Norm Barber Migrating Critical Applications to the Cloud - Security and Compliance Considerations
Cloud security considerations
-
Upload
quickstart-intelligence -
Category
Documents
-
view
318 -
download
0
description
Transcript of Cloud security considerations
Senior Technical
Specialist, Microsoft
Abstraction: Hardware Abstraction: Everything
Abstraction: OS
On-Premise
Storage
Servers
Networking
O/S
HA/DR
Virtualization
Data
Applications
Runtime
IaaS
Storage
Servers
Networking
O/S
HA/DR
Virtualization
Data
Applications
Runtime
PaaS
Storage
Servers
Networking
O/S
HA/DR
Virtualization
Applications
Runtime
Data
SaaS
Storage
Servers
Networking
O/S
HA/DR
Virtualization
Applications
Runtime
Data
More Less
Surface Area
Physical Plant
Network/Firewalls
Computing Elements (OS, Runtimes, etc.)
Storage
RDBMS
Bus or Other Access Components
Example
Jane Doe
<Role = Comptroller>
<Role = User>
<Locale = UK>
• Physical/Identity
• Certificates/Encryption
• Protocols/Ports
• Viri/spyware/Keyloggers • Encryption Support
• Protocols/Ports
• Firewalls
• Certificate Support
• Encryption Support – Data at rest
• Protocols/Ports
• Firewalls
• Segregation
• Certifications (components)
• Certificates/Encryption
• Protocols/Ports
• Endpoints
• Firewalls
• Certificates/Encryption
• Protocols/Ports
• Viri/spyware/Sniffers
Secure Development Lifecycle
Windows and SQL Azure Mitigations
Create Periodic and Automated Reviews
Independent Verifications and Tools
Document Path/Risks, Write tests
Microsoft Data Center Physical Plant and Safeguards
Windows Azure Trust Center (Web Search Term)
http://tinyurl.com/27t2bqu (Security References for Azure)
References