SlideShare uma empresa Scribd logo

Lions and Tigers and Cloud, Oh My! The Truth Behind Cloud Security and Risks

SAP Ariba
SAP Ariba
Tecnologia
1 de 22
C Lions and Tigers and Cloud, Oh My! The Truth Behind Cloud Security and Risks Accenture Ariba © 2012 Ariba, Inc. All rights reserved.
Lions and Tigers and Cloud, Oh My! The Truth Behind Cloud Security and Risks The single biggest concern by CIOs around going to the Cloud is security. Paradoxically it is not a huge issue for Chief Security Officers. Find out why not in this informative session and receive a Cloud security checklist. 2 © 2012 Ariba, Inc. All rights reserved.
Our Speakers Torben Lundgren IT Director- Procurement and F&A BPOs Accenture Jason Brown Dir, Solutions Management – Data and Security Policies Ariba 3 © 2012 Ariba, Inc. All rights reserved.
C Cloud vs Data Security? Considerations as seen through the lens of supplying services to Financial Services in Europe Torben Lundgren IT Director Accenture Procurement BPO © 2012 Ariba, Inc. All rights reserved.
Introduction to Cloud • Every service provider - internal or external – seek the optimal way to service their clients • Increasingly cloud based services becomes that optimum – for different reasons: Easy and dynamic scaling Short lead-times to establish Metered, on-demand Lower cost • However: Many service provider still experience push-back from their clients • Client are still having concerns – especially around security and data privacy: Perception that Cloud is a fundamentally different and less secure, is still common Cloud is often presented exclusively as low-cost potentially making the “Cheap & Cheerful” reputation stick • We will here focus on the differences seen in client perspective and less in technology perspective At the technological level, there are significant differences between type of tools, services, and the organization 5 © 2012 Ariba, Inc. All rights reserved.
The different shades of Cloud ? • What is cloud? A way to provide services over the network where an established capability and capacity can be shared Reducing lead time for the individual client On-demand – only pay for consumption and not (fully) for surplus capacity For the client, the requirements to Cloud are the same as they would be for a conventional service – here Cloud primarily becomes financial model ….. But note: when in operation the governance models are different • What can be delivered as Cloud? Cloud is available in three service models from basic Infrastructure-as-a-Service (IaaS) , including the Middleware and other platform services in Platform-as-a-Service (PaaS), to full-fledged Software-as-a-Service (SaaS) The difference is how high in the service stack the service is sharable – a non-shared application can e.g. be put on top of IaaS or PaaS – of course only giving Cloud benefits for the part which is shared • Which degree of sharing with other clients is required in Cloud? The deployment model can allow a higher or lower degree of sharing between clients (Public or Community) Or specific for one client (Private) or a mix (Hybrid) Cloud will normally always be multi-tenancy, but in Private the “tenants” are different application services typically serving the same client This can be used to accommodate Information Assets with special requirements 6 © 2012 Ariba, Inc. All rights reserved.
Cloud compared to other services? • What are similar between Security for Cloud and Conventional services? The security areas are identical – and the requirements almost the same All Computing Service Security Models must comprise of: – Data Center, Physical, and Network Security – Data / Storage & Server / OS Security – API and Middleware Security – Application Security including Access Control, Penetration testing – Protection of the traffic between Service and End-user • Some elements of Security for Cloud is different due to the shared nature: The Risk picture is different due to the risk of crossover between services on same Cloud: – Shared technological vulnerabilities – Insecure API’s – Potential population of Malicious insiders increase – Risk of Data Leakage / Data Contamination The Governance models differ: – Cloud often offer less client transparency and influence – More reliant on third party attestation and certifications The Security requirements are higher – especially for: – Data / Storage , Application security – Monitoring and malware protection must be tighter 7 © 2012 Ariba, Inc. All rights reserved.
Service Compliance Framework ? • Service Compliance Framework does not differ a lot between Cloud and Conventional Differences are mostly in the mapping from the Security Control Model to the Service Delivery Model due to the service organization Governance and e.g. Audit access can vary => Requirements to Service Contract structure are likely to be different Graphics borrowed from: https://cloudsecurityalliance.org/guidance/csaguide.v3.0.pdf 8 © 2012 Ariba, Inc. All rights reserved.
European FS clients - What trends do we see in their Cloud requirements? • In general, we see a strong push for Cloud Services across all our clients • But there are differences in their requirements and approach • Some of the differences comes from legislation in the European Union; other trends seem closer related to industry or culture: Data privacy: – While there are many similarities between the data privacy requirements in Europe and USA, the EU Data Privacy Model Clauses lock the service provider in while Safe Harbor can be exited – This impact the contractual requirements of an European client Choice of Deployment Model - European FS clients go for Private / Hybrid to a higher degree – Risk for Data Loss / Leakage seem to be what is significantly influencing this choice – Also Governance and reliance of third party certifiers play a role Uptake of Cloud Service Models: – The uptake of SaaS in USA is much stronger compared to Europe – A higher proportion of European FS Clients are focusing on IaaS and PaaS and less on SaaS compared to NA counterparts – Very likely to be related to the division of the European market into several languages as well as legal/traditional requirements – just not the same type of a large market with uniform requirements – Consequentially, there is less demand for single-service cloud offerings - still ! 9 © 2012 Ariba, Inc. All rights reserved.
I think I want Cloud! – how do I avoid the pitfalls ? • Do ALL of what you would do for a conventional service: (many very similar frameworks are available – below reflecting https://cloudsecurityalliance.org) Identify your Information Assets; these are normally Data and Application/Function/Process Evaluate the sensitivity of your Information Assets => Confidentiality, Integrity, and Availability requirements Determine your Compliance (incl Jurisdiction), SLA, and BCP Requirements Evaluate your potential Providers, their Service Models, and Locations Map potential data flows between locations, and determine risk exposure points • Decide whether Cloud is available and applicable – if Yes: Continue Determine the correct deployment model for your Information Assets: – Private / Community / Public .... or Hybrid Determine if you go for a full stack SaaS, PaaS, or IaaS hosting services only Advantages for PaaS / IaaS is that you can get to customise more of the Application Security layer – The drawback is that you become responsible for defining, implementing, and planning security for all above where the Cloud Provider service stops Define /modify your Security Control, Risk Mitigation, and Governance Framework 10 © 2012 Ariba, Inc. All rights reserved.
Summary • From a requirement , assessment, and SLA perspective, the conventional and cloud based services are very similar to the clients • The potential for great security (or appalling security ! ) are very much the same • There are differences in security considerations and in some security requirements, and there are specific information assets, where it must be considered if Cloud Computing is the optimal service form Where to go for more information on Cloud Security : • Cloud Security Alliance has done a great job in promoting best practices and providing good guidelines for Cloud Computing Security: www.cloudsecurityalliance.org • Websites of Service Providers in the industry are also rich sources of information 11 © 2012 Ariba, Inc. All rights reserved.
Questions and Answers • Contact Information: Torben Lundgren, torben.lundgren@accenture.com or via LinkedIn: http://uk.linkedin.com/in/torbenlundgren 12 © 2012 Ariba, Inc. All rights reserved.
C Lions and Tigers and Cloud, Oh My! The Truth Behind Cloud Security and Risks Ariba Security in the Cloud Jason Brown Dir, Solutions Management - Data and Security Policies © 2012 Ariba, Inc. All rights reserved.
Agenda • Background • Ariba Privacy/Security Framework • Building Trust with Ariba • Trends • trust.ariba.com 14 © 2012 Ariba, Inc. All rights reserved.
Ariba Privacy/Security Framework 15 © 2012 Ariba, Inc. All rights reserved.
Building Trust with Ariba • Semi-annual WebTrust Seal of Assurance since 2001 Covers Security, Confidentiality, Processing Integrity, and Availability Principles • SSAE 16 - SOC 1 and SOC 2 type II reports for transparency (formerly SAS70) since 2009 • PCI DSS Level 1 Service Provider since 2008 • US Dept. of Commerce Safe Harbor since 2009 • Vulnerability Scans and Penetration Tests Monthly PCI Scans, Pen Tests of each release • trust.ariba.com • Background Check Program • Security Awareness Program Certification upon hire Annual re-certification 16 © 2012 Ariba, Inc. All rights reserved.
Trends • Greater Transparency  Ariba SOC 1 and SOC 2 Type II reports • Deeper dives on 3rd party / sub-service provider assurance  Extensive Vendor Oversight program  Equinix SOC 1 Type II report • Customer performed vulnerability scans  Ariba investment in third party penetration tests • EU Commission on Data Protection  Initiated program to comply by January 2014 • Cloud Security Alliance growth  Ariba membership  Hosted Silicon Valley Chapter 17 © 2012 Ariba, Inc. All rights reserved.
trust.ariba.com 18 © 2012 Ariba, Inc. All rights reserved.
trust.ariba.com – Cloud Status 19 © 2012 Ariba, Inc. All rights reserved.
trust.ariba.com - Policies 20 © 2012 Ariba, Inc. All rights reserved.
Questions and Answers • Contact Information: Jason Brown JasonBrown@ariba.com 21 © 2012 Ariba, Inc. All rights reserved.
Share This Session…NOW…from your mobile! • All presentations are posted: Guidebook mobile app – Search Apple or Android app store for Guidebook – Enter code “collabor8” Or at Slideshare.net/Ariba • Share via email or social media **Come back soon – we are syncing #AribaLIVE audio and video interviews to the presentations** 22 © 2012 Ariba, Inc. All rights reserved.

