CloudHealth Boston Presentation
0 likes299 views
Cloud security and governance has become increasingly challenging due to the growing complexity of cloud environments. Effective governance through tools that provide centralized policy management, compliance monitoring, and automation can help close security gaps. CloudHealth Technologies provides a platform that enables these capabilities for enterprises. Their solution has supported over 600 customers in managing over $3.8 billion in cloud spend annually through capabilities like continuous scanning, anomaly detection, and centralized policy storage and analysis. Establishing roles like a Cloud Steward can also help organizations optimize security, costs, and operations across cloud environments through governance.
CloudHealth Boston Presentation
- 2. @aschepis [email protected] Adam has 15+ years of experience building high- quality, secure software for consumers and enterprises and nearly a decade of experience working in the security industry. At CloudHealth Technologies, Adam focuses on providing enterprises with an exceptional platform for enabling governance, policies, automation, and security in the cloud. Who am I?
- 3. Who is CloudHealth Technologies? • Deep Domain Expertise • $86 Million in Venture Capital Raised • 600+ Direct Customers • 1,500+ Channel Customers through 85+ Partners • 200+ Employees • Headquartered in Boston, MA • Offices located in San Francisco, Washington DC, London, Amsterdam, Tel Aviv, Sydney, & Singapore
- 4. million 1.1 99.99% yearly platform uptime 600 assets PER MONTH… $50 million in monthly RI purchases 1.2 million policies evaluated 365,000 emails sent PER DAY… 14 million instances 600PB S3 usage 8TB bills processed 400,000 perspectives / groups 305,000 cubes generated 3,000 reports generated billion API calls $3.8 in cloud spend managed per year billion Our Management Metrics
- 6. • Management of resources has been decentralized • Growing complexity gap necessitates new tools. • Centralized governance has never been more important Decentralized management Centralized Governance
- 7. Security Policies We know the tools, BUT • WHAT are the things I need to inspect? • WHERE are they? • WHO owns them? • HOW do we ensure they are tested frequently and monitored continuously? • Centralized Governance Tools - Discover surface area - Aid in definition of attack vectors - Help identify owners • Policies - Automatically discover new assets - Continuously evaluate
- 8. • Identify scenarios that aren’t directly security related but may indicate a problem • Anomaly detection - Types of assets being used - Patterns of create/destroy for assets - Network connectivity patterns (in/out) - Disk I/O patterns Indicators Operation Policies
- 9. • Continuous Scanning for compliance to IT standards - Tagging compliance - Configuration changes • security groups • user privileges • blob store exposure - API key usage/rotation • Patching • Required software (firewalls, etc) Keeping things in line Compliance Policies
- 10. Storing and Analyzing Policy Results
- 11. • Great security tools will detect an issue, fix it, and then tell you what happened • Cloud governance is no different • Don't constantly hunting for a new needle in the haystack - Let tools do that for you • Automation lets you constantly monitor, remediate, and alert You can't manage by exception Automation
- 12. • Training/Certification • Metrics driven • KPIs include: # of people trained # of people AWS certified # of workloads moved to the cloud # of assets and cost # of policies in compliance Cloud Center of Excellence
- 13. Cloud Steward Role • Cross-functional role • Responsible for ongoing optimization and governance • Help to bring groups together to and define and manage security automation policies, cost, usage, and performance across environments • Make recommendations on capacity planning, modeling, and forecasting • This is the person who wakes up every morning thinking about ways to improve how the organization utilizes the cloud in a secure, low-friction, cost-effective way. Operations Cloud Steward Finance Engineering/ IT/Ops LOBs
- 14. • Complexity gap has made cloud security and governance a challenge. • Effective governance contributes to improving overall security posture in the cloud • Having a corporate Cloud Steward is a critical role when building out a large, efficient, secure, dynamic cloud infrastructure. In Summary
- 15. Questions?