SlideShare uma empresa Scribd logo

Cloud Data Security and Privacy

Druva
Druva

Is your company thinking about the cloud or already in there but learning fast about the many challenges of the security and privacy of cloud data? Learn more about the landscape of data in the cloud, and the obstacles that every company should consider when it comes to protecting their down.

Tecnologia
1 de 27
Baixar para ler offline
Security & Privacy of Cloud Data What You Need to Know Dave Packer, Vice President Product Marketing April, 2015
2Data Protection and Governance at the Edge “Druva has been a phenomenal answer to Dell for protecting our data” About Druva Company •  Fastest growing data protection and governance company •  Over 3,000 customers •  Protecting 3.0m+ endpoints globally Ranked #1 by Gartner two years running Data Protection 2014 Brad Hammack IT Emerging Technologies
3Data Protection and Governance at the Edge inSync Efficient Endpoint Backup to the Cloud
4Data Protection and Governance at the Edge Dramatic Shift in Cloud Adoption 2013 75%   25%   2014 20%   80%  
5Data Protection and Governance at the Edge The Global Hurdles of Cloud Adoption •  PRISM •  Sectoral Regulations o  HIPAA, FINRA, GLBA, COPPA, … •  Evolving Global Privacy Regulations o  EU, Germany, France, Russia, … •  Microsoft vs. United States •  Dropbox Transparency Report h"p://dlapiperdataprotec/on.com/  
6 2015: The Top Security Challenges Source: 451 Group – Wave 8 Report 2015 (preliminary note)
7Data Protection and Governance at the Edge But there’s the flip-side of the coin •  Almost all major breaches in 2014 were against on-premise systems •  Breaching the firewall can mean all systems become vulnerable (Sony) •  Breach attributions o  Malicious outsider: 50% o  Accidental loss / misplace: 25% o  Malicious Insider: 15%
8Data Protection and Governance at the Edge What  type  of  data  is  the  most  sensi/ve  to  your  business?     Other People’s Data the Top Concern 1%   18%   19%   22%   33%   37%   41%   46%   52%   0%   10%   20%   30%   40%   50%   60%   We  do  not  have  sensi/ve  business  data   Planning  and  strategy  documents   Payroll   Unregulated  customer  data  (emails,  order  history,  etc.)   Accoun/ng  and  financial   Intellectual  property   Personal  employee  informa/on  (SSNs,  phone  numbers,  etc.)   Password  or  authen/ca/on  creden/als   Regulated  customer  data  (credit  cards,  health  records,  etc.)  
9Data Protection and Governance at the Edge In  your  opinion,  which  environment  has  be"er     data  security  /  privacy  controls?   Cloud Security + Privacy Opinion is Changing On   premises   65%   Cloud   35%  
10Data Protection and Governance at the Edge h"p://techcrunch.com/2015/04/04/the-­‐cloud-­‐could-­‐be-­‐your-­‐best-­‐security-­‐bet/?ncid=txtlnkusaolp00000629#.z48jaw:4RNJ   •  The difference between 1 security team and 1000’s of security teams •  Data durability / resiliency and replication •  Expanding regional coverage •  However, you do need to scrutinize your cloud provider stack
11Data Protection and Governance at the Edge Common Cloud Security/Privacy Concerns •  Infrastructure Security: Where is the infrastructure? How is it controlled and to what extent certified? •  Data Security: How is the data encrypted in transit and stored at-rest? What is the durability of the data? •  Data Residency: What are the regional, cross-geography data controls? •  Data Privacy: What controls are in place to provide ethical walls? What data can my SaaS provider access? •  SaaS Security: What certifications and security controls does the SaaS provider have in place? IaaS Infrastructure: Compute + Storage PaaS Distributed Database Services SaaS Application Services
12Data Protection and Governance at the Edge As a Cloud Provider, Security = Survival •  SOC 1, SOC 2 & SOC 3 ISO 27001 •  PCI Level 1 •  FedRAMP •  AWS GovCloud (US) •  MPAA best practices alignment Customer are running SOX, HIPAA, FISMA, DIACAP MAC III sensitive ATO, ITAR, … Facilities Physical security Physical infrastructure Network infrastructure Virtualization infrastructure IaaS   PaaS  
13Data Protection and Governance at the Edge Distributed  Denial  Of   Service  (DDoS)  A>ack   Man  In  the  Middle   (MITM)  A>ack   Port  Scanning               Packet  sniffing  by   other  tenant         IP  Spoofing   Firewall  security   groups   Vulnerability  tesLng   Continuous Network Monitoring and Response •  Protects customer data from network attacks: o  Intercepting in-transit data o  System breaches o  Blocking/disrupting services
14Data Protection and Governance at the Edge AWS Global Footprint •  >1 million active customers across 190 countries •  900+ government agencies •  3,400+ educational institutions •  11 regions, including ITAR-compliant GovCloud and the new region in Germany •  28 availability zones •  53 edge locations
15Data Protection and Governance at the Edge SaaS Provider Needs Build the Proper Controls •  ✔ Infrastructure Security: Where is the infrastructure? How is it controlled and to what extent certified? •  Data Security: How is the data encrypted in transit and stored at-rest •  Data Residency: What are the regional, cross-geography data controls? •  Data Privacy: What controls are in place to provide ethical walls? What data can my SaaS provider access? •  SaaS Security: What certifications and security controls does the SaaS provider have in place? IaaS Infrastructure: Compute + Storage PaaS Distributed Database Services SaaS Application Services
16Data Protection and Governance at the Edge Most IaaS/PaaS Certifications Don’t Pass to the SaaS Level IaaS Infrastructure: Compute + Storage PaaS Distributed Database Services SaaS Application Services •  Druva Certifications & Audits o  ISAE-3000 o  TRUSTe certified privacy o  EU Safe Harbor o  HIPAA Audited •  Regular VAPT Testing (White Hat) •  SkyHigh CloudTrust program partner •  Audits renewed annually ISAE 3000 TRUSTe EU Safe Harbor HIPAA BAA Skyhigh Enterprise-Ready
17Data Protection and Governance at the Edge Addressing Enterprise Data Protection RequirementsUnderstand How Your Data is Stored S3 Buckets, Data Scrambling via Envelope Encryption Blocks-Only into Object Storage IaaS / Storage Layer (EC2, S3, Glacier) SSL   Global Deduplication (unique blocks) & Metadata Separation (data is dereferenced) PaaS Layer (DynamoDB) 256  AES   Data   Metadata  
18Data Protection and Governance at the Edge Encryption Key Models Vary Extensively Management  Method   Strength   Weakness   Keys  Stored  with  Data     •  Simple   •  Provider  access   •  System  wide  breach  poten/al   •  Consumer  designed   Keys  Stored  in  Escrow   •  No  provider  direct  access   •  S/ll  accessible  w/  subpoena,  warrant,  court   order     •  Key  rota/on,  management  may  be  needed   Key  Server   Keys  Stored  On-­‐premise   •  Secure,  no  provider  access   •  On-­‐premise  hardware,  must  be  managed   •  Introduces  system-­‐wide  failure  point   Envelope   Key  encrypted  in  cloud     •  Secure,  inaccessible  by  vendor   •  No  key  management   •  Session  based  key   •  No  access  =  provider  can’t  reset  client  key  
19Data Protection and Governance at the Edge Envelope Key Management & Encryption •  Works like a bank safety-deposit box o  Unique encryption key generated per customer o  Key itself is encrypted with customer credentials and stored as a token •  They key itself is inaccessible by anyone o  Only exists during the client session o  Never leaves the system o  Removes the need for key management •  Druva cannot access/decrypt customer data with stored token
20Data Protection and Governance at the Edge Authentication Controls (AD, SSO) Configurable Group Policies (Data Access, Sharing, Visibility) Full Admin and End-User Audit Trails SaaS Layer Application Addressing Enterprise Data Protection RequirementsSaaS Provider Security Approach Global Deduplication (unique blocks) & Metadata Separation (data is dereferenced) PaaS Layer (DynamoDB) S3 Buckets, Data Scrambling via Envelope Encryption Block-Only Object Storage IaaS / Storage Layer (EC2, S3, Glacier)
21 Lastly, Be Sure Data Privacy is Being Addressed Regional   Employee   Corporate   Scenario  
22Data Protection and Governance at the Edge Addressing Regional Data Regulations •  11 admin-selectable data storage regions, data stays within the region •  Administrator segregation and delegation with pre-defined granular access rights •  No ability for vendor to access key or stored data Corporate Privacy Regional Management •  Data residency •  Local administration •  Data Storage Privacy
23Data Protection and Governance at the Edge Walls for Corporate Data Privacy •  Policy group settings for classes via AD (Officers, Legal, …) restrict data visibility •  Full data auditing for compliance response for PHI & PII •  Proactive monitoring based on data classifications Corporate Privacy Material Data •  Officer data shielding •  Compliance auditing •  Tracking + monitoring
24Data Protection and Governance at the Edge Protecting Employee Privacy •  End-user privacy controls either by policy or opt-out feature (no admin data visibility) •  Containerization on mobile devices, extendable via MDM (MobileIron) •  Exclusionary settings for backup and collection process •  Admin visibility to audit trails restricted via policy Employee Privacy •  Privacy controls •  Data segregation •  Corporate visibility
25Data Protection and Governance at the Edge Scenario-based Privacy •  Delegated roles for compliance and legal counsel •  Full data and audit trail access for compliance, investigation and litigation requirements Scenario / Exceptions •  Compliance audits •  Investigations •  eDiscovery collection
26Data Protection and Governance at the Edge Key Takeaways •  Be sure to check the certifications and how they apply to the overall stack, just because the IaaS/PaaS is certified it doesn’t mean the SaaS layer is. •  For data residency ensure your cloud data isn’t moving around to non-compliant locations, have the vendor sign an agreement and show documented ability to comply •  Encryption models continue to evolve, make sure your provider can’t divulge your data without you knowing •  Data privacy laws are still emerging and tend to be ambiguous, best place to get the answers to stay compliant is working with your legal team, don’t guess
27 Questions? www.druva.com dave.packer@druva.com Thank You! The  Leader  in  Data  ProtecOon  and   Governance  at  the  Edge  

