SlideShare une entreprise Scribd logo

Red flags and attention points in cloud security audit, watch the security gates.

Télécharger en tant que PPTX, PDF
Peter GEELEN ✔
Peter GEELEN ✔

In his presentation, Peter will share his insights and experiences on Red flags and attention points in cloud security audit, watch the security gates.

Technologie
1  sur  31
AI, Cloud & Modern Workplace Conference 2024 15, 16 & 17 February , Online Conference https://aicmwc.azurewebsites.net
AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference Red flags and attention points in cloud security audit Watch the security gates 15 February 2024 , 21:00 P.M. (GMT+2) Peter GEELEN MVP Security (Identity & Access) https://www.linkedin.com/in/pgeelen/
AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference Important to know: Security = PPT • PPT • People • Process • Technology
AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference Important to know: Security = PPT • PPT • People • Process • Technology
AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference Security across the company • Strategic • Tactical • Operational STRATEGIC (CxO) TACTICAL (Dept.) OPERATIONAL
AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference Management team tasks • Accountability • Planning • Resources • Operations • Performance • Continuous improvement Act Plan Do Check Act Plan Do Check Security Improvement Time
AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference Security controls • Asset management • Identity & access management • System & network security • Secure configuration & baseline • Physical security • Threat and vulnerability management • Application security • Policies & procedures • Documentation • HR security • Supplier Management • Incident management • Business continuity • Disaster recovery
AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference Security is a process, continuously changing 1 2 3 In Few tasks simple Change Important volume of tasks Dependent tasks Balance from one to another Out Lots of tasks Lengthy Complex Legal impact Possible reactivation Uniqueness Conflicts
AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference How are you doing?
AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference How is your customer or supplier doing?
AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference Monitoring or Audit: what’s the difference ? Monitoring • Performance check • Continuous (or high frequency) • By Owner Audit • Compliance check • Regular intervals (lower frequency) • Independent from owner
AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference Audit types • 1st party (internal audit) • 2nd party • Customer > supplier • Supplier > customer • 3rd party • external
AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference Audit types : internal audit • Self-validation (Auditing within company) • No publication to external parties • No certificate
AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference Audit types : 2nd party audit (mutual) • Commercial interest first • Contractual dependence • Due diligence • Mutual interest • Customer checking (potential) supplier • Supplier checking (potential) customer, eg before onboarding • Delegation / verification of compliance • Verification if delegated tasks are done correctly
AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference Audit types : 3rd party audit (external) • Independence between parties • Auditor vs customer • No combination of consulting & audit allowed • Segregation of duties • Official certificate • Published • Available to external parties
AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference Audit main principles • Snapshot of situation • Quick estimation of situation • Risk based • Solution based, continuous improvement Some hands-on experience to stay out of trouble … detecting the red flags
AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference 1. First login with god mode • First login • First administrator • Full power • God mode Solution - Create special admin account - No mail, enable MFA
AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference 2. User ID and password • Typically personal account • User ID… and just password (an mail address) Solution • MFA • Hardware tokens • Passkeys (MFA next gen)
AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference 3. Default groups • Azure Groups • Large volume of Azure and M365 Roles Solution • Avoid the use of default groups • Task based access, granular control • Only use default groups when no other option left
AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference 4. Ad-hoc (eh..no) Identity Management • Manual management • No process • User duplication from existing users Solution • Setup basic IDM (identity mgmt) • Setup IAM (identity and access mgmt) 1 2 3 In Start of identity Hire, onboarding, provisioning, create, Begin, ... Change of identity, move, promotion, update, maintenance, operations, ... Out End-of-life Fire, termination, End-of-contract, deprovisioning, Revocation, delete, ...
AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference 5. No process management • Manual management • No process owner • No process • No idea how data flows • No idea on changes Solution • Use basic process definitions • Check ISO9001
AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference 6. All-in one account • User account = admin account • Mail enabled • Used for office and admin tasks Solution • Account separation • Segregation of duties • Separate logins for users and administrators
AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference 7. All-in one desktop • Login account = local admin account • Full access • … Solution • Daily operations as user • Admin for specific access
AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference 8. RDP remote access • RDP to Azure • … Solution • Bastion host
AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference 9. One network • One network • Direct connections to Azure • No segmentation (neither in Azure as physical) Solution • Segmentation • Firewalls on every host and every network
AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference 9. Onetime configuration • One configuration fixed at first configuration • But once set, never reset … • No review • No IDM cycle Solution: check... • Everytime on new configuration • During changes • Check regularly (put it on your agenda) • Use IDM (lifecycle)
AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference Presentation Title 18 February , 9 P.M. (GMT+2) References • Microsoft • Azure compliance: ISO27001 • Azure compliance: ISO27017 / ISO 27018 • Learn Microsoft Azure audit and logging fundamentals • Azure security logging and auditing • Azure security management and monitoring overview
AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference Presentation Title 18 February , 9 P.M. (GMT+2) References • Azure hardening • Azure security best practices and patterns
AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference Presentation Title 18 February , 9 P.M. (GMT+2) References • ISO standards • ISO 27001: ISMS (information security management system) • ISO 27002: ISMS guidance • ISO 27017: cloud security • ISO 27018: PII in cloud (data protection in cloud • Cloud security basics (CCSK by CSA) • https://cloudsecurityalliance.org/ • Cloud controls matrix
AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference Presentation Title 18 February , 9 P.M. (GMT+2) More of this… • On my blog • Identity Underground • https://identityunderground.wordpress.com/
Thank You !!! AI, Cloud & Modern Workplace Conference 2024 15, 16 & 17 February , Online Conference

