Practical methods to improve your security in the cloud

www.databarracks.com | 2www.databarracks.com | 2

WHO WE ARE

Mark ThomasSolutions Architect

Formerly Director of Cloud Professional Services, EMEA at Virtustream, Mark is the Solutions Architect at Databarracks. An expert in cloud technology, data centre infrastructure and virtualisation, Mark has worked with major clients such as HSBC, Field Fisher Waterhouse and Allied Irish Bank.

www.databarracks.com | 3

About Databarracks

• Nuclear bunker data centre,

certified & accredited

Secure & Compliant

• Pedigree and understanding of storage

High Performance & Flexibility

www.databarracks.com | 4

Databarracks customers

Security – from the service provider

www.databarracks.com | 6www.databarracks.com | 6

Data centres & locations

www.databarracks.com | 7www.databarracks.com | 7

Certifications

• Externally audited yearly

• Penetration tested yearly

This is what we do – but what can you do?

www.databarracks.com | 9www.databarracks.com | 9

Pen Testing

Supplier testing

• Required for supplier compliance

• Testing of the entire platform

Your own testing

• May be required for your specific compliance

• Test your exact servers

www.databarracks.com | 10www.databarracks.com | 10

Access

THIS IS OFTEN THE WEAKEST LINK

Federation• Integrating your AD into access• Manage access across multiple clouds• Works for IaaS, PaaS & SaaS

www.databarracks.com | 11www.databarracks.com | 11

Access2 factor authentication• Knowledge factor• Possession factor

• Again – IaaS, PaaS & SaaS

This is now very common – online banking and even Gmail use it

= LESS RESISTANCE FROM USERS

www.databarracks.com | 12www.databarracks.com | 12

Firewalls

(Just for Infrastructure as a Service)

• Ring-fence your environment• Advanced intrusion detection & prevention

www.databarracks.com | 13www.databarracks.com | 13

Encryption

What, where and when?• VPNs• Arrays• Files within the VM• The entire VM

www.databarracks.com | 13

www.databarracks.com | 14www.databarracks.com | 14

Encryption

VPN• Why?• Why not?• Already doing it?• Can I do it myself?

www.databarracks.com | 14

www.databarracks.com | 15www.databarracks.com | 15

Encryption

Array encryption• Why?• Why not?• Already doing it?• Can I do it myself?

www.databarracks.com | 15

www.databarracks.com | 16www.databarracks.com | 16

Encryption

Files within the VMs• Why?• Why not?• Already doing it?• Can I do it myself?

www.databarracks.com | 16

www.databarracks.com | 17www.databarracks.com | 17

Encryption

The entire VM• Why?• Why not?• Already doing it?• Can I do it myself?

www.databarracks.com | 17

Can you take an unsecured cloud and make it secure?

Thank you