Recomendados

Cut End-to-End eDiscovery Time in Half: Leveraging the Cloud
Cut End-to-End eDiscovery Time in Half: Leveraging the CloudCut End-to-End eDiscovery Time in Half: Leveraging the Cloud
Cut End-to-End eDiscovery Time in Half: Leveraging the CloudDruva
 
4 ways to cut your e discovery costs in half-webinar-exterro-druva
4 ways to cut your e discovery costs in half-webinar-exterro-druva4 ways to cut your e discovery costs in half-webinar-exterro-druva
4 ways to cut your e discovery costs in half-webinar-exterro-druvaDruva
 
Protecting Corporate Data When an Employee Leaves: Survey and Best Practices
Protecting Corporate Data When an Employee Leaves: Survey and Best PracticesProtecting Corporate Data When an Employee Leaves: Survey and Best Practices
Protecting Corporate Data When an Employee Leaves: Survey and Best PracticesDruva
 
New Strategies for More Effective Remote/Branch Office Data Protection
New Strategies for More Effective Remote/Branch Office Data ProtectionNew Strategies for More Effective Remote/Branch Office Data Protection
New Strategies for More Effective Remote/Branch Office Data ProtectionDruva
 
Interested in working at Druva?
Interested in working at Druva?Interested in working at Druva?
Interested in working at Druva?Druva
 
Expanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challengesExpanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challengesTom Kirby
 
20 point checklist : why move backup and disaster recovery to the cloud - druva
20 point checklist : why move backup and disaster recovery to the cloud - druva20 point checklist : why move backup and disaster recovery to the cloud - druva
20 point checklist : why move backup and disaster recovery to the cloud - druvaDruva
 
Jason Tooley – Welcome to Vision Solution Day EMEA
Jason Tooley – Welcome to Vision Solution Day EMEAJason Tooley – Welcome to Vision Solution Day EMEA
Jason Tooley – Welcome to Vision Solution Day EMEAVeritas Technologies LLC
 

Recomendados

Cut End-to-End eDiscovery Time in Half: Leveraging the Cloud
Cut End-to-End eDiscovery Time in Half: Leveraging the CloudCut End-to-End eDiscovery Time in Half: Leveraging the Cloud
Cut End-to-End eDiscovery Time in Half: Leveraging the CloudDruva
 
4 ways to cut your e discovery costs in half-webinar-exterro-druva
4 ways to cut your e discovery costs in half-webinar-exterro-druva4 ways to cut your e discovery costs in half-webinar-exterro-druva
4 ways to cut your e discovery costs in half-webinar-exterro-druvaDruva
 
Protecting Corporate Data When an Employee Leaves: Survey and Best Practices
Protecting Corporate Data When an Employee Leaves: Survey and Best PracticesProtecting Corporate Data When an Employee Leaves: Survey and Best Practices
Protecting Corporate Data When an Employee Leaves: Survey and Best PracticesDruva
 
New Strategies for More Effective Remote/Branch Office Data Protection
New Strategies for More Effective Remote/Branch Office Data ProtectionNew Strategies for More Effective Remote/Branch Office Data Protection
New Strategies for More Effective Remote/Branch Office Data ProtectionDruva
 
Interested in working at Druva?
Interested in working at Druva?Interested in working at Druva?
Interested in working at Druva?Druva
 
Expanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challengesExpanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challengesTom Kirby
 
20 point checklist : why move backup and disaster recovery to the cloud - druva
20 point checklist : why move backup and disaster recovery to the cloud - druva20 point checklist : why move backup and disaster recovery to the cloud - druva
20 point checklist : why move backup and disaster recovery to the cloud - druvaDruva
 
Jason Tooley – Welcome to Vision Solution Day EMEA
Jason Tooley – Welcome to Vision Solution Day EMEAJason Tooley – Welcome to Vision Solution Day EMEA
Jason Tooley – Welcome to Vision Solution Day EMEAVeritas Technologies LLC
 
The state of data privacy with dimensional research
The state of data privacy with dimensional research The state of data privacy with dimensional research
The state of data privacy with dimensional research Druva
 
Threat Ready Data: Protect Data from the Inside and the Outside
Threat Ready Data: Protect Data from the Inside and the OutsideThreat Ready Data: Protect Data from the Inside and the Outside
Threat Ready Data: Protect Data from the Inside and the OutsideDLT Solutions
 
Peter Grimmond – Harnessing the power of data
Peter Grimmond – Harnessing the power of dataPeter Grimmond – Harnessing the power of data
Peter Grimmond – Harnessing the power of dataVeritas Technologies LLC
 
Information Governance Maturity for Financial Services
Information Governance Maturity for Financial ServicesInformation Governance Maturity for Financial Services
Information Governance Maturity for Financial ServicesCraig Adams
 
eDiscovery platform EMEA user conference 2017
eDiscovery platform EMEA user conference 2017eDiscovery platform EMEA user conference 2017
eDiscovery platform EMEA user conference 2017Veritas Technologies LLC
 
How Network Data Loss Prevention is Implemented
How Network Data Loss Prevention is ImplementedHow Network Data Loss Prevention is Implemented
How Network Data Loss Prevention is ImplementedJerry Paul Acosta
 
Keynote session – Mitigate risks and stay compliant with Chris Bridgland and ...
Keynote session – Mitigate risks and stay compliant with Chris Bridgland and ...Keynote session – Mitigate risks and stay compliant with Chris Bridgland and ...
Keynote session – Mitigate risks and stay compliant with Chris Bridgland and ...Veritas Technologies LLC
 
Big Data Security and Governance
Big Data Security and GovernanceBig Data Security and Governance
Big Data Security and GovernanceDataWorks Summit/Hadoop Summit
 
David Noy – Realising the true potential of software-defined storage
David Noy – Realising the true potential of software-defined storageDavid Noy – Realising the true potential of software-defined storage
David Noy – Realising the true potential of software-defined storageVeritas Technologies LLC
 
Perspectives on Ethical Big Data Governance
Perspectives on Ethical Big Data GovernancePerspectives on Ethical Big Data Governance
Perspectives on Ethical Big Data GovernanceCloudera, Inc.
 
Privacy Advisory Service
Privacy Advisory ServicePrivacy Advisory Service
Privacy Advisory ServiceIron Mountain
 
Data Breaches: The Untold Story
Data Breaches: The Untold Story Data Breaches: The Untold Story
Data Breaches: The Untold Story Isabelle Dumont
 
Cross border - off-shoring and outsourcing privacy sensitive data
Cross border - off-shoring and outsourcing privacy sensitive dataCross border - off-shoring and outsourcing privacy sensitive data
Cross border - off-shoring and outsourcing privacy sensitive dataUlf Mattsson
 
To Serve and Protect: Making Sense of Hadoop Security
To Serve and Protect: Making Sense of Hadoop Security To Serve and Protect: Making Sense of Hadoop Security
To Serve and Protect: Making Sense of Hadoop Security Inside Analysis
 
Security&Governance
Security&GovernanceSecurity&Governance
Security&GovernanceDatio Big Data
 
Make the Upgrade: Data protection in the cloud
Make the Upgrade: Data protection in the cloudMake the Upgrade: Data protection in the cloud
Make the Upgrade: Data protection in the cloudErik Von Schlehenried
 
Cyber security within Organisations: A sneaky peak of current status, trends,...
Cyber security within Organisations: A sneaky peak of current status, trends,...Cyber security within Organisations: A sneaky peak of current status, trends,...
Cyber security within Organisations: A sneaky peak of current status, trends,...Marco Casassa Mont
 
Realizing the Value of Social: Evolving from Social Media to Customer Experience
Realizing the Value of Social: Evolving from Social Media to Customer ExperienceRealizing the Value of Social: Evolving from Social Media to Customer Experience
Realizing the Value of Social: Evolving from Social Media to Customer ExperienceTata Consultancy Services
 
Driving Digital Transformation
Driving Digital TransformationDriving Digital Transformation
Driving Digital TransformationIron Mountain
 
Getting Your House in Order: Cost-effective Litigation Readiness
Getting Your House in Order: Cost-effective Litigation ReadinessGetting Your House in Order: Cost-effective Litigation Readiness
Getting Your House in Order: Cost-effective Litigation ReadinessIron Mountain
 
Luncheon 2016-04-21- Data Security and Privacy Issues in Cloud Contracts by R...
Luncheon 2016-04-21- Data Security and Privacy Issues in Cloud Contracts by R...Luncheon 2016-04-21- Data Security and Privacy Issues in Cloud Contracts by R...
Luncheon 2016-04-21- Data Security and Privacy Issues in Cloud Contracts by R...North Texas Chapter of the ISSA
 
Security and Privacy Issues of Cloud Computing; Solutions and Secure Framework
Security and Privacy Issues of Cloud Computing; Solutions and Secure FrameworkSecurity and Privacy Issues of Cloud Computing; Solutions and Secure Framework
Security and Privacy Issues of Cloud Computing; Solutions and Secure FrameworkIOSR Journals
 

Mais conteúdo relacionado

Mais procurados

The state of data privacy with dimensional research
The state of data privacy with dimensional research The state of data privacy with dimensional research
The state of data privacy with dimensional research Druva
 
Threat Ready Data: Protect Data from the Inside and the Outside
Threat Ready Data: Protect Data from the Inside and the OutsideThreat Ready Data: Protect Data from the Inside and the Outside
Threat Ready Data: Protect Data from the Inside and the OutsideDLT Solutions
 
Peter Grimmond – Harnessing the power of data
Peter Grimmond – Harnessing the power of dataPeter Grimmond – Harnessing the power of data
Peter Grimmond – Harnessing the power of dataVeritas Technologies LLC
 
Information Governance Maturity for Financial Services
Information Governance Maturity for Financial ServicesInformation Governance Maturity for Financial Services
Information Governance Maturity for Financial ServicesCraig Adams
 
eDiscovery platform EMEA user conference 2017
eDiscovery platform EMEA user conference 2017eDiscovery platform EMEA user conference 2017
eDiscovery platform EMEA user conference 2017Veritas Technologies LLC
 
How Network Data Loss Prevention is Implemented
How Network Data Loss Prevention is ImplementedHow Network Data Loss Prevention is Implemented
How Network Data Loss Prevention is ImplementedJerry Paul Acosta
 
Keynote session – Mitigate risks and stay compliant with Chris Bridgland and ...
Keynote session – Mitigate risks and stay compliant with Chris Bridgland and ...Keynote session – Mitigate risks and stay compliant with Chris Bridgland and ...
Keynote session – Mitigate risks and stay compliant with Chris Bridgland and ...Veritas Technologies LLC
 
David Noy – Realising the true potential of software-defined storage
David Noy – Realising the true potential of software-defined storageDavid Noy – Realising the true potential of software-defined storage
David Noy – Realising the true potential of software-defined storageVeritas Technologies LLC
 
Perspectives on Ethical Big Data Governance
Perspectives on Ethical Big Data GovernancePerspectives on Ethical Big Data Governance
Perspectives on Ethical Big Data GovernanceCloudera, Inc.
 
Privacy Advisory Service
Privacy Advisory ServicePrivacy Advisory Service
Privacy Advisory ServiceIron Mountain
 
Data Breaches: The Untold Story
Data Breaches: The Untold Story Data Breaches: The Untold Story
Data Breaches: The Untold Story Isabelle Dumont
 
Cross border - off-shoring and outsourcing privacy sensitive data
Cross border - off-shoring and outsourcing privacy sensitive dataCross border - off-shoring and outsourcing privacy sensitive data
Cross border - off-shoring and outsourcing privacy sensitive dataUlf Mattsson
 
To Serve and Protect: Making Sense of Hadoop Security
To Serve and Protect: Making Sense of Hadoop Security To Serve and Protect: Making Sense of Hadoop Security
To Serve and Protect: Making Sense of Hadoop Security Inside Analysis
 
Make the Upgrade: Data protection in the cloud
Make the Upgrade: Data protection in the cloudMake the Upgrade: Data protection in the cloud
Make the Upgrade: Data protection in the cloudErik Von Schlehenried
 
Cyber security within Organisations: A sneaky peak of current status, trends,...
Cyber security within Organisations: A sneaky peak of current status, trends,...Cyber security within Organisations: A sneaky peak of current status, trends,...
Cyber security within Organisations: A sneaky peak of current status, trends,...Marco Casassa Mont
 
Realizing the Value of Social: Evolving from Social Media to Customer Experience
Realizing the Value of Social: Evolving from Social Media to Customer ExperienceRealizing the Value of Social: Evolving from Social Media to Customer Experience
Realizing the Value of Social: Evolving from Social Media to Customer ExperienceTata Consultancy Services
 
Driving Digital Transformation
Driving Digital TransformationDriving Digital Transformation
Driving Digital TransformationIron Mountain
 
Getting Your House in Order: Cost-effective Litigation Readiness
Getting Your House in Order: Cost-effective Litigation ReadinessGetting Your House in Order: Cost-effective Litigation Readiness
Getting Your House in Order: Cost-effective Litigation ReadinessIron Mountain
 

Mais procurados (20)

The state of data privacy with dimensional research
The state of data privacy with dimensional research The state of data privacy with dimensional research
The state of data privacy with dimensional research
 
Threat Ready Data: Protect Data from the Inside and the Outside
Threat Ready Data: Protect Data from the Inside and the OutsideThreat Ready Data: Protect Data from the Inside and the Outside
Threat Ready Data: Protect Data from the Inside and the Outside
 
Peter Grimmond – Harnessing the power of data
Peter Grimmond – Harnessing the power of dataPeter Grimmond – Harnessing the power of data
Peter Grimmond – Harnessing the power of data
 
Information Governance Maturity for Financial Services
Information Governance Maturity for Financial ServicesInformation Governance Maturity for Financial Services
Information Governance Maturity for Financial Services
 
eDiscovery platform EMEA user conference 2017
eDiscovery platform EMEA user conference 2017eDiscovery platform EMEA user conference 2017
eDiscovery platform EMEA user conference 2017
 
How Network Data Loss Prevention is Implemented
How Network Data Loss Prevention is ImplementedHow Network Data Loss Prevention is Implemented
How Network Data Loss Prevention is Implemented
 
Keynote session – Mitigate risks and stay compliant with Chris Bridgland and ...
Keynote session – Mitigate risks and stay compliant with Chris Bridgland and ...Keynote session – Mitigate risks and stay compliant with Chris Bridgland and ...
Keynote session – Mitigate risks and stay compliant with Chris Bridgland and ...
 
Big Data Security and Governance
Big Data Security and GovernanceBig Data Security and Governance
Big Data Security and Governance
 
David Noy – Realising the true potential of software-defined storage
David Noy – Realising the true potential of software-defined storageDavid Noy – Realising the true potential of software-defined storage
David Noy – Realising the true potential of software-defined storage
 
Perspectives on Ethical Big Data Governance
Perspectives on Ethical Big Data GovernancePerspectives on Ethical Big Data Governance
Perspectives on Ethical Big Data Governance
 
Privacy Advisory Service
Privacy Advisory ServicePrivacy Advisory Service
Privacy Advisory Service
 
Data Breaches: The Untold Story
Data Breaches: The Untold Story Data Breaches: The Untold Story
Data Breaches: The Untold Story
 
Cross border - off-shoring and outsourcing privacy sensitive data
Cross border - off-shoring and outsourcing privacy sensitive dataCross border - off-shoring and outsourcing privacy sensitive data
Cross border - off-shoring and outsourcing privacy sensitive data
 
To Serve and Protect: Making Sense of Hadoop Security
To Serve and Protect: Making Sense of Hadoop Security To Serve and Protect: Making Sense of Hadoop Security
To Serve and Protect: Making Sense of Hadoop Security
 
Security&Governance
Security&GovernanceSecurity&Governance
Security&Governance
 
Make the Upgrade: Data protection in the cloud
Make the Upgrade: Data protection in the cloudMake the Upgrade: Data protection in the cloud
Make the Upgrade: Data protection in the cloud
 
Cyber security within Organisations: A sneaky peak of current status, trends,...
Cyber security within Organisations: A sneaky peak of current status, trends,...Cyber security within Organisations: A sneaky peak of current status, trends,...
Cyber security within Organisations: A sneaky peak of current status, trends,...
 
Realizing the Value of Social: Evolving from Social Media to Customer Experience
Realizing the Value of Social: Evolving from Social Media to Customer ExperienceRealizing the Value of Social: Evolving from Social Media to Customer Experience
Realizing the Value of Social: Evolving from Social Media to Customer Experience
 
Driving Digital Transformation
Driving Digital TransformationDriving Digital Transformation
Driving Digital Transformation
 
Getting Your House in Order: Cost-effective Litigation Readiness
Getting Your House in Order: Cost-effective Litigation ReadinessGetting Your House in Order: Cost-effective Litigation Readiness
Getting Your House in Order: Cost-effective Litigation Readiness
 

Destaque

Luncheon 2016-04-21- Data Security and Privacy Issues in Cloud Contracts by R...
Luncheon 2016-04-21- Data Security and Privacy Issues in Cloud Contracts by R...Luncheon 2016-04-21- Data Security and Privacy Issues in Cloud Contracts by R...
Luncheon 2016-04-21- Data Security and Privacy Issues in Cloud Contracts by R...North Texas Chapter of the ISSA
 
Security and Privacy Issues of Cloud Computing; Solutions and Secure Framework
Security and Privacy Issues of Cloud Computing; Solutions and Secure FrameworkSecurity and Privacy Issues of Cloud Computing; Solutions and Secure Framework
Security and Privacy Issues of Cloud Computing; Solutions and Secure FrameworkIOSR Journals
 
The Accidental Cloud: Privacy and Security Issues in a BYOD World
The Accidental Cloud: Privacy and Security Issues in a BYOD WorldThe Accidental Cloud: Privacy and Security Issues in a BYOD World
The Accidental Cloud: Privacy and Security Issues in a BYOD Worldmkeane
 
Where is my big data: security, privacy and jurisdictions in the cloud
Where is my big data: security, privacy and jurisdictions in the cloudWhere is my big data: security, privacy and jurisdictions in the cloud
Where is my big data: security, privacy and jurisdictions in the cloudChris Swan
 
Big Data, Cloud Computing, and Privacy Implications
Big Data, Cloud Computing, and Privacy ImplicationsBig Data, Cloud Computing, and Privacy Implications
Big Data, Cloud Computing, and Privacy ImplicationsAntigone Peyton
 
Security & Privacy In Cloud Computing
Security & Privacy In Cloud ComputingSecurity & Privacy In Cloud Computing
Security & Privacy In Cloud Computingsaurabh soni
 
Lecture01: Introduction to Security and Privacy in Cloud Computing
Lecture01: Introduction to Security and Privacy in Cloud ComputingLecture01: Introduction to Security and Privacy in Cloud Computing
Lecture01: Introduction to Security and Privacy in Cloud Computingragibhasan
 
Issues in cloud computing
Issues in cloud computingIssues in cloud computing
Issues in cloud computingronak patel
 
Introduction to cybercrime
Introduction to cybercrimeIntroduction to cybercrime
Introduction to cybercrimepatelripal99
 
Data security in cloud computing
Data security in cloud computingData security in cloud computing
Data security in cloud computingPrince Chandu
 
Cyber crime ppt
Cyber crime pptCyber crime ppt
Cyber crime pptMOE515253
 
Cybercrime presentation
Cybercrime presentationCybercrime presentation
Cybercrime presentationRajat Jain
 

Destaque (12)

Luncheon 2016-04-21- Data Security and Privacy Issues in Cloud Contracts by R...
Luncheon 2016-04-21- Data Security and Privacy Issues in Cloud Contracts by R...Luncheon 2016-04-21- Data Security and Privacy Issues in Cloud Contracts by R...
Luncheon 2016-04-21- Data Security and Privacy Issues in Cloud Contracts by R...
 
