SlideShare a Scribd company logo
1 of 17
Download to read offline
Governing in the Cloud,[object Object],Rolf Frydenberg,[object Object],Joymount AS, Senior Advisor,[object Object],February 9, 2011,[object Object]
Agenda,[object Object],Cloud Security Alliance – general and Norway,[object Object],CSA Cloud Security Guidance,[object Object],NIST Cloud Definition Framework,[object Object],Governance and Enterprise Risk Management,[object Object],Legal and Electronic Discovery,[object Object],Compliance and Audit,[object Object],Information Lifecycle Management,[object Object],Portability and Interoperability,[object Object],Other CSA Domains – Operations,[object Object],Cloud Controls Matrix,[object Object],CSA GRC Stack,[object Object]
About the Cloud Security Alliance,[object Object],Global, not-for-profit organization,[object Object],Over 16,000 individual members, 80 corporate members,[object Object],Building best practices and a trusted cloud ecosystem,[object Object],Agile philosophy, rapid development of applied research,[object Object],GRC: Balance compliance with risk management,[object Object],Reference models: build using existing standards,[object Object],Identity: a key foundation of a functioning cloud economy,[object Object],Champion interoperability,[object Object],Advocacy of prudent public policy,[object Object],“To promote the use of best practices for providing security assurance within Cloud Computing, and provide education on the uses of Cloud Computing to help secure all other forms of computing.”,[object Object]
What We Did in 2010,[object Object],Threat Research: Top Threats to Cloud Computing; announced at RSA 2010, shared technology vulnerabilities, data loss/leakage, malicious insiders, insecure APIs, etc.,[object Object],Certificate of Cloud Security Knowledge; released Sep 1 2010, web-based test for competency in CSA Guidance,[object Object],Trusted Cloud Initiative; Cloud security reference architecture, secure and interoperable identity in the cloud, responsibilities for identity providers,[object Object],Cloud Controls Matrix Tool; 98 controls derived from guidance, mapped to ISO 27001, COBIT, PCI DSS, HIPAA ,[object Object],Consensus Assessment Initiative; research tool and processes to assess cloud providers, V 1 released Oct 2010 with 140 provider questions,[object Object],Cloud Audit; Open standard and API to automate provider audit assertions, uses CCM, www.cloudaudit.org,[object Object],CSA GRC Stack; suite of tools, best practices, enabling technology, simplify GRC in the cloud,[object Object]
Plans for 2011,[object Object],CSA Guidance Research; V3 target for Q3 2011; best practices,[object Object],CSA GRC Stack; Expand, pilot projects, embed in providers and products,[object Object],Trusted Cloud Initiative; Release reference architecture and certifications,[object Object],CloudCERT; Consensus research, best practices,[object Object],CCSK; Role-specific training, hands-on lab,[object Object],CCM; V 2 target 1H 2011; increase mappings, fine tune controls, ISO engagement,[object Object],Cloud Metrics Research; Metrics for each of the 98 controls in CCM; create baseline capability,[object Object],Security as a Service; Define it, solution categories, guidance, align with other CSA research,[object Object]
CSA Norway Chapter,[object Object],Established in October 2010,[object Object],80 individual members (Feb 2011),[object Object],Board of six directors elected Oct 2011:,[object Object],Rolf Frydenberg, Joymount (president),[object Object],Geir-Arild EnghHellesvik, KPMG (secretary),[object Object],Lars Egil Sætrang, Promon (treasurer),[object Object],Helge Skrivervik, Team Mellvik,[object Object],Tor Andre Breivikås, Teleplan,[object Object],ChunmingRong, University of Stavanger,[object Object],First Members’ Meeting in December 2010 (Private vs Public Cloud),[object Object],Second Members’ Meeting in February 2011 (Compliance in the Cloud),[object Object],Co-op seminar planned with Dataforeningen (Norwegian Computing Society),[object Object]
CSA Guidance Research,[object Object],Cloud Architecture,[object Object],Governance and Enterprise Risk Management,[object Object],Legal and Electronic Discovery,[object Object],Compliance and Audit,[object Object],Governing the Cloud,[object Object],Information Lifecycle Management,[object Object],Portability and Interoperability,[object Object],Security, Bus. Cont,, and Disaster Recovery,[object Object],Data Center Operations,[object Object],Incident  Response, Notification, Remediation,[object Object],Application Security,[object Object],Operating in the Cloud,[object Object],Encryption and Key Management,[object Object],CSA Guidance 2.1 > 100k downloads:,[object Object],cloudsecurityalliance.org/guidance,[object Object],Identity and Access Management,[object Object],Virtualization,[object Object]
Cloud Reference Architecture (According to NIST),[object Object]
