SlideShare uma empresa Scribd logo

Cloud Computing: New Approaches for Security

Transferir como PPTX, PDF
John Rhoton
John Rhoton

Cloud and Big Data Conference 2013 CnS Events, Vienna, Austria 8 October 2013

TecnologiaNegócios
1 de 26
24/01/2013 1John Rhoton – 2013 Cloud Computing New Approaches for Security John Rhoton Cloud and Big Data Conference 2013 CnS Events, Vienna, Austria 8 October 2013 rhoton@gmail.com
24/01/2013 2John Rhoton – 2013 Agenda • Security Context • Trust Shift • Security Challenges • Remediation – Best practices – Tools
24/01/2013 3John Rhoton – 2013 75% 67% 63% 53% 53% 52% Major social unrest impacting Business activities Economical recession Cyber attacks Natural disasters impacting a major Business Hub Collapse of the Euro zone Military or business tensions impacting access to natural resources Major threatening scenarios according to CEOs Source : 16th Annual Global CEO Survey, 2013, PwC 63% of CEO identify Cyber attacks as TOP 3 Threats for their company 14% Percentage of spending in IT Security in 2010. This ratio was only 8.2% in 2007. 11,36 billion $ Investments in 2011 in US for classified data security. Information Security is now considered as high-stake topic by most CEOs. As a result: IT Security investments are significantly growing. Source: Forrester, The Evolution Of IT Security, 2010 To 2011 Source: Report on Cost Estimates for Security Classification Activities for FiscalYear 2011 5,5 billion of attacks stopped in 2011 Volume of attacks was 3 billion in 2010 Sourrce: SYMANTEC IT Security is now a Top CEO concern Source: Beamap
24/01/2013 4John Rhoton – 2013 Risk to data security continue to intensify and show no signs of abating. Given today’s elevated threat environment, Companies must prepare to address the new Security context and review their mitigation strategies. Increasing volume and source of data to protect 80% of data did not exist 2 years ago 1,8 Zetabytes Volume of data created in 2011 7,9 Zetabytes Estimated Volume of data for 2015 IT Systems more connected, mobile and open Mobile Social media Bring your own device Development of Cyber-activism practices and cyber-attacks Anonymous Wikileaks Stuxnet* IT infrastructure more and more complex and heterogeneous Cloud Computing Big Data Technology Innovation *Stuxnet is a computer worm discovered in June 2010 that is believed to have been created by the United States and Israelto attack Iran's nuclear facilities New Security context for IT infrastructure Source: Beamap
24/01/2013 5John Rhoton – 2013 Top 10 Challenges to Enterprise Cloud Adoption 33% Implementation/transition/ integration costs too high 31% Integration with existing architecture 30% Data loss and privacy risks 30% Loss of control 26% Lack of visibility into future demand, associated costs 26% A lack of interoperability between cloud providers 26% General security risks 21% Risk of intellectual property theft 18% Legal and regulatory compliance 18% Transparency of operational controls and data Source: KPMG International’s Global cloud survey: the implementation challenge
24/01/2013 6John Rhoton – 2013 Cloud Security Challenges and Benefits • Most companies overestimate their internal security and underestimate Cloud provider security • Providers invest heavily in security processes, mechanisms, tools and skill that enterprises cannot easily match • But, not all cloud providers are equal! They have different resources and expertise, so it is important to vet each service individually! • Initial Cloud security analysis may reveal gaps but these can be addressed with: • Best practice architectures • Appropriate tools (e.g. API management, Identity management) Key Observations • Customer data is a key asset for every Company • However, todays #1 solution for CRM is a Cloud solution : Salesforce.com • Salesforce.com has become a de-facto standard CRM solution selected after due diligence by industry leaders: Would you store your Customer Data in the Cloud ? Would you store key regulatory data in the Cloud ? Example of Cloud Provider investment in Security matter: AWS opened a Security Blog in April 2013 Nasdaq OMX is offering Wall Street brokers a chance to store key regulatory data on Amazon’s “cloud” computers, marking the ecommerce conglomerate’s boldest incursion into the financial services sector. (Financial Times) How to Build Trust in Cloud ? The CSA Security, Trust & Assurance Registry (STAR) is a publicly accessible registry that documents the security controls provided by various cloud computing offerings. https://cloudsecurityalliance.org/star/ Source: Beamap
24/01/2013 7John Rhoton – 2013 The biggest cultural hurdle to cloud adoption is acceptance of shift from direct to indirect trust. • Whatstays the same? • Humans (subject to negligenceand malice) administer IT systems (subject to infectionand failure) • But explicitservice contracts replace implicitemploymentcontracts • Processesthat are audited,certified and exposed to public scrutinymay be much stronger than secret internalequivalents Trust Shift • Personal observation • Personal experience • Insight Employees Contractors Partners Suppliers Experts Legal Counsel Auditors Public Scrutiny• Public verification • Contracts • Compensation Directtrust model Indirect trustmodel
24/01/2013 8John Rhoton – 2013 Business Continuity Eliminate High Probability Low Probability High ImpactLow Impact Resilience Risk Treatment
24/01/2013 9John Rhoton – 2013 Barriers • Compliance • Data leakage • Data loss • Service loss • Vendor lock-in
24/01/2013 10John Rhoton – 2013 Compliance Enforce Logical Barriers Global Internet versus National Laws
24/01/2013 11John Rhoton – 2013 All governments have equivalent to Patriot Act Western Governments collaborate to satisfy requests regardless of location of provider and/or data Requests are executed regardless of whether data is hosted on cloud or on-premise. Cf comparison of governmental authorities’ access to data in the cloud (next slide) Hot Topic #1 Is Patriot Act an American phenomenon ?1 Governmental Compliance (Hot topics)
