Subscribed 2015: Architecture, Security, Scalability

Architecture, Security and Scalability in the Cloud

Andrey Kolesnikov VP, TechOps

Pritesh ParekhChief Security Officer

Agenda

Industry Trends

Compliance Strategy

Securing SaaS

Product Security

Look Inside the platform

Scale and Resiliency

Ops Approach

Security and

Industry Data

Security Breaches

Courtesy: www.informationisbeautiful.net

Courtesy: Symantec 2015 Internet Security Threat Report

Industry Data

Security Breaches

Industry Data

Security Breaches

Industry Data Security Breaches 2014

Industry Data

Security Breaches

2014• Top 3 entry point used for hacking

• Weak Authentication (Employee or Third Party Vendors)

• Malware infected using Phishing

• Application or Server Weakness

• Top motives are CC data and PII with email address

• Average Cost per data breach is $3.5 million or $145 per compromised

record (does not include loss of reputation)

• Hackers targeting CFOs to gain monetary advantage on market moving

information

Industry Leading

Compliance Strategy

• Required for all service providers storing or processing credit cards

• PCI DSS Level 1 since 2008• 200+ Security Controls required

• Supports Customer SOX compliance• SSAE 16 SOC 1 Type II since 2009• SOC 2 Type II based on Trust Services Principles

• HHS HIPAA audit program as a Business Associate• Compliance with Security, Privacy and Breach Notification

requirements

• Provides a method for U.S. companies to transfer personal data from the EU to US

• Protection of consumer personal data

Enterprise-grade Data Security

• TLS Encryption

• Network Firewall and Web Application Firewall

• Host Intrusion Detection Systems

• Sensitive Data Encryption using FIPS certified Hardware Encryption

• Multiple layers of authentication

• Continuous Application Pen Testing

• Daily Network Scans & Third Party Security testing

• Centralized Logging and Real-time Alerting

• Secure SSAE16 Compliant Data Centers

Load Balancers Load Balancers

Log ServersDB Servers

Firewall IDS

Zuora UI Customer Apps APIs

Storage

Encryption ApplianceApp Servers

Enterprise-grade Data Security

Strong authentication features

support enterprise ecosystem

integration• Strong Security Policies

• 2-factor Authentication

• Single Sign-on support

• IP-address filtering

Granular data access features supports SOX compliance requirements

65 distinct permissions for standard and admin user roles

Data Access Control

WORLDWIDE

NORTH AMERICA

US CANADA

EUROPE

ITALY FRANCE

• Greater Control with the hierarchy based data access feature

• Access can be granted on a need-to-know basis (department, geo-location, product etc.)

Data Access Control

Private CloudCommercial SoftwareQuarterly ReleasesSQL VMsMTBFDIY

Stack Trends

Public CloudOSSContinuous DeliveryNoSQLContainersMTTRSaaS

SaaS v1.0 SaaS v2.Current

SLIDE HEADER

Across Zuora Platform

Transactions a

Rows of data

synchronized and

exported

Average Monthly Volume Snapshot:

Average platform

compute utilization

3 Team Pillars

Customer, Technology,

Business

50/50Developer/

SysEng Ratio

2 Public Cloud

Regions

2Operation Centers

900+ Nodes

2 Geo Distributed

datacenters

Look Inside

TiersEphemeral

Persistent

Infrastructure

DomainsVertical

Horizontal

ScaleHorizontal

Vertical

Partition

Approach to

Infrastructure

Embed Ops into Dev

Durability > Availability

API > Scripts

Metrics, Metrics, Metrics

Ops Approach

GRIDGRIDSummary

• Compliance Certifications – PCI, SOC1, SOC2 and HIPPA

• Data Security – Web Application Firewall, Host Based Intrusion Detection System and Continuous Security Testing

• Product Security – 2FA, SSO, Data Access Controls and Strong Security Policies

• Infrastructure – Public/Private Cloud, OSS

• Architecture – Right size/approach for the problem

• Operators – Mix of Developers and Systems Engineers

HEADING

Section break slide

Subscribed 2015: Architecture, Security, Scalability

Business

Transcript of Subscribed 2015: Architecture, Security, Scalability

Sydney Subscribed 2016: Keynote

How We Made our Tech Organization and Architecture Converge Towards Scalability

Facebook architecture presentation: scalability challenge

MILSA: A New Evolutionary Architecture for Scalability ...jain/papers/ftp/milsajsc.pdfPAN et al.: MILSA: A NEW EVOLUTIONARY ARCHITECTURE FOR SCALABILITY, MOBILITY, AND MULTIHOMING

Enterprise JavaBeans™ (EJB™) Architecture Scalability/Load Test

Subscribed SF: CEO's Keynote

Extending OPC-UA through Architecture Flexibility, Performance, and Scalability

Introduction to Hadoop and MapReduce · Hadoop scalability Hadoop can reach massive scalability by exploiting a simple distribution architecture and coordination model Huge clusters

BCO 90 Architecture Scalability

A VIRTUALIZED ARCHITECTURE FOR MOODLEROOMS SCALABILITY

Investigation of scalability of In0.7Ga0.3As quantum well … · 2011-05-15 · Investigation of scalability of In 0.7Ga 0.3As quantum well ﬁeld effect transistor (QWFET) architecture

Re-designed Architecture For Scalability And Better Performance · 2019-04-25 · Re-designed Architecture For Scalability And Better Performance Freshersworld.com is the #1 job portal

Windows Server 8 Hyper-V Component Architecture … Server 2012 H y p e r - V Component Architecture Hyper-V Scalability Failover Cluster Scalability Virtual MachineT Scalability The

Subscribed 2016: SaaS Application Architecture Defined

Maximum Availability Architecture - · PDF fileAvoiding ORA-01555 errors ..... 16 Performance and Scalability ... Maximum Availability Architecture

Achieving Massive Scalability And Total Fault Isolation ... · Oracle Sharding Architecture Overview • A data tier architecture introduced in 12.2 , data horizontally partitioned

ENOVIA V6 Architecture Performance Capability Scalability

Maximum Availability Architecture - Oracle · Maximum Availability . Architecture . ... the system’s performance and scalability as their ... This may be caused by starving Cpu

POLYMORPHIC CHIP MULTIPROCESSOR ARCHITECTURE … · Over the last several years uniprocessor performance scaling slowed significantly ... architecture achieves good performance scalability.

MySQL Architecture Design Patterns for Performance, Scalability, And Availability Presentation