Governance and Enterprise Risk Management,[object Object],Develop robust information security guidance regardless of the service or delivery model,[object Object],Review information security governance structures and processes, as well as security controls; include the vendor’s complete supply chain!,[object Object],Collaborative governance and risk management as part of development, deployment and operation of services,[object Object],Methods and metrics for measuring performance and effectiveness of security management,[object Object],Determine risk exposure before detailed requirements,[object Object],Risk Management through valuation of assets, identification of threats and vulnerabilities; management acceptance of risk levels and options (control, avoid, transfer, accept),[object Object],Cloud vendors should include measures and controls to assist customers in their Risk Management,[object Object]
Legal and Electronic Discovery,[object Object],Mutual understanding of each other’s roles and responsibilities related to e-discovery, litigation, searches, etc.,[object Object],Plan for both expected and unexpected termination of agreement,[object Object],Agreement must allow customer and/or third party to monitor service provider’s performance and test for vulnerabilities,[object Object],In many cases there is a requirement to know – down to physical disk – where data is stored,[object Object],Customer must ensure it retains ownership of all data it stores on behalf of its customers and employees,[object Object]
Compliance and Audit,[object Object],The provider’s standard terms and conditions many not address your compliance needs,[object Object],Make sure you have the right and access capabilities to perform audits,[object Object],Determine whether you are subject to compliance regulations with specific Cloud Computing requirements,[object Object],Analyze the impact of regulations regarding data security on use of Cloud Computing,[object Object],Require that the cloud provider has at least a roadmap for ISO/IEC 27001 compliance,[object Object],CSA has called for the whole industry to be ISO/IEC 27002 compliant,[object Object],When selecting an external auditor, ensure he has Cloud Computing knowledge and experience,[object Object]
Information Lifecycle Management,[object Object],Understand how data integrity is maintained and how compromise of integrity is detected and communicated,[object Object],Ensure specific identification of all controls used during the lifecycle of the data,[object Object],Understand circumstances under which storage can be seized by a third party or government entity, and require advance notification of and such action,[object Object],Use a “Default Deny All” policy for all data, applied to all cloud provider personnel and subcontractors, as well as third parties; often also preferable to use for your own employees as well,[object Object],Identify trust boundaries throughout the IT architecture and abstraction layers,[object Object],Understand how encryption and key management are handled on multi-tenant storage and other multi-tenant components of the service,[object Object]
Portability and Interoperability,[object Object],Substituting cloud providers is in virtually all cases a negative transaction for at least one party; plan for this from the outset,[object Object],Document the security architecture, configuration and controls,[object Object],IaaS: Understand how virtual machine images can be captured and ported; identify and eliminate provider-specific extensions to VM environment,[object Object],PaaS: Use platform components with standard syntax, open APIs and open standards; understand how tools and services like backup/restore, monitoring, logging and audit would transfer to a new vendor ,[object Object],SaaS: Perform regular data extractions to a format that is usable without the current SaaS provider; Understand any custom tools that are developed and configured specially,[object Object]
Other CSA Domains: Operations,[object Object],Security, Business Continuity, Disaster Recovery,[object Object],Data Center Operations,[object Object],Incident Response, Notification, Remediation,[object Object],Application Security,[object Object],Encryption and Key Management,[object Object],Identity and Access Management,[object Object],Virtualization,[object Object]
Cloud Controls Matrix Tool,[object Object],Controls derived from guidance,[object Object],Rated as applicable to     S-P-I,[object Object],Customer vs Provider role,[object Object],Mapped to ISO 27001, COBIT, PCI, HIPAA,[object Object],Help bridge the gap for IT & IT auditors,[object Object]
CSA GRC Stack,[object Object],Recent News: CSA GRC Stack – on your USB drive,[object Object],Suite of tools, best practices and enabling technology,[object Object],Consolidate industry research & simplify GRC in the cloud,[object Object],For cloud providers, enterprises, solution providers and audit/compliance,[object Object],www.cloudsecurityalliance.org/grcstack,[object Object],Provider Assertions,[object Object],Private & Public Clouds,[object Object],Control Requirements,[object Object]
Thanks for listening!,[object Object],Rolf Frydenberg, rolff@joymount.no,[object Object],CSA Norway & Joymount AS,[object Object]

