S1: The Virtual World Exposed: Hacking the Cloud presented at SecureBerlin 2015

by Jason Hart,

Summary : This presentation will use live demos to show how vulnerable cloud computing, SaaS and virtual environments can be without the correct user and data security controls. Examples will include how password controls can be bypassed and compromised, why software keys are not good enough, and how what individuals do online in their personal lives can threaten the security of business data.
Attendees will gain an understanding of
- The types of threats that can compromise data in cloud and virtual environments
- The importance of using data and user centric security models vs. conventional data security practices
- How to properly deploy and use multi-factor authentication to provide stronger access controls for data and applications in the cloud or virtual environments
- How to protect data wherever it resides using bring your own encryption solutions
- The importance of strong key management and encryption
- How and where to store encryption keys (hardware vs. software)