Recomendados

The Complexities of Cloud Computing - The Rules are New, But is the Game
The Complexities of Cloud Computing - The Rules are New, But is the GameThe Complexities of Cloud Computing - The Rules are New, But is the Game
The Complexities of Cloud Computing - The Rules are New, But is the GameJanine Anthony Bowen, Esq.
 
10 security concerns cloud computing
10 security concerns cloud computing10 security concerns cloud computing
10 security concerns cloud computingHossam Zein
 
How Cloud Providers' Business Needs Drive Enterprise Identity & Security
How Cloud Providers' Business Needs Drive Enterprise Identity & SecurityHow Cloud Providers' Business Needs Drive Enterprise Identity & Security
How Cloud Providers' Business Needs Drive Enterprise Identity & SecurityNovell
 
Understanding Cloud Computing & Its Relevance to Financial Software Solutions
Understanding Cloud Computing & Its Relevance to Financial Software SolutionsUnderstanding Cloud Computing & Its Relevance to Financial Software Solutions
Understanding Cloud Computing & Its Relevance to Financial Software SolutionsZannettos Zannettou
 
Executive Briefing: Strategic Issues Surrounding Cloud Services
Executive Briefing: Strategic Issues Surrounding Cloud ServicesExecutive Briefing: Strategic Issues Surrounding Cloud Services
Executive Briefing: Strategic Issues Surrounding Cloud ServicesWhitmeyerTuffin
 
Cloud Security Strategy
Cloud Security StrategyCloud Security Strategy
Cloud Security StrategyCapgemini
 
Infor i Business Cloud
Infor i Business CloudInfor i Business Cloud
Infor i Business CloudInforsystemi
 
Hybride Cloud Strategy
Hybride Cloud StrategyHybride Cloud Strategy
Hybride Cloud StrategyDekkinga, Ewout
 

Recomendados

The Complexities of Cloud Computing - The Rules are New, But is the Game
The Complexities of Cloud Computing - The Rules are New, But is the GameThe Complexities of Cloud Computing - The Rules are New, But is the Game
The Complexities of Cloud Computing - The Rules are New, But is the GameJanine Anthony Bowen, Esq.
 
10 security concerns cloud computing
10 security concerns cloud computing10 security concerns cloud computing
10 security concerns cloud computingHossam Zein
 
How Cloud Providers' Business Needs Drive Enterprise Identity & Security
How Cloud Providers' Business Needs Drive Enterprise Identity & SecurityHow Cloud Providers' Business Needs Drive Enterprise Identity & Security
How Cloud Providers' Business Needs Drive Enterprise Identity & SecurityNovell
 
Understanding Cloud Computing & Its Relevance to Financial Software Solutions
Understanding Cloud Computing & Its Relevance to Financial Software SolutionsUnderstanding Cloud Computing & Its Relevance to Financial Software Solutions
Understanding Cloud Computing & Its Relevance to Financial Software SolutionsZannettos Zannettou
 
Executive Briefing: Strategic Issues Surrounding Cloud Services
Executive Briefing: Strategic Issues Surrounding Cloud ServicesExecutive Briefing: Strategic Issues Surrounding Cloud Services
Executive Briefing: Strategic Issues Surrounding Cloud ServicesWhitmeyerTuffin
 
Cloud Security Strategy
Cloud Security StrategyCloud Security Strategy
Cloud Security StrategyCapgemini
 
Infor i Business Cloud
Infor i Business CloudInfor i Business Cloud
Infor i Business CloudInforsystemi
 
Hybride Cloud Strategy
Hybride Cloud StrategyHybride Cloud Strategy
Hybride Cloud StrategyDekkinga, Ewout
 
Learning & Talent In The Cloud
Learning & Talent In The CloudLearning & Talent In The Cloud
Learning & Talent In The CloudDavid Wilson
 
Information ownership in the cloud
Information ownership in the cloudInformation ownership in the cloud
Information ownership in the cloudCloud Legal Project
 
The Nist definition of cloud computing cloud computing Research Paper
The Nist definition of cloud computing cloud computing Research PaperThe Nist definition of cloud computing cloud computing Research Paper
The Nist definition of cloud computing cloud computing Research PaperFaimin Khan
 
Alta 3-2013
Alta 3-2013Alta 3-2013
Alta 3-2013HartVidaRaffo
 
Get your house on order
Get your house on orderGet your house on order
Get your house on orderDekkinga, Ewout
 
Build 4 The Cloud By Cisco V Mware2
Build 4 The Cloud By Cisco V Mware2Build 4 The Cloud By Cisco V Mware2
Build 4 The Cloud By Cisco V Mware2Azlan NL
 
Cloud Computing Webinar: Legal & Regulatory Update for 2012
Cloud Computing Webinar: Legal & Regulatory Update for 2012Cloud Computing Webinar: Legal & Regulatory Update for 2012
Cloud Computing Webinar: Legal & Regulatory Update for 2012itandlaw
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud ComputingMahindra Satyam
 
As oportunidades para a Indústria Geradas pela Computação em Nuvem
As oportunidades para a Indústria Geradas pela Computação em NuvemAs oportunidades para a Indústria Geradas pela Computação em Nuvem
As oportunidades para a Indústria Geradas pela Computação em NuvemSoluções NEI
 
The marriage between Cloud and ITSM
The marriage between Cloud and ITSMThe marriage between Cloud and ITSM
The marriage between Cloud and ITSMITpreneurs
 
Cloud01: Best Practices for Virtual Cloud Security - H. Del Castillo, AIPMM
Cloud01: Best Practices for Virtual Cloud Security - H. Del Castillo, AIPMMCloud01: Best Practices for Virtual Cloud Security - H. Del Castillo, AIPMM
Cloud01: Best Practices for Virtual Cloud Security - H. Del Castillo, AIPMMHector Del Castillo, CPM, CPMM
 
Cloud Computing - Jan 2011 - Chandna
Cloud Computing - Jan 2011 - ChandnaCloud Computing - Jan 2011 - Chandna
Cloud Computing - Jan 2011 - ChandnaAsheem Chandna
 
IBM Global Technology Services - Resilience - The Silver Lining to Cloud Comp...
IBM Global Technology Services - Resilience - The Silver Lining to Cloud Comp...IBM Global Technology Services - Resilience - The Silver Lining to Cloud Comp...
IBM Global Technology Services - Resilience - The Silver Lining to Cloud Comp...Vincent Kwon
 
2010 Cloud Computing
2010 Cloud Computing2010 Cloud Computing
2010 Cloud Computingck4eric
 
Mining IT Summit Nov 6 2014
Mining IT Summit Nov 6 2014Mining IT Summit Nov 6 2014
Mining IT Summit Nov 6 2014Lisa Abe-Oldenburg, B.Comm., JD.
 
Telecoms in the Clouds Issue 1
Telecoms in the Clouds Issue 1Telecoms in the Clouds Issue 1
Telecoms in the Clouds Issue 1Alan Quayle
 
Going to the Cloud
Going to the Cloud Going to the Cloud
Going to the Cloud José Ferreiro
 
Oded Tsur - Ca Cloud Security
Oded Tsur - Ca Cloud SecurityOded Tsur - Ca Cloud Security
Oded Tsur - Ca Cloud SecurityCSAIsrael
 
Cloud Insights from 110 Projects
Cloud Insights from 110 ProjectsCloud Insights from 110 Projects
Cloud Insights from 110 ProjectsNone
 
Benefits of Electronic Invoicing & Streamlined Procurement
Benefits of Electronic Invoicing & Streamlined ProcurementBenefits of Electronic Invoicing & Streamlined Procurement
Benefits of Electronic Invoicing & Streamlined ProcurementSAP Ariba
 
IT Security in 2014
IT Security in 2014IT Security in 2014
IT Security in 2014Coastal Pet Products, Inc.
 
Ariba Knowledge Nuggets: Social Community
Ariba Knowledge Nuggets: Social CommunityAriba Knowledge Nuggets: Social Community
Ariba Knowledge Nuggets: Social CommunitySAP Ariba
 

Mais conteúdo relacionado

Mais procurados

Learning & Talent In The Cloud
Learning & Talent In The CloudLearning & Talent In The Cloud
Learning & Talent In The CloudDavid Wilson
 
Information ownership in the cloud
Information ownership in the cloudInformation ownership in the cloud
Information ownership in the cloudCloud Legal Project
 
The Nist definition of cloud computing cloud computing Research Paper
The Nist definition of cloud computing cloud computing Research PaperThe Nist definition of cloud computing cloud computing Research Paper
The Nist definition of cloud computing cloud computing Research PaperFaimin Khan
 
Build 4 The Cloud By Cisco V Mware2
Build 4 The Cloud By Cisco V Mware2Build 4 The Cloud By Cisco V Mware2
Build 4 The Cloud By Cisco V Mware2Azlan NL
 
Cloud Computing Webinar: Legal & Regulatory Update for 2012
Cloud Computing Webinar: Legal & Regulatory Update for 2012Cloud Computing Webinar: Legal & Regulatory Update for 2012
Cloud Computing Webinar: Legal & Regulatory Update for 2012itandlaw
 
As oportunidades para a Indústria Geradas pela Computação em Nuvem
As oportunidades para a Indústria Geradas pela Computação em NuvemAs oportunidades para a Indústria Geradas pela Computação em Nuvem
As oportunidades para a Indústria Geradas pela Computação em NuvemSoluções NEI
 
The marriage between Cloud and ITSM
The marriage between Cloud and ITSMThe marriage between Cloud and ITSM
The marriage between Cloud and ITSMITpreneurs
 
Cloud01: Best Practices for Virtual Cloud Security - H. Del Castillo, AIPMM
Cloud01: Best Practices for Virtual Cloud Security - H. Del Castillo, AIPMMCloud01: Best Practices for Virtual Cloud Security - H. Del Castillo, AIPMM
Cloud01: Best Practices for Virtual Cloud Security - H. Del Castillo, AIPMMHector Del Castillo, CPM, CPMM
 
Cloud Computing - Jan 2011 - Chandna
Cloud Computing - Jan 2011 - ChandnaCloud Computing - Jan 2011 - Chandna
Cloud Computing - Jan 2011 - ChandnaAsheem Chandna
 
IBM Global Technology Services - Resilience - The Silver Lining to Cloud Comp...
IBM Global Technology Services - Resilience - The Silver Lining to Cloud Comp...IBM Global Technology Services - Resilience - The Silver Lining to Cloud Comp...
IBM Global Technology Services - Resilience - The Silver Lining to Cloud Comp...Vincent Kwon
 
2010 Cloud Computing
2010 Cloud Computing2010 Cloud Computing
2010 Cloud Computingck4eric
 
Telecoms in the Clouds Issue 1
Telecoms in the Clouds Issue 1Telecoms in the Clouds Issue 1
Telecoms in the Clouds Issue 1Alan Quayle
 
Oded Tsur - Ca Cloud Security
Oded Tsur - Ca Cloud SecurityOded Tsur - Ca Cloud Security
Oded Tsur - Ca Cloud SecurityCSAIsrael
 
Cloud Insights from 110 Projects
Cloud Insights from 110 ProjectsCloud Insights from 110 Projects
Cloud Insights from 110 ProjectsNone
 

Mais procurados (19)

Learning & Talent In The Cloud
Learning & Talent In The CloudLearning & Talent In The Cloud
Learning & Talent In The Cloud
 
Information ownership in the cloud
Information ownership in the cloudInformation ownership in the cloud
Information ownership in the cloud
 
The Nist definition of cloud computing cloud computing Research Paper
The Nist definition of cloud computing cloud computing Research PaperThe Nist definition of cloud computing cloud computing Research Paper
The Nist definition of cloud computing cloud computing Research Paper
 
Alta 3-2013
Alta 3-2013Alta 3-2013
Alta 3-2013
 
Get your house on order
Get your house on orderGet your house on order
Get your house on order
 
Build 4 The Cloud By Cisco V Mware2
Build 4 The Cloud By Cisco V Mware2Build 4 The Cloud By Cisco V Mware2
Build 4 The Cloud By Cisco V Mware2
 
Cloud Computing Webinar: Legal & Regulatory Update for 2012
Cloud Computing Webinar: Legal & Regulatory Update for 2012Cloud Computing Webinar: Legal & Regulatory Update for 2012
Cloud Computing Webinar: Legal & Regulatory Update for 2012
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
As oportunidades para a Indústria Geradas pela Computação em Nuvem
As oportunidades para a Indústria Geradas pela Computação em NuvemAs oportunidades para a Indústria Geradas pela Computação em Nuvem
As oportunidades para a Indústria Geradas pela Computação em Nuvem
 
The marriage between Cloud and ITSM
The marriage between Cloud and ITSMThe marriage between Cloud and ITSM
The marriage between Cloud and ITSM
 
Cloud01: Best Practices for Virtual Cloud Security - H. Del Castillo, AIPMM
Cloud01: Best Practices for Virtual Cloud Security - H. Del Castillo, AIPMMCloud01: Best Practices for Virtual Cloud Security - H. Del Castillo, AIPMM
Cloud01: Best Practices for Virtual Cloud Security - H. Del Castillo, AIPMM
 
Cloud Computing - Jan 2011 - Chandna
Cloud Computing - Jan 2011 - ChandnaCloud Computing - Jan 2011 - Chandna
Cloud Computing - Jan 2011 - Chandna
 
IBM Global Technology Services - Resilience - The Silver Lining to Cloud Comp...
IBM Global Technology Services - Resilience - The Silver Lining to Cloud Comp...IBM Global Technology Services - Resilience - The Silver Lining to Cloud Comp...
IBM Global Technology Services - Resilience - The Silver Lining to Cloud Comp...
 
2010 Cloud Computing
2010 Cloud Computing2010 Cloud Computing
2010 Cloud Computing
 
Mining IT Summit Nov 6 2014
Mining IT Summit Nov 6 2014Mining IT Summit Nov 6 2014
Mining IT Summit Nov 6 2014
 
Telecoms in the Clouds Issue 1
Telecoms in the Clouds Issue 1Telecoms in the Clouds Issue 1
Telecoms in the Clouds Issue 1
 
Going to the Cloud
Going to the Cloud Going to the Cloud
Going to the Cloud
 
Oded Tsur - Ca Cloud Security
Oded Tsur - Ca Cloud SecurityOded Tsur - Ca Cloud Security
Oded Tsur - Ca Cloud Security
 
Cloud Insights from 110 Projects
Cloud Insights from 110 ProjectsCloud Insights from 110 Projects
Cloud Insights from 110 Projects
 

Destaque

Benefits of Electronic Invoicing & Streamlined Procurement
Benefits of Electronic Invoicing & Streamlined ProcurementBenefits of Electronic Invoicing & Streamlined Procurement
Benefits of Electronic Invoicing & Streamlined ProcurementSAP Ariba
 
Ariba Knowledge Nuggets: Social Community
Ariba Knowledge Nuggets: Social CommunityAriba Knowledge Nuggets: Social Community
Ariba Knowledge Nuggets: Social CommunitySAP Ariba
 
Ariba Knowledge Nuggets - Ariba Sourcing: Matrix Pricing
Ariba Knowledge Nuggets - Ariba Sourcing: Matrix PricingAriba Knowledge Nuggets - Ariba Sourcing: Matrix Pricing
Ariba Knowledge Nuggets - Ariba Sourcing: Matrix PricingSAP Ariba
 
L'économie en réseau
L'économie en réseauL'économie en réseau
L'économie en réseauSAP Ariba
 
Automate all spend and collaborate with all suppliers
Automate all spend and collaborate with all suppliersAutomate all spend and collaborate with all suppliers
Automate all spend and collaborate with all suppliersSAP Ariba
 

Destaque (6)

Benefits of Electronic Invoicing & Streamlined Procurement
Benefits of Electronic Invoicing & Streamlined ProcurementBenefits of Electronic Invoicing & Streamlined Procurement
Benefits of Electronic Invoicing & Streamlined Procurement
 
IT Security in 2014
IT Security in 2014IT Security in 2014
IT Security in 2014
 
Ariba Knowledge Nuggets: Social Community
Ariba Knowledge Nuggets: Social CommunityAriba Knowledge Nuggets: Social Community
Ariba Knowledge Nuggets: Social Community
 
Ariba Knowledge Nuggets - Ariba Sourcing: Matrix Pricing
Ariba Knowledge Nuggets - Ariba Sourcing: Matrix PricingAriba Knowledge Nuggets - Ariba Sourcing: Matrix Pricing
Ariba Knowledge Nuggets - Ariba Sourcing: Matrix Pricing
 
L'économie en réseau
L'économie en réseauL'économie en réseau
L'économie en réseau
 
Automate all spend and collaborate with all suppliers
Automate all spend and collaborate with all suppliersAutomate all spend and collaborate with all suppliers
Automate all spend and collaborate with all suppliers
 

Semelhante a Lions and Tigers and Cloud, Oh My! The Truth Behind Cloud Security and Risks

2014 2nd me cloud conference trust in the cloud v01
2014 2nd me cloud conference trust in the cloud v012014 2nd me cloud conference trust in the cloud v01
2014 2nd me cloud conference trust in the cloud v01promediakw
 
Securing Data in the Cloud - GISEC2017
Securing Data in the Cloud - GISEC2017Securing Data in the Cloud - GISEC2017
Securing Data in the Cloud - GISEC2017Sohaib Mahmood
 
Cloud Computing Introduction
Cloud Computing IntroductionCloud Computing Introduction
Cloud Computing IntroductionMzos Pune
 
Lions and Tigers and Cloud, Oh My! The Truth Behind Cloud Security and Risks
Lions and Tigers and Cloud, Oh My! The Truth Behind Cloud Security and RisksLions and Tigers and Cloud, Oh My! The Truth Behind Cloud Security and Risks
Lions and Tigers and Cloud, Oh My! The Truth Behind Cloud Security and RisksSAP Ariba
 
Celera Networks on Cloud Computing
Celera Networks on Cloud Computing Celera Networks on Cloud Computing
Celera Networks on Cloud Computing CeleraNetworks
 
CLOUD COMPUTING -DETAILED APPROACH
CLOUD COMPUTING -DETAILED APPROACHCLOUD COMPUTING -DETAILED APPROACH
CLOUD COMPUTING -DETAILED APPROACHSHAIMA A R
 
Module 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDModule 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDSweta Kumari Barnwal
 
Cloud Security: What you need to know about IBM SmartCloud Security
Cloud Security: What you need to know about IBM SmartCloud SecurityCloud Security: What you need to know about IBM SmartCloud Security
Cloud Security: What you need to know about IBM SmartCloud SecurityIBM Security
 
Cloud computing seminar report
Cloud computing seminar reportCloud computing seminar report
Cloud computing seminar reportshafzonly
 
Dr. Michael Valivullah, NASS/USDA - Cloud Computing
Dr. Michael Valivullah, NASS/USDA - Cloud ComputingDr. Michael Valivullah, NASS/USDA - Cloud Computing
Dr. Michael Valivullah, NASS/USDA - Cloud Computingikanow
 
Whitepaper: Security of the Cloud
Whitepaper: Security of the CloudWhitepaper: Security of the Cloud
Whitepaper: Security of the CloudCloudSmartz
 
Best cloud computing training institute in noida
Best cloud computing training institute in noidaBest cloud computing training institute in noida
Best cloud computing training institute in noidataramandal
 
Hybrid & Multi-cloud Environment.pdf
Hybrid & Multi-cloud Environment.pdfHybrid & Multi-cloud Environment.pdf
Hybrid & Multi-cloud Environment.pdfmanoharparakh
 
Cloud expo 10 myths rex wang oracle ss
Cloud expo 10 myths rex wang oracle ssCloud expo 10 myths rex wang oracle ss
Cloud expo 10 myths rex wang oracle ssRex Wang
 

Semelhante a Lions and Tigers and Cloud, Oh My! The Truth Behind Cloud Security and Risks (20)

2014 2nd me cloud conference trust in the cloud v01
2014 2nd me cloud conference trust in the cloud v012014 2nd me cloud conference trust in the cloud v01
2014 2nd me cloud conference trust in the cloud v01
 
Securing Data in the Cloud - GISEC2017
Securing Data in the Cloud - GISEC2017Securing Data in the Cloud - GISEC2017
Securing Data in the Cloud - GISEC2017
 
Securing The Journey To The Cloud
Securing The Journey To The Cloud Securing The Journey To The Cloud
Securing The Journey To The Cloud
 
Cloud Computing Introduction
Cloud Computing IntroductionCloud Computing Introduction
Cloud Computing Introduction
 
OWASP Cloud Top 10
OWASP Cloud Top 10OWASP Cloud Top 10
OWASP Cloud Top 10
 
Lions and Tigers and Cloud, Oh My! The Truth Behind Cloud Security and Risks
Lions and Tigers and Cloud, Oh My! The Truth Behind Cloud Security and RisksLions and Tigers and Cloud, Oh My! The Truth Behind Cloud Security and Risks
Lions and Tigers and Cloud, Oh My! The Truth Behind Cloud Security and Risks
 
Cloud computing for SMBs
Cloud computing for SMBsCloud computing for SMBs
Cloud computing for SMBs
 
Celera Networks on Cloud Computing
Celera Networks on Cloud Computing Celera Networks on Cloud Computing
Celera Networks on Cloud Computing
 
CLOUD COMPUTING -DETAILED APPROACH
CLOUD COMPUTING -DETAILED APPROACHCLOUD COMPUTING -DETAILED APPROACH
CLOUD COMPUTING -DETAILED APPROACH
 
UNIT -V.docx
UNIT -V.docxUNIT -V.docx
UNIT -V.docx
 
Module 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDModule 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUD
 
Cloud Security: What you need to know about IBM SmartCloud Security
Cloud Security: What you need to know about IBM SmartCloud SecurityCloud Security: What you need to know about IBM SmartCloud Security
Cloud Security: What you need to know about IBM SmartCloud Security
 
Cloud computing seminar report
Cloud computing seminar reportCloud computing seminar report
Cloud computing seminar report
 
Dr. Michael Valivullah, NASS/USDA - Cloud Computing
Dr. Michael Valivullah, NASS/USDA - Cloud ComputingDr. Michael Valivullah, NASS/USDA - Cloud Computing
Dr. Michael Valivullah, NASS/USDA - Cloud Computing
 
Whitepaper: Security of the Cloud
Whitepaper: Security of the CloudWhitepaper: Security of the Cloud
Whitepaper: Security of the Cloud
 
Security of the Cloud
Security of the CloudSecurity of the Cloud
Security of the Cloud
 
Best cloud computing training institute in noida
Best cloud computing training institute in noidaBest cloud computing training institute in noida
Best cloud computing training institute in noida
 
Hybrid & Multi-cloud Environment.pdf
Hybrid & Multi-cloud Environment.pdfHybrid & Multi-cloud Environment.pdf
Hybrid & Multi-cloud Environment.pdf
 
Facing the Future - Is the cloud right for you?
Facing the Future - Is the cloud right for you?Facing the Future - Is the cloud right for you?
Facing the Future - Is the cloud right for you?
 
Cloud expo 10 myths rex wang oracle ss
Cloud expo 10 myths rex wang oracle ssCloud expo 10 myths rex wang oracle ss
Cloud expo 10 myths rex wang oracle ss
 

Mais de SAP Ariba

WINC. Australia and New Zealand: Collaborating with Direct Spend Suppliers - ...
WINC. Australia and New Zealand: Collaborating with Direct Spend Suppliers - ...WINC. Australia and New Zealand: Collaborating with Direct Spend Suppliers - ...
WINC. Australia and New Zealand: Collaborating with Direct Spend Suppliers - ...SAP Ariba
 
Using E-Commerce to Integrate Your Collaborative Business Transactions - SID ...
Using E-Commerce to Integrate Your Collaborative Business Transactions - SID ...Using E-Commerce to Integrate Your Collaborative Business Transactions - SID ...
Using E-Commerce to Integrate Your Collaborative Business Transactions - SID ...SAP Ariba
 
The Road to Strategic Finance: Characteristics of a Highly Effective Finance ...
The Road to Strategic Finance: Characteristics of a Highly Effective Finance ...The Road to Strategic Finance: Characteristics of a Highly Effective Finance ...
The Road to Strategic Finance: Characteristics of a Highly Effective Finance ...SAP Ariba
 
The Future of How Work Gets Done: Are You Seeing the Big Picture? - SID 51473
The Future of How Work Gets Done: Are You Seeing the Big Picture? - SID 51473The Future of How Work Gets Done: Are You Seeing the Big Picture? - SID 51473
The Future of How Work Gets Done: Are You Seeing the Big Picture? - SID 51473SAP Ariba
 
Simplify Supplier Risk Management Across Your Procurement Processes - SID 51538
Simplify Supplier Risk Management Across Your Procurement Processes - SID 51538Simplify Supplier Risk Management Across Your Procurement Processes - SID 51538
Simplify Supplier Risk Management Across Your Procurement Processes - SID 51538SAP Ariba
 
