4. CLOUD COMPUTING: Vulnerabilities and threats
•
•
•
•
•
•
•
Abuse and evil Use of Cloud
Insecure interfaces and APIs
Data protection and portability
Insecure cryptography
Virtual machine escape
Data loss or leakage
Malicious insider
IBM SMARTCLOUD : SECURITY
5. No “one size fits all” for
security
• Organizations have different security requirements
• Determined by the unique characteristics of the business
workload they intend to migrate to the cloud
IBM SMARTCLOUD : SECURITY
6. IBM SECURITY FRAMEWORK
SECURITY GOVERNANCE, RISK MANAGEMENT AND COMPLIANCE
PEOPLE AND IDENTITY
DATA AND INFORMATION
APPLICATION AND PROCESS
NETWORK , SERVER & ENDPOINT
PHYSICAL INFRASTRUCTURE
IBM SMARTCLOUD : SECURITY
7. IBM CLOUD SECURITY OFFERINGS
• Identifying and blocking the latest threats
• To securing cloud resources including
applications and databases.
• Keeping all endpoints protected and in
compliance with organizational policies.
IBM SMARTCLOUD : SECURITY
8. IBM solutions: private or hybrid cloud
•
•
•
•
•
•
•
•
Identity and access management
Web application security
Virtualization security
Network security
Endpoint security
Security intelligence and compliance analytics
IBM Security zSecure suite
Data security
IBM SMARTCLOUD : SECURITY
9. IDENTITY AND ACCESS MANAGEMENT
• Automated and policy-based user management.
• Centralized authorization for web and other applications.
• Identity and access support for social network applications
and cloud-based applications and identities.
• Integration with stronger forms of authentication (smart
cards, tokens, one-time passwords, and so forth).
IBM SMARTCLOUD : SECURITY
10. WEB APPLICATION SECURITY
AppScan Enterprise
Virtual Forge CodeProfiler for IBM Security
AppScan Source
AppScan Standard
AppScan Source
IBM SMARTCLOUD : SECURITY
12. NETWORK SECURITY
• Deliver Advanced Threat Detection and Prevention.
• Integrated Data Loss Prevention (DLP) monitors data
security risks throughout your network
• Support flexible network deployments.
IBM SMARTCLOUD : SECURITY
13. DATA SECURITY
Holistic approach for securing and protecting
sensitive data and ensuring regulations
compliance.
All products - Data protection
• IBM Security Key Lifecycle Manager for z/OS
• InfoSphere Guardium
▫ Activity Monitor
▫ Data Encryption for DB2 and IMS Databases
▫ Vulnerability Assessment
IBM SMARTCLOUD : SECURITY
14. SECURITY MEASURES TO REMEMBER
•
Implement and maintain a security program.
•
Build and maintain a secure cloud infrastructure.
•
Ensure confidential data protection.
•
Implement strong access and identity management.
•
Establish application and environment provisioning.
•
Implement a governance and audit management program.
•
Implement a vulnerability and intrusion management program.
•
Maintain environment testing and validation.
IBM SMARTCLOUD : SECURITY