More Related Content

What's hot

AgilePath's Live Webinar: Exploring the Cloud Governance Lifecycle Dec 16 2010
AgilePath's Live Webinar: Exploring the Cloud Governance Lifecycle Dec 16 2010AgilePath's Live Webinar: Exploring the Cloud Governance Lifecycle Dec 16 2010
AgilePath's Live Webinar: Exploring the Cloud Governance Lifecycle Dec 16 2010AgilePath Corporation
 
Cloud computing and migration strategies to cloud
Cloud computing and migration strategies to cloudCloud computing and migration strategies to cloud
Cloud computing and migration strategies to cloudSourabh Saxena
 
How to streamline data governance and security across on-prem and cloud?
How to streamline data governance and security across on-prem and cloud?How to streamline data governance and security across on-prem and cloud?
How to streamline data governance and security across on-prem and cloud?Privacera
 
Cloud security design considerations
Cloud security design considerationsCloud security design considerations
Cloud security design considerationsMike Kavis
 
Cloud Migration - Cloud Computing Benefits & Issues
Cloud Migration - Cloud Computing Benefits & IssuesCloud Migration - Cloud Computing Benefits & Issues
Cloud Migration - Cloud Computing Benefits & IssuesArtizen, Inc.
 
Cloud First Architecture
Cloud First ArchitectureCloud First Architecture
Cloud First ArchitectureCameron Vetter
 
PECB Webinar: The alignment of Information Security in Service Management
PECB Webinar: The alignment of Information Security in Service ManagementPECB Webinar: The alignment of Information Security in Service Management
PECB Webinar: The alignment of Information Security in Service ManagementPECB
 
Sukumar Nayak-Agile-DevOps-Cloud Management
Sukumar Nayak-Agile-DevOps-Cloud ManagementSukumar Nayak-Agile-DevOps-Cloud Management
Sukumar Nayak-Agile-DevOps-Cloud ManagementSukumar Nayak
 
Multi cloud migration decision framework
Multi cloud migration decision frameworkMulti cloud migration decision framework
Multi cloud migration decision frameworkJosh Petla
 
Cloud migration
Cloud migrationCloud migration
Cloud migrationRaj Raj
 
Moving to the cloud: cloud strategies and roadmaps
Moving to the cloud: cloud strategies and roadmapsMoving to the cloud: cloud strategies and roadmaps
Moving to the cloud: cloud strategies and roadmapsJisc
 
Benefits of Transforming to a Hybrid Infrastructure - HPE
Benefits of Transforming to a Hybrid Infrastructure - HPEBenefits of Transforming to a Hybrid Infrastructure - HPE
Benefits of Transforming to a Hybrid Infrastructure - HPEMarcoTechnologies
 
Evaluating the Cloud
Evaluating the CloudEvaluating the Cloud
Evaluating the CloudSociusPartner
 
Cloud First: Be Prepared
Cloud First: Be PreparedCloud First: Be Prepared
Cloud First: Be PreparedAlan Eardley
 
Developing Your Cloud Strategy
Developing Your Cloud StrategyDeveloping Your Cloud Strategy
Developing Your Cloud StrategyVISI
 
RapidScale CloudMail
RapidScale CloudMailRapidScale CloudMail
RapidScale CloudMailRapidScale
 
RapidScale CloudApps
RapidScale CloudAppsRapidScale CloudApps
RapidScale CloudAppsRapidScale
 

What's hot (20)

AgilePath's Live Webinar: Exploring the Cloud Governance Lifecycle Dec 16 2010
AgilePath's Live Webinar: Exploring the Cloud Governance Lifecycle Dec 16 2010AgilePath's Live Webinar: Exploring the Cloud Governance Lifecycle Dec 16 2010
AgilePath's Live Webinar: Exploring the Cloud Governance Lifecycle Dec 16 2010
 
Cloud computing and migration strategies to cloud
Cloud computing and migration strategies to cloudCloud computing and migration strategies to cloud
Cloud computing and migration strategies to cloud
 
How to streamline data governance and security across on-prem and cloud?
How to streamline data governance and security across on-prem and cloud?How to streamline data governance and security across on-prem and cloud?
How to streamline data governance and security across on-prem and cloud?
 
