Approaching a new security model in cloud computing
Who is this presentation for?
- Cloud engineers, developers, DevOps practitioners and SREs, systems engineers, and IT engineers
In the startup world, you’re constantly evaluating your infrastructure to improve security controls for your platform. Evaluations at Welkin identified key areas for improvement, leading the company to adopt a new security model: BeyondCorp. BeyondCorp is an enterprise security model created and improved upon by Google. It assigns access controls to individual devices and users rather than networks. This gives employees secure remote data access without relying on virtual private networks (VPNs).
Jibby Ayo-Ani walks you through an approach to the BeyondCorp model, during which she identified three major projects to improve security standards as a whole: a modern alternative for replacing a secure shell (SSH) connection, identity-aware proxies, and device trust, which ensures that only known and secured devices can access the company’s managed infrastructure. Jibby explores what it looks like to approach security from a ground up approach, implementing all of these measures to greatly improve cloud security posture. You’ll leave empowered to implement these higher standard security measures at your own company.
- A basic understanding of cloud computing and networking (useful but not required)
What you'll learn
- Learn the BeyondCorp security model
- Discover how to improve your company's security posture by removing reliability on VPN
- Understand how to implement device trust and identity-aware proxies
Jibby Ayo-Ani is a DevOps engineer II at Welkin, a series-A health tech startup, where she leads the DevOps space to ultimately foster long-term solutions to patients with chronic diseases. She lives to fight the good fight; an experienced Silicon Valley software and DevOps engineer, Jibby has worked across multiple industries addressing social issues in both large and small technology companies as well as for the Marshallese government as a consultant to prevent bad guys from laundering money through off-shore bank accounts. With cloud computing as her core skill set, she’s become a subject matter expert on site reliability and disaster recovery aiming to build out scalable AWS cloud solutions.
Leave a Comment or Question
Help us make this conference the best it can be for you. Have questions you'd like this speaker to address? Suggestions for issues that deserve extra attention? Feedback that you'd like to share with the speaker and other attendees?
Join the conversation here (requires login)
For conference registration information and customer service
For more information on community discounts and trade opportunities with O’Reilly conferences
For information on exhibiting or sponsoring a conference
For media/analyst press inquires