SlideShare a Scribd company logo

CLOUD SECURITY FRAMEWORKS

Download as PPTX, PDF
Antoine COETSIER
Antoine COETSIER

With this short 15 min presentation done at the EPFL engineering school in Lausanne, May 2014, we brushed the concepts and recommandations when choosing and benchmarking cloud providers towards security. The Cloud Security Alliance framework is at the moment the best matrix to establish such evaluation as it embraces the full service offered by provider and not only one aspect like Datacenter or Helpdesk. Antoine Coetsier - CEO at Exoscale

Internet
1 of 19
Cloud Security Frameworks GITI May 8, 2014
about: me 2 CEO: Antoine Coetsier Infrastructure and datacenters expert Team and datacenter Manager for more than 10 years Experience Managing Director of exoscale since inception (2011) Responsible for strategy and cloud offering at VeePee (2008-2012) Systems Architect and Project Manager of large IT operations at Bouygues Telecom Education IT Engineer degree at École centrale d’Electronique (1999-2002) CCSK: Certificate of Cloud Security Knowledge (2012)
... an IaaS provider and beyond Cloud hosting based on latest technology  Flexible server and storage infrastructure  Trimmed for performance, intuitive usability and tooling Market place for value added applications  One-stop-shop to reduce infrastructure complexity for developers and sysadmins exoscale in a nutshell... The safe home for your cloud applications ... with a solid background Spin-off from Veltigroup  Started 2011 within Veltigroup Swiss company  Proximity to EMEA clients  Swiss data privacy standards IaaS: Infrastructure-as-a-Service EMEA: Europe, Middle East and Africa 3
exoscale offering overview Solid cloud hosting and add-on services 4 Open Cloud Open Cloud Compute Open Cloud Storage Managed Cloud Swiss Support Virtual data center Zones & Networking Market place / add-on services Vendor backed Transition product for business IT migrating to cloud – Hybrid Cloud Pure-play cloud offering (web-based purchase) Worldwide market pricing
Open Cloud compute: a unique portal One comprehensive portal for instance management, support, documentation and billing information
Migrating to a cloud service 6 1st concern is always security Existing guidelines are not fit for purpose –ISO 27001 –... What is the data at stake ? Dealing with issues
Cloud computing segmentation Traditionnal IT DC facilities Networking Storage Servers O/S Middleware Runtime Data Applications Youmanage IaaS O/S Middleware Runtime Data Applications Youmanage SaaS DC facilities Networking Storage Servers O/S Middleware Runtime Data Applications DeliveredasaService PaaS Data Applications Youmanage DC facilities Networking Storage Servers DeliveredasaService DC facilities Networking Storage Servers O/S Middleware Runtime DeliveredasaService
Roles and responsibilities Roles and responsibilities vary upon the cloud model chosen : –“The lower down the stack the cloud service provider stops, the more security capabilities and management consumers are responsible for implementing and managing themselves.” Security responsability ProviderCustomer
Existing frameworks 9 They focus on on aspect: –Datacenter –Acces control process –... Not on the service SCOPE PROBLEM
Framework for cloud services Best practices for providing security within the Cloud, Provide education for the use of Cloud solutions Define guidance and actionable documents Non profit organization formed to promote Established in 2008, gained significant traction in 2011 Not (too) commercial or one sided governed Alliance
Cloud Security Alliance +130 points dealing with a large scale of competences : – Data Governance – Facility – HR – Information Security – Legal – Risk Management – Security Architecture Define best practices in a Cloud Control Matrix (CCM) Commercial note: exoscale has documented all points of the CCM
Example 12 Human Resources Background Screening HRS-02 Pursuant to local laws, regulations, ethics, and contractual constraints, all employment candidates, contractors, and third parties shall be subject to background verification proportional to the data classification to be accessed, the business requirements, and acceptable risk. CAIQ: consensus assessments initiative questionnaire Data GovernanceClassificationDG-02 DG-02.1 Do you provide a capability to identify virtual machines via policy tags/metadata (ex. Tags can be used to limit g
Cloud Security Alliance mapping v 3 Released Controls baselined and mapped to: – COBIT – HIPAA / HITECH Act – ISO/IEC 27001-2005 – NISTSP800-53 – FedRAMP – PCI DSSv2.0 – BITS Shared Assessments – GAPP ... OCF Level 1 : The Cloud Control Matrix
Risk Management regarding data 14 What is the data at stake ? Personal/employees data Sensible data Regulated data Is this data meaning full or valuable to someone else ?
Data classification Any data we handle, has been classified in our systems and been given policies regarding the following actions: –Create –Store –Use –Share –Archive –Destroy Each class has its own rules and level of protection: Standard classes: –Low: civility,... –Medium: logs,... –High: authentication secret Special classes: –Credit card information: not stored –Forbidden information: racial, political,...
Reversibility 16 Using a cloud service, should not enable the transfer of ownership of the data As a general rule: –IaaS and PaaS services must stipulate that the data remains your property –SaaS services: look closely, especially for main stream services Can I reclaim/transmit data at any time? What happens in case of contract breach, bad SLAs, change of control of the provider, discontinuation of the service,... The answer has to be both technical and legal Ownership Reclaim
The key is contractual 17 Read the contract or terms and conditions Track changes –Initiatives like http://tosdr.org/ “Terms of Services: didn’t read” emerged
Wrap up 18 Classify your data Request a security alignment Review your contracts –Reversibility Hosting locally (in Switzerland) is easier –But does not prevent all the above
My recommendations Be ready ! 1.Test even if you do not have a business case 2.Make a proof of concept 3.Rent a tenant 4.Security is about CONTROL PROACTIVE REACTIVE