Recommandé

Session 2023-11.pptx
Session 2023-11.pptxSession 2023-11.pptx
Session 2023-11.pptx
AndreeaTom
 
UiPath 23.4 Product Release Updates
UiPath 23.4 Product Release UpdatesUiPath 23.4 Product Release Updates
UiPath 23.4 Product Release Updates
DianaGray10
 
ITCamp 2019 - Mihai Tataran - Governing your Cloud Resources
ITCamp 2019 - Mihai Tataran - Governing your Cloud ResourcesITCamp 2019 - Mihai Tataran - Governing your Cloud Resources
ITCamp 2019 - Mihai Tataran - Governing your Cloud Resources
ITCamp
 
AWS November meetup Slides
AWS November meetup SlidesAWS November meetup Slides
AWS November meetup Slides
JacksonMorgan9
 
AWS User Group November
AWS User Group NovemberAWS User Group November
AWS User Group November
PolarSeven Pty Ltd
 
Cloud Innovation Tour - Discover Track
Cloud Innovation Tour - Discover TrackCloud Innovation Tour - Discover Track
Cloud Innovation Tour - Discover Track
LaurenWendler
 
What's New in IdP 9.0 Behavioral Biometrics and more…
What's New in IdP 9.0 Behavioral Biometrics and more…What's New in IdP 9.0 Behavioral Biometrics and more…
What's New in IdP 9.0 Behavioral Biometrics and more…
SecureAuth
 
AMIS Oracle OpenWorld en Code One Review 2018 - Blockchain, Integration, Serv...
AMIS Oracle OpenWorld en Code One Review 2018 - Blockchain, Integration, Serv...AMIS Oracle OpenWorld en Code One Review 2018 - Blockchain, Integration, Serv...
AMIS Oracle OpenWorld en Code One Review 2018 - Blockchain, Integration, Serv...
Getting value from IoT, Integration and Data Analytics
 

Recommandé

Session 2023-11.pptx
Session 2023-11.pptxSession 2023-11.pptx
Session 2023-11.pptx
AndreeaTom
 
UiPath 23.4 Product Release Updates
UiPath 23.4 Product Release UpdatesUiPath 23.4 Product Release Updates
UiPath 23.4 Product Release Updates
DianaGray10
 
ITCamp 2019 - Mihai Tataran - Governing your Cloud Resources
ITCamp 2019 - Mihai Tataran - Governing your Cloud ResourcesITCamp 2019 - Mihai Tataran - Governing your Cloud Resources
ITCamp 2019 - Mihai Tataran - Governing your Cloud Resources
ITCamp
 
AWS November meetup Slides
AWS November meetup SlidesAWS November meetup Slides
AWS November meetup Slides
JacksonMorgan9
 
AWS User Group November
AWS User Group NovemberAWS User Group November
AWS User Group November
PolarSeven Pty Ltd
 
Cloud Innovation Tour - Discover Track
Cloud Innovation Tour - Discover TrackCloud Innovation Tour - Discover Track
Cloud Innovation Tour - Discover Track
LaurenWendler
 