24/01/2013 12John Rhoton – 2013 May government require a Cloud provider to disclose customer data? May a Cloud provider voluntarily disclose customer data to the government in response to an informal request? If a Cloud provider must disclose customer data to the government, must the customer be notified? May government monitor Electronic communications sent through the systems of a Cloud provider? Are government orders to disclose Customer data subject to review by a judge? Can the government require the Cloud provider to disclose data in foreign country? Yes No – must request data through legal process Yes, for content data, except with a search warrant Yes Yes Yes Yes Yes, except for personal data without a legal Purpose No Yes Yes Yes Yes Yes, except for personal data without a legal Purpose No Yes Yes Yes Yes Yes, except for personal data without a legal purpose Yes, except may withhold until disclosure no longer would compromise the investigation Yes Yes No, not without cooperation from the other country’s government US laws are no more threatening than others ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! Source: Hogan Lovells White Paper “A Global Reality: Governmental Access to Data in the Cloud” bit.ly/PMDuWL Comparison of Governmental Access
24/01/2013 13John Rhoton – 2013 All governments have equivalent to Patriot Act Western Governments collaborate to satisfy requests regardless of location of provider and/or data Requests are executed regardless of whether data is hosted on cloud or on-premise. Cf comparison of governmental authorities’ access to data in the cloud (next slide) Sophisticated intelligence agencies (USA, Russia, China, Israel, France...) have means to obtain any information they require Corporate data is not usually an interesting target but may be in some instances. Interception of corporate data by an intelligence agency doesn't automatically result in harm to corporation. It depends on how they use it (e.g. corporate espionage). It is impossible to secure against this threat. Some agencies resort to unlawful means (e.g. bribery, extortion) to obtain this data. Protecting corporate data (e.g. through encryption) doesn't prevent access but makes it more costly to obtain and therefore less likely governments will obtain it unless they have a clear purpose. Hot Topic #1 Is Patriot Act an American phenomenon ? Hot Topic #2 Is PRISM a danger for Corporate Data ? 1 2 Shortly after Snowden's leaked documents, the big Internet companies and their allies issued dire warnings, predicting that American businesses would lose tens of billions of dollars in revenue abroad as distrustful customers seek out local alternatives. At Amazon, which was not named in Snowden's documents but is seen as a likely victim because it is a top provider of cloud computing services, a spokeswoman said global demand "has never been greater." There are multiple theories for why the business impact of the Snowden leaks has been so minimal. One is that cloud customers have few good alternatives, since U.S. companies have most of the market and switching costs money. Perhaps more convincing, Amazon, Microsoft and some others offer data centers in Europe with encryption that prevents significant hurdles to snooping by anyone including the service providers themselves and the U.S. agencies. Encryption, however, comes with drawbacks, making using the cloud more cumbersome. Hot Topic #3 PRISM: Risk or Opportunity for US Cloud Computing Industry ?3 Governmental Compliance (Hot topics) Source: Beamap
24/01/2013 14John Rhoton – 2013 Host Guest Guest Guest Guest Host Guest Guest 1 2 3 4 5 6 Multi-tenancy Increases Threat Vectors Expand Monitoring Scope and Depth
24/01/2013 15John Rhoton – 2013 Confidentiality • Data Governance – Data loss prevention • Compartmentalization • Encryption Classify data, Select and Combine Options
24/01/2013 16John Rhoton – 2013 Identity Federation Identity challenges • Password proliferation • Weak authentication • Support costs • User productivity Implement Identity Standards (SAML, SCIM)
24/01/2013 17John Rhoton – 2013 Redundancy • Dimensions – Physical – Geographical – Technological – Organizational • Horizontal Scalability • ACID (Atomic Consistent Isolated Durable) => BASE (Basic Availability, Soft-state, Eventual consistency) Architect for scale
24/01/2013 18John Rhoton – 2013 Business Continuity • Cold Site • Warm Site • Hot Site • Double-Active Multi-dimensional redundancy is critical
24/01/2013 19John Rhoton – 2013 Lock-in vs. Cloud Stacks Proprietary Hardware Proprietary Software Open Source Consortium Driven Balance ease with flexibility
24/01/2013 20John Rhoton – 2013 Denial of Service Account/ Service Hijacking Insecure Interfaces and API Data Loss Shared Technologies Data Breaches REMEDIATION PRINCIPLES CLOUD RISKS Cloud Risks and Remediation Source: Beamap
24/01/2013 21John Rhoton – 2013 On-premise Datacenter Public Cloud Public Cloud This scenario is based on the following concepts: • Mobility of VM from on-premise Datacenter to Cloud with the same “Security” requirements • Propagation of the Network security rules to the Cloud (firewalling, IP addresses…) • Propagation of QoS rules (Resiliency, back-up & restores…) Scenario illustration Description Network Security Resiliency Identity and access management Attack protection Encryption Application Security Sample Cloud Architecture Source: Beamap
24/01/2013 22John Rhoton – 2013 Cloud-based Protection Services • Malware • Denial of Service • Identity Management • Backup and Restore • Intrusion Prevention
24/01/2013 23John Rhoton – 2013 The Key components of the Cloud reference architecture: 1. Virtual Private Cloud with VPN connection to the corporate Datacenter 2. Dual connectivity (Direct connection to back-up VPN connection) 3. At least two Availability zones used to provide application resiliency 4. Elastic Load Balancers to distribute workloads across servers and availability zones 5. Data replication across availability zones 6. Application tiering 7. Database tiering 8. Database snapshots 9. DoS filter 10.Identity Router 11.API Security Management module 12.Cloud Management module Cloud Management Layer Cloudreferencearchitecture Key Management System (External system) (External system) 1 2 3 4 5 6 7 8 9 10 11 12 Cloud Reference Architecture Source: Beamap
24/01/2013 24John Rhoton – 2013 Summary • Security is perceived as biggest challenge to cloud computing • Risks are often over-hyped for dubious reasons – Market protection – Job security • Cloud security is under-rated • Internal security is over-rated • Security challenges real but addressable – Encryption / Strong Authentication – Network security / Isolation – Multi-sourcing strategy – Redundancy
24/01/2013 25John Rhoton – 2013 Emotional vs Factual • Fear, Uncertainty and Doubt • Increased Effort – Evaluation – Negotiation – Integration – Implementation • Reduce CAPEX benefits Plan early, think objectively
24/01/2013 26John Rhoton – 2013 Contact Details Feel free to reach out to me at: linkedin/in/rhoton or look me up at: amazon.com/author/rhoton slideshare.net/rhoton