Cloud security design considerations
Cloud security design considerationsCloud security design considerations
Cloud security design considerations
 
Cloud Migration - Cloud Computing Benefits & Issues
Cloud Migration - Cloud Computing Benefits & IssuesCloud Migration - Cloud Computing Benefits & Issues
Cloud Migration - Cloud Computing Benefits & Issues
 
Cloud Migration Strategy Framework
Cloud Migration Strategy FrameworkCloud Migration Strategy Framework
Cloud Migration Strategy Framework
 
Cloud First Architecture
Cloud First ArchitectureCloud First Architecture
Cloud First Architecture
 
PECB Webinar: The alignment of Information Security in Service Management
PECB Webinar: The alignment of Information Security in Service ManagementPECB Webinar: The alignment of Information Security in Service Management
PECB Webinar: The alignment of Information Security in Service Management
 
Sukumar Nayak-Agile-DevOps-Cloud Management
Sukumar Nayak-Agile-DevOps-Cloud ManagementSukumar Nayak-Agile-DevOps-Cloud Management
Sukumar Nayak-Agile-DevOps-Cloud Management
 
Multi cloud migration decision framework
Multi cloud migration decision frameworkMulti cloud migration decision framework
Multi cloud migration decision framework
 
Cloud migration
Cloud migrationCloud migration
Cloud migration
 
Moving to the cloud: cloud strategies and roadmaps
Moving to the cloud: cloud strategies and roadmapsMoving to the cloud: cloud strategies and roadmaps
Moving to the cloud: cloud strategies and roadmaps
 
Benefits of Transforming to a Hybrid Infrastructure - HPE
Benefits of Transforming to a Hybrid Infrastructure - HPEBenefits of Transforming to a Hybrid Infrastructure - HPE
Benefits of Transforming to a Hybrid Infrastructure - HPE
 
Evaluating the Cloud
Evaluating the CloudEvaluating the Cloud
Evaluating the Cloud
 
Cloud migration
Cloud migrationCloud migration
Cloud migration
 
Cloud migration
Cloud migrationCloud migration
Cloud migration
 
Cloud First: Be Prepared
Cloud First: Be PreparedCloud First: Be Prepared
Cloud First: Be Prepared
 
Developing Your Cloud Strategy
Developing Your Cloud StrategyDeveloping Your Cloud Strategy
Developing Your Cloud Strategy
 
RapidScale CloudMail
RapidScale CloudMailRapidScale CloudMail
RapidScale CloudMail
 
RapidScale CloudApps
RapidScale CloudAppsRapidScale CloudApps
RapidScale CloudApps
 

Viewers also liked

Cloud Governance Framework - Required Cloud Sourcing Capabilities
Cloud Governance Framework - Required Cloud Sourcing CapabilitiesCloud Governance Framework - Required Cloud Sourcing Capabilities
Cloud Governance Framework - Required Cloud Sourcing CapabilitiesSusanneT
 
AWS re:Invent 2016: How News UK Centralized Cloud Governance Through Policy M...
AWS re:Invent 2016: How News UK Centralized Cloud Governance Through Policy M...AWS re:Invent 2016: How News UK Centralized Cloud Governance Through Policy M...
AWS re:Invent 2016: How News UK Centralized Cloud Governance Through Policy M...Amazon Web Services
 
Accountability for Data Governance in the Cloud
Accountability for Data Governance in the CloudAccountability for Data Governance in the Cloud
Accountability for Data Governance in the CloudMassimo Felici
 
RightScale Webinar: The Five Critical Steps to Develop a Cloud Strategy
RightScale Webinar: The Five Critical Steps to Develop a Cloud StrategyRightScale Webinar: The Five Critical Steps to Develop a Cloud Strategy
RightScale Webinar: The Five Critical Steps to Develop a Cloud StrategyRightScale
 