What's New in IdP 9.0 Behavioral Biometrics and more…
What's New in IdP 9.0 Behavioral Biometrics and more…What's New in IdP 9.0 Behavioral Biometrics and more…
What's New in IdP 9.0 Behavioral Biometrics and more…
SecureAuth
 
AMIS Oracle OpenWorld en Code One Review 2018 - Blockchain, Integration, Serv...
AMIS Oracle OpenWorld en Code One Review 2018 - Blockchain, Integration, Serv...AMIS Oracle OpenWorld en Code One Review 2018 - Blockchain, Integration, Serv...
AMIS Oracle OpenWorld en Code One Review 2018 - Blockchain, Integration, Serv...
Getting value from IoT, Integration and Data Analytics
 
Accelerate ML Deployment with H2O Driverless AI on AWS
Accelerate ML Deployment with H2O Driverless AI on AWSAccelerate ML Deployment with H2O Driverless AI on AWS
Accelerate ML Deployment with H2O Driverless AI on AWS
Sri Ambati
 
The Case for Embedded Analytics: Improve the Value of your Applications with ...
The Case for Embedded Analytics: Improve the Value of your Applications with ...The Case for Embedded Analytics: Improve the Value of your Applications with ...
The Case for Embedded Analytics: Improve the Value of your Applications with ...
TIBCO Jaspersoft
 
Maximizing Team Productivity with Microsoft Office 365
Maximizing Team Productivity with Microsoft Office 365Maximizing Team Productivity with Microsoft Office 365
Maximizing Team Productivity with Microsoft Office 365
SWC Technology Partners
 
Cloud Customer Architecture for Big Data and Analytics V2.0
Cloud Customer Architecture for Big Data and Analytics V2.0Cloud Customer Architecture for Big Data and Analytics V2.0
Cloud Customer Architecture for Big Data and Analytics V2.0
Cloud Standards Customer Council
 
Workshop - Architecting Innovative Graph Applications- GraphSummit Milan
Workshop - Architecting Innovative Graph Applications- GraphSummit MilanWorkshop - Architecting Innovative Graph Applications- GraphSummit Milan
Workshop - Architecting Innovative Graph Applications- GraphSummit Milan
Neo4j
 
CGI-IgniteChicago
CGI-IgniteChicagoCGI-IgniteChicago
CGI-IgniteChicago
MNaveedAnjum1
 
Cloud Innovation Tour - Discover Track
Cloud Innovation Tour - Discover TrackCloud Innovation Tour - Discover Track
Cloud Innovation Tour - Discover Track
LaurenWendler
 
30 March 2017 - Vuzion Ireland Love Cloud
30 March 2017 - Vuzion Ireland Love Cloud30 March 2017 - Vuzion Ireland Love Cloud
30 March 2017 - Vuzion Ireland Love Cloud
Vuzion
 
Cloud Customer Architecture for API Management
Cloud Customer Architecture for API ManagementCloud Customer Architecture for API Management
Cloud Customer Architecture for API Management
Cloud Standards Customer Council
 
Vitalii Bondarenko and Eugene Berko "Cloud AI Platform as an accelerator of e...
Vitalii Bondarenko and Eugene Berko "Cloud AI Platform as an accelerator of e...Vitalii Bondarenko and Eugene Berko "Cloud AI Platform as an accelerator of e...
Vitalii Bondarenko and Eugene Berko "Cloud AI Platform as an accelerator of e...
Lviv Startup Club
 
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
Shane Coughlan
 
Blockchain, Integration, Serverless, Microservices - OOW / Code One 2018 Review
Blockchain, Integration, Serverless, Microservices - OOW / Code One 2018 ReviewBlockchain, Integration, Serverless, Microservices - OOW / Code One 2018 Review
Blockchain, Integration, Serverless, Microservices - OOW / Code One 2018 Review
Robert van Mölken
 
O365Con18 - Hybrid SharePoint Deep Dive - Thomas Vochten
O365Con18 - Hybrid SharePoint Deep Dive - Thomas VochtenO365Con18 - Hybrid SharePoint Deep Dive - Thomas Vochten
O365Con18 - Hybrid SharePoint Deep Dive - Thomas Vochten
NCCOMMS
 
Lights-Out Testing for Lights-On Business
Lights-Out Testing for Lights-On BusinessLights-Out Testing for Lights-On Business
Lights-Out Testing for Lights-On Business
Worksoft
 
