CloudEXPO 2019

Choosing the Right Cloud Environment: Public, Private, or Hybrid

​​​​In pursuit of enhanced connectivity, scalability, and efficiency, cloud migration is hastening across all industry sectors. In order to unlock the cloud’s benefits, these environments – public, private, and hybrid – must be explicitly architected and engineered to suit the respective applications they will host, while also meeting security and compliance requirements.

How do businesses determine their ideal cloud environment and optimize it post-migration?
In this informative session, we will review and compare:

• The physical and virtual components of public, private, and hybrid cloud environments;
• The business considerations that differentiate each environment, including storage space, workloads, compliance, internal staff, and other business requirements;
• The relationship between organizations, cloud providers, and MSPs;
• The best practices organizations should consider keeping their cloud environment secure, compliant, and optimized post-migration

The Great Migration: Retreat from the Cloud Sacrificing Security?

Signs of a shift in the usage of public clouds are everywhere:

• Previously, as organizations outgrew old IT methods, the natural answer was to try the public cloud approach; however, the public platform alone is not a complete solution.

The move to hybrid, custom, and multi-cloud will become more and more prevalent:

• At the heart of this technology trend exists a custom solution to meet the needs and concerns of these organizations, including compliance, security, and cost issues.
• Blending Service and Deployment Models.
• The “new normal” of enterprise clients includes a hybrid cloud solutions.

Hybrid Cloud the new normal:

• Benefits require a planned approach and expertise.
• Organizations' risks get amplified as the boundaries grow.
• Risks unique to Hybrid Cloud require a Hybrid solutions not just addition of tech.

What’s old is new again:

• Due diligence and planning before deployment is critical to not only success but is a requirement for compliance.
• Access management is key and enforcement is more than policy.
• Data protection become as hybrid as the environment.
         - Data lakes make for poor clouds.
• Monitoring as a defense of shared infrastructure mean security tools need hybrid ability and technology needs to flex to on-prem through the cloud.

Cloud Security solutions:

• Don’t get burned on the re-entry complications returning from the cloud.
• Matching your hybrid cloud to the hybrid security includes compliance that spans your environment.

Digital Framework for an Agile Cloud Governance Program

Migrating to the Public Cloud (SaaS/PaaS/IaaS) at scale in the heavily regulated Financial Services and Insurance (FIS) industry requires the combination of process and digital capabilities to drive automation and accountability. In this session we will review a successful design and implementation of a solution to the complex problem of governance and coordinated Architecture, GRC and Security approvals for Public Cloud workload migrations at scale. If your enterprise strives for Agility and and is adopting Cloud services while remaining compliant this session is for you.

Hybrid Cloud Security - Why a Prevention-First Approach is Paramount

Enterprises need to understand that their biggest cybersecurity threat is not attackers targeting their data or even malicious insiders – it’s the complexity of and lack of visibility into hybrid-cloud environments.The complex nature of these environments makes them a breeding ground for simple but costly mistakes. This is what happened to AWS in 2017 where one incorrect command knocked their S3 service offline, taking dozens of websites and applications offline, impacting hundreds of thousands of businesses and causing millions of dollars in lost revenue.

In order to avoid these types of errors, enterprises need to better understand which employees have the privileges that can lead to these types of errors. Then, they must proactively manage those privileges to shrink their risk exposure using the principle of least privilege (POLP). If not, they run the risk of compromising every security system, policy and procedure they’ve ever worked to put in place.

Continuous Security with Kubernetes

When it comes to adopting containers in the enterprise, Security is the highest adoption barrier. Is your organization ready to address the security risks with containers for your DevOps environment? In this presentation, you'll learn about best practices for:

- Addressing the top container security risks in a container environment including images, builds, registry, deployment, hosts, network, storage, APIs, monitoring & logging, and federation.

- Integrating continuous security for containers in the CI/CD pipeline

- Deployment strategies for deploying container security updates including recreate, rolling, blue/green, canary and a/b testing.

Using Cloud Native Tools to Maintain Compliance Across the Mobile Enterprise

Enterprise computing environments are increasingly complex with employees taking full advantage of mobile and cloud applications to work from a wide range of network environments and physical settings. Cloud-native tools within Azure and other platforms, including familiar faces like SCCM and Intune, can be used to keep your enterprise application stack updated and compliant to industry regulations like PCI-DSS or GDPR. Learn how to implement and automate the tools available within your cloud platform of choice to ensure mobile and desktop users alike are secure, compliant, and functional 100% of the time.