Visibility, Optimization & Governance for Cloud Services
Visibility, Optimization & Governance for Cloud ServicesVisibility, Optimization & Governance for Cloud Services
Visibility, Optimization & Governance for Cloud ServicesPolarSeven Pty Ltd
 
Microsoft Private Cloud Strategy
Microsoft Private Cloud StrategyMicrosoft Private Cloud Strategy
Microsoft Private Cloud StrategyAmit Gatenyo
 
AWS re:Invent 2016: Governance Strategies for Cloud Transformation (WWPS302)
AWS re:Invent 2016: Governance Strategies for Cloud Transformation (WWPS302)AWS re:Invent 2016: Governance Strategies for Cloud Transformation (WWPS302)
AWS re:Invent 2016: Governance Strategies for Cloud Transformation (WWPS302)Amazon Web Services
 
Integrating On-premises Enterprise Storage Workloads with AWS (ENT301) | AWS ...
Integrating On-premises Enterprise Storage Workloads with AWS (ENT301) | AWS ...Integrating On-premises Enterprise Storage Workloads with AWS (ENT301) | AWS ...
Integrating On-premises Enterprise Storage Workloads with AWS (ENT301) | AWS ...Amazon Web Services
 
How Social and the Cloud Impact Your Governance Strategy
How Social and the Cloud Impact Your Governance StrategyHow Social and the Cloud Impact Your Governance Strategy
How Social and the Cloud Impact Your Governance StrategyChristian Buckley
 
(ISM305) Framework: Create Cloud Strategy & Accelerate Results
(ISM305) Framework: Create Cloud Strategy & Accelerate Results(ISM305) Framework: Create Cloud Strategy & Accelerate Results
(ISM305) Framework: Create Cloud Strategy & Accelerate ResultsAmazon Web Services
 
CPN210 Defining an Enterprise Cloud Strategy - AWS re: Invent 2012
CPN210 Defining an Enterprise Cloud Strategy - AWS re: Invent 2012CPN210 Defining an Enterprise Cloud Strategy - AWS re: Invent 2012
CPN210 Defining an Enterprise Cloud Strategy - AWS re: Invent 2012Amazon Web Services
 

Viewers also liked (13)

Cloud Governance Framework - Required Cloud Sourcing Capabilities
Cloud Governance Framework - Required Cloud Sourcing CapabilitiesCloud Governance Framework - Required Cloud Sourcing Capabilities
Cloud Governance Framework - Required Cloud Sourcing Capabilities
 
AWS re:Invent 2016: How News UK Centralized Cloud Governance Through Policy M...
AWS re:Invent 2016: How News UK Centralized Cloud Governance Through Policy M...AWS re:Invent 2016: How News UK Centralized Cloud Governance Through Policy M...
AWS re:Invent 2016: How News UK Centralized Cloud Governance Through Policy M...
 
AWS Governance Overview - Beach
AWS Governance Overview - BeachAWS Governance Overview - Beach
AWS Governance Overview - Beach
 
Accountability for Data Governance in the Cloud
Accountability for Data Governance in the CloudAccountability for Data Governance in the Cloud
Accountability for Data Governance in the Cloud
 
RightScale Webinar: The Five Critical Steps to Develop a Cloud Strategy
RightScale Webinar: The Five Critical Steps to Develop a Cloud StrategyRightScale Webinar: The Five Critical Steps to Develop a Cloud Strategy
RightScale Webinar: The Five Critical Steps to Develop a Cloud Strategy
 
Visibility, Optimization & Governance for Cloud Services
Visibility, Optimization & Governance for Cloud ServicesVisibility, Optimization & Governance for Cloud Services
Visibility, Optimization & Governance for Cloud Services
 
Microsoft Private Cloud Strategy
Microsoft Private Cloud StrategyMicrosoft Private Cloud Strategy
Microsoft Private Cloud Strategy
 
Make your cloud strategy work for 2016 webinar 1.13.16
Make your cloud strategy work for 2016 webinar 1.13.16Make your cloud strategy work for 2016 webinar 1.13.16
Make your cloud strategy work for 2016 webinar 1.13.16
 