Recommended

1 App,
1 App, 1 App,
1 App, Antoine COETSIER
 
"The RMS Cloud" - Presented at the RAA's Cat Modeling Conference 2014
"The RMS Cloud" - Presented at the RAA's Cat Modeling Conference 2014 "The RMS Cloud" - Presented at the RAA's Cat Modeling Conference 2014
"The RMS Cloud" - Presented at the RAA's Cat Modeling Conference 2014 RMS
 
Maximize Software Investments with ePlus and Cisco ONE
Maximize Software Investments with ePlus and Cisco ONEMaximize Software Investments with ePlus and Cisco ONE
Maximize Software Investments with ePlus and Cisco ONEePlus
 
Security Building Blocks of the IBM Cloud Computing Reference Architecture
Security Building Blocks of the IBM Cloud Computing Reference ArchitectureSecurity Building Blocks of the IBM Cloud Computing Reference Architecture
Security Building Blocks of the IBM Cloud Computing Reference ArchitectureStefaan Van daele
 
Cloud Security Standards: What to Expect and What to Negotiate V2.0
Cloud Security Standards: What to Expect and What to Negotiate V2.0Cloud Security Standards: What to Expect and What to Negotiate V2.0
Cloud Security Standards: What to Expect and What to Negotiate V2.0Cloud Standards Customer Council
 
Open Digital Framework from TMFORUM
Open Digital Framework from TMFORUMOpen Digital Framework from TMFORUM
Open Digital Framework from TMFORUMMaganathin Veeraragaloo
 
SaaS Challenges & Security Concerns
SaaS Challenges & Security ConcernsSaaS Challenges & Security Concerns
SaaS Challenges & Security ConcernsKannan Subbiah
 
Cloud Security ("securing the cloud")
Cloud Security ("securing the cloud")Cloud Security ("securing the cloud")
Cloud Security ("securing the cloud")Vic Winkler
 

Recommended

1 App,
1 App, 1 App,
1 App, Antoine COETSIER
 
"The RMS Cloud" - Presented at the RAA's Cat Modeling Conference 2014
"The RMS Cloud" - Presented at the RAA's Cat Modeling Conference 2014 "The RMS Cloud" - Presented at the RAA's Cat Modeling Conference 2014
"The RMS Cloud" - Presented at the RAA's Cat Modeling Conference 2014 RMS
 
Maximize Software Investments with ePlus and Cisco ONE
Maximize Software Investments with ePlus and Cisco ONEMaximize Software Investments with ePlus and Cisco ONE
Maximize Software Investments with ePlus and Cisco ONEePlus
 
Security Building Blocks of the IBM Cloud Computing Reference Architecture
Security Building Blocks of the IBM Cloud Computing Reference ArchitectureSecurity Building Blocks of the IBM Cloud Computing Reference Architecture
Security Building Blocks of the IBM Cloud Computing Reference ArchitectureStefaan Van daele
 
Cloud Security Standards: What to Expect and What to Negotiate V2.0
Cloud Security Standards: What to Expect and What to Negotiate V2.0Cloud Security Standards: What to Expect and What to Negotiate V2.0
Cloud Security Standards: What to Expect and What to Negotiate V2.0Cloud Standards Customer Council
 
Open Digital Framework from TMFORUM
Open Digital Framework from TMFORUMOpen Digital Framework from TMFORUM
Open Digital Framework from TMFORUMMaganathin Veeraragaloo
 
SaaS Challenges & Security Concerns
SaaS Challenges & Security ConcernsSaaS Challenges & Security Concerns
SaaS Challenges & Security ConcernsKannan Subbiah
 
Cloud Security ("securing the cloud")
Cloud Security ("securing the cloud")Cloud Security ("securing the cloud")
Cloud Security ("securing the cloud")Vic Winkler
 
NetScaler: One Device, Every Need Guiding Enterprise IT to New Heights
NetScaler: One Device, Every Need Guiding Enterprise IT to New HeightsNetScaler: One Device, Every Need Guiding Enterprise IT to New Heights
NetScaler: One Device, Every Need Guiding Enterprise IT to New HeightsePlus
 
ePlus Virtualized Network
ePlus Virtualized NetworkePlus Virtualized Network
ePlus Virtualized NetworkePlus
 
Chap 6 cloud security
Chap 6 cloud securityChap 6 cloud security
Chap 6 cloud securityRaj Sarode
 
Glue con2011 future_of_net_systems
Glue con2011 future_of_net_systemsGlue con2011 future_of_net_systems
Glue con2011 future_of_net_systemsJames Urquhart
 
Cloud Security
Cloud SecurityCloud Security
Cloud SecurityAWS User Group Bengaluru
 
Security As A Service
Security As A ServiceSecurity As A Service
Security As A Serviceguest536dd0e
 
Powering IT Transformation For Any Business
Powering IT Transformation For Any BusinessPowering IT Transformation For Any Business
Powering IT Transformation For Any BusinessePlus
 
Cloud security training, certified cloud security professional
Cloud security training, certified cloud security professionalCloud security training, certified cloud security professional
Cloud security training, certified cloud security professionalBryan Len
 
CCSK Certificate of Cloud Computing Knowledge - overview
CCSK Certificate of Cloud Computing Knowledge - overviewCCSK Certificate of Cloud Computing Knowledge - overview
CCSK Certificate of Cloud Computing Knowledge - overviewPeter HJ van Eijk
 
Infrastructure-as-a-Service (IaaS)
Infrastructure-as-a-Service (IaaS)Infrastructure-as-a-Service (IaaS)
Infrastructure-as-a-Service (IaaS)InTechnology Managed Services (part of Redcentric)
 
Addressing the Cyber-Security Landscape
Addressing the Cyber-Security LandscapeAddressing the Cyber-Security Landscape
Addressing the Cyber-Security LandscapeePlus
 
Get Informed About Cloud Computing for Enterprise IT by Opus Interactive
Get Informed About Cloud Computing for Enterprise IT by Opus InteractiveGet Informed About Cloud Computing for Enterprise IT by Opus Interactive
Get Informed About Cloud Computing for Enterprise IT by Opus Interactivejerianasmith
 
Enterprise Security in Hybrid Cloud ISACA-SV 2012
Enterprise Security in Hybrid Cloud ISACA-SV 2012Enterprise Security in Hybrid Cloud ISACA-SV 2012
Enterprise Security in Hybrid Cloud ISACA-SV 2012Symosis Security (Previously C-Level Security)
 
Data security in the cloud
Data security in the cloud Data security in the cloud
Data security in the cloud IBM Security
 
Xaas infotech (2)
Xaas infotech (2)Xaas infotech (2)
Xaas infotech (2)Prabod Abhinov Gunupudi
 
Security Architecture Best Practices for SaaS Applications
Security Architecture Best Practices for SaaS ApplicationsSecurity Architecture Best Practices for SaaS Applications
Security Architecture Best Practices for SaaS ApplicationsTechcello
 
Getting Your IT Security Learners Ready for the Cloud with CCSK Certification
Getting Your IT Security Learners Ready for the Cloud with CCSK CertificationGetting Your IT Security Learners Ready for the Cloud with CCSK Certification
Getting Your IT Security Learners Ready for the Cloud with CCSK CertificationITpreneurs
 
The Share Responsibility Model of Cloud Computing - ILTA NYC
The Share Responsibility Model of Cloud Computing - ILTA NYCThe Share Responsibility Model of Cloud Computing - ILTA NYC
The Share Responsibility Model of Cloud Computing - ILTA NYCPatrick Sklodowski
 
Cloud Computing Security Challenges
Cloud Computing Security ChallengesCloud Computing Security Challenges
Cloud Computing Security ChallengesYateesh Yadav
 
ePlus Intelligent Branch
ePlus Intelligent BranchePlus Intelligent Branch
ePlus Intelligent BranchePlus
 
exoscale at the CloudStack User Group London - June 26th 2014
exoscale at the CloudStack User Group London - June 26th 2014exoscale at the CloudStack User Group London - June 26th 2014
exoscale at the CloudStack User Group London - June 26th 2014Antoine COETSIER
 
CoreOS and cloud provider integration: simple cloud-init example at Exoscale
CoreOS and cloud provider integration: simple cloud-init example at ExoscaleCoreOS and cloud provider integration: simple cloud-init example at Exoscale
CoreOS and cloud provider integration: simple cloud-init example at ExoscaleAntoine COETSIER
 

More Related Content

What's hot

NetScaler: One Device, Every Need Guiding Enterprise IT to New Heights
NetScaler: One Device, Every Need Guiding Enterprise IT to New HeightsNetScaler: One Device, Every Need Guiding Enterprise IT to New Heights
NetScaler: One Device, Every Need Guiding Enterprise IT to New HeightsePlus
 
ePlus Virtualized Network
ePlus Virtualized NetworkePlus Virtualized Network
ePlus Virtualized NetworkePlus
 
Chap 6 cloud security
Chap 6 cloud securityChap 6 cloud security
Chap 6 cloud securityRaj Sarode
 
Glue con2011 future_of_net_systems
Glue con2011 future_of_net_systemsGlue con2011 future_of_net_systems
Glue con2011 future_of_net_systemsJames Urquhart
 
Security As A Service
Security As A ServiceSecurity As A Service
Security As A Serviceguest536dd0e
 
Powering IT Transformation For Any Business
Powering IT Transformation For Any BusinessPowering IT Transformation For Any Business
Powering IT Transformation For Any BusinessePlus
 
Cloud security training, certified cloud security professional
Cloud security training, certified cloud security professionalCloud security training, certified cloud security professional
Cloud security training, certified cloud security professionalBryan Len
 
CCSK Certificate of Cloud Computing Knowledge - overview
CCSK Certificate of Cloud Computing Knowledge - overviewCCSK Certificate of Cloud Computing Knowledge - overview
CCSK Certificate of Cloud Computing Knowledge - overviewPeter HJ van Eijk
 
Addressing the Cyber-Security Landscape
Addressing the Cyber-Security LandscapeAddressing the Cyber-Security Landscape
Addressing the Cyber-Security LandscapeePlus
 
Get Informed About Cloud Computing for Enterprise IT by Opus Interactive
Get Informed About Cloud Computing for Enterprise IT by Opus InteractiveGet Informed About Cloud Computing for Enterprise IT by Opus Interactive
Get Informed About Cloud Computing for Enterprise IT by Opus Interactivejerianasmith
 
Data security in the cloud
Data security in the cloud Data security in the cloud
Data security in the cloud IBM Security
 
Security Architecture Best Practices for SaaS Applications
Security Architecture Best Practices for SaaS ApplicationsSecurity Architecture Best Practices for SaaS Applications
Security Architecture Best Practices for SaaS ApplicationsTechcello
 
Getting Your IT Security Learners Ready for the Cloud with CCSK Certification
Getting Your IT Security Learners Ready for the Cloud with CCSK CertificationGetting Your IT Security Learners Ready for the Cloud with CCSK Certification
Getting Your IT Security Learners Ready for the Cloud with CCSK CertificationITpreneurs
 
The Share Responsibility Model of Cloud Computing - ILTA NYC
The Share Responsibility Model of Cloud Computing - ILTA NYCThe Share Responsibility Model of Cloud Computing - ILTA NYC
The Share Responsibility Model of Cloud Computing - ILTA NYCPatrick Sklodowski
 
Cloud Computing Security Challenges
Cloud Computing Security ChallengesCloud Computing Security Challenges
Cloud Computing Security ChallengesYateesh Yadav
 
ePlus Intelligent Branch
ePlus Intelligent BranchePlus Intelligent Branch
ePlus Intelligent BranchePlus
 

What's hot (20)

NetScaler: One Device, Every Need Guiding Enterprise IT to New Heights
NetScaler: One Device, Every Need Guiding Enterprise IT to New HeightsNetScaler: One Device, Every Need Guiding Enterprise IT to New Heights
NetScaler: One Device, Every Need Guiding Enterprise IT to New Heights
 
ePlus Virtualized Network
ePlus Virtualized NetworkePlus Virtualized Network
ePlus Virtualized Network
 
Chap 6 cloud security
Chap 6 cloud securityChap 6 cloud security
Chap 6 cloud security
 
Glue con2011 future_of_net_systems
Glue con2011 future_of_net_systemsGlue con2011 future_of_net_systems
Glue con2011 future_of_net_systems
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
 
Security As A Service
Security As A ServiceSecurity As A Service
Security As A Service
 
Powering IT Transformation For Any Business
Powering IT Transformation For Any BusinessPowering IT Transformation For Any Business
Powering IT Transformation For Any Business
 
Cloud security training, certified cloud security professional
Cloud security training, certified cloud security professionalCloud security training, certified cloud security professional
Cloud security training, certified cloud security professional
 
CCSK Certificate of Cloud Computing Knowledge - overview
CCSK Certificate of Cloud Computing Knowledge - overviewCCSK Certificate of Cloud Computing Knowledge - overview
CCSK Certificate of Cloud Computing Knowledge - overview
 
Infrastructure-as-a-Service (IaaS)
Infrastructure-as-a-Service (IaaS)Infrastructure-as-a-Service (IaaS)
Infrastructure-as-a-Service (IaaS)
 
Addressing the Cyber-Security Landscape
Addressing the Cyber-Security LandscapeAddressing the Cyber-Security Landscape
Addressing the Cyber-Security Landscape
 
Get Informed About Cloud Computing for Enterprise IT by Opus Interactive
Get Informed About Cloud Computing for Enterprise IT by Opus InteractiveGet Informed About Cloud Computing for Enterprise IT by Opus Interactive
Get Informed About Cloud Computing for Enterprise IT by Opus Interactive
 
Enterprise Security in Hybrid Cloud ISACA-SV 2012
Enterprise Security in Hybrid Cloud ISACA-SV 2012Enterprise Security in Hybrid Cloud ISACA-SV 2012
Enterprise Security in Hybrid Cloud ISACA-SV 2012
 
Data security in the cloud
Data security in the cloud Data security in the cloud
Data security in the cloud
 
Xaas infotech (2)
Xaas infotech (2)Xaas infotech (2)
Xaas infotech (2)
 
Security Architecture Best Practices for SaaS Applications
Security Architecture Best Practices for SaaS ApplicationsSecurity Architecture Best Practices for SaaS Applications
Security Architecture Best Practices for SaaS Applications
 
Getting Your IT Security Learners Ready for the Cloud with CCSK Certification
Getting Your IT Security Learners Ready for the Cloud with CCSK CertificationGetting Your IT Security Learners Ready for the Cloud with CCSK Certification
Getting Your IT Security Learners Ready for the Cloud with CCSK Certification
 
The Share Responsibility Model of Cloud Computing - ILTA NYC
The Share Responsibility Model of Cloud Computing - ILTA NYCThe Share Responsibility Model of Cloud Computing - ILTA NYC
The Share Responsibility Model of Cloud Computing - ILTA NYC
 
Cloud Computing Security Challenges
Cloud Computing Security ChallengesCloud Computing Security Challenges
Cloud Computing Security Challenges
 
ePlus Intelligent Branch
ePlus Intelligent BranchePlus Intelligent Branch
ePlus Intelligent Branch
 

Viewers also liked

exoscale at the CloudStack User Group London - June 26th 2014
exoscale at the CloudStack User Group London - June 26th 2014exoscale at the CloudStack User Group London - June 26th 2014
exoscale at the CloudStack User Group London - June 26th 2014Antoine COETSIER
 
CoreOS and cloud provider integration: simple cloud-init example at Exoscale
CoreOS and cloud provider integration: simple cloud-init example at ExoscaleCoreOS and cloud provider integration: simple cloud-init example at Exoscale
CoreOS and cloud provider integration: simple cloud-init example at ExoscaleAntoine COETSIER
 
