12 Steps to Cloud Security



Cloud Architects, Managers and Engineers looking for a simpler introduction into the world of cloud security will benefit greatly from this talk. Using the 12-steps as a guide, attendees will be able to understand various security domains outlined and be able to implement a cloud security framework of their own using open source solutions alone.


Whether you are running on a Public or a Private Cloud Provider, this talk aims to help you secure your cloud based deployment, by using a simple step-by-step guide. You will be able to understand and implement a security framework for your own cloud deployment.

It attempts to do this by outlining a 12 step framework consisting of the following steps:

1. Knowing your Shared Responsibility
2. Protecting your Network
3. Protecting your Cloud Machine Images
4. Protecting your Data at Rest
5. Protecting your Data in Transit
6. Protecting and Patching your Instances
7. Protecting Access to your Instances
8. Protecting your Applications
9. Auditing and Monitoring your Cloud
10. Validating your Protection
11. Automating Everything
12. Updating your Security Policy

We will be going over each step in detail, so that attendees can understand the importance of underlying security domains and also learn how to go about implementing them using open source solutions alone. I will also be sharing my personal experiences and best practices when it comes to implementing a security framework for the cloud.


cloud computing, cloud security, security

Speaking experience

I have spoken at various meetups in the Seattle area and have presented the same material at Atigeo too. Here is a link to the excerpt of the talk: