While security continues to be a big barrier to cloud adoption, compliance remains a bigger headache for enterprises as they transition to the cloud.
This session will cover why compliance matters, the differences between service delivery-based compliance and product compliance, standards (such as PCI, HIPAA, FedRAMP, ISO etc.) versus certifications (such as Common Criteria, FIPS 140-2). It will also discuss the concept of shared responsibility (customers vs. vendor vs. service provider), where customers are ultimately responsible for becoming certified, while understanding what service providers and vendors need to do to enable that. Using PCI DSS 3.1 as an example, this session will explore how OpenStack can be configured securely to meet the security controls directly in the areas of monitoring, auditing, authentication, role-based access control, data protection (encryption of data at rest and in transit) when dealing directly or indirectly with cardholder data.
Registration Opening Soon
Registration will open for you to purchase passes for the OpenStack Summit very soon!
We're excited to see you there!