Can you trust the cloud provider?
Can you trust the cloud provider?Can you trust the cloud provider?
Can you trust the cloud provider?Antoine COETSIER
 
Personalized search
Personalized searchPersonalized search
Personalized searchToine Bogers
 
해외 사례로 보는 Billing for OpenStack Solution
해외 사례로 보는 Billing for OpenStack Solution해외 사례로 보는 Billing for OpenStack Solution
해외 사례로 보는 Billing for OpenStack SolutionNalee Jang
 
Facebook to provide free internet for all
Facebook to provide free internet for allFacebook to provide free internet for all
Facebook to provide free internet for allThe Story Teller Travel
 
Exoscale: a swiss cloud provider built with Apache Cloudstack
Exoscale: a swiss cloud provider built with Apache CloudstackExoscale: a swiss cloud provider built with Apache Cloudstack
Exoscale: a swiss cloud provider built with Apache CloudstackAntoine COETSIER
 
盧廣《中國的污染》
盧廣《中國的污染》盧廣《中國的污染》
盧廣《中國的污染》saymynames
 
Quantum computing - Introduction
Quantum computing - IntroductionQuantum computing - Introduction
Quantum computing - Introductionrushmila
 
Autonomous Vehicles: Technologies, Economics, and Opportunities
Autonomous Vehicles: Technologies, Economics, and OpportunitiesAutonomous Vehicles: Technologies, Economics, and Opportunities
Autonomous Vehicles: Technologies, Economics, and OpportunitiesJeffrey Funk
 
Sensors and Data Management for Autonomous Vehicles report 2015 by Yole Devel...
Sensors and Data Management for Autonomous Vehicles report 2015 by Yole Devel...Sensors and Data Management for Autonomous Vehicles report 2015 by Yole Devel...
Sensors and Data Management for Autonomous Vehicles report 2015 by Yole Devel...Yole Developpement
 
Speech recognition
Speech recognitionSpeech recognition
Speech recognitionCharu Joshi
 
Quantum computing - A Compilation of Concepts
Quantum computing - A Compilation of ConceptsQuantum computing - A Compilation of Concepts
Quantum computing - A Compilation of ConceptsGokul Alex
 
Neural network & its applications
Neural network & its applications Neural network & its applications
Neural network & its applications Ahmed_hashmi
 
The Race to 2021: The State of Autonomous Vehicles and a "Who's Who" of Indus...
The Race to 2021: The State of Autonomous Vehicles and a "Who's Who" of Indus...The Race to 2021: The State of Autonomous Vehicles and a "Who's Who" of Indus...
The Race to 2021: The State of Autonomous Vehicles and a "Who's Who" of Indus...Altimeter, a Prophet Company
 

Viewers also liked (20)

exoscale at the CloudStack User Group London - June 26th 2014
exoscale at the CloudStack User Group London - June 26th 2014exoscale at the CloudStack User Group London - June 26th 2014
exoscale at the CloudStack User Group London - June 26th 2014
 
CoreOS and cloud provider integration: simple cloud-init example at Exoscale
CoreOS and cloud provider integration: simple cloud-init example at ExoscaleCoreOS and cloud provider integration: simple cloud-init example at Exoscale
CoreOS and cloud provider integration: simple cloud-init example at Exoscale
 
Can you trust the cloud provider?
Can you trust the cloud provider?Can you trust the cloud provider?
Can you trust the cloud provider?
 
Personalized search
Personalized searchPersonalized search
Personalized search
 
해외 사례로 보는 Billing for OpenStack Solution
해외 사례로 보는 Billing for OpenStack Solution해외 사례로 보는 Billing for OpenStack Solution
해외 사례로 보는 Billing for OpenStack Solution
 
Personalized Web Search
Personalized Web SearchPersonalized Web Search
Personalized Web Search
 
Facebook to provide free internet for all
Facebook to provide free internet for allFacebook to provide free internet for all
Facebook to provide free internet for all
 
Intoduction to Neural Network
Intoduction to Neural NetworkIntoduction to Neural Network
Intoduction to Neural Network
 
Neural
NeuralNeural
Neural
 
Exoscale: a swiss cloud provider built with Apache Cloudstack
Exoscale: a swiss cloud provider built with Apache CloudstackExoscale: a swiss cloud provider built with Apache Cloudstack
Exoscale: a swiss cloud provider built with Apache Cloudstack
 
盧廣《中國的污染》
盧廣《中國的污染》盧廣《中國的污染》
盧廣《中國的污染》
 
Amazon Echo
Amazon EchoAmazon Echo
Amazon Echo
 
Quantum computing - Introduction
Quantum computing - IntroductionQuantum computing - Introduction
Quantum computing - Introduction
 
Autonomous Vehicles: Technologies, Economics, and Opportunities
Autonomous Vehicles: Technologies, Economics, and OpportunitiesAutonomous Vehicles: Technologies, Economics, and Opportunities
Autonomous Vehicles: Technologies, Economics, and Opportunities
 
Smart note-taker
Smart note-takerSmart note-taker
Smart note-taker
 
Sensors and Data Management for Autonomous Vehicles report 2015 by Yole Devel...
Sensors and Data Management for Autonomous Vehicles report 2015 by Yole Devel...Sensors and Data Management for Autonomous Vehicles report 2015 by Yole Devel...
Sensors and Data Management for Autonomous Vehicles report 2015 by Yole Devel...
 