Recomendados

Cloud Computing 2013: Status and Trends
Cloud Computing 2013: Status and TrendsCloud Computing 2013: Status and Trends
Cloud Computing 2013: Status and TrendsJohn Rhoton
 
Cloud Deployment Strategy: Challenges to consider
Cloud Deployment Strategy: Challenges to considerCloud Deployment Strategy: Challenges to consider
Cloud Deployment Strategy: Challenges to considerJohn Rhoton
 
Business Perspectives on Cloud Computing
Business Perspectives on Cloud ComputingBusiness Perspectives on Cloud Computing
Business Perspectives on Cloud ComputingJohn Rhoton
 
Direct Edge and BATS Global Markets Trusts Intralinks Dealspace™
Direct Edge and BATS Global Markets Trusts Intralinks Dealspace™Direct Edge and BATS Global Markets Trusts Intralinks Dealspace™
Direct Edge and BATS Global Markets Trusts Intralinks Dealspace™Intralinks
 
Building A Cloud-Ready Security Program
Building A Cloud-Ready Security ProgramBuilding A Cloud-Ready Security Program
Building A Cloud-Ready Security ProgramNetIQ
 
Cloud Computing Challenges - Beamap
Cloud Computing Challenges - BeamapCloud Computing Challenges - Beamap
Cloud Computing Challenges - BeamapJohn Rhoton
 
Data Leakage Presentation
Data Leakage PresentationData Leakage Presentation
Data Leakage PresentationMike Spaulding
 
Identity, Security and Healthcare
Identity, Security and HealthcareIdentity, Security and Healthcare
Identity, Security and HealthcareNetIQ
 

Recomendados

Cloud Computing 2013: Status and Trends
Cloud Computing 2013: Status and TrendsCloud Computing 2013: Status and Trends
Cloud Computing 2013: Status and TrendsJohn Rhoton
 
Cloud Deployment Strategy: Challenges to consider
Cloud Deployment Strategy: Challenges to considerCloud Deployment Strategy: Challenges to consider
Cloud Deployment Strategy: Challenges to considerJohn Rhoton
 
Business Perspectives on Cloud Computing
Business Perspectives on Cloud ComputingBusiness Perspectives on Cloud Computing
Business Perspectives on Cloud ComputingJohn Rhoton
 
Direct Edge and BATS Global Markets Trusts Intralinks Dealspace™
Direct Edge and BATS Global Markets Trusts Intralinks Dealspace™Direct Edge and BATS Global Markets Trusts Intralinks Dealspace™
Direct Edge and BATS Global Markets Trusts Intralinks Dealspace™Intralinks
 
Building A Cloud-Ready Security Program
Building A Cloud-Ready Security ProgramBuilding A Cloud-Ready Security Program
Building A Cloud-Ready Security ProgramNetIQ
 
Cloud Computing Challenges - Beamap
Cloud Computing Challenges - BeamapCloud Computing Challenges - Beamap
Cloud Computing Challenges - BeamapJohn Rhoton
 
Data Leakage Presentation
Data Leakage PresentationData Leakage Presentation
Data Leakage PresentationMike Spaulding
 
Identity, Security and Healthcare
Identity, Security and HealthcareIdentity, Security and Healthcare
Identity, Security and HealthcareNetIQ
 
NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...
NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...
NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...NetIQ
 
CIS13: Security's New Normal: Is Cloud the Answer?
CIS13: Security's New Normal: Is Cloud the Answer?CIS13: Security's New Normal: Is Cloud the Answer?
CIS13: Security's New Normal: Is Cloud the Answer?CloudIDSummit
 
Information Leakage - A knowledge Based Approach
Information Leakage - A knowledge Based ApproachInformation Leakage - A knowledge Based Approach
Information Leakage - A knowledge Based ApproachGlobal Business Events - the Heart of your Network.
 
Are You Being Anti-Social
Are You Being Anti-SocialAre You Being Anti-Social
Are You Being Anti-SocialNetIQ
 
Cloud Compliance Auditing - Closer 2011
Cloud Compliance Auditing - Closer 2011Cloud Compliance Auditing - Closer 2011
Cloud Compliance Auditing - Closer 2011Jonathan Sinclair
 
2011 IIA Pittsburgh Grant Thornton LLP Presentation (Nov 2011)
2011 IIA Pittsburgh Grant Thornton LLP Presentation (Nov 2011)2011 IIA Pittsburgh Grant Thornton LLP Presentation (Nov 2011)
2011 IIA Pittsburgh Grant Thornton LLP Presentation (Nov 2011)Danny Miller
 