The Need for Speed
The Need for SpeedThe Need for Speed
The Need for Speed
Capgemini
 
Pivoting to Cloud: How an MSP Brokers Cloud Services
Pivoting to Cloud: How an MSP Brokers Cloud Services Pivoting to Cloud: How an MSP Brokers Cloud Services
Pivoting to Cloud: How an MSP Brokers Cloud Services
RightScale
 
IBM Blockchain Labs Explained v1.0
IBM Blockchain Labs Explained v1.0IBM Blockchain Labs Explained v1.0
IBM Blockchain Labs Explained v1.0
Matt Lucas
 
Azure_Business_Opportunity
Azure_Business_OpportunityAzure_Business_Opportunity
Azure_Business_Opportunity
Nojan Emad
 
Crosswalk Introduction CSI National Sept. 23rd, 2021
Crosswalk Introduction CSI National Sept. 23rd, 2021Crosswalk Introduction CSI National Sept. 23rd, 2021
Crosswalk Introduction CSI National Sept. 23rd, 2021
Hugh Seaton
 
Get Started with Microsoft Azure.pptx
Get Started with Microsoft Azure.pptxGet Started with Microsoft Azure.pptx
Get Started with Microsoft Azure.pptx
AnjaliMishra647628
 
Data compliance - get it right the first time (Black/White printable PDF)
Data compliance - get it right the first time (Black/White printable PDF)Data compliance - get it right the first time (Black/White printable PDF)
Data compliance - get it right the first time (Black/White printable PDF)
Peter GEELEN ✔
 
Data compliance - get it right the first time (Full color PDF)
Data compliance - get it right the first time (Full color PDF)Data compliance - get it right the first time (Full color PDF)
Data compliance - get it right the first time (Full color PDF)
Peter GEELEN ✔
 

Contenu connexe

Similaire à Red flags and attention points in cloud security audit, watch the security gates.

Cloud Customer Architecture for Big Data and Analytics V2.0
Cloud Customer Architecture for Big Data and Analytics V2.0Cloud Customer Architecture for Big Data and Analytics V2.0
Cloud Customer Architecture for Big Data and Analytics V2.0
Cloud Standards Customer Council
 
Cloud Customer Architecture for API Management
Cloud Customer Architecture for API ManagementCloud Customer Architecture for API Management
Cloud Customer Architecture for API Management
Cloud Standards Customer Council
 
Vitalii Bondarenko and Eugene Berko "Cloud AI Platform as an accelerator of e...
Vitalii Bondarenko and Eugene Berko "Cloud AI Platform as an accelerator of e...Vitalii Bondarenko and Eugene Berko "Cloud AI Platform as an accelerator of e...
Vitalii Bondarenko and Eugene Berko "Cloud AI Platform as an accelerator of e...
Lviv Startup Club
 
The Need for Speed
The Need for SpeedThe Need for Speed
The Need for Speed
Capgemini
 
Azure_Business_Opportunity
Azure_Business_OpportunityAzure_Business_Opportunity
Azure_Business_Opportunity
Nojan Emad
 

Similaire à Red flags and attention points in cloud security audit, watch the security gates. (20)

Accelerate ML Deployment with H2O Driverless AI on AWS
Accelerate ML Deployment with H2O Driverless AI on AWSAccelerate ML Deployment with H2O Driverless AI on AWS
Accelerate ML Deployment with H2O Driverless AI on AWS
 
The Case for Embedded Analytics: Improve the Value of your Applications with ...
The Case for Embedded Analytics: Improve the Value of your Applications with ...The Case for Embedded Analytics: Improve the Value of your Applications with ...
The Case for Embedded Analytics: Improve the Value of your Applications with ...
 
Maximizing Team Productivity with Microsoft Office 365
Maximizing Team Productivity with Microsoft Office 365Maximizing Team Productivity with Microsoft Office 365
Maximizing Team Productivity with Microsoft Office 365
 
Cloud Customer Architecture for Big Data and Analytics V2.0
Cloud Customer Architecture for Big Data and Analytics V2.0Cloud Customer Architecture for Big Data and Analytics V2.0
Cloud Customer Architecture for Big Data and Analytics V2.0
 
Workshop - Architecting Innovative Graph Applications- GraphSummit Milan
Workshop - Architecting Innovative Graph Applications- GraphSummit MilanWorkshop - Architecting Innovative Graph Applications- GraphSummit Milan
Workshop - Architecting Innovative Graph Applications- GraphSummit Milan
 
