring Cloud Gateway - SpringOne Tour 2023 Charles Schwab.pdf
VMware Tanzu
 
PDF
Simplify and Scale Enterprise Apps in the Cloud | Boston 2023
VMware Tanzu
 
PDF
Simplify and Scale Enterprise Apps in the Cloud | Seattle 2023
VMware Tanzu
 
PPTX
tanzu_developer_connect.pptx
VMware Tanzu
 
PDF
Tanzu Virtual Developer Connect Workshop - French
VMware Tanzu
 
PDF
Tanzu Developer Connect Workshop - English
VMware Tanzu
 
PDF
Virtual Developer Connect Workshop - English
VMware Tanzu
 
PDF
Tanzu Developer Connect - French
VMware Tanzu
 
PDF
Simplify and Scale Enterprise Apps in the Cloud | Dallas 2023
VMware Tanzu
 
PDF
SpringOne Tour: Deliver 15-Factor Applications on Kubernetes with Spring Boot
VMware Tanzu
 
PDF
SpringOne Tour: The Influential Software Engineer
VMware Tanzu
 
PDF
SpringOne Tour: Domain-Driven Design: Theory vs Practice
VMware Tanzu
 
Spring into AI presented by Dan Vega 5/14
VMware Tanzu
 
What AI Means For Your Product Strategy And What To Do About It
VMware Tanzu
 
Make the Right Thing the Obvious Thing at Cardinal Health 2023
VMware Tanzu
 
Enhancing DevEx and Simplifying Operations at Scale
VMware Tanzu
 
Spring Update | July 2023
VMware Tanzu
 
Platforms, Platform Engineering, & Platform as a Product
VMware Tanzu
 
Building Cloud Ready Apps
VMware Tanzu
 
Spring Boot 3 And Beyond
VMware Tanzu
 
Spring Cloud Gateway - SpringOne Tour 2023 Charles Schwab.pdf
VMware Tanzu
 
Simplify and Scale Enterprise Apps in the Cloud | Boston 2023
VMware Tanzu
 
Simplify and Scale Enterprise Apps in the Cloud | Seattle 2023
VMware Tanzu
 
tanzu_developer_connect.pptx
VMware Tanzu
 
Tanzu Virtual Developer Connect Workshop - French
VMware Tanzu
 
Tanzu Developer Connect Workshop - English
VMware Tanzu
 
Virtual Developer Connect Workshop - English
VMware Tanzu
 
Tanzu Developer Connect - French
VMware Tanzu
 
Simplify and Scale Enterprise Apps in the Cloud | Dallas 2023
VMware Tanzu
 
SpringOne Tour: Deliver 15-Factor Applications on Kubernetes with Spring Boot
VMware Tanzu
 
SpringOne Tour: The Influential Software Engineer
VMware Tanzu
 
SpringOne Tour: Domain-Driven Design: Theory vs Practice
VMware Tanzu
 

Recently uploaded (20)

PDF
Navsoft: AI-Powered Business Solutions & Custom Software Development
Navsoft
 
PDF
Design an Analysis of Algorithms I-SECS-1021-03
DilanEscobar1
 
PPTX
Operating system designcfffgfgggggggvggggggggg
rmskumara09
 
PPTX
Oracle E-Business Suite: A Comprehensive Guide for Modern Enterprises
Conacent Consulting
 
PPTX
Computer Software and OS of computer science of grade 11.pptx
GauravDahal9
 
PPTX
CHAPTER 2 - PM Management and IT Context
KevinPutra14
 
PDF
Odoo Companies in India – Driving Business Transformation.pdf
azhuhardeen1968
 
PPTX
L1 - Introduction to python Backend.pptx
MoizAhmed480282
 
PDF
How to Choose the Right IT Partner for Your Business in Malaysia
Asian Business Services & Technologies
 
PDF
Adobe Premiere Pro 2025 (v24.5.0.057) Crack free
ghrom2211g
 
PDF
Upgrade and Innovation Strategies for SAP ERP Customers
Virendra Rai, PMP
 
PDF
Adobe Illustrator 28.6 Crack My Vision of Vector Design
ghrom2211g
 
PDF
top salesforce developer skills in 2025.pdf
CloudMetic
 
PDF
wealthsignaloriginal-com-DS-text-... (1).pdf
skmiani786
 
PDF
Digital Strategies for Manufacturing Companies
Virendra Rai, PMP
 
PPTX
ai tools demonstartion for schools and inter college
harshavardhanreddyka11
 
PPTX
Reimagine Home Health with the Power of Agentic AI​
AutomationEdge Technologies
 