Security and Privacy Issues of Cloud Computing; Solutions and Secure Framework
Security and Privacy Issues of Cloud Computing; Solutions and Secure FrameworkSecurity and Privacy Issues of Cloud Computing; Solutions and Secure Framework
Security and Privacy Issues of Cloud Computing; Solutions and Secure Framework
 
The Accidental Cloud: Privacy and Security Issues in a BYOD World
The Accidental Cloud: Privacy and Security Issues in a BYOD WorldThe Accidental Cloud: Privacy and Security Issues in a BYOD World
The Accidental Cloud: Privacy and Security Issues in a BYOD World
 
Where is my big data: security, privacy and jurisdictions in the cloud
Where is my big data: security, privacy and jurisdictions in the cloudWhere is my big data: security, privacy and jurisdictions in the cloud
Where is my big data: security, privacy and jurisdictions in the cloud
 
Big Data, Cloud Computing, and Privacy Implications
Big Data, Cloud Computing, and Privacy ImplicationsBig Data, Cloud Computing, and Privacy Implications
Big Data, Cloud Computing, and Privacy Implications
 
Security & Privacy In Cloud Computing
Security & Privacy In Cloud ComputingSecurity & Privacy In Cloud Computing
Security & Privacy In Cloud Computing
 
Lecture01: Introduction to Security and Privacy in Cloud Computing
Lecture01: Introduction to Security and Privacy in Cloud ComputingLecture01: Introduction to Security and Privacy in Cloud Computing
Lecture01: Introduction to Security and Privacy in Cloud Computing
 
Issues in cloud computing
Issues in cloud computingIssues in cloud computing
Issues in cloud computing
 
Introduction to cybercrime
Introduction to cybercrimeIntroduction to cybercrime
Introduction to cybercrime
 
Data security in cloud computing
Data security in cloud computingData security in cloud computing
Data security in cloud computing
 
Cyber crime ppt
Cyber crime pptCyber crime ppt
Cyber crime ppt
 
Cybercrime presentation
Cybercrime presentationCybercrime presentation
Cybercrime presentation
 

Semelhante a Cloud Data Security and Privacy

Cloud data governance, risk management and compliance ny metro joint cyber...
Cloud data governance, risk management and compliance ny metro joint cyber...Cloud data governance, risk management and compliance ny metro joint cyber...
Cloud data governance, risk management and compliance ny metro joint cyber...Ulf Mattsson
 
Practical advice for cloud data protection ulf mattsson - oracle nyoug sep ...
Practical advice for cloud data protection ulf mattsson - oracle nyoug sep ...Practical advice for cloud data protection ulf mattsson - oracle nyoug sep ...
Practical advice for cloud data protection ulf mattsson - oracle nyoug sep ...Ulf Mattsson
 
Where to Store the Cloud Encryption Keys - InterOp 2012
Where to Store the Cloud Encryption Keys - InterOp 2012Where to Store the Cloud Encryption Keys - InterOp 2012
Where to Store the Cloud Encryption Keys - InterOp 2012Trend Micro
 
Software Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE projectSoftware Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE projectATMOSPHERE .
 
Data security in the cloud
Data security in the cloud Data security in the cloud
Data security in the cloud IBM Security
 
The day when 3rd party security providers disappear into cloud bright talk se...
The day when 3rd party security providers disappear into cloud bright talk se...The day when 3rd party security providers disappear into cloud bright talk se...
The day when 3rd party security providers disappear into cloud bright talk se...Ulf Mattsson
 
Extending security in the cloud network box - v4
Extending security in the cloud network box - v4Extending security in the cloud network box - v4
Extending security in the cloud network box - v4Valencell, Inc.
 
Asug84339 how to secure privacy data in a hybrid s4 hana landscape
Asug84339 how to secure privacy data in a hybrid s4 hana landscapeAsug84339 how to secure privacy data in a hybrid s4 hana landscape
Asug84339 how to secure privacy data in a hybrid s4 hana landscapeDharma Atluri
 
DG_Architecture_Training.pptx
DG_Architecture_Training.pptxDG_Architecture_Training.pptx
DG_Architecture_Training.pptxTranVu383073
 
Securing Data in the Cloud - GISEC2017
Securing Data in the Cloud - GISEC2017Securing Data in the Cloud - GISEC2017
Securing Data in the Cloud - GISEC2017Sohaib Mahmood
 
Practical advice for cloud data protection ulf mattsson - bright talk webin...
Practical advice for cloud data protection ulf mattsson - bright talk webin...Practical advice for cloud data protection ulf mattsson - bright talk webin...
Practical advice for cloud data protection ulf mattsson - bright talk webin...Ulf Mattsson
 
AFAC session 2 - September 8, 2014
AFAC session 2 - September 8, 2014AFAC session 2 - September 8, 2014
AFAC session 2 - September 8, 2014KBIZEAU
 
How the latest trends in data security can help your data protection strategy...
How the latest trends in data security can help your data protection strategy...How the latest trends in data security can help your data protection strategy...
How the latest trends in data security can help your data protection strategy...Ulf Mattsson
 
Alex Hanway - Securing the Breach: Using a Holistic Data Protection Framework
Alex Hanway - Securing the Breach: Using a Holistic Data Protection FrameworkAlex Hanway - Securing the Breach: Using a Holistic Data Protection Framework
Alex Hanway - Securing the Breach: Using a Holistic Data Protection Frameworkcentralohioissa
 
Managing Trustworthy Big-data Applications in the Cloud with the ATMOSPHERE P...
Managing Trustworthy Big-data Applications in the Cloud with the ATMOSPHERE P...Managing Trustworthy Big-data Applications in the Cloud with the ATMOSPHERE P...
Managing Trustworthy Big-data Applications in the Cloud with the ATMOSPHERE P...ATMOSPHERE .
 
How Vulnerable is Your Critical Data?
How Vulnerable is Your Critical Data?How Vulnerable is Your Critical Data?
How Vulnerable is Your Critical Data?IBM Security
 
Cryptographie avancée et Logical Data Fabric : Accélérez le partage et la mig...
Cryptographie avancée et Logical Data Fabric : Accélérez le partage et la mig...Cryptographie avancée et Logical Data Fabric : Accélérez le partage et la mig...
Cryptographie avancée et Logical Data Fabric : Accélérez le partage et la mig...Denodo
 

Semelhante a Cloud Data Security and Privacy (20)

Cloud data governance, risk management and compliance ny metro joint cyber...
Cloud data governance, risk management and compliance ny metro joint cyber...Cloud data governance, risk management and compliance ny metro joint cyber...
Cloud data governance, risk management and compliance ny metro joint cyber...
 
