(dvo206) how to securely scale teams, workloads, and budgets
TRANSCRIPT
![Page 1: (DVO206) How to Securely Scale Teams, Workloads, and Budgets](https://reader031.vdocuments.us/reader031/viewer/2022030304/58781e8b1a28aba12d8b6089/html5/thumbnails/1.jpg)
© 2015, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Jim Hoover, Chief Information Security Officer
Matt Yanchyshyn, Sr. Manager, Solutions Architecture
Adam Boyle, Director of Product Management, Cloud Workload Security
October 2015
DVO206
Lessons from a CISOHow to Securely Scale Teams,
Workloads, and Budgets
![Page 2: (DVO206) How to Securely Scale Teams, Workloads, and Budgets](https://reader031.vdocuments.us/reader031/viewer/2022030304/58781e8b1a28aba12d8b6089/html5/thumbnails/2.jpg)
Takeaways
Scale workload security
Level up security teams
Improve CxO visibility
![Page 3: (DVO206) How to Securely Scale Teams, Workloads, and Budgets](https://reader031.vdocuments.us/reader031/viewer/2022030304/58781e8b1a28aba12d8b6089/html5/thumbnails/3.jpg)
Jim Hoover, CISO
![Page 4: (DVO206) How to Securely Scale Teams, Workloads, and Budgets](https://reader031.vdocuments.us/reader031/viewer/2022030304/58781e8b1a28aba12d8b6089/html5/thumbnails/4.jpg)
![Page 5: (DVO206) How to Securely Scale Teams, Workloads, and Budgets](https://reader031.vdocuments.us/reader031/viewer/2022030304/58781e8b1a28aba12d8b6089/html5/thumbnails/5.jpg)
3,500+Customers in the cloud
8+ PBData in the Infor cloud
45m+Users
6300+Sites
Infor at Scale in the Cloud
![Page 6: (DVO206) How to Securely Scale Teams, Workloads, and Budgets](https://reader031.vdocuments.us/reader031/viewer/2022030304/58781e8b1a28aba12d8b6089/html5/thumbnails/6.jpg)
Iron to APIs
![Page 7: (DVO206) How to Securely Scale Teams, Workloads, and Budgets](https://reader031.vdocuments.us/reader031/viewer/2022030304/58781e8b1a28aba12d8b6089/html5/thumbnails/7.jpg)
Data Center Security Challenges
Lots of different groups
Lots of different tools
Nothing speaking the same language
![Page 8: (DVO206) How to Securely Scale Teams, Workloads, and Budgets](https://reader031.vdocuments.us/reader031/viewer/2022030304/58781e8b1a28aba12d8b6089/html5/thumbnails/8.jpg)
“Security in the Cloud” Concerns
Tools
Security controls
Compliance
![Page 9: (DVO206) How to Securely Scale Teams, Workloads, and Budgets](https://reader031.vdocuments.us/reader031/viewer/2022030304/58781e8b1a28aba12d8b6089/html5/thumbnails/9.jpg)
The Infor Security Stack in AWS Cloud
AWS cloud
Shared
responsibility
Compliance
![Page 10: (DVO206) How to Securely Scale Teams, Workloads, and Budgets](https://reader031.vdocuments.us/reader031/viewer/2022030304/58781e8b1a28aba12d8b6089/html5/thumbnails/10.jpg)
Best Practices for Large-Scale Security
1. Segment your AWS environment
2. Control access and segregate duties
3. Monitor for unexpected behavior
![Page 11: (DVO206) How to Securely Scale Teams, Workloads, and Budgets](https://reader031.vdocuments.us/reader031/viewer/2022030304/58781e8b1a28aba12d8b6089/html5/thumbnails/11.jpg)
Your organization
Project Teams Marketing
Business Units Reporting
Web &
Mobile
Dev / Test Analytics
Internal
Enterprise
Apps
Amazon S3
Amazon
Glacier
Storage/
Backup
Large-Scale Security Best Practice #1
Segment your AWS environment
![Page 12: (DVO206) How to Securely Scale Teams, Workloads, and Budgets](https://reader031.vdocuments.us/reader031/viewer/2022030304/58781e8b1a28aba12d8b6089/html5/thumbnails/12.jpg)
• Multi-factor authentication
• Federation and single sign-on
