IGT Cloud Management Forum - Secure Your Cloud Environment

Agenda

9:00 - 9:30 Gathering

9:30 – 10:00
Opening – Cloud Security for Dummies: Overview and Challenges

http://photos3.meetupstatic.com/photos/event/b/3/4/4/event_129045892.jpeg

From an attacker’s perspective, cloud providers aggregate access to many victims’ data into a single point of entry. As the cloud environments become more and more popular, they will increasingly become the focus of attacks. Some organizations think that liability can be outsourced, but no, it cannot! This presentation will answer questions such as what are the key security challenges for new cloud comers. What are the options and how you can start with a safe cloud deployment?
Ofir Nachmani
Chief Community, NEWVEM - KnowYouCloud (Newvem.com)

10:00 – 10:30
SaaS as a Security Hazard: The Google Apps example
http://photos2.meetupstatic.com/photos/event/b/3/4/e/event_129045902.jpegAs the borderline between a web site and an application blurs, so does the division between the enterprise IT and the internet. More and more enterprises adapt core applications which are provided as a service over the Internet. Until recently those where limited to vertical applications such as salesforce.com for sales automation and monster.com for recruiting, both of which have already suffered major security issues that compromises customer data. Google software push has led to enterprise adaption of general purpose cloud services including office tools, mail and knowledge management, which presents an entirely new risk level. In this presentation we will discuss the security risks of SaaS (Software as a service) and review past incidents on such services. We will than dissect the security implications of using Google Apps as an example for a SaaS and create a checklist of things to examine in a SaaS offering before subscribing to ensure that it provides sufficient security. Lastly we will discuss the solutions offered by Google as well as 3rd party solutions.
Ofer Shezaf
Information Security Visionary and Evangelist, HP Software

10:30 – 11:00
http://photos1.meetupstatic.com/photos/event/b/3/5/8/event_129045912.jpegCASE STUDY: OneHourTranslation
Oren Yagev Co-Founder, CTO at OneHourTranslation.com

One Hour Translation provides High quality, Fast, 24x7 Professional Human Translation in more than 57 languages. We are able to provide high-quality translations around the clock, any day, thanks to a community of over 10000 professional translators from over 100 different countries. One Hour Translation serve tens of thousands of projects a month thanks to AWS cloud technologies which enables fast and transparent scaling of our service. In this session I will present a case study for IT architecture and deployment on AWS with security monitoring using Newvem's services.

11:00 – COFFEE

11:30 – 12:00

Securing your Cloud in 10 minutes
http://photos2.meetupstatic.com/photos/event/b/3/7/6/event_129045942.jpegDOME9: Manage your AWS firewall
Zohar Alon, CEO at Dome9

1. Overview of available security technologies from the various cloud providers
2. How a cloud security policy should look like?
3. Implementing it in 4 quick steps:

Step 1: Defining the allowed internal connections

Step 2: Defining the allowed external connections

Step 3: Setting the On-Demand Administrative policy

Step 4: Authorizing your team members +

4. Extra: Automating Security with Dome9 API

12:00 – 12:30
CASE STUDY: Deploying a secure cloud backup

http://photos4.meetupstatic.com/photos/event/b/3/8/0/event_129045952.jpeg

A global organization providing software solutions and technology for the travel industry – handles huge volumes of near real-time transactions and reservations. The company was struggling with an inefficient and costly offsite backup infrastructure that was meant to manage an incrementally expanding database of more than 2.8 TB of storage. Regulatory compliance requires that the previous six months’ material must be readily available in a systematized fashion with cross-platform search functionality. Emind have implemented its set of tools and methodology to implement a secure cloud backup. In our presentation we will discuss AWS technologies implemented and how Porticor was used to create a secured cloud environment.
Lahav Savir, Emind CEO

12:30 – 13:00
Encrypt your data on the Cloud

http://photos3.meetupstatic.com/photos/event/b/3/9/4/event_129045972.jpeg

Keeping data private and secure has always been a business imperative for data privacy and regulatory compliance reasons, and as businesses seriously consider migrating to the cloud, data security is one of the most significant concerns. Once data is moved to the cloud, it becomes vulnerable to a number of new threats, and data security must be addressed jointly by the cloud provider and the customer itself. In our presentation we will discuss the shared responsibility module, review the pros and cons of current approaches to cloud data security, and discuss new and emerging technologies such as split-key encryption and partially homomorphic key encryption that enables organizations to maintain data privacy in a public cloud environment.
Ariel Dan, Co-Founder VP sales & Marketing at Porticor cloud security

13:00 – 13:30
Q&A Panel