Guardians of the cloud: the sysadmin's guide to cloud security

Presented at Diana Initiative 2020 Virtual, Aug. 21, 2020, 2:30 p.m. (30 minutes).

Organisations are rapidly moving applications to the cloud to support remote work in the COVID-19 era, leaving sysadmins and security teams to secure a sprawling mass of cloud-based infrastructure. It's easy to "lift and shift" on-premises administrative practices to cloud environments. However, cloud systems are prime targets for attackers and require a new approach to administration. So what is the most secure way to manage your Tier 1 servers running in AWS, application development in GitHub and business collaboration in Slack? In her talk, Bronwyn will compare the threat models of cloud and on-premises systems. We will learn about best practices for secure cloud administration, including the importance of Identity and Access Management for effective cloud security. Bronwyn will share real-life lessons learned from working on cloud migrations, illustrating the challenges faced when on-premises administration concepts are applied to cloud environments.

Links:

• https://tdi2020.sched.com/event/dh1S/guardians-of-the-cloud-the-sysadmins-guide-to-cloud-security

Similar Presentations:

• ToorCon: Seattle (Beta) (2007) / Anycast Cloud Bursting
• AppSec USA 2015 / Hack the Cloud Hack the Company: the Cloud Impact on Enterprise Security
• DEF CON 30 (2022) / Cloud Threat Actors: No longer cryptojacking for fun and profit