Loading…
Back To Schedule
Wednesday, May 14 • 4:30pm - 5:10pm
Will Your Cloud Be Compliant?

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Architecting a standards compliant cloud can be difficult. There are emerging cloud specific security standards such as FedRAMP and CSA that should be considered in addition to existing NIST/ISO and PCI-DSS standards. OpenStack workflows and resources that exist today either fully or partially meet these common compliance requirements. We will discuss areas that need work and areas that appear to be in good shape.
The talk includes a study of PayPal’s experience in reviewing OpenStack security as relates to complying with PCI-DSS in their private cloud and existing data center environment. It dives into the many design decisions PayPal made within their environment considering whether to use physical versus logical devices, review hypervisor versus guest compliance, and whether to maintain separate management networks for PCI versus non-PCI traffic.

Speakers
avatar for Scott Carlson

Scott Carlson

Architect, Cloud Platform Security, PayPal
Scott Carlson has been with PayPal since the end of 2011. He’s spent the last 15 years in the Banking, Education, and Payment sectors perfecting the art of sys-admining, cloud-ifying and in keeping mission critical systems from falling to pieces. In 2013, he spoke at both the VMWorld... Read More →
avatar for Evgeniya Shumakher

Evgeniya Shumakher

Head of Technology Partnerships, Mirantis
Evgeniya Shumakher is a Head of Technology Partnership at Mirantis, where she coordinates and leads efforts to help Mirantis partners navigate OpenStack and Kubernetes ecosystems and to expand the utility of Mirantis products to customers via integration of partner products and t... Read More →


Wednesday May 14, 2014 4:30pm - 5:10pm EDT
Room B102

Attendees (0)