CGI-IgniteChicago
CGI-IgniteChicagoCGI-IgniteChicago
CGI-IgniteChicago
 
Cloud Innovation Tour - Discover Track
Cloud Innovation Tour - Discover TrackCloud Innovation Tour - Discover Track
Cloud Innovation Tour - Discover Track
 
30 March 2017 - Vuzion Ireland Love Cloud
30 March 2017 - Vuzion Ireland Love Cloud30 March 2017 - Vuzion Ireland Love Cloud
30 March 2017 - Vuzion Ireland Love Cloud
 
Cloud Customer Architecture for API Management
Cloud Customer Architecture for API ManagementCloud Customer Architecture for API Management
Cloud Customer Architecture for API Management
 
Vitalii Bondarenko and Eugene Berko "Cloud AI Platform as an accelerator of e...
Vitalii Bondarenko and Eugene Berko "Cloud AI Platform as an accelerator of e...Vitalii Bondarenko and Eugene Berko "Cloud AI Platform as an accelerator of e...
Vitalii Bondarenko and Eugene Berko "Cloud AI Platform as an accelerator of e...
 
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
 
Blockchain, Integration, Serverless, Microservices - OOW / Code One 2018 Review
Blockchain, Integration, Serverless, Microservices - OOW / Code One 2018 ReviewBlockchain, Integration, Serverless, Microservices - OOW / Code One 2018 Review
Blockchain, Integration, Serverless, Microservices - OOW / Code One 2018 Review
 
O365Con18 - Hybrid SharePoint Deep Dive - Thomas Vochten
O365Con18 - Hybrid SharePoint Deep Dive - Thomas VochtenO365Con18 - Hybrid SharePoint Deep Dive - Thomas Vochten
O365Con18 - Hybrid SharePoint Deep Dive - Thomas Vochten
 
Lights-Out Testing for Lights-On Business
Lights-Out Testing for Lights-On BusinessLights-Out Testing for Lights-On Business
Lights-Out Testing for Lights-On Business
 
The Need for Speed
The Need for SpeedThe Need for Speed
The Need for Speed
 
Pivoting to Cloud: How an MSP Brokers Cloud Services
Pivoting to Cloud: How an MSP Brokers Cloud Services Pivoting to Cloud: How an MSP Brokers Cloud Services
Pivoting to Cloud: How an MSP Brokers Cloud Services
 
IBM Blockchain Labs Explained v1.0
IBM Blockchain Labs Explained v1.0IBM Blockchain Labs Explained v1.0
IBM Blockchain Labs Explained v1.0
 
Azure_Business_Opportunity
Azure_Business_OpportunityAzure_Business_Opportunity
Azure_Business_Opportunity
 
Crosswalk Introduction CSI National Sept. 23rd, 2021
Crosswalk Introduction CSI National Sept. 23rd, 2021Crosswalk Introduction CSI National Sept. 23rd, 2021
Crosswalk Introduction CSI National Sept. 23rd, 2021
 
Get Started with Microsoft Azure.pptx
Get Started with Microsoft Azure.pptxGet Started with Microsoft Azure.pptx
Get Started with Microsoft Azure.pptx
 

Plus de Peter GEELEN ✔

20210325 Slides - (ISC) BeLux Chapter - Using Enterprise Security for cyberse...
20210325 Slides - (ISC) BeLux Chapter - Using Enterprise Security for cyberse...20210325 Slides - (ISC) BeLux Chapter - Using Enterprise Security for cyberse...
20210325 Slides - (ISC) BeLux Chapter - Using Enterprise Security for cyberse...
Peter GEELEN ✔
 

Plus de Peter GEELEN ✔ (7)

Data compliance - get it right the first time (Black/White printable PDF)
Data compliance - get it right the first time (Black/White printable PDF)Data compliance - get it right the first time (Black/White printable PDF)
Data compliance - get it right the first time (Black/White printable PDF)
 
Data compliance - get it right the first time (Full color PDF)
Data compliance - get it right the first time (Full color PDF)Data compliance - get it right the first time (Full color PDF)
Data compliance - get it right the first time (Full color PDF)
 
20210325 Slides - (ISC) BeLux Chapter - Using Enterprise Security for cyberse...
20210325 Slides - (ISC) BeLux Chapter - Using Enterprise Security for cyberse...20210325 Slides - (ISC) BeLux Chapter - Using Enterprise Security for cyberse...
20210325 Slides - (ISC) BeLux Chapter - Using Enterprise Security for cyberse...
 