SAP Ariba Solutions Realized: Stories of Effective Implementation and Forward...
SAP Ariba Solutions Realized: Stories of Effective Implementation and Forward...SAP Ariba Solutions Realized: Stories of Effective Implementation and Forward...
SAP Ariba Solutions Realized: Stories of Effective Implementation and Forward...SAP Ariba
 
Rio Tinto: Sourcing Multiple Spend Categories in a Single Platform - SID 51255
Rio Tinto: Sourcing Multiple Spend Categories in a Single Platform - SID 51255Rio Tinto: Sourcing Multiple Spend Categories in a Single Platform - SID 51255
Rio Tinto: Sourcing Multiple Spend Categories in a Single Platform - SID 51255SAP Ariba
 
Preparing for Awesomeness: 12 Keys to Success - SID 51270
Preparing for Awesomeness: 12 Keys to Success - SID 51270Preparing for Awesomeness: 12 Keys to Success - SID 51270
Preparing for Awesomeness: 12 Keys to Success - SID 51270SAP Ariba
 
Paperless Supply Chain Collaboration at DuluxGroup - SID 51254
Paperless Supply Chain Collaboration at DuluxGroup - SID 51254Paperless Supply Chain Collaboration at DuluxGroup - SID 51254
Paperless Supply Chain Collaboration at DuluxGroup - SID 51254SAP Ariba
 
Leading Change and Diversity in Procurement - SID 51537
Leading Change and Diversity in Procurement - SID 51537Leading Change and Diversity in Procurement - SID 51537
Leading Change and Diversity in Procurement - SID 51537SAP Ariba
 
Key Strategies for Procurement to Increase Savings and Contribute to Strategi...
Key Strategies for Procurement to Increase Savings and Contribute to Strategi...Key Strategies for Procurement to Increase Savings and Contribute to Strategi...
Key Strategies for Procurement to Increase Savings and Contribute to Strategi...SAP Ariba
 
Redefining Procurement Transformation in the Digital Age - SID 51413
Redefining Procurement Transformation in the Digital Age - SID 51413Redefining Procurement Transformation in the Digital Age - SID 51413
Redefining Procurement Transformation in the Digital Age - SID 51413SAP Ariba
 
Redefining Procurement Transformation in the Digital Age - SID 51413
Redefining Procurement Transformation in the Digital Age - SID 51413Redefining Procurement Transformation in the Digital Age - SID 51413
Redefining Procurement Transformation in the Digital Age - SID 51413SAP Ariba
 
Recent Innovations in Sourcing, Contracts, and Spend Visibility - SID 51373
Recent Innovations in Sourcing, Contracts, and Spend Visibility - SID 51373Recent Innovations in Sourcing, Contracts, and Spend Visibility - SID 51373
Recent Innovations in Sourcing, Contracts, and Spend Visibility - SID 51373SAP Ariba
 
More Ways to Buy Means More Savings: Maximizing the Value of SAP Ariba Soluti...
More Ways to Buy Means More Savings: Maximizing the Value of SAP Ariba Soluti...More Ways to Buy Means More Savings: Maximizing the Value of SAP Ariba Soluti...
More Ways to Buy Means More Savings: Maximizing the Value of SAP Ariba Soluti...SAP Ariba
 
How to Get Mass Supplier Enablement: Transform Your Supplier Enablement Progr...
How to Get Mass Supplier Enablement: Transform Your Supplier Enablement Progr...How to Get Mass Supplier Enablement: Transform Your Supplier Enablement Progr...
How to Get Mass Supplier Enablement: Transform Your Supplier Enablement Progr...SAP Ariba
 
How to Craft a World-Class Commerce Program with Your Suppliers - SID 51263
How to Craft a World-Class Commerce Program with Your Suppliers - SID 51263How to Craft a World-Class Commerce Program with Your Suppliers - SID 51263
How to Craft a World-Class Commerce Program with Your Suppliers - SID 51263SAP Ariba
 
How Procurement Leaders Are Changing to Manage in the Digital Economy - SID 5...
How Procurement Leaders Are Changing to Manage in the Digital Economy - SID 5...How Procurement Leaders Are Changing to Manage in the Digital Economy - SID 5...
How Procurement Leaders Are Changing to Manage in the Digital Economy - SID 5...SAP Ariba
 
How Do Our Most Successful Customers Do It? The Must-Have Ingredients for Val...
How Do Our Most Successful Customers Do It? The Must-Have Ingredients for Val...How Do Our Most Successful Customers Do It? The Must-Have Ingredients for Val...
How Do Our Most Successful Customers Do It? The Must-Have Ingredients for Val...SAP Ariba
 
How Do Our Most Successful Customers Do It? The Must-Have Ingredients for Val...
How Do Our Most Successful Customers Do It? The Must-Have Ingredients for Val...How Do Our Most Successful Customers Do It? The Must-Have Ingredients for Val...
How Do Our Most Successful Customers Do It? The Must-Have Ingredients for Val...SAP Ariba
 

Mais de SAP Ariba (20)

WINC. Australia and New Zealand: Collaborating with Direct Spend Suppliers - ...
WINC. Australia and New Zealand: Collaborating with Direct Spend Suppliers - ...WINC. Australia and New Zealand: Collaborating with Direct Spend Suppliers - ...
WINC. Australia and New Zealand: Collaborating with Direct Spend Suppliers - ...
 
Using E-Commerce to Integrate Your Collaborative Business Transactions - SID ...
Using E-Commerce to Integrate Your Collaborative Business Transactions - SID ...Using E-Commerce to Integrate Your Collaborative Business Transactions - SID ...
Using E-Commerce to Integrate Your Collaborative Business Transactions - SID ...
 
The Road to Strategic Finance: Characteristics of a Highly Effective Finance ...
The Road to Strategic Finance: Characteristics of a Highly Effective Finance ...The Road to Strategic Finance: Characteristics of a Highly Effective Finance ...
The Road to Strategic Finance: Characteristics of a Highly Effective Finance ...
 
The Future of How Work Gets Done: Are You Seeing the Big Picture? - SID 51473
The Future of How Work Gets Done: Are You Seeing the Big Picture? - SID 51473The Future of How Work Gets Done: Are You Seeing the Big Picture? - SID 51473
The Future of How Work Gets Done: Are You Seeing the Big Picture? - SID 51473
 
Simplify Supplier Risk Management Across Your Procurement Processes - SID 51538
Simplify Supplier Risk Management Across Your Procurement Processes - SID 51538Simplify Supplier Risk Management Across Your Procurement Processes - SID 51538
Simplify Supplier Risk Management Across Your Procurement Processes - SID 51538
 
SAP Ariba Solutions Realized: Stories of Effective Implementation and Forward...
SAP Ariba Solutions Realized: Stories of Effective Implementation and Forward...SAP Ariba Solutions Realized: Stories of Effective Implementation and Forward...
SAP Ariba Solutions Realized: Stories of Effective Implementation and Forward...
 