FedRAMP Focus 2019: Know the Soft Money Challenges and Time Costs

Many SMB cloud solution providers see the Federal Marketplace as the best path to hockey-stick revenue. With the emphasis on Cybersecurity, Privacy, and Compliance, the mandatory FedRAMP certification often becomes a Board Level strategy focused on ROI. To date, visibility has been on FedRAMP direct costs such as technology, third-party services, and FedRAMP 3PAO testing. This presentation will discuss the “soft” money challenges and “time” costs of the FedRAMP journey and explore the relationship to the business aspects of positioning, marketing, and momentum.

Advancements in Encryption to Protect Data in the Cloud

While encryption protects data at rest and data in motion, until recently only operational controls were employed to protect data in use. Learn how advancements in encryption and secure enclaves protect data in use and the application runtime. This enables new sensitive workloads, ranging from high-value enterprise applications to emerging Blockchain, IoT, ML applications, to run safely in the cloud.

CI + CD + CC - Why Leave Compliance Out?

Compliance is not a checkbox item. It is intended to safeguard enterprises from Risks and Threats that they face everyday. It is time that enterprises take a systemic view of Operations Risk; whether in managing back office IT systems or in releasing engineering features for self-driving cars on a daily basis. How can we extend our current implementations on Continuous Delivery Pipelines, to Continuous Compliance and Continuous Risk Assessment?

Securing Cloud Repositories – All Types

You love the Cloud, but you still don’t feel 100% secure, here’s why.

A Practical Approach to Cloud Security, Architecture and Implementation

While cloud computing provides lower Infrastructure cost, higher agility and faster delivery, it also presents higher operational and security risks for a business critical assets; but a well-designed solution and security architecture will keep businesses safe during and after migrating their assets to the cloud.

Max has researched and identified many of the security risks associated with migrating to public cloud infrastructure. During the research, he also recommended solutions and designed a secure cloud architecture to manage these risks; and his recommendations are based on industry best practices and aligns with the AWS Well-Architected Framework. In 2018, his research was published at Cornell University and he programmed his recommended architecture into thousands of lines of Infrastructure Codes.

With Data breaches on the rise, the total number of compromised data is expected to increase from over 14.7 billion to about 33 billion by 2023. Max practical cloud security and architecture approach will help keep businesses safe before and after migrating their data and applications to a public cloud environment, this will help reduce the number of data breaches in a cloud environment.

What’s Old Is New Again: Data Loss Prevention Techniques for a Cloud World

ShieldX’s CEO and Founder, Ratinder Ahuja, believes that traditional security solutions are not designed to be effective in the cloud. The role of Data Loss Prevention must evolve in order to combat the challenges of changing infrastructure associated with modernized cloud environments. Ratinder will call out the notion that security processes and controls must be equally dynamic and able to adapt for the cloud. Utilizing four key factors of automation, enterprises can remediate issues and improve their security posture by maximizing their investments in legacy DLP solutions. The factors include new infrastructures opening up, public cloud, fast services and appliance models to fit in the new world of cloud security.

Is Everything in the Cloud?

Having to undergo an onsite assessment for a cloud environment sounds like an oxymoron, right? Many organizations tell their auditor that because they are a cloud-based organization, they do not want or need an onsite assessment. A new, dangerous trend that we’ve seen is auditors complying with that request. Audit firms advertise that they can effectively conduct an audit 100% remotely. This disregards physical controls that are in place to safeguard sensitive data and the frameworks that require testing of physical controls.

Not everything is in the cloud, and it’s irresponsible to claim that everything is in the cloud. Offices, employees, weather patterns, heating and cooling systems, power regulation, device management, physical security controls — these things don’t exist in the cloud. Physical security and onsite assessments must be a major component of cloud security and the shared responsibility model.

As more organizations migrate massive amounts of data to the cloud, it drives both cloud service providers and customers to consider how the cloud will change their privacy, security, and compliance efforts. Lack of security in the cloud can be detrimental to both providers and customers. In this session, Shannon Lane will educate the audience through lessons learned from recent breaches, his own experiences as an information security auditor, and best practices for cloud security.