AWS re:Invent 2016: Governance Strategies for Cloud Transformation (WWPS302)
AWS re:Invent 2016: Governance Strategies for Cloud Transformation (WWPS302)AWS re:Invent 2016: Governance Strategies for Cloud Transformation (WWPS302)
AWS re:Invent 2016: Governance Strategies for Cloud Transformation (WWPS302)
 
Integrating On-premises Enterprise Storage Workloads with AWS (ENT301) | AWS ...
Integrating On-premises Enterprise Storage Workloads with AWS (ENT301) | AWS ...Integrating On-premises Enterprise Storage Workloads with AWS (ENT301) | AWS ...
Integrating On-premises Enterprise Storage Workloads with AWS (ENT301) | AWS ...
 
How Social and the Cloud Impact Your Governance Strategy
How Social and the Cloud Impact Your Governance StrategyHow Social and the Cloud Impact Your Governance Strategy
How Social and the Cloud Impact Your Governance Strategy
 
(ISM305) Framework: Create Cloud Strategy & Accelerate Results
(ISM305) Framework: Create Cloud Strategy & Accelerate Results(ISM305) Framework: Create Cloud Strategy & Accelerate Results
(ISM305) Framework: Create Cloud Strategy & Accelerate Results
 
CPN210 Defining an Enterprise Cloud Strategy - AWS re: Invent 2012
CPN210 Defining an Enterprise Cloud Strategy - AWS re: Invent 2012CPN210 Defining an Enterprise Cloud Strategy - AWS re: Invent 2012
CPN210 Defining an Enterprise Cloud Strategy - AWS re: Invent 2012
 

Similar to Governing in the Cloud

Cloud Security, Standards and Applications
Cloud Security, Standards and ApplicationsCloud Security, Standards and Applications
Cloud Security, Standards and ApplicationsDr. Sunil Kr. Pandey
 
The Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA IDThe Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA IDEryk Budi Pratama
 
Cloud Security Standards: What to Expect and What to Negotiate V2.0
Cloud Security Standards: What to Expect and What to Negotiate V2.0Cloud Security Standards: What to Expect and What to Negotiate V2.0
Cloud Security Standards: What to Expect and What to Negotiate V2.0Cloud Standards Customer Council
 
Latest Developments in Cloud Security Standards and Privacy
Latest Developments in Cloud Security Standards and PrivacyLatest Developments in Cloud Security Standards and Privacy
Latest Developments in Cloud Security Standards and PrivacyCloud Standards Customer Council
 
Transforming cloud security into an advantage
Transforming cloud security into an advantageTransforming cloud security into an advantage
Transforming cloud security into an advantageMoshe Ferber
 
Simplify Your Approach To_Assess The Risks Of Moving Into The Cloud
Simplify Your Approach To_Assess The Risks Of Moving Into The CloudSimplify Your Approach To_Assess The Risks Of Moving Into The Cloud
Simplify Your Approach To_Assess The Risks Of Moving Into The CloudHappiest Minds Technologies
 
Transform Your Cloud Validation Strategy from Cloudy to Clear
Transform Your Cloud Validation Strategy from Cloudy to ClearTransform Your Cloud Validation Strategy from Cloudy to Clear
Transform Your Cloud Validation Strategy from Cloudy to ClearTechWell
 
2011 Digital Summit - Not So Cloudy - Agcaoili
2011 Digital Summit - Not So Cloudy - Agcaoili2011 Digital Summit - Not So Cloudy - Agcaoili
2011 Digital Summit - Not So Cloudy - AgcaoiliPhil Agcaoili
 
Legal And Regulatory Issues Cloud Computing...V2.0
Legal And Regulatory Issues Cloud Computing...V2.0Legal And Regulatory Issues Cloud Computing...V2.0
Legal And Regulatory Issues Cloud Computing...V2.0David Spinks
 
The Cloud Crossover
The Cloud CrossoverThe Cloud Crossover
The Cloud CrossoverArmor
 
How much can I trust my cloud services?
How much can I trust my cloud services?How much can I trust my cloud services?
How much can I trust my cloud services?ATMOSPHERE .
 
cloudComputingSec_p3.pptx
cloudComputingSec_p3.pptxcloudComputingSec_p3.pptx
cloudComputingSec_p3.pptxSteven Quach
 