Speech recognition
Speech recognitionSpeech recognition
Speech recognition
 
Quantum computing - A Compilation of Concepts
Quantum computing - A Compilation of ConceptsQuantum computing - A Compilation of Concepts
Quantum computing - A Compilation of Concepts
 
Neural network & its applications
Neural network & its applications Neural network & its applications
Neural network & its applications
 
The Race to 2021: The State of Autonomous Vehicles and a "Who's Who" of Indus...
The Race to 2021: The State of Autonomous Vehicles and a "Who's Who" of Indus...The Race to 2021: The State of Autonomous Vehicles and a "Who's Who" of Indus...
The Race to 2021: The State of Autonomous Vehicles and a "Who's Who" of Indus...
 

Similar to CLOUD SECURITY FRAMEWORKS

Accelerated Saa S Exec Briefing V2
Accelerated Saa S Exec Briefing V2Accelerated Saa S Exec Briefing V2
Accelerated Saa S Exec Briefing V2jeffirby
 
Presentation cisco cloud security
Presentation cisco cloud securityPresentation cisco cloud security
Presentation cisco cloud securityxKinAnx
 
Architecting Data Services for the Cloud: Security Considerations and Best Pr...
Architecting Data Services for the Cloud: Security Considerations and Best Pr...Architecting Data Services for the Cloud: Security Considerations and Best Pr...
Architecting Data Services for the Cloud: Security Considerations and Best Pr...Adnene Guabtni
 
Imperative Induced Innovation - Patrick W. Dowd, Ph. D
Imperative Induced Innovation - Patrick W. Dowd, Ph. DImperative Induced Innovation - Patrick W. Dowd, Ph. D
Imperative Induced Innovation - Patrick W. Dowd, Ph. Dscoopnewsgroup
 
glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)
glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)
glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)Glenn Ambler
 
Aerohive Networks e ZScaler, le soluzioni tecnologiche per il nuovo ecosistem...
Aerohive Networks e ZScaler, le soluzioni tecnologiche per il nuovo ecosistem...Aerohive Networks e ZScaler, le soluzioni tecnologiche per il nuovo ecosistem...
Aerohive Networks e ZScaler, le soluzioni tecnologiche per il nuovo ecosistem...Miriade Spa
 
Deliver Business Value Through Cloud Computing
Deliver Business Value Through Cloud ComputingDeliver Business Value Through Cloud Computing
Deliver Business Value Through Cloud Computingduncanhawkins
 
Cloud security for banks - the central bank of Israel regulations for cloud s...
Cloud security for banks - the central bank of Israel regulations for cloud s...Cloud security for banks - the central bank of Israel regulations for cloud s...
Cloud security for banks - the central bank of Israel regulations for cloud s...Moshe Ferber
 
Effectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing ParadigmEffectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing Paradigmfanc1985
 
The Canopy Cloud Vision
The Canopy Cloud VisionThe Canopy Cloud Vision
The Canopy Cloud VisionThomas Kunz
 
Keys to success and security in the cloud
Keys to success and security in the cloudKeys to success and security in the cloud
Keys to success and security in the cloudScalar Decisions
 
Keys-to-Success-and-Security-in-the-Cloud
Keys-to-Success-and-Security-in-the-CloudKeys-to-Success-and-Security-in-the-Cloud
Keys-to-Success-and-Security-in-the-Cloudpatmisasi
 
2014 2nd me cloud conference trust in the cloud v01
2014 2nd me cloud conference trust in the cloud v012014 2nd me cloud conference trust in the cloud v01
2014 2nd me cloud conference trust in the cloud v01promediakw
 
Emerging Technology in the Cloud! Real Life Examples. Pol Mac Aonghusa
Emerging Technology in the Cloud! Real Life Examples. Pol Mac AonghusaEmerging Technology in the Cloud! Real Life Examples. Pol Mac Aonghusa
Emerging Technology in the Cloud! Real Life Examples. Pol Mac Aonghusacatherinewall
 
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah Sheikh
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah SheikhISACA Journal Publication - Does your Cloud have a Secure Lining? Shah Sheikh
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah SheikhShah Sheikh
 

Similar to CLOUD SECURITY FRAMEWORKS (20)

5787355.ppt
5787355.ppt5787355.ppt
5787355.ppt
 
Accelerated Saa S Exec Briefing V2
Accelerated Saa S Exec Briefing V2Accelerated Saa S Exec Briefing V2
Accelerated Saa S Exec Briefing V2
 
SAP HANA Cloud Security
SAP HANA Cloud SecuritySAP HANA Cloud Security
SAP HANA Cloud Security
 
Presentation cisco cloud security
Presentation cisco cloud securityPresentation cisco cloud security
Presentation cisco cloud security
 
Architecting Data Services for the Cloud: Security Considerations and Best Pr...
Architecting Data Services for the Cloud: Security Considerations and Best Pr...Architecting Data Services for the Cloud: Security Considerations and Best Pr...
Architecting Data Services for the Cloud: Security Considerations and Best Pr...
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
 
Imperative Induced Innovation - Patrick W. Dowd, Ph. D
Imperative Induced Innovation - Patrick W. Dowd, Ph. DImperative Induced Innovation - Patrick W. Dowd, Ph. D
Imperative Induced Innovation - Patrick W. Dowd, Ph. D
 
glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)
glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)
glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)
 
Cloud services and it security
Cloud services and it securityCloud services and it security
Cloud services and it security
 
Securing The Journey To The Cloud
Securing The Journey To The Cloud Securing The Journey To The Cloud
Securing The Journey To The Cloud
 
Aerohive Networks e ZScaler, le soluzioni tecnologiche per il nuovo ecosistem...
Aerohive Networks e ZScaler, le soluzioni tecnologiche per il nuovo ecosistem...Aerohive Networks e ZScaler, le soluzioni tecnologiche per il nuovo ecosistem...
Aerohive Networks e ZScaler, le soluzioni tecnologiche per il nuovo ecosistem...
 