Practical advice for cloud data protection ulf mattsson - oracle nyoug sep ...
Practical advice for cloud data protection ulf mattsson - oracle nyoug sep ...Practical advice for cloud data protection ulf mattsson - oracle nyoug sep ...
Practical advice for cloud data protection ulf mattsson - oracle nyoug sep ...
 
Where to Store the Cloud Encryption Keys - InterOp 2012
Where to Store the Cloud Encryption Keys - InterOp 2012Where to Store the Cloud Encryption Keys - InterOp 2012
Where to Store the Cloud Encryption Keys - InterOp 2012
 
Software Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE projectSoftware Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE project
 
AWS Cloud Security
AWS Cloud SecurityAWS Cloud Security
AWS Cloud Security
 
Data security in the cloud
Data security in the cloud Data security in the cloud
Data security in the cloud
 
The day when 3rd party security providers disappear into cloud bright talk se...
The day when 3rd party security providers disappear into cloud bright talk se...The day when 3rd party security providers disappear into cloud bright talk se...
The day when 3rd party security providers disappear into cloud bright talk se...
 
Extending security in the cloud network box - v4
Extending security in the cloud network box - v4Extending security in the cloud network box - v4
Extending security in the cloud network box - v4
 
Asug84339 how to secure privacy data in a hybrid s4 hana landscape
Asug84339 how to secure privacy data in a hybrid s4 hana landscapeAsug84339 how to secure privacy data in a hybrid s4 hana landscape
Asug84339 how to secure privacy data in a hybrid s4 hana landscape
 
DG_Architecture_Training.pptx
DG_Architecture_Training.pptxDG_Architecture_Training.pptx
DG_Architecture_Training.pptx
 
Securing Data in the Cloud - GISEC2017
Securing Data in the Cloud - GISEC2017Securing Data in the Cloud - GISEC2017
Securing Data in the Cloud - GISEC2017
 
Practical advice for cloud data protection ulf mattsson - bright talk webin...
Practical advice for cloud data protection ulf mattsson - bright talk webin...Practical advice for cloud data protection ulf mattsson - bright talk webin...
Practical advice for cloud data protection ulf mattsson - bright talk webin...
 
AFAC session 2 - September 8, 2014
AFAC session 2 - September 8, 2014AFAC session 2 - September 8, 2014
AFAC session 2 - September 8, 2014
 
How the latest trends in data security can help your data protection strategy...
How the latest trends in data security can help your data protection strategy...How the latest trends in data security can help your data protection strategy...
How the latest trends in data security can help your data protection strategy...
 
Alex Hanway - Securing the Breach: Using a Holistic Data Protection Framework
Alex Hanway - Securing the Breach: Using a Holistic Data Protection FrameworkAlex Hanway - Securing the Breach: Using a Holistic Data Protection Framework
Alex Hanway - Securing the Breach: Using a Holistic Data Protection Framework
 
Managing Trustworthy Big-data Applications in the Cloud with the ATMOSPHERE P...
Managing Trustworthy Big-data Applications in the Cloud with the ATMOSPHERE P...Managing Trustworthy Big-data Applications in the Cloud with the ATMOSPHERE P...
Managing Trustworthy Big-data Applications in the Cloud with the ATMOSPHERE P...
 
Practical Security for the Cloud
Practical Security for the CloudPractical Security for the Cloud
Practical Security for the Cloud
 
How Vulnerable is Your Critical Data?
How Vulnerable is Your Critical Data?How Vulnerable is Your Critical Data?
How Vulnerable is Your Critical Data?
 
Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016
 
Cryptographie avancée et Logical Data Fabric : Accélérez le partage et la mig...
Cryptographie avancée et Logical Data Fabric : Accélérez le partage et la mig...Cryptographie avancée et Logical Data Fabric : Accélérez le partage et la mig...
Cryptographie avancée et Logical Data Fabric : Accélérez le partage et la mig...
 

Mais de Druva

Druva’s 2017 Ransomware Survey
Druva’s 2017 Ransomware Survey Druva’s 2017 Ransomware Survey
Druva’s 2017 Ransomware Survey Druva
 
Rethink Server Backup and Regain Control
Rethink Server Backup and Regain ControlRethink Server Backup and Regain Control
Rethink Server Backup and Regain ControlDruva
 
Taking a Proactive Approach to Combat Ransomware [Druva Webinar]
Taking a Proactive Approach to Combat Ransomware [Druva Webinar]Taking a Proactive Approach to Combat Ransomware [Druva Webinar]
Taking a Proactive Approach to Combat Ransomware [Druva Webinar]Druva
 
Getting a clue: uncovering the truth about your data with mobile forensics
Getting a clue: uncovering the truth about your data with mobile forensicsGetting a clue: uncovering the truth about your data with mobile forensics
Getting a clue: uncovering the truth about your data with mobile forensicsDruva
 
Where in the world is your PII and other sensitive data? by @druva inc
Where in the world is your PII and other sensitive data? by @druva incWhere in the world is your PII and other sensitive data? by @druva inc
Where in the world is your PII and other sensitive data? by @druva incDruva
 
Black Hat 2015 Survey: The Challenge of Data Sprawl
Black Hat 2015 Survey: The Challenge of Data SprawlBlack Hat 2015 Survey: The Challenge of Data Sprawl
Black Hat 2015 Survey: The Challenge of Data SprawlDruva
 
Where In The World Is Your Sensitive Data?
Where In The World Is Your Sensitive Data?Where In The World Is Your Sensitive Data?
Where In The World Is Your Sensitive Data?Druva
 
Soundbytes from the Frontlines
Soundbytes from the FrontlinesSoundbytes from the Frontlines
Soundbytes from the FrontlinesDruva
 
Enterprise Data Privacy Quiz
Enterprise Data Privacy QuizEnterprise Data Privacy Quiz
Enterprise Data Privacy QuizDruva
 
Data Privacy Readiness Test
Data Privacy Readiness TestData Privacy Readiness Test
Data Privacy Readiness TestDruva
 
AWS reInvent: Building an enterprise class backup and archival solution on AWS
AWS reInvent: Building an enterprise class backup and archival solution on AWSAWS reInvent: Building an enterprise class backup and archival solution on AWS
AWS reInvent: Building an enterprise class backup and archival solution on AWSDruva
 
Why You Need Enterprise Backup
Why You Need Enterprise BackupWhy You Need Enterprise Backup
Why You Need Enterprise BackupDruva
 
CIO Cloud Security Checklist
CIO Cloud Security ChecklistCIO Cloud Security Checklist
CIO Cloud Security ChecklistDruva
 
Data in the Wild: Survival Guide
Data in the Wild: Survival GuideData in the Wild: Survival Guide
Data in the Wild: Survival GuideDruva
 
40 scary stats about data at risk
40 scary stats about data at risk40 scary stats about data at risk
40 scary stats about data at riskDruva
 
Druva inSync: Enterprise Endpoint Data Protection & Governance (Data Sheet)
Druva inSync: Enterprise Endpoint Data Protection & Governance (Data Sheet)Druva inSync: Enterprise Endpoint Data Protection & Governance (Data Sheet)
Druva inSync: Enterprise Endpoint Data Protection & Governance (Data Sheet)Druva
 
inSync Cloud FAQ
inSync Cloud FAQinSync Cloud FAQ
inSync Cloud FAQDruva
 
inSync FAQ
inSync FAQinSync FAQ
inSync FAQDruva
 
The Challenges of Windows XP Migration (infographic)
The Challenges of Windows XP Migration (infographic)The Challenges of Windows XP Migration (infographic)
The Challenges of Windows XP Migration (infographic)Druva
 