Customer Spotlight: Deploying a Data Protection Program in less than 120 Days
Customer Spotlight: Deploying a Data Protection Program in less than 120 DaysCustomer Spotlight: Deploying a Data Protection Program in less than 120 Days
Customer Spotlight: Deploying a Data Protection Program in less than 120 DaysDigital Guardian
 
California Consumer Privacy Act (CCPA)
California Consumer Privacy Act (CCPA)California Consumer Privacy Act (CCPA)
California Consumer Privacy Act (CCPA)Happiest Minds Technologies
 
Protecting Innovation Through Next Generation Enterprise File Sharing
Protecting Innovation Through Next Generation Enterprise File SharingProtecting Innovation Through Next Generation Enterprise File Sharing
Protecting Innovation Through Next Generation Enterprise File SharingIntralinks
 
Your clouds must be transparent - an intro to Cloud Security Alliance
Your clouds must be transparent - an intro to Cloud Security AllianceYour clouds must be transparent - an intro to Cloud Security Alliance
Your clouds must be transparent - an intro to Cloud Security AllianceDavid Jones
 
Privacy and Security by Design
Privacy and Security by DesignPrivacy and Security by Design
Privacy and Security by DesignUnisys Corporation
 
Legal ethics & cloud computing
Legal ethics & cloud computingLegal ethics & cloud computing
Legal ethics & cloud computingPatrick Fowler
 
Bring Your Own Identity
Bring Your Own IdentityBring Your Own Identity
Bring Your Own IdentityNetIQ
 
The Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI WebinarThe Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI WebinarEryk Budi Pratama
 
Privacy by Design as a system design strategy - EIC 2019
Privacy by Design as a system design strategy - EIC 2019 Privacy by Design as a system design strategy - EIC 2019
Privacy by Design as a system design strategy - EIC 2019 Sagara Gunathunga
 
Proven Practices to Protect Critical Data - DarkReading VTS Deck
Proven Practices to Protect Critical Data - DarkReading VTS DeckProven Practices to Protect Critical Data - DarkReading VTS Deck
Proven Practices to Protect Critical Data - DarkReading VTS DeckNetIQ
 
IT Series: Cloud Computing Done Right CISOA 2011
IT Series: Cloud Computing Done Right CISOA 2011IT Series: Cloud Computing Done Right CISOA 2011
IT Series: Cloud Computing Done Right CISOA 2011Donald E. Hester
 
Cross border - off-shoring and outsourcing privacy sensitive data
Cross border - off-shoring and outsourcing privacy sensitive dataCross border - off-shoring and outsourcing privacy sensitive data
Cross border - off-shoring and outsourcing privacy sensitive dataUlf Mattsson
 
IDC on 10 myths regarding GDPR
IDC on 10 myths regarding GDPRIDC on 10 myths regarding GDPR
IDC on 10 myths regarding GDPRVeritas Technologies LLC
 
Cybersecurity: What does Cyber Insurance Cover?
Cybersecurity: What does Cyber Insurance Cover?Cybersecurity: What does Cyber Insurance Cover?
Cybersecurity: What does Cyber Insurance Cover?Next Dimension Inc.
 
Frukostseminarium om molntjänster
Frukostseminarium om molntjänsterFrukostseminarium om molntjänster
Frukostseminarium om molntjänsterTranscendent Group
 
Advanced PII / PI data discovery and data protection
Advanced PII / PI data discovery and data protectionAdvanced PII / PI data discovery and data protection
Advanced PII / PI data discovery and data protectionUlf Mattsson
 

Mais conteúdo relacionado

Mais procurados

NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...
NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...
NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...NetIQ
 
CIS13: Security's New Normal: Is Cloud the Answer?
CIS13: Security's New Normal: Is Cloud the Answer?CIS13: Security's New Normal: Is Cloud the Answer?
CIS13: Security's New Normal: Is Cloud the Answer?CloudIDSummit
 
Are You Being Anti-Social
Are You Being Anti-SocialAre You Being Anti-Social
Are You Being Anti-SocialNetIQ
 
Cloud Compliance Auditing - Closer 2011
Cloud Compliance Auditing - Closer 2011Cloud Compliance Auditing - Closer 2011
Cloud Compliance Auditing - Closer 2011Jonathan Sinclair
 
2011 IIA Pittsburgh Grant Thornton LLP Presentation (Nov 2011)
2011 IIA Pittsburgh Grant Thornton LLP Presentation (Nov 2011)2011 IIA Pittsburgh Grant Thornton LLP Presentation (Nov 2011)
2011 IIA Pittsburgh Grant Thornton LLP Presentation (Nov 2011)Danny Miller
 
Customer Spotlight: Deploying a Data Protection Program in less than 120 Days
Customer Spotlight: Deploying a Data Protection Program in less than 120 DaysCustomer Spotlight: Deploying a Data Protection Program in less than 120 Days
Customer Spotlight: Deploying a Data Protection Program in less than 120 DaysDigital Guardian
 
Protecting Innovation Through Next Generation Enterprise File Sharing
Protecting Innovation Through Next Generation Enterprise File SharingProtecting Innovation Through Next Generation Enterprise File Sharing
Protecting Innovation Through Next Generation Enterprise File SharingIntralinks
 
Your clouds must be transparent - an intro to Cloud Security Alliance
Your clouds must be transparent - an intro to Cloud Security AllianceYour clouds must be transparent - an intro to Cloud Security Alliance
Your clouds must be transparent - an intro to Cloud Security AllianceDavid Jones
 
Privacy and Security by Design
Privacy and Security by DesignPrivacy and Security by Design
Privacy and Security by DesignUnisys Corporation
 
Legal ethics & cloud computing
Legal ethics & cloud computingLegal ethics & cloud computing
Legal ethics & cloud computingPatrick Fowler
 