Deliver Business Value Through Cloud Computing
Deliver Business Value Through Cloud ComputingDeliver Business Value Through Cloud Computing
Deliver Business Value Through Cloud Computing
 
Cloud security for banks - the central bank of Israel regulations for cloud s...
Cloud security for banks - the central bank of Israel regulations for cloud s...Cloud security for banks - the central bank of Israel regulations for cloud s...
Cloud security for banks - the central bank of Israel regulations for cloud s...
 
Effectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing ParadigmEffectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing Paradigm
 
The Canopy Cloud Vision
The Canopy Cloud VisionThe Canopy Cloud Vision
The Canopy Cloud Vision
 
Keys to success and security in the cloud
Keys to success and security in the cloudKeys to success and security in the cloud
Keys to success and security in the cloud
 
Keys-to-Success-and-Security-in-the-Cloud
Keys-to-Success-and-Security-in-the-CloudKeys-to-Success-and-Security-in-the-Cloud
Keys-to-Success-and-Security-in-the-Cloud
 
2014 2nd me cloud conference trust in the cloud v01
2014 2nd me cloud conference trust in the cloud v012014 2nd me cloud conference trust in the cloud v01
2014 2nd me cloud conference trust in the cloud v01
 
Emerging Technology in the Cloud! Real Life Examples. Pol Mac Aonghusa
Emerging Technology in the Cloud! Real Life Examples. Pol Mac AonghusaEmerging Technology in the Cloud! Real Life Examples. Pol Mac Aonghusa
Emerging Technology in the Cloud! Real Life Examples. Pol Mac Aonghusa
 
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah Sheikh
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah SheikhISACA Journal Publication - Does your Cloud have a Secure Lining? Shah Sheikh
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah Sheikh
 

Recently uploaded

Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Russian Call girls in Dubai +971563133746 Dubai Call girls
Russian Call girls in Dubai +971563133746 Dubai Call girlsRussian Call girls in Dubai +971563133746 Dubai Call girls
Russian Call girls in Dubai +971563133746 Dubai Call girlsstephieert
 
Call Girls in Mayur Vihar ✔️ 9711199171 ✔️ Delhi ✔️ Enjoy Call Girls With Our...
Call Girls in Mayur Vihar ✔️ 9711199171 ✔️ Delhi ✔️ Enjoy Call Girls With Our...Call Girls in Mayur Vihar ✔️ 9711199171 ✔️ Delhi ✔️ Enjoy Call Girls With Our...
Call Girls in Mayur Vihar ✔️ 9711199171 ✔️ Delhi ✔️ Enjoy Call Girls With Our...sonatiwari757
 
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...Diya Sharma
 
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxellan12
 
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...aditipandeya
 
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night StandHot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Standkumarajju5765
 
How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)Damian Radcliffe
 
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call GirlVIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girladitipandeya
 
✂️ 👅 Independent Andheri Escorts With Room Vashi Call Girls 💃 9004004663
✂️ 👅 Independent Andheri Escorts With Room Vashi Call Girls 💃 9004004663✂️ 👅 Independent Andheri Escorts With Room Vashi Call Girls 💃 9004004663
✂️ 👅 Independent Andheri Escorts With Room Vashi Call Girls 💃 9004004663Call Girls Mumbai
 
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445ruhi
 
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...SofiyaSharma5
 
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Call Girls in Nagpur High Profile
 
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl ServiceRussian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl Servicegwenoracqe6
 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024APNIC
 

Recently uploaded (20)

Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
 
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
Call Girls In Noida 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In Noida 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICECall Girls In Noida 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In Noida 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
 
Russian Call girls in Dubai +971563133746 Dubai Call girls
Russian Call girls in Dubai +971563133746 Dubai Call girlsRussian Call girls in Dubai +971563133746 Dubai Call girls
Russian Call girls in Dubai +971563133746 Dubai Call girls
 
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
Call Girls in Mayur Vihar ✔️ 9711199171 ✔️ Delhi ✔️ Enjoy Call Girls With Our...
Call Girls in Mayur Vihar ✔️ 9711199171 ✔️ Delhi ✔️ Enjoy Call Girls With Our...Call Girls in Mayur Vihar ✔️ 9711199171 ✔️ Delhi ✔️ Enjoy Call Girls With Our...
Call Girls in Mayur Vihar ✔️ 9711199171 ✔️ Delhi ✔️ Enjoy Call Girls With Our...
 