20201014 iso27001 iso27701 nist v2 (extended version)
20201014 iso27001 iso27701 nist v2 (extended version)20201014 iso27001 iso27701 nist v2 (extended version)
20201014 iso27001 iso27701 nist v2 (extended version)
 
20200206 privatum privacy after work - notes 3p
20200206 privatum privacy after work - notes 3p20200206 privatum privacy after work - notes 3p
20200206 privatum privacy after work - notes 3p
 
Risk management basics
Risk management basicsRisk management basics
Risk management basics
 
Identity Days 2019 - Sécurisation MiM (Peter Geelen)
Identity Days 2019 - Sécurisation MiM (Peter Geelen)Identity Days 2019 - Sécurisation MiM (Peter Geelen)
Identity Days 2019 - Sécurisation MiM (Peter Geelen)
 

Dernier

Syngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdfSyngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdf
Syngulon
 
Breaking Down the Flutterwave Scandal What You Need to Know.pdf
Breaking Down the Flutterwave Scandal What You Need to Know.pdfBreaking Down the Flutterwave Scandal What You Need to Know.pdf
Breaking Down the Flutterwave Scandal What You Need to Know.pdf
UK Journal
 
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptxUnpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
David Michel
 
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlFuture Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Peter Udo Diehl
 
TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024
Stephen Perrenod
 
How we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdfHow we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdf
Srushith Repakula
 
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
CzechDreamin
 

Dernier (20)

Syngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdfSyngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdf
 
Breaking Down the Flutterwave Scandal What You Need to Know.pdf
Breaking Down the Flutterwave Scandal What You Need to Know.pdfBreaking Down the Flutterwave Scandal What You Need to Know.pdf
Breaking Down the Flutterwave Scandal What You Need to Know.pdf
 
Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024
 
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
 
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
 
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdfSimplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
 
Portal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russePortal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russe
 
Overview of Hyperledger Foundation
Overview of Hyperledger FoundationOverview of Hyperledger Foundation
Overview of Hyperledger Foundation
 
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptxUnpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
 
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlFuture Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
 
TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024
 
Speed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in MinutesSpeed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in Minutes
 
Using IESVE for Room Loads Analysis - UK & Ireland
Using IESVE for Room Loads Analysis - UK & IrelandUsing IESVE for Room Loads Analysis - UK & Ireland
Using IESVE for Room Loads Analysis - UK & Ireland
 
Demystifying gRPC in .Net by John Staveley
Demystifying gRPC in .Net by John StaveleyDemystifying gRPC in .Net by John Staveley
Demystifying gRPC in .Net by John Staveley
 
How we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdfHow we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdf
 
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
 
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
 
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
 
Oauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoftOauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoft
 
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdfHow Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
 

Red flags and attention points in cloud security audit, watch the security gates.