PDF
Wondershare Filmora 15 Crack With Activation Key [2025
ghrom2211g
 
PDF
Digital Systems & Binary Numbers (comprehensive )
fyfhqfhtv2
 
PDF
Softaken Excel to vCard Converter Software.pdf
markwillsonmw004
 
Navsoft: AI-Powered Business Solutions & Custom Software Development
Navsoft
 
Design an Analysis of Algorithms I-SECS-1021-03
DilanEscobar1
 
Operating system designcfffgfgggggggvggggggggg
rmskumara09
 
Oracle E-Business Suite: A Comprehensive Guide for Modern Enterprises
Conacent Consulting
 
Computer Software and OS of computer science of grade 11.pptx
GauravDahal9
 
CHAPTER 2 - PM Management and IT Context
KevinPutra14
 
Odoo Companies in India – Driving Business Transformation.pdf
azhuhardeen1968
 
L1 - Introduction to python Backend.pptx
MoizAhmed480282
 
How to Choose the Right IT Partner for Your Business in Malaysia
Asian Business Services & Technologies
 
Adobe Premiere Pro 2025 (v24.5.0.057) Crack free
ghrom2211g
 
Upgrade and Innovation Strategies for SAP ERP Customers
Virendra Rai, PMP
 
Adobe Illustrator 28.6 Crack My Vision of Vector Design
ghrom2211g
 
top salesforce developer skills in 2025.pdf
CloudMetic
 
wealthsignaloriginal-com-DS-text-... (1).pdf
skmiani786
 
Digital Strategies for Manufacturing Companies
Virendra Rai, PMP
 
ai tools demonstartion for schools and inter college
harshavardhanreddyka11
 
Reimagine Home Health with the Power of Agentic AI​
AutomationEdge Technologies
 
Wondershare Filmora 15 Crack With Activation Key [2025
ghrom2211g
 
Digital Systems & Binary Numbers (comprehensive )
fyfhqfhtv2
 
Softaken Excel to vCard Converter Software.pdf
markwillsonmw004
 

Software-Defined Security: The New School of Security Designed for DevOps

  • 1. Zettaset XCrypt Service Encryption October 7–10, 2019 Austin Convention Center Tim Reilly, COO Maksim Yankovskiy, VP Engineering
  • 2. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software, Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Never has DATA been so IMPORTANT
  • 3. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software, Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ of the world’s data has been created in the last 2 years 90%
  • 4. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software, Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ 16 Zettabytes (16x1021)
  • 5. The world’s largest taxi company, owns no vehicles. Uber The world’s most popular media owner, creates no content. Alibaba The world’s largest accommodation provider, owns no real estate. Facebook Airbnb The most valuable retailer, has no inventory
  • 6. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software, Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Source: Visual Capitalist, Q4 2018
  • 7. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software, Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Digital Disruption 10x 1/10th More Innovation The Cost 100xThe Power
  • 8. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software, Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ DATARECORDS LOST OR STOLEN SINCE2013 6 million perday onaverage Technology 32% Government 10% Retail 9% Financial 4% Entertainment 3% Healthcare 2% Education 1% Other 39% Every type of organization is exposed Traditional security is no longer sufficient Breaches are growing year-on-year across all sectors Source: Gemalto breachlevelindex, Q1 2018
  • 9. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software, Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ UNENCRYPTED DATA 95% of breaches involved unencrypted data Source: breachlevelindex, Q1 2018 Main cause of damages
  • 10. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software, Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Largest component of data breach is lost business2018 Survey • Data breaches will increase in frequency & diminish shareholder value • Pessimistic about ability to protect from cyber threats • Cybersecurity is still not considered a strategic priority • Unsecured IoT devices will likely cause a data breach • More investment to achieve regulatory compliance Data Breaches Are Frequent & Costly
  • 11. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software, Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ DevOps & Data • Storage platforms – scalable, automated & dynamic • Development data is still data • Dev environment security lags behind production
  • 12. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software, Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ How Do Systems Get Breached?
  • 13. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software, Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ The Foundation is Trust in Data
  • 14. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software, Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Security & Compliance Requirements
  • 15. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software, Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Why Not Just Use Traditional Data Protection Tools? • Centralized • Scalability issues • Not data service agnostic • Not cloud native • Complicated
  • 16. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software, Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Better Data Protection Through BOSH • Transparency! • Encrypt at runtime • Data service agnostic: work with any data service • Key management – separate but automated • Scales with Pivotal Platform – set up, tear down • No changes to existing processes
  • 17. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software, Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ XCrypt BOSH Platform Architecture 1 7 Data Service Instance MySQL, Redis, etc. Virtual Key Manager (KMIP), Soft HSM (PKCS#11) BOSH Release License Server BOSH Release XCrypt Encryption Client for BOSH Add-On persistent storage (encrypted) BOSH Director * deployment key exchange BOSH Agent* * modified CF components, contributed to open-source CF Certificate Authority BOSH Release
  • 18. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software, Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ A Word About Containers
  • 19. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software, Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Thank you!