Bring Your Own Identity
Bring Your Own IdentityBring Your Own Identity
Bring Your Own IdentityNetIQ
 
The Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI WebinarThe Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI WebinarEryk Budi Pratama
 
Privacy by Design as a system design strategy - EIC 2019
Privacy by Design as a system design strategy - EIC 2019 Privacy by Design as a system design strategy - EIC 2019
Privacy by Design as a system design strategy - EIC 2019 Sagara Gunathunga
 
Proven Practices to Protect Critical Data - DarkReading VTS Deck
Proven Practices to Protect Critical Data - DarkReading VTS DeckProven Practices to Protect Critical Data - DarkReading VTS Deck
Proven Practices to Protect Critical Data - DarkReading VTS DeckNetIQ
 
IT Series: Cloud Computing Done Right CISOA 2011
IT Series: Cloud Computing Done Right CISOA 2011IT Series: Cloud Computing Done Right CISOA 2011
IT Series: Cloud Computing Done Right CISOA 2011Donald E. Hester
 
Cross border - off-shoring and outsourcing privacy sensitive data
Cross border - off-shoring and outsourcing privacy sensitive dataCross border - off-shoring and outsourcing privacy sensitive data
Cross border - off-shoring and outsourcing privacy sensitive dataUlf Mattsson
 
Cybersecurity: What does Cyber Insurance Cover?
Cybersecurity: What does Cyber Insurance Cover?Cybersecurity: What does Cyber Insurance Cover?
Cybersecurity: What does Cyber Insurance Cover?Next Dimension Inc.
 

Mais procurados (20)

NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...
NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...
NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...
 
CIS13: Security's New Normal: Is Cloud the Answer?
CIS13: Security's New Normal: Is Cloud the Answer?CIS13: Security's New Normal: Is Cloud the Answer?
CIS13: Security's New Normal: Is Cloud the Answer?
 
Information Leakage - A knowledge Based Approach
Information Leakage - A knowledge Based ApproachInformation Leakage - A knowledge Based Approach
Information Leakage - A knowledge Based Approach
 
Are You Being Anti-Social
Are You Being Anti-SocialAre You Being Anti-Social
Are You Being Anti-Social
 
Cloud Compliance Auditing - Closer 2011
Cloud Compliance Auditing - Closer 2011Cloud Compliance Auditing - Closer 2011
Cloud Compliance Auditing - Closer 2011
 
2011 IIA Pittsburgh Grant Thornton LLP Presentation (Nov 2011)
2011 IIA Pittsburgh Grant Thornton LLP Presentation (Nov 2011)2011 IIA Pittsburgh Grant Thornton LLP Presentation (Nov 2011)
2011 IIA Pittsburgh Grant Thornton LLP Presentation (Nov 2011)
 
Customer Spotlight: Deploying a Data Protection Program in less than 120 Days
Customer Spotlight: Deploying a Data Protection Program in less than 120 DaysCustomer Spotlight: Deploying a Data Protection Program in less than 120 Days
Customer Spotlight: Deploying a Data Protection Program in less than 120 Days
 
California Consumer Privacy Act (CCPA)
California Consumer Privacy Act (CCPA)California Consumer Privacy Act (CCPA)
California Consumer Privacy Act (CCPA)
 
Protecting Innovation Through Next Generation Enterprise File Sharing
Protecting Innovation Through Next Generation Enterprise File SharingProtecting Innovation Through Next Generation Enterprise File Sharing
Protecting Innovation Through Next Generation Enterprise File Sharing
 
Your clouds must be transparent - an intro to Cloud Security Alliance
Your clouds must be transparent - an intro to Cloud Security AllianceYour clouds must be transparent - an intro to Cloud Security Alliance
Your clouds must be transparent - an intro to Cloud Security Alliance
 
Privacy and Security by Design
Privacy and Security by DesignPrivacy and Security by Design
Privacy and Security by Design
 
Legal ethics & cloud computing
Legal ethics & cloud computingLegal ethics & cloud computing
Legal ethics & cloud computing
 
Bring Your Own Identity
Bring Your Own IdentityBring Your Own Identity
Bring Your Own Identity
 
The Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI WebinarThe Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI Webinar
 
Privacy by Design as a system design strategy - EIC 2019
Privacy by Design as a system design strategy - EIC 2019 Privacy by Design as a system design strategy - EIC 2019
Privacy by Design as a system design strategy - EIC 2019
 
Proven Practices to Protect Critical Data - DarkReading VTS Deck
Proven Practices to Protect Critical Data - DarkReading VTS DeckProven Practices to Protect Critical Data - DarkReading VTS Deck
Proven Practices to Protect Critical Data - DarkReading VTS Deck
 
IT Series: Cloud Computing Done Right CISOA 2011
IT Series: Cloud Computing Done Right CISOA 2011IT Series: Cloud Computing Done Right CISOA 2011
IT Series: Cloud Computing Done Right CISOA 2011
 
Cross border - off-shoring and outsourcing privacy sensitive data
Cross border - off-shoring and outsourcing privacy sensitive dataCross border - off-shoring and outsourcing privacy sensitive data
Cross border - off-shoring and outsourcing privacy sensitive data
 
IDC on 10 myths regarding GDPR
IDC on 10 myths regarding GDPRIDC on 10 myths regarding GDPR
IDC on 10 myths regarding GDPR
 
Cybersecurity: What does Cyber Insurance Cover?
Cybersecurity: What does Cyber Insurance Cover?Cybersecurity: What does Cyber Insurance Cover?
Cybersecurity: What does Cyber Insurance Cover?
 