How Endpoint Mobility Kills Bare Metal Restore (infographic)
How Endpoint Mobility Kills Bare Metal Restore (infographic)How Endpoint Mobility Kills Bare Metal Restore (infographic)
How Endpoint Mobility Kills Bare Metal Restore (infographic)Druva
 

Mais de Druva (20)

Druva’s 2017 Ransomware Survey
Druva’s 2017 Ransomware Survey Druva’s 2017 Ransomware Survey
Druva’s 2017 Ransomware Survey
 
Rethink Server Backup and Regain Control
Rethink Server Backup and Regain ControlRethink Server Backup and Regain Control
Rethink Server Backup and Regain Control
 
Taking a Proactive Approach to Combat Ransomware [Druva Webinar]
Taking a Proactive Approach to Combat Ransomware [Druva Webinar]Taking a Proactive Approach to Combat Ransomware [Druva Webinar]
Taking a Proactive Approach to Combat Ransomware [Druva Webinar]
 
Getting a clue: uncovering the truth about your data with mobile forensics
Getting a clue: uncovering the truth about your data with mobile forensicsGetting a clue: uncovering the truth about your data with mobile forensics
Getting a clue: uncovering the truth about your data with mobile forensics
 
Where in the world is your PII and other sensitive data? by @druva inc
Where in the world is your PII and other sensitive data? by @druva incWhere in the world is your PII and other sensitive data? by @druva inc
Where in the world is your PII and other sensitive data? by @druva inc
 
Black Hat 2015 Survey: The Challenge of Data Sprawl
Black Hat 2015 Survey: The Challenge of Data SprawlBlack Hat 2015 Survey: The Challenge of Data Sprawl
Black Hat 2015 Survey: The Challenge of Data Sprawl
 
Where In The World Is Your Sensitive Data?
Where In The World Is Your Sensitive Data?Where In The World Is Your Sensitive Data?
Where In The World Is Your Sensitive Data?
 
Soundbytes from the Frontlines
Soundbytes from the FrontlinesSoundbytes from the Frontlines
Soundbytes from the Frontlines
 
Enterprise Data Privacy Quiz
Enterprise Data Privacy QuizEnterprise Data Privacy Quiz
Enterprise Data Privacy Quiz
 
Data Privacy Readiness Test
Data Privacy Readiness TestData Privacy Readiness Test
Data Privacy Readiness Test
 
AWS reInvent: Building an enterprise class backup and archival solution on AWS
AWS reInvent: Building an enterprise class backup and archival solution on AWSAWS reInvent: Building an enterprise class backup and archival solution on AWS
AWS reInvent: Building an enterprise class backup and archival solution on AWS
 
Why You Need Enterprise Backup
Why You Need Enterprise BackupWhy You Need Enterprise Backup
Why You Need Enterprise Backup
 
CIO Cloud Security Checklist
CIO Cloud Security ChecklistCIO Cloud Security Checklist
CIO Cloud Security Checklist
 
Data in the Wild: Survival Guide
Data in the Wild: Survival GuideData in the Wild: Survival Guide
Data in the Wild: Survival Guide
 
40 scary stats about data at risk
40 scary stats about data at risk40 scary stats about data at risk
40 scary stats about data at risk
 
Druva inSync: Enterprise Endpoint Data Protection & Governance (Data Sheet)
Druva inSync: Enterprise Endpoint Data Protection & Governance (Data Sheet)Druva inSync: Enterprise Endpoint Data Protection & Governance (Data Sheet)
Druva inSync: Enterprise Endpoint Data Protection & Governance (Data Sheet)
 
inSync Cloud FAQ
inSync Cloud FAQinSync Cloud FAQ
inSync Cloud FAQ
 
inSync FAQ
inSync FAQinSync FAQ
inSync FAQ
 
The Challenges of Windows XP Migration (infographic)
The Challenges of Windows XP Migration (infographic)The Challenges of Windows XP Migration (infographic)
The Challenges of Windows XP Migration (infographic)
 
How Endpoint Mobility Kills Bare Metal Restore (infographic)
How Endpoint Mobility Kills Bare Metal Restore (infographic)How Endpoint Mobility Kills Bare Metal Restore (infographic)
How Endpoint Mobility Kills Bare Metal Restore (infographic)
 

Último

Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 

Último (20)

Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 

Cloud Data Security and Privacy

  • 1. Security & Privacy of Cloud Data What You Need to Know Dave Packer, Vice President Product Marketing April, 2015
  • 2. 2Data Protection and Governance at the Edge “Druva has been a phenomenal answer to Dell for protecting our data” About Druva Company •  Fastest growing data protection and governance company •  Over 3,000 customers •  Protecting 3.0m+ endpoints globally Ranked #1 by Gartner two years running Data Protection 2014 Brad Hammack IT Emerging Technologies
  • 3. 3Data Protection and Governance at the Edge inSync Efficient Endpoint Backup to the Cloud
  • 4. 4Data Protection and Governance at the Edge Dramatic Shift in Cloud Adoption 2013 75%   25%   2014 20%   80%  
  • 5. 5Data Protection and Governance at the Edge The Global Hurdles of Cloud Adoption •  PRISM •  Sectoral Regulations o  HIPAA, FINRA, GLBA, COPPA, … •  Evolving Global Privacy Regulations o  EU, Germany, France, Russia, … •  Microsoft vs. United States •  Dropbox Transparency Report h"p://dlapiperdataprotec/on.com/  
  • 6. 6 2015: The Top Security Challenges Source: 451 Group – Wave 8 Report 2015 (preliminary note)
  • 7. 7Data Protection and Governance at the Edge But there’s the flip-side of the coin •  Almost all major breaches in 2014 were against on-premise systems •  Breaching the firewall can mean all systems become vulnerable (Sony) •  Breach attributions o  Malicious outsider: 50% o  Accidental loss / misplace: 25% o  Malicious Insider: 15%
  • 8. 8Data Protection and Governance at the Edge What  type  of  data  is  the  most  sensi/ve  to  your  business?     Other People’s Data the Top Concern 1%   18%   19%   22%   33%   37%   41%   46%   52%   0%   10%   20%   30%   40%   50%   60%   We  do  not  have  sensi/ve  business  data   Planning  and  strategy  documents   Payroll   Unregulated  customer  data  (emails,  order  history,  etc.)   Accoun/ng  and  financial   Intellectual  property   Personal  employee  informa/on  (SSNs,  phone  numbers,  etc.)   Password  or  authen/ca/on  creden/als   Regulated  customer  data  (credit  cards,  health  records,  etc.)  
  • 9. 9Data Protection and Governance at the Edge In  your  opinion,  which  environment  has  be"er     data  security  /  privacy  controls?   Cloud Security + Privacy Opinion is Changing On   premises   65%   Cloud   35%  
  • 10. 10Data Protection and Governance at the Edge h"p://techcrunch.com/2015/04/04/the-­‐cloud-­‐could-­‐be-­‐your-­‐best-­‐security-­‐bet/?ncid=txtlnkusaolp00000629#.z48jaw:4RNJ   •  The difference between 1 security team and 1000’s of security teams •  Data durability / resiliency and replication •  Expanding regional coverage •  However, you do need to scrutinize your cloud provider stack
  • 11. 11Data Protection and Governance at the Edge Common Cloud Security/Privacy Concerns •  Infrastructure Security: Where is the infrastructure? How is it controlled and to what extent certified? •  Data Security: How is the data encrypted in transit and stored at-rest? What is the durability of the data? •  Data Residency: What are the regional, cross-geography data controls? •  Data Privacy: What controls are in place to provide ethical walls? What data can my SaaS provider access? •  SaaS Security: What certifications and security controls does the SaaS provider have in place? IaaS Infrastructure: Compute + Storage PaaS Distributed Database Services SaaS Application Services
  • 12. 12Data Protection and Governance at the Edge As a Cloud Provider, Security = Survival •  SOC 1, SOC 2 & SOC 3 ISO 27001 •  PCI Level 1 •  FedRAMP •  AWS GovCloud (US) •  MPAA best practices alignment Customer are running SOX, HIPAA, FISMA, DIACAP MAC III sensitive ATO, ITAR, … Facilities Physical security Physical infrastructure Network infrastructure Virtualization infrastructure IaaS   PaaS  
  • 13. 13Data Protection and Governance at the Edge Distributed  Denial  Of   Service  (DDoS)  A>ack   Man  In  the  Middle   (MITM)  A>ack   Port  Scanning               Packet  sniffing  by   other  tenant         IP  Spoofing   Firewall  security   groups   Vulnerability  tesLng   Continuous Network Monitoring and Response •  Protects customer data from network attacks: o  Intercepting in-transit data o  System breaches o  Blocking/disrupting services
  • 14. 14Data Protection and Governance at the Edge AWS Global Footprint •  >1 million active customers across 190 countries •  900+ government agencies •  3,400+ educational institutions •  11 regions, including ITAR-compliant GovCloud and the new region in Germany •  28 availability zones •  53 edge locations
  • 15. 15Data Protection and Governance at the Edge SaaS Provider Needs Build the Proper Controls •  ✔ Infrastructure Security: Where is the infrastructure? How is it controlled and to what extent certified? •  Data Security: How is the data encrypted in transit and stored at-rest •  Data Residency: What are the regional, cross-geography data controls? •  Data Privacy: What controls are in place to provide ethical walls? What data can my SaaS provider access? •  SaaS Security: What certifications and security controls does the SaaS provider have in place? IaaS Infrastructure: Compute + Storage PaaS Distributed Database Services SaaS Application Services
  • 16. 16Data Protection and Governance at the Edge Most IaaS/PaaS Certifications Don’t Pass to the SaaS Level IaaS Infrastructure: Compute + Storage PaaS Distributed Database Services SaaS Application Services •  Druva Certifications & Audits o  ISAE-3000 o  TRUSTe certified privacy o  EU Safe Harbor o  HIPAA Audited •  Regular VAPT Testing (White Hat) •  SkyHigh CloudTrust program partner •  Audits renewed annually ISAE 3000 TRUSTe EU Safe Harbor HIPAA BAA Skyhigh Enterprise-Ready
  • 17. 17Data Protection and Governance at the Edge Addressing Enterprise Data Protection RequirementsUnderstand How Your Data is Stored S3 Buckets, Data Scrambling via Envelope Encryption Blocks-Only into Object Storage IaaS / Storage Layer (EC2, S3, Glacier) SSL   Global Deduplication (unique blocks) & Metadata Separation (data is dereferenced) PaaS Layer (DynamoDB) 256  AES   Data   Metadata  
  • 18. 18Data Protection and Governance at the Edge Encryption Key Models Vary Extensively Management  Method   Strength   Weakness   Keys  Stored  with  Data     •  Simple   •  Provider  access   •  System  wide  breach  poten/al   •  Consumer  designed   Keys  Stored  in  Escrow   •  No  provider  direct  access   •  S/ll  accessible  w/  subpoena,  warrant,  court   order     •  Key  rota/on,  management  may  be  needed   Key  Server   Keys  Stored  On-­‐premise   •  Secure,  no  provider  access   •  On-­‐premise  hardware,  must  be  managed   •  Introduces  system-­‐wide  failure  point   Envelope   Key  encrypted  in  cloud     •  Secure,  inaccessible  by  vendor   •  No  key  management   •  Session  based  key   •  No  access  =  provider  can’t  reset  client  key  
  • 19. 19Data Protection and Governance at the Edge Envelope Key Management & Encryption •  Works like a bank safety-deposit box o  Unique encryption key generated per customer o  Key itself is encrypted with customer credentials and stored as a token •  They key itself is inaccessible by anyone o  Only exists during the client session o  Never leaves the system o  Removes the need for key management •  Druva cannot access/decrypt customer data with stored token
  • 20. 20Data Protection and Governance at the Edge Authentication Controls (AD, SSO) Configurable Group Policies (Data Access, Sharing, Visibility) Full Admin and End-User Audit Trails SaaS Layer Application Addressing Enterprise Data Protection RequirementsSaaS Provider Security Approach Global Deduplication (unique blocks) & Metadata Separation (data is dereferenced) PaaS Layer (DynamoDB) S3 Buckets, Data Scrambling via Envelope Encryption Block-Only Object Storage IaaS / Storage Layer (EC2, S3, Glacier)
  • 21. 21 Lastly, Be Sure Data Privacy is Being Addressed Regional   Employee   Corporate   Scenario  
  • 22. 22Data Protection and Governance at the Edge Addressing Regional Data Regulations •  11 admin-selectable data storage regions, data stays within the region •  Administrator segregation and delegation with pre-defined granular access rights •  No ability for vendor to access key or stored data Corporate Privacy Regional Management •  Data residency •  Local administration •  Data Storage Privacy
  • 23. 23Data Protection and Governance at the Edge Walls for Corporate Data Privacy •  Policy group settings for classes via AD (Officers, Legal, …) restrict data visibility •  Full data auditing for compliance response for PHI & PII •  Proactive monitoring based on data classifications Corporate Privacy Material Data •  Officer data shielding •  Compliance auditing •  Tracking + monitoring
  • 24. 24Data Protection and Governance at the Edge Protecting Employee Privacy •  End-user privacy controls either by policy or opt-out feature (no admin data visibility) •  Containerization on mobile devices, extendable via MDM (MobileIron) •  Exclusionary settings for backup and collection process •  Admin visibility to audit trails restricted via policy Employee Privacy •  Privacy controls •  Data segregation •  Corporate visibility
  • 25. 25Data Protection and Governance at the Edge Scenario-based Privacy •  Delegated roles for compliance and legal counsel •  Full data and audit trail access for compliance, investigation and litigation requirements Scenario / Exceptions •  Compliance audits •  Investigations •  eDiscovery collection
  • 26. 26Data Protection and Governance at the Edge Key Takeaways •  Be sure to check the certifications and how they apply to the overall stack, just because the IaaS/PaaS is certified it doesn’t mean the SaaS layer is. •  For data residency ensure your cloud data isn’t moving around to non-compliant locations, have the vendor sign an agreement and show documented ability to comply •  Encryption models continue to evolve, make sure your provider can’t divulge your data without you knowing •  Data privacy laws are still emerging and tend to be ambiguous, best place to get the answers to stay compliant is working with your legal team, don’t guess
  • 27. 27 Questions? www.druva.com dave.packer@druva.com Thank You! The  Leader  in  Data  ProtecOon  and   Governance  at  the  Edge