Novel cloud computingsecurity issues
Novel cloud computingsecurity issuesNovel cloud computingsecurity issues
Novel cloud computingsecurity issuesJoo Manthar
 
Security Considerations When Using Cloud Infrastructure Services.pdf
Security Considerations When Using Cloud Infrastructure Services.pdfSecurity Considerations When Using Cloud Infrastructure Services.pdf
Security Considerations When Using Cloud Infrastructure Services.pdfCiente
 
Design and implement a new cloud security method based on multi clouds on ope...
Design and implement a new cloud security method based on multi clouds on ope...Design and implement a new cloud security method based on multi clouds on ope...
Design and implement a new cloud security method based on multi clouds on ope...csandit
 
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...cscpconf
 
Whitepaper: Moving to Clouds? Simplify your approach to understand the risks ...
Whitepaper: Moving to Clouds? Simplify your approach to understand the risks ...Whitepaper: Moving to Clouds? Simplify your approach to understand the risks ...
Whitepaper: Moving to Clouds? Simplify your approach to understand the risks ...Happiest Minds Technologies
 

Similar to Governing in the Cloud (20)

Cloud Security, Standards and Applications
Cloud Security, Standards and ApplicationsCloud Security, Standards and Applications
Cloud Security, Standards and Applications
 
The Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA IDThe Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA ID
 
Cloud Security Standards: What to Expect and What to Negotiate V2.0
Cloud Security Standards: What to Expect and What to Negotiate V2.0Cloud Security Standards: What to Expect and What to Negotiate V2.0
Cloud Security Standards: What to Expect and What to Negotiate V2.0
 
Latest Developments in Cloud Security Standards and Privacy
Latest Developments in Cloud Security Standards and PrivacyLatest Developments in Cloud Security Standards and Privacy
Latest Developments in Cloud Security Standards and Privacy
 
Cloud services and it security
Cloud services and it securityCloud services and it security
Cloud services and it security
 
Transforming cloud security into an advantage
Transforming cloud security into an advantageTransforming cloud security into an advantage
Transforming cloud security into an advantage
 
Simplify Your Approach To_Assess The Risks Of Moving Into The Cloud
Simplify Your Approach To_Assess The Risks Of Moving Into The CloudSimplify Your Approach To_Assess The Risks Of Moving Into The Cloud
Simplify Your Approach To_Assess The Risks Of Moving Into The Cloud
 
SECURING THE CLOUD DATA LAKES
SECURING THE CLOUD DATA LAKESSECURING THE CLOUD DATA LAKES
SECURING THE CLOUD DATA LAKES
 
Cloud computingsec p3
Cloud computingsec p3Cloud computingsec p3
Cloud computingsec p3
 
Transform Your Cloud Validation Strategy from Cloudy to Clear
Transform Your Cloud Validation Strategy from Cloudy to ClearTransform Your Cloud Validation Strategy from Cloudy to Clear
Transform Your Cloud Validation Strategy from Cloudy to Clear
 
2011 Digital Summit - Not So Cloudy - Agcaoili
2011 Digital Summit - Not So Cloudy - Agcaoili2011 Digital Summit - Not So Cloudy - Agcaoili
2011 Digital Summit - Not So Cloudy - Agcaoili
 
Legal And Regulatory Issues Cloud Computing...V2.0
Legal And Regulatory Issues Cloud Computing...V2.0Legal And Regulatory Issues Cloud Computing...V2.0
Legal And Regulatory Issues Cloud Computing...V2.0
 
The Cloud Crossover
The Cloud CrossoverThe Cloud Crossover
The Cloud Crossover
 
How much can I trust my cloud services?
How much can I trust my cloud services?How much can I trust my cloud services?
How much can I trust my cloud services?
 
cloudComputingSec_p3.pptx
cloudComputingSec_p3.pptxcloudComputingSec_p3.pptx
cloudComputingSec_p3.pptx
 
Novel cloud computingsecurity issues
Novel cloud computingsecurity issuesNovel cloud computingsecurity issues
Novel cloud computingsecurity issues
 
Security Considerations When Using Cloud Infrastructure Services.pdf
Security Considerations When Using Cloud Infrastructure Services.pdfSecurity Considerations When Using Cloud Infrastructure Services.pdf
Security Considerations When Using Cloud Infrastructure Services.pdf
 
Design and implement a new cloud security method based on multi clouds on ope...
Design and implement a new cloud security method based on multi clouds on ope...Design and implement a new cloud security method based on multi clouds on ope...
Design and implement a new cloud security method based on multi clouds on ope...
 