Rio Tinto: Sourcing Multiple Spend Categories in a Single Platform - SID 51255
Rio Tinto: Sourcing Multiple Spend Categories in a Single Platform - SID 51255Rio Tinto: Sourcing Multiple Spend Categories in a Single Platform - SID 51255
Rio Tinto: Sourcing Multiple Spend Categories in a Single Platform - SID 51255
 
Preparing for Awesomeness: 12 Keys to Success - SID 51270
Preparing for Awesomeness: 12 Keys to Success - SID 51270Preparing for Awesomeness: 12 Keys to Success - SID 51270
Preparing for Awesomeness: 12 Keys to Success - SID 51270
 
Paperless Supply Chain Collaboration at DuluxGroup - SID 51254
Paperless Supply Chain Collaboration at DuluxGroup - SID 51254Paperless Supply Chain Collaboration at DuluxGroup - SID 51254
Paperless Supply Chain Collaboration at DuluxGroup - SID 51254
 
Leading Change and Diversity in Procurement - SID 51537
Leading Change and Diversity in Procurement - SID 51537Leading Change and Diversity in Procurement - SID 51537
Leading Change and Diversity in Procurement - SID 51537
 
Key Strategies for Procurement to Increase Savings and Contribute to Strategi...
Key Strategies for Procurement to Increase Savings and Contribute to Strategi...Key Strategies for Procurement to Increase Savings and Contribute to Strategi...
Key Strategies for Procurement to Increase Savings and Contribute to Strategi...
 
Redefining Procurement Transformation in the Digital Age - SID 51413
Redefining Procurement Transformation in the Digital Age - SID 51413Redefining Procurement Transformation in the Digital Age - SID 51413
Redefining Procurement Transformation in the Digital Age - SID 51413
 
Redefining Procurement Transformation in the Digital Age - SID 51413
Redefining Procurement Transformation in the Digital Age - SID 51413Redefining Procurement Transformation in the Digital Age - SID 51413
Redefining Procurement Transformation in the Digital Age - SID 51413
 
Recent Innovations in Sourcing, Contracts, and Spend Visibility - SID 51373
Recent Innovations in Sourcing, Contracts, and Spend Visibility - SID 51373Recent Innovations in Sourcing, Contracts, and Spend Visibility - SID 51373
Recent Innovations in Sourcing, Contracts, and Spend Visibility - SID 51373
 
More Ways to Buy Means More Savings: Maximizing the Value of SAP Ariba Soluti...
More Ways to Buy Means More Savings: Maximizing the Value of SAP Ariba Soluti...More Ways to Buy Means More Savings: Maximizing the Value of SAP Ariba Soluti...
More Ways to Buy Means More Savings: Maximizing the Value of SAP Ariba Soluti...
 
How to Get Mass Supplier Enablement: Transform Your Supplier Enablement Progr...
How to Get Mass Supplier Enablement: Transform Your Supplier Enablement Progr...How to Get Mass Supplier Enablement: Transform Your Supplier Enablement Progr...
How to Get Mass Supplier Enablement: Transform Your Supplier Enablement Progr...
 
How to Craft a World-Class Commerce Program with Your Suppliers - SID 51263
How to Craft a World-Class Commerce Program with Your Suppliers - SID 51263How to Craft a World-Class Commerce Program with Your Suppliers - SID 51263
How to Craft a World-Class Commerce Program with Your Suppliers - SID 51263
 
How Procurement Leaders Are Changing to Manage in the Digital Economy - SID 5...
How Procurement Leaders Are Changing to Manage in the Digital Economy - SID 5...How Procurement Leaders Are Changing to Manage in the Digital Economy - SID 5...
How Procurement Leaders Are Changing to Manage in the Digital Economy - SID 5...
 
How Do Our Most Successful Customers Do It? The Must-Have Ingredients for Val...
How Do Our Most Successful Customers Do It? The Must-Have Ingredients for Val...How Do Our Most Successful Customers Do It? The Must-Have Ingredients for Val...
How Do Our Most Successful Customers Do It? The Must-Have Ingredients for Val...
 
How Do Our Most Successful Customers Do It? The Must-Have Ingredients for Val...
How Do Our Most Successful Customers Do It? The Must-Have Ingredients for Val...How Do Our Most Successful Customers Do It? The Must-Have Ingredients for Val...
How Do Our Most Successful Customers Do It? The Must-Have Ingredients for Val...
 

Último

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 

Último (20)

