Presented By O'Reilly and Cloudera
Make Data Work
December 1–3, 2015 • Singapore

12 steps to cloud security

11:00am–11:40am Thursday, 12/03/2015
Security & Governance
Location: 334-335 Level: Intermediate
Average rating: ***..
(3.62, 8 ratings)

Prerequisite Knowledge

Basic understand of cloud based concepts High level understanding of big data technologies High level understanding of security and networking.


Whether you are running on a public or a private cloud provider, this talk aims to help you secure your cloud-based deployment, by using a simple step-by-step guide. You will be able to understand and implement a security framework for your own data-driven cloud deployment.

The talk will outline a 12-step framework consisting of the following steps:

  1. Knowing your shared responsibility
  2. Protecting your network
  3. Protecting your cloud machine images
  4. Protecting your data at rest
  5. Protecting your data in transit
  6. Protecting and patching your instances
  7. Protecting access to your instances
  8. Protecting your applications
  9. Auditing and monitoring your cloud
  10. Validating your protection
  11. Automating everything
  12. Updating your security policy

Tools and Technologies Covered:
Hadoop, HDFS, Apache Spark, Cassandra
PfSense, Openswan, OpenVPN
SELinux, App Armor, Dm-crypt
Nginx, ModSecurity
Samba/Winbind, OpenLDAP
Logstash, Nagios, Ganglia
Metasploit, Nessus
Ansible, Docker, Jenkins

We will be going over each step in detail so that attendees can understand the importance of underlying security domains, and also learn how to go about implementing them using open source solutions alone. I will also be sharing my personal experiences and best practices when it comes to implementing a security framework for the cloud.

Photo of Vettrivel Viswanathan

Vettrivel Viswanathan


Vishnu Vettrivel is a developer and architect with around 20 years of experience building and scaling successful big data and AI platforms. He is the architect and co-founder of the Nephos project that is an intuitive hybrid cloud enabled AI workflow service that allows customers to leverage the power of high performance computing without being locked in to any single cloud vendor. Vishnu has a graduate degree in software management from Carnegie Mellon University and lives in the Seattle Metro Area.