Semelhante a Cloud Computing: New Approaches for Security

Frukostseminarium om molntjänster
Frukostseminarium om molntjänsterFrukostseminarium om molntjänster
Frukostseminarium om molntjänsterTranscendent Group
 
Advanced PII / PI data discovery and data protection
Advanced PII / PI data discovery and data protectionAdvanced PII / PI data discovery and data protection
Advanced PII / PI data discovery and data protectionUlf Mattsson
 
As telcos go digital, cybersecurity risks intensify by pwc
As telcos go digital, cybersecurity risks intensify by pwcAs telcos go digital, cybersecurity risks intensify by pwc
As telcos go digital, cybersecurity risks intensify by pwcMert Akın
 
A1 - Cibersegurança - Raising the Bar for Cybersecurity
A1 - Cibersegurança - Raising the Bar for CybersecurityA1 - Cibersegurança - Raising the Bar for Cybersecurity
A1 - Cibersegurança - Raising the Bar for CybersecuritySpark Security
 
Securing data in the cloud: A challenge for UK Law Firms
Securing data in the cloud: A challenge for UK Law FirmsSecuring data in the cloud: A challenge for UK Law Firms
Securing data in the cloud: A challenge for UK Law FirmsCloudMask inc.
 
Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...Ulf Mattsson
 
Legal issues in technology
Legal issues in technologyLegal issues in technology
Legal issues in technologyEzraGray1
 
Digital Forensics Market, Size, Global Forecast 2023-2028
Digital Forensics Market, Size, Global Forecast 2023-2028Digital Forensics Market, Size, Global Forecast 2023-2028
Digital Forensics Market, Size, Global Forecast 2023-2028Renub Research
 
Where data security and value of data meet in the cloud brighttalk webinar ...
Where data security and value of data meet in the cloud brighttalk webinar ...Where data security and value of data meet in the cloud brighttalk webinar ...
Where data security and value of data meet in the cloud brighttalk webinar ...Ulf Mattsson
 
1. security 20 20 - ebook-vol2
1. security 20 20 - ebook-vol21. security 20 20 - ebook-vol2
1. security 20 20 - ebook-vol2Adela Cocic
 
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...IBM Security
 
iStart feature: Protect and serve how safe is your personal data?
iStart feature: Protect and serve how safe is your personal data?iStart feature: Protect and serve how safe is your personal data?
iStart feature: Protect and serve how safe is your personal data?Hayden McCall
 
Project 2020 Scenarios for the Future of.docx
Project 2020 Scenarios for the Future of.docxProject 2020 Scenarios for the Future of.docx
Project 2020 Scenarios for the Future of.docxbriancrawford30935
 
Fundamentals of information systems security ( pdf drive ) chapter 1
Fundamentals of information systems security ( pdf drive ) chapter 1Fundamentals of information systems security ( pdf drive ) chapter 1
Fundamentals of information systems security ( pdf drive ) chapter 1newbie2019
 
Sept 2012 data security & cyber liability
Sept 2012 data security & cyber liabilitySept 2012 data security & cyber liability
Sept 2012 data security & cyber liabilityDFickett
 
An Overview and Competitive Analysis of the One-Time Password (OTP) Market
An Overview and Competitive Analysis of the One-Time Password (OTP) MarketAn Overview and Competitive Analysis of the One-Time Password (OTP) Market
An Overview and Competitive Analysis of the One-Time Password (OTP) MarketEMC
 
Global Security Certification for Governments
Global Security Certification for GovernmentsGlobal Security Certification for Governments
Global Security Certification for GovernmentsCloudMask inc.
 

Semelhante a Cloud Computing: New Approaches for Security (20)

Frukostseminarium om molntjänster
Frukostseminarium om molntjänsterFrukostseminarium om molntjänster
Frukostseminarium om molntjänster
 
Advanced PII / PI data discovery and data protection
Advanced PII / PI data discovery and data protectionAdvanced PII / PI data discovery and data protection
Advanced PII / PI data discovery and data protection
 
As telcos go digital, cybersecurity risks intensify by pwc
As telcos go digital, cybersecurity risks intensify by pwcAs telcos go digital, cybersecurity risks intensify by pwc
As telcos go digital, cybersecurity risks intensify by pwc
 
A1 - Cibersegurança - Raising the Bar for Cybersecurity
A1 - Cibersegurança - Raising the Bar for CybersecurityA1 - Cibersegurança - Raising the Bar for Cybersecurity
A1 - Cibersegurança - Raising the Bar for Cybersecurity
 
IE_ERS_CyberAnalysisReport
IE_ERS_CyberAnalysisReportIE_ERS_CyberAnalysisReport
IE_ERS_CyberAnalysisReport
 
Securing data in the cloud: A challenge for UK Law Firms
Securing data in the cloud: A challenge for UK Law FirmsSecuring data in the cloud: A challenge for UK Law Firms
Securing data in the cloud: A challenge for UK Law Firms
 
Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...
 
Apt 510 slideshare
Apt 510 slideshareApt 510 slideshare
Apt 510 slideshare
 
Legal issues in technology
Legal issues in technologyLegal issues in technology
Legal issues in technology
 
Digital Forensics Market, Size, Global Forecast 2023-2028
Digital Forensics Market, Size, Global Forecast 2023-2028Digital Forensics Market, Size, Global Forecast 2023-2028
Digital Forensics Market, Size, Global Forecast 2023-2028
 
Where data security and value of data meet in the cloud brighttalk webinar ...
Where data security and value of data meet in the cloud brighttalk webinar ...Where data security and value of data meet in the cloud brighttalk webinar ...
Where data security and value of data meet in the cloud brighttalk webinar ...
 