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
 
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
 
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
 
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
 
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night StandHot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
 
How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)
 
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call GirlVIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
 
✂️ 👅 Independent Andheri Escorts With Room Vashi Call Girls 💃 9004004663
✂️ 👅 Independent Andheri Escorts With Room Vashi Call Girls 💃 9004004663✂️ 👅 Independent Andheri Escorts With Room Vashi Call Girls 💃 9004004663
✂️ 👅 Independent Andheri Escorts With Room Vashi Call Girls 💃 9004004663
 
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
 
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
 
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
 
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICECall Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
 
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl ServiceRussian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
 

CLOUD SECURITY FRAMEWORKS

  • 2. about: me 2 CEO: Antoine Coetsier Infrastructure and datacenters expert Team and datacenter Manager for more than 10 years Experience Managing Director of exoscale since inception (2011) Responsible for strategy and cloud offering at VeePee (2008-2012) Systems Architect and Project Manager of large IT operations at Bouygues Telecom Education IT Engineer degree at École centrale d’Electronique (1999-2002) CCSK: Certificate of Cloud Security Knowledge (2012)
  • 3. ... an IaaS provider and beyond Cloud hosting based on latest technology  Flexible server and storage infrastructure  Trimmed for performance, intuitive usability and tooling Market place for value added applications  One-stop-shop to reduce infrastructure complexity for developers and sysadmins exoscale in a nutshell... The safe home for your cloud applications ... with a solid background Spin-off from Veltigroup  Started 2011 within Veltigroup Swiss company  Proximity to EMEA clients  Swiss data privacy standards IaaS: Infrastructure-as-a-Service EMEA: Europe, Middle East and Africa 3
  • 4. exoscale offering overview Solid cloud hosting and add-on services 4 Open Cloud Open Cloud Compute Open Cloud Storage Managed Cloud Swiss Support Virtual data center Zones & Networking Market place / add-on services Vendor backed Transition product for business IT migrating to cloud – Hybrid Cloud Pure-play cloud offering (web-based purchase) Worldwide market pricing
  • 5. Open Cloud compute: a unique portal One comprehensive portal for instance management, support, documentation and billing information
  • 6. Migrating to a cloud service 6 1st concern is always security Existing guidelines are not fit for purpose –ISO 27001 –... What is the data at stake ? Dealing with issues
  • 7. Cloud computing segmentation Traditionnal IT DC facilities Networking Storage Servers O/S Middleware Runtime Data Applications Youmanage IaaS O/S Middleware Runtime Data Applications Youmanage SaaS DC facilities Networking Storage Servers O/S Middleware Runtime Data Applications DeliveredasaService PaaS Data Applications Youmanage DC facilities Networking Storage Servers DeliveredasaService DC facilities Networking Storage Servers O/S Middleware Runtime DeliveredasaService
  • 8. Roles and responsibilities Roles and responsibilities vary upon the cloud model chosen : –“The lower down the stack the cloud service provider stops, the more security capabilities and management consumers are responsible for implementing and managing themselves.” Security responsability ProviderCustomer
  • 9. Existing frameworks 9 They focus on on aspect: –Datacenter –Acces control process –... Not on the service SCOPE PROBLEM
  • 10. Framework for cloud services Best practices for providing security within the Cloud, Provide education for the use of Cloud solutions Define guidance and actionable documents Non profit organization formed to promote Established in 2008, gained significant traction in 2011 Not (too) commercial or one sided governed Alliance
  • 11. Cloud Security Alliance +130 points dealing with a large scale of competences : – Data Governance – Facility – HR – Information Security – Legal – Risk Management – Security Architecture Define best practices in a Cloud Control Matrix (CCM) Commercial note: exoscale has documented all points of the CCM
  • 12. Example 12 Human Resources Background Screening HRS-02 Pursuant to local laws, regulations, ethics, and contractual constraints, all employment candidates, contractors, and third parties shall be subject to background verification proportional to the data classification to be accessed, the business requirements, and acceptable risk. CAIQ: consensus assessments initiative questionnaire Data GovernanceClassificationDG-02 DG-02.1 Do you provide a capability to identify virtual machines via policy tags/metadata (ex. Tags can be used to limit g
  • 13. Cloud Security Alliance mapping v 3 Released Controls baselined and mapped to: – COBIT – HIPAA / HITECH Act – ISO/IEC 27001-2005 – NISTSP800-53 – FedRAMP – PCI DSSv2.0 – BITS Shared Assessments – GAPP ... OCF Level 1 : The Cloud Control Matrix
  • 14. Risk Management regarding data 14 What is the data at stake ? Personal/employees data Sensible data Regulated data Is this data meaning full or valuable to someone else ?
  • 15. Data classification Any data we handle, has been classified in our systems and been given policies regarding the following actions: –Create –Store –Use –Share –Archive –Destroy Each class has its own rules and level of protection: Standard classes: –Low: civility,... –Medium: logs,... –High: authentication secret Special classes: –Credit card information: not stored –Forbidden information: racial, political,...
  • 16. Reversibility 16 Using a cloud service, should not enable the transfer of ownership of the data As a general rule: –IaaS and PaaS services must stipulate that the data remains your property –SaaS services: look closely, especially for main stream services Can I reclaim/transmit data at any time? What happens in case of contract breach, bad SLAs, change of control of the provider, discontinuation of the service,... The answer has to be both technical and legal Ownership Reclaim
  • 17. The key is contractual 17 Read the contract or terms and conditions Track changes –Initiatives like http://tosdr.org/ “Terms of Services: didn’t read” emerged
  • 18. Wrap up 18 Classify your data Request a security alignment Review your contracts –Reversibility Hosting locally (in Switzerland) is easier –But does not prevent all the above
  • 19. My recommendations Be ready ! 1.Test even if you do not have a business case 2.Make a proof of concept 3.Rent a tenant 4.Security is about CONTROL PROACTIVE REACTIVE