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...
 
Whitepaper: Moving to Clouds? Simplify your approach to understand the risks ...
Whitepaper: Moving to Clouds? Simplify your approach to understand the risks ...Whitepaper: Moving to Clouds? Simplify your approach to understand the risks ...
Whitepaper: Moving to Clouds? Simplify your approach to understand the risks ...
 

Recently uploaded

All in AI: LLM Landscape & RAG in 2024 with Mark Ryan (Google) & Jerry Liu (L...
All in AI: LLM Landscape & RAG in 2024 with Mark Ryan (Google) & Jerry Liu (L...All in AI: LLM Landscape & RAG in 2024 with Mark Ryan (Google) & Jerry Liu (L...
All in AI: LLM Landscape & RAG in 2024 with Mark Ryan (Google) & Jerry Liu (L...Daniel Zivkovic
 
UiPath Studio Web workshop series - Day 5
UiPath Studio Web workshop series - Day 5UiPath Studio Web workshop series - Day 5
UiPath Studio Web workshop series - Day 5DianaGray10
 
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsSafe Software
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Commit University
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesMd Hossain Ali
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfAijun Zhang
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1DianaGray10
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6DianaGray10
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioChristian Posta
 
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-pyJamie (Taka) Wang
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024SkyPlanner
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostMatt Ray
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPathCommunity
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemAsko Soukka
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureEric D. Schabell
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfDianaGray10
 
IEEE Computer Society’s Strategic Activities and Products including SWEBOK Guide
IEEE Computer Society’s Strategic Activities and Products including SWEBOK GuideIEEE Computer Society’s Strategic Activities and Products including SWEBOK Guide
IEEE Computer Society’s Strategic Activities and Products including SWEBOK GuideHironori Washizaki
 
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXVoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXTarek Kalaji
 
UiPath Clipboard AI: "A TIME Magazine Best Invention of 2023 Unveiled"
UiPath Clipboard AI: "A TIME Magazine Best Invention of 2023 Unveiled"UiPath Clipboard AI: "A TIME Magazine Best Invention of 2023 Unveiled"
UiPath Clipboard AI: "A TIME Magazine Best Invention of 2023 Unveiled"DianaGray10
 

Recently uploaded (20)

All in AI: LLM Landscape & RAG in 2024 with Mark Ryan (Google) & Jerry Liu (L...
All in AI: LLM Landscape & RAG in 2024 with Mark Ryan (Google) & Jerry Liu (L...All in AI: LLM Landscape & RAG in 2024 with Mark Ryan (Google) & Jerry Liu (L...
All in AI: LLM Landscape & RAG in 2024 with Mark Ryan (Google) & Jerry Liu (L...
 
UiPath Studio Web workshop series - Day 5
UiPath Studio Web workshop series - Day 5UiPath Studio Web workshop series - Day 5
UiPath Studio Web workshop series - Day 5
 
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdf
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and Istio
 
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-py
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024
 
201610817 - edge part1
201610817 - edge part1201610817 - edge part1
201610817 - edge part1
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation Developers
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystem
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability Adventure
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
 
IEEE Computer Society’s Strategic Activities and Products including SWEBOK Guide
IEEE Computer Society’s Strategic Activities and Products including SWEBOK GuideIEEE Computer Society’s Strategic Activities and Products including SWEBOK Guide
IEEE Computer Society’s Strategic Activities and Products including SWEBOK Guide
 
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXVoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBX
 
UiPath Clipboard AI: "A TIME Magazine Best Invention of 2023 Unveiled"
UiPath Clipboard AI: "A TIME Magazine Best Invention of 2023 Unveiled"UiPath Clipboard AI: "A TIME Magazine Best Invention of 2023 Unveiled"
UiPath Clipboard AI: "A TIME Magazine Best Invention of 2023 Unveiled"
 

Governing in the Cloud

  • 1.
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
  • 16.
  • 17.