1. security 20 20 - ebook-vol2
1. security 20 20 - ebook-vol21. security 20 20 - ebook-vol2
1. security 20 20 - ebook-vol2
 
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
 
iStart feature: Protect and serve how safe is your personal data?
iStart feature: Protect and serve how safe is your personal data?iStart feature: Protect and serve how safe is your personal data?
iStart feature: Protect and serve how safe is your personal data?
 
Project 2020 Scenarios for the Future of.docx
Project 2020 Scenarios for the Future of.docxProject 2020 Scenarios for the Future of.docx
Project 2020 Scenarios for the Future of.docx
 
Fundamentals of information systems security ( pdf drive ) chapter 1
Fundamentals of information systems security ( pdf drive ) chapter 1Fundamentals of information systems security ( pdf drive ) chapter 1
Fundamentals of information systems security ( pdf drive ) chapter 1
 
Sept 2012 data security & cyber liability
Sept 2012 data security & cyber liabilitySept 2012 data security & cyber liability
Sept 2012 data security & cyber liability
 
Is There Sun Behind Those Clouds
Is There Sun Behind Those CloudsIs There Sun Behind Those Clouds
Is There Sun Behind Those Clouds
 
An Overview and Competitive Analysis of the One-Time Password (OTP) Market
An Overview and Competitive Analysis of the One-Time Password (OTP) MarketAn Overview and Competitive Analysis of the One-Time Password (OTP) Market
An Overview and Competitive Analysis of the One-Time Password (OTP) Market
 
Global Security Certification for Governments
Global Security Certification for GovernmentsGlobal Security Certification for Governments
Global Security Certification for Governments
 

Mais de John Rhoton

Cloud Computing Explained: Guide to Enterprise Implementation
Cloud Computing Explained: Guide to Enterprise ImplementationCloud Computing Explained: Guide to Enterprise Implementation
Cloud Computing Explained: Guide to Enterprise ImplementationJohn Rhoton
 
Optimizing Cloud Computing with IPv6
Optimizing Cloud Computing with IPv6Optimizing Cloud Computing with IPv6
Optimizing Cloud Computing with IPv6John Rhoton
 
Securing Cloud Services
Securing Cloud ServicesSecuring Cloud Services
Securing Cloud ServicesJohn Rhoton
 
Clouds in the Enterprise
Clouds in the EnterpriseClouds in the Enterprise
Clouds in the EnterpriseJohn Rhoton
 
Enterprise Preparation for IPv6
Enterprise Preparation for IPv6Enterprise Preparation for IPv6
Enterprise Preparation for IPv6John Rhoton
 
Unauthorized Wireless Network Connections
Unauthorized Wireless Network ConnectionsUnauthorized Wireless Network Connections
Unauthorized Wireless Network ConnectionsJohn Rhoton
 
ISSE Mobile Device Policy Enforcement
ISSE Mobile Device Policy EnforcementISSE Mobile Device Policy Enforcement
ISSE Mobile Device Policy EnforcementJohn Rhoton
 
RSA - WLAN Hacking
RSA - WLAN HackingRSA - WLAN Hacking
RSA - WLAN HackingJohn Rhoton
 
Cloud Computing: Hindernisse und Chancen für Großunternehmen
Cloud Computing: Hindernisse und Chancen für GroßunternehmenCloud Computing: Hindernisse und Chancen für Großunternehmen
Cloud Computing: Hindernisse und Chancen für GroßunternehmenJohn Rhoton
 
Peer-based Enterprise Document Workflow
Peer-based Enterprise Document WorkflowPeer-based Enterprise Document Workflow
Peer-based Enterprise Document WorkflowJohn Rhoton
 
A Critical Analysis of Microsoft Data Protection Solutions
A Critical Analysis of Microsoft Data Protection SolutionsA Critical Analysis of Microsoft Data Protection Solutions
A Critical Analysis of Microsoft Data Protection SolutionsJohn Rhoton
 
IPv6 for the Enterprise
IPv6 for the EnterpriseIPv6 for the Enterprise
IPv6 for the EnterpriseJohn Rhoton
 
Windows Mobile Enterprise Security Best Practices
Windows Mobile Enterprise Security Best PracticesWindows Mobile Enterprise Security Best Practices
Windows Mobile Enterprise Security Best PracticesJohn Rhoton
 
System Center Mobile Device Manager
System Center Mobile Device ManagerSystem Center Mobile Device Manager
System Center Mobile Device ManagerJohn Rhoton
 
Mobile Device Management
Mobile Device ManagementMobile Device Management
Mobile Device ManagementJohn Rhoton
 
Mobile Device Security
Mobile Device SecurityMobile Device Security
Mobile Device SecurityJohn Rhoton
 

Mais de John Rhoton (16)

Cloud Computing Explained: Guide to Enterprise Implementation
Cloud Computing Explained: Guide to Enterprise ImplementationCloud Computing Explained: Guide to Enterprise Implementation
Cloud Computing Explained: Guide to Enterprise Implementation
 
Optimizing Cloud Computing with IPv6
Optimizing Cloud Computing with IPv6Optimizing Cloud Computing with IPv6
Optimizing Cloud Computing with IPv6
 
Securing Cloud Services
Securing Cloud ServicesSecuring Cloud Services
Securing Cloud Services
 
Clouds in the Enterprise
Clouds in the EnterpriseClouds in the Enterprise
Clouds in the Enterprise
 
Enterprise Preparation for IPv6
Enterprise Preparation for IPv6Enterprise Preparation for IPv6
Enterprise Preparation for IPv6
 
Unauthorized Wireless Network Connections
Unauthorized Wireless Network ConnectionsUnauthorized Wireless Network Connections
Unauthorized Wireless Network Connections
 
ISSE Mobile Device Policy Enforcement
ISSE Mobile Device Policy EnforcementISSE Mobile Device Policy Enforcement
ISSE Mobile Device Policy Enforcement
 