  • 1. AI, Cloud & Modern Workplace Conference 2024 15, 16 & 17 February , Online Conference https://aicmwc.azurewebsites.net
  • 2. AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference Red flags and attention points in cloud security audit Watch the security gates 15 February 2024 , 21:00 P.M. (GMT+2) Peter GEELEN MVP Security (Identity & Access) https://www.linkedin.com/in/pgeelen/
  • 3. AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference Important to know: Security = PPT • PPT • People • Process • Technology
  • 4. AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference Important to know: Security = PPT • PPT • People • Process • Technology
  • 5. AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference Security across the company • Strategic • Tactical • Operational STRATEGIC (CxO) TACTICAL (Dept.) OPERATIONAL
  • 6. AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference Management team tasks • Accountability • Planning • Resources • Operations • Performance • Continuous improvement Act Plan Do Check Act Plan Do Check Security Improvement Time
  • 7. AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference Security controls • Asset management • Identity & access management • System & network security • Secure configuration & baseline • Physical security • Threat and vulnerability management • Application security • Policies & procedures • Documentation • HR security • Supplier Management • Incident management • Business continuity • Disaster recovery
  • 8. AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference Security is a process, continuously changing 1 2 3 In Few tasks simple Change Important volume of tasks Dependent tasks Balance from one to another Out Lots of tasks Lengthy Complex Legal impact Possible reactivation Uniqueness Conflicts
  • 9. AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference How are you doing?
  • 10. AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference How is your customer or supplier doing?
  • 11. AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference Monitoring or Audit: what’s the difference ? Monitoring • Performance check • Continuous (or high frequency) • By Owner Audit • Compliance check • Regular intervals (lower frequency) • Independent from owner
  • 12. AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference Audit types • 1st party (internal audit) • 2nd party • Customer > supplier • Supplier > customer • 3rd party • external
  • 13. AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference Audit types : internal audit • Self-validation (Auditing within company) • No publication to external parties • No certificate
  • 14. AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference Audit types : 2nd party audit (mutual) • Commercial interest first • Contractual dependence • Due diligence • Mutual interest • Customer checking (potential) supplier • Supplier checking (potential) customer, eg before onboarding • Delegation / verification of compliance • Verification if delegated tasks are done correctly
  • 15. AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference Audit types : 3rd party audit (external) • Independence between parties • Auditor vs customer • No combination of consulting & audit allowed • Segregation of duties • Official certificate • Published • Available to external parties
  • 16. AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference Audit main principles • Snapshot of situation • Quick estimation of situation • Risk based • Solution based, continuous improvement Some hands-on experience to stay out of trouble … detecting the red flags
  • 17. AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference 1. First login with god mode • First login • First administrator • Full power • God mode Solution - Create special admin account - No mail, enable MFA
  • 18. AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference 2. User ID and password • Typically personal account • User ID… and just password (an mail address) Solution • MFA • Hardware tokens • Passkeys (MFA next gen)
  • 19. AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference 3. Default groups • Azure Groups • Large volume of Azure and M365 Roles Solution • Avoid the use of default groups • Task based access, granular control • Only use default groups when no other option left
  • 20. AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference 4. Ad-hoc (eh..no) Identity Management • Manual management • No process • User duplication from existing users Solution • Setup basic IDM (identity mgmt) • Setup IAM (identity and access mgmt) 1 2 3 In Start of identity Hire, onboarding, provisioning, create, Begin, ... Change of identity, move, promotion, update, maintenance, operations, ... Out End-of-life Fire, termination, End-of-contract, deprovisioning, Revocation, delete, ...
  • 21. AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference 5. No process management • Manual management • No process owner • No process • No idea how data flows • No idea on changes Solution • Use basic process definitions • Check ISO9001
  • 22. AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference 6. All-in one account • User account = admin account • Mail enabled • Used for office and admin tasks Solution • Account separation • Segregation of duties • Separate logins for users and administrators
  • 23. AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference 7. All-in one desktop • Login account = local admin account • Full access • … Solution • Daily operations as user • Admin for specific access
  • 24. AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference 8. RDP remote access • RDP to Azure • … Solution • Bastion host
  • 25. AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference 9. One network • One network • Direct connections to Azure • No segmentation (neither in Azure as physical) Solution • Segmentation • Firewalls on every host and every network
  • 26. AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference 9. Onetime configuration • One configuration fixed at first configuration • But once set, never reset … • No review • No IDM cycle Solution: check... • Everytime on new configuration • During changes • Check regularly (put it on your agenda) • Use IDM (lifecycle)
  • 27. AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference Presentation Title 18 February , 9 P.M. (GMT+2) References • Microsoft • Azure compliance: ISO27001 • Azure compliance: ISO27017 / ISO 27018 • Learn Microsoft Azure audit and logging fundamentals • Azure security logging and auditing • Azure security management and monitoring overview
  • 28. AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference Presentation Title 18 February , 9 P.M. (GMT+2) References • Azure hardening • Azure security best practices and patterns
  • 29. AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference Presentation Title 18 February , 9 P.M. (GMT+2) References • ISO standards • ISO 27001: ISMS (information security management system) • ISO 27002: ISMS guidance • ISO 27017: cloud security • ISO 27018: PII in cloud (data protection in cloud • Cloud security basics (CCSK by CSA) • https://cloudsecurityalliance.org/ • Cloud controls matrix
  • 30. AI, Cloud & Modern Workplace Conference 2024 16, 17 & 18 February , Online Conference Presentation Title 18 February , 9 P.M. (GMT+2) More of this… • On my blog • Identity Underground • https://identityunderground.wordpress.com/
  • 31. Thank You !!! AI, Cloud & Modern Workplace Conference 2024 15, 16 & 17 February , Online Conference