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 

Lions and Tigers and Cloud, Oh My! The Truth Behind Cloud Security and Risks

  • 1. C Lions and Tigers and Cloud, Oh My! The Truth Behind Cloud Security and Risks Accenture Ariba © 2012 Ariba, Inc. All rights reserved.
  • 2. Lions and Tigers and Cloud, Oh My! The Truth Behind Cloud Security and Risks The single biggest concern by CIOs around going to the Cloud is security. Paradoxically it is not a huge issue for Chief Security Officers. Find out why not in this informative session and receive a Cloud security checklist. 2 © 2012 Ariba, Inc. All rights reserved.
  • 3. Our Speakers Torben Lundgren IT Director- Procurement and F&A BPOs Accenture Jason Brown Dir, Solutions Management – Data and Security Policies Ariba 3 © 2012 Ariba, Inc. All rights reserved.
  • 4. C Cloud vs Data Security? Considerations as seen through the lens of supplying services to Financial Services in Europe Torben Lundgren IT Director Accenture Procurement BPO © 2012 Ariba, Inc. All rights reserved.
  • 5. Introduction to Cloud • Every service provider - internal or external – seek the optimal way to service their clients • Increasingly cloud based services becomes that optimum – for different reasons: Easy and dynamic scaling Short lead-times to establish Metered, on-demand Lower cost • However: Many service provider still experience push-back from their clients • Client are still having concerns – especially around security and data privacy: Perception that Cloud is a fundamentally different and less secure, is still common Cloud is often presented exclusively as low-cost potentially making the “Cheap & Cheerful” reputation stick • We will here focus on the differences seen in client perspective and less in technology perspective At the technological level, there are significant differences between type of tools, services, and the organization 5 © 2012 Ariba, Inc. All rights reserved.
  • 6. The different shades of Cloud ? • What is cloud? A way to provide services over the network where an established capability and capacity can be shared Reducing lead time for the individual client On-demand – only pay for consumption and not (fully) for surplus capacity For the client, the requirements to Cloud are the same as they would be for a conventional service – here Cloud primarily becomes financial model ….. But note: when in operation the governance models are different • What can be delivered as Cloud? Cloud is available in three service models from basic Infrastructure-as-a-Service (IaaS) , including the Middleware and other platform services in Platform-as-a-Service (PaaS), to full-fledged Software-as-a-Service (SaaS) The difference is how high in the service stack the service is sharable – a non-shared application can e.g. be put on top of IaaS or PaaS – of course only giving Cloud benefits for the part which is shared • Which degree of sharing with other clients is required in Cloud? The deployment model can allow a higher or lower degree of sharing between clients (Public or Community) Or specific for one client (Private) or a mix (Hybrid) Cloud will normally always be multi-tenancy, but in Private the “tenants” are different application services typically serving the same client This can be used to accommodate Information Assets with special requirements 6 © 2012 Ariba, Inc. All rights reserved.
  • 7. Cloud compared to other services? • What are similar between Security for Cloud and Conventional services? The security areas are identical – and the requirements almost the same All Computing Service Security Models must comprise of: – Data Center, Physical, and Network Security – Data / Storage & Server / OS Security – API and Middleware Security – Application Security including Access Control, Penetration testing – Protection of the traffic between Service and End-user • Some elements of Security for Cloud is different due to the shared nature: The Risk picture is different due to the risk of crossover between services on same Cloud: – Shared technological vulnerabilities – Insecure API’s – Potential population of Malicious insiders increase – Risk of Data Leakage / Data Contamination The Governance models differ: – Cloud often offer less client transparency and influence – More reliant on third party attestation and certifications The Security requirements are higher – especially for: – Data / Storage , Application security – Monitoring and malware protection must be tighter 7 © 2012 Ariba, Inc. All rights reserved.
  • 8. Service Compliance Framework ? • Service Compliance Framework does not differ a lot between Cloud and Conventional Differences are mostly in the mapping from the Security Control Model to the Service Delivery Model due to the service organization Governance and e.g. Audit access can vary => Requirements to Service Contract structure are likely to be different Graphics borrowed from: https://cloudsecurityalliance.org/guidance/csaguide.v3.0.pdf 8 © 2012 Ariba, Inc. All rights reserved.
  • 9. European FS clients - What trends do we see in their Cloud requirements? • In general, we see a strong push for Cloud Services across all our clients • But there are differences in their requirements and approach • Some of the differences comes from legislation in the European Union; other trends seem closer related to industry or culture: Data privacy: – While there are many similarities between the data privacy requirements in Europe and USA, the EU Data Privacy Model Clauses lock the service provider in while Safe Harbor can be exited – This impact the contractual requirements of an European client Choice of Deployment Model - European FS clients go for Private / Hybrid to a higher degree – Risk for Data Loss / Leakage seem to be what is significantly influencing this choice – Also Governance and reliance of third party certifiers play a role Uptake of Cloud Service Models: – The uptake of SaaS in USA is much stronger compared to Europe – A higher proportion of European FS Clients are focusing on IaaS and PaaS and less on SaaS compared to NA counterparts – Very likely to be related to the division of the European market into several languages as well as legal/traditional requirements – just not the same type of a large market with uniform requirements – Consequentially, there is less demand for single-service cloud offerings - still ! 9 © 2012 Ariba, Inc. All rights reserved.
  • 10. I think I want Cloud! – how do I avoid the pitfalls ? • Do ALL of what you would do for a conventional service: (many very similar frameworks are available – below reflecting https://cloudsecurityalliance.org) Identify your Information Assets; these are normally Data and Application/Function/Process Evaluate the sensitivity of your Information Assets => Confidentiality, Integrity, and Availability requirements Determine your Compliance (incl Jurisdiction), SLA, and BCP Requirements Evaluate your potential Providers, their Service Models, and Locations Map potential data flows between locations, and determine risk exposure points • Decide whether Cloud is available and applicable – if Yes: Continue Determine the correct deployment model for your Information Assets: – Private / Community / Public .... or Hybrid Determine if you go for a full stack SaaS, PaaS, or IaaS hosting services only Advantages for PaaS / IaaS is that you can get to customise more of the Application Security layer – The drawback is that you become responsible for defining, implementing, and planning security for all above where the Cloud Provider service stops Define /modify your Security Control, Risk Mitigation, and Governance Framework 10 © 2012 Ariba, Inc. All rights reserved.
  • 11. Summary • From a requirement , assessment, and SLA perspective, the conventional and cloud based services are very similar to the clients • The potential for great security (or appalling security ! ) are very much the same • There are differences in security considerations and in some security requirements, and there are specific information assets, where it must be considered if Cloud Computing is the optimal service form Where to go for more information on Cloud Security : • Cloud Security Alliance has done a great job in promoting best practices and providing good guidelines for Cloud Computing Security: www.cloudsecurityalliance.org • Websites of Service Providers in the industry are also rich sources of information 11 © 2012 Ariba, Inc. All rights reserved.
  • 12. Questions and Answers • Contact Information: Torben Lundgren, torben.lundgren@accenture.com or via LinkedIn: http://uk.linkedin.com/in/torbenlundgren 12 © 2012 Ariba, Inc. All rights reserved.
  • 13. C Lions and Tigers and Cloud, Oh My! The Truth Behind Cloud Security and Risks Ariba Security in the Cloud Jason Brown Dir, Solutions Management - Data and Security Policies © 2012 Ariba, Inc. All rights reserved.
  • 14. Agenda • Background • Ariba Privacy/Security Framework • Building Trust with Ariba • Trends • trust.ariba.com 14 © 2012 Ariba, Inc. All rights reserved.
  • 15. Ariba Privacy/Security Framework 15 © 2012 Ariba, Inc. All rights reserved.
  • 16. Building Trust with Ariba • Semi-annual WebTrust Seal of Assurance since 2001 Covers Security, Confidentiality, Processing Integrity, and Availability Principles • SSAE 16 - SOC 1 and SOC 2 type II reports for transparency (formerly SAS70) since 2009 • PCI DSS Level 1 Service Provider since 2008 • US Dept. of Commerce Safe Harbor since 2009 • Vulnerability Scans and Penetration Tests Monthly PCI Scans, Pen Tests of each release • trust.ariba.com • Background Check Program • Security Awareness Program Certification upon hire Annual re-certification 16 © 2012 Ariba, Inc. All rights reserved.
  • 17. Trends • Greater Transparency  Ariba SOC 1 and SOC 2 Type II reports • Deeper dives on 3rd party / sub-service provider assurance  Extensive Vendor Oversight program  Equinix SOC 1 Type II report • Customer performed vulnerability scans  Ariba investment in third party penetration tests • EU Commission on Data Protection  Initiated program to comply by January 2014 • Cloud Security Alliance growth  Ariba membership  Hosted Silicon Valley Chapter 17 © 2012 Ariba, Inc. All rights reserved.
  • 18. trust.ariba.com 18 © 2012 Ariba, Inc. All rights reserved.
  • 19. trust.ariba.com – Cloud Status 19 © 2012 Ariba, Inc. All rights reserved.
  • 20. trust.ariba.com - Policies 20 © 2012 Ariba, Inc. All rights reserved.
  • 21. Questions and Answers • Contact Information: Jason Brown JasonBrown@ariba.com 21 © 2012 Ariba, Inc. All rights reserved.
  • 22. Share This Session…NOW…from your mobile! • All presentations are posted: Guidebook mobile app – Search Apple or Android app store for Guidebook – Enter code “collabor8” Or at Slideshare.net/Ariba • Share via email or social media **Come back soon – we are syncing #AribaLIVE audio and video interviews to the presentations** 22 © 2012 Ariba, Inc. All rights reserved.