• Fine-grained access control
• Restrict human access
AWSaccount owner
Network management
Security management
Server management
Storage management
Large-Scale Security Best Practice #2
Control access, segregate duties
![Page 13: (DVO206) How to Securely Scale Teams, Workloads, and Budgets](https://reader031.vdocuments.us/reader031/viewer/2022030304/58781e8b1a28aba12d8b6089/html5/thumbnails/13.jpg)
• AWS CloudTrail• API and console usage
• AWS Config• Infrastructure history and changes
• Amazon CloudWatch• Resource metrics and log monitoring
• AWS Billing and Cost Management
Large-Scale Security Best Practice #3
Monitor for unexpected behavior
![Page 14: (DVO206) How to Securely Scale Teams, Workloads, and Budgets](https://reader031.vdocuments.us/reader031/viewer/2022030304/58781e8b1a28aba12d8b6089/html5/thumbnails/14.jpg)
Team Works
![Page 15: (DVO206) How to Securely Scale Teams, Workloads, and Budgets](https://reader031.vdocuments.us/reader031/viewer/2022030304/58781e8b1a28aba12d8b6089/html5/thumbnails/15.jpg)
Data Center Security Operations Challenges
Security team Application teams
![Page 16: (DVO206) How to Securely Scale Teams, Workloads, and Budgets](https://reader031.vdocuments.us/reader031/viewer/2022030304/58781e8b1a28aba12d8b6089/html5/thumbnails/16.jpg)
Security Operations Skill Development
Security ops Cloud security DevOps
![Page 17: (DVO206) How to Securely Scale Teams, Workloads, and Budgets](https://reader031.vdocuments.us/reader031/viewer/2022030304/58781e8b1a28aba12d8b6089/html5/thumbnails/17.jpg)
Security Operations in AWS Cloud
Cloud security DevOps Application teams
![Page 18: (DVO206) How to Securely Scale Teams, Workloads, and Budgets](https://reader031.vdocuments.us/reader031/viewer/2022030304/58781e8b1a28aba12d8b6089/html5/thumbnails/18.jpg)
AWS Security Rock Star Cookbook
1. AWS-specific security knowledge
• https://aws.amazon.com/security
2. Analytics: Threat intelligence; log analysis at scale
• https://aws.amazon.com/big-data
3. DevSecOps: The ability to quickly and continuously
respond to new threats as they emerge
• https://aws.amazon.com/training/course-descriptions/devops-
engineering
![Page 19: (DVO206) How to Securely Scale Teams, Workloads, and Budgets](https://reader031.vdocuments.us/reader031/viewer/2022030304/58781e8b1a28aba12d8b6089/html5/thumbnails/19.jpg)
CxO Visibility
![Page 20: (DVO206) How to Securely Scale Teams, Workloads, and Budgets](https://reader031.vdocuments.us/reader031/viewer/2022030304/58781e8b1a28aba12d8b6089/html5/thumbnails/20.jpg)
CxO Visibility at Scale
CISO CIO COO CFO
![Page 21: (DVO206) How to Securely Scale Teams, Workloads, and Budgets](https://reader031.vdocuments.us/reader031/viewer/2022030304/58781e8b1a28aba12d8b6089/html5/thumbnails/21.jpg)
In Summary
Simplicity & visibility = scale
SecOps: Do more with less
CxO: Visibility & compliance
![Page 22: (DVO206) How to Securely Scale Teams, Workloads, and Budgets](https://reader031.vdocuments.us/reader031/viewer/2022030304/58781e8b1a28aba12d8b6089/html5/thumbnails/22.jpg)
Thank you!
![Page 23: (DVO206) How to Securely Scale Teams, Workloads, and Budgets](https://reader031.vdocuments.us/reader031/viewer/2022030304/58781e8b1a28aba12d8b6089/html5/thumbnails/23.jpg)
Come see us at Booth #1004
http://aws.trendmicro.com
![Page 24: (DVO206) How to Securely Scale Teams, Workloads, and Budgets](https://reader031.vdocuments.us/reader031/viewer/2022030304/58781e8b1a28aba12d8b6089/html5/thumbnails/24.jpg)
Remember to complete
your evaluations!