RSA - WLAN Hacking
RSA - WLAN HackingRSA - WLAN Hacking
RSA - WLAN Hacking
 
Cloud Computing: Hindernisse und Chancen für Großunternehmen
Cloud Computing: Hindernisse und Chancen für GroßunternehmenCloud Computing: Hindernisse und Chancen für Großunternehmen
Cloud Computing: Hindernisse und Chancen für Großunternehmen
 
Peer-based Enterprise Document Workflow
Peer-based Enterprise Document WorkflowPeer-based Enterprise Document Workflow
Peer-based Enterprise Document Workflow
 
A Critical Analysis of Microsoft Data Protection Solutions
A Critical Analysis of Microsoft Data Protection SolutionsA Critical Analysis of Microsoft Data Protection Solutions
A Critical Analysis of Microsoft Data Protection Solutions
 
IPv6 for the Enterprise
IPv6 for the EnterpriseIPv6 for the Enterprise
IPv6 for the Enterprise
 
Windows Mobile Enterprise Security Best Practices
Windows Mobile Enterprise Security Best PracticesWindows Mobile Enterprise Security Best Practices
Windows Mobile Enterprise Security Best Practices
 
System Center Mobile Device Manager
System Center Mobile Device ManagerSystem Center Mobile Device Manager
System Center Mobile Device Manager
 
Mobile Device Management
Mobile Device ManagementMobile Device Management
Mobile Device Management
 
Mobile Device Security
Mobile Device SecurityMobile Device Security
Mobile Device Security
 

Último

GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 

Último (20)

GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 

Cloud Computing: New Approaches for Security

  • 1. 24/01/2013 1John Rhoton – 2013 Cloud Computing New Approaches for Security John Rhoton Cloud and Big Data Conference 2013 CnS Events, Vienna, Austria 8 October 2013 rhoton@gmail.com
  • 2. 24/01/2013 2John Rhoton – 2013 Agenda • Security Context • Trust Shift • Security Challenges • Remediation – Best practices – Tools
  • 3. 24/01/2013 3John Rhoton – 2013 75% 67% 63% 53% 53% 52% Major social unrest impacting Business activities Economical recession Cyber attacks Natural disasters impacting a major Business Hub Collapse of the Euro zone Military or business tensions impacting access to natural resources Major threatening scenarios according to CEOs Source : 16th Annual Global CEO Survey, 2013, PwC 63% of CEO identify Cyber attacks as TOP 3 Threats for their company 14% Percentage of spending in IT Security in 2010. This ratio was only 8.2% in 2007. 11,36 billion $ Investments in 2011 in US for classified data security. Information Security is now considered as high-stake topic by most CEOs. As a result: IT Security investments are significantly growing. Source: Forrester, The Evolution Of IT Security, 2010 To 2011 Source: Report on Cost Estimates for Security Classification Activities for FiscalYear 2011 5,5 billion of attacks stopped in 2011 Volume of attacks was 3 billion in 2010 Sourrce: SYMANTEC IT Security is now a Top CEO concern Source: Beamap
  • 4. 24/01/2013 4John Rhoton – 2013 Risk to data security continue to intensify and show no signs of abating. Given today’s elevated threat environment, Companies must prepare to address the new Security context and review their mitigation strategies. Increasing volume and source of data to protect 80% of data did not exist 2 years ago 1,8 Zetabytes Volume of data created in 2011 7,9 Zetabytes Estimated Volume of data for 2015 IT Systems more connected, mobile and open Mobile Social media Bring your own device Development of Cyber-activism practices and cyber-attacks Anonymous Wikileaks Stuxnet* IT infrastructure more and more complex and heterogeneous Cloud Computing Big Data Technology Innovation *Stuxnet is a computer worm discovered in June 2010 that is believed to have been created by the United States and Israelto attack Iran's nuclear facilities New Security context for IT infrastructure Source: Beamap
  • 5. 24/01/2013 5John Rhoton – 2013 Top 10 Challenges to Enterprise Cloud Adoption 33% Implementation/transition/ integration costs too high 31% Integration with existing architecture 30% Data loss and privacy risks 30% Loss of control 26% Lack of visibility into future demand, associated costs 26% A lack of interoperability between cloud providers 26% General security risks 21% Risk of intellectual property theft 18% Legal and regulatory compliance 18% Transparency of operational controls and data Source: KPMG International’s Global cloud survey: the implementation challenge
  • 6. 24/01/2013 6John Rhoton – 2013 Cloud Security Challenges and Benefits • Most companies overestimate their internal security and underestimate Cloud provider security • Providers invest heavily in security processes, mechanisms, tools and skill that enterprises cannot easily match • But, not all cloud providers are equal! They have different resources and expertise, so it is important to vet each service individually! • Initial Cloud security analysis may reveal gaps but these can be addressed with: • Best practice architectures • Appropriate tools (e.g. API management, Identity management) Key Observations • Customer data is a key asset for every Company • However, todays #1 solution for CRM is a Cloud solution : Salesforce.com • Salesforce.com has become a de-facto standard CRM solution selected after due diligence by industry leaders: Would you store your Customer Data in the Cloud ? Would you store key regulatory data in the Cloud ? Example of Cloud Provider investment in Security matter: AWS opened a Security Blog in April 2013 Nasdaq OMX is offering Wall Street brokers a chance to store key regulatory data on Amazon’s “cloud” computers, marking the ecommerce conglomerate’s boldest incursion into the financial services sector. (Financial Times) How to Build Trust in Cloud ? The CSA Security, Trust & Assurance Registry (STAR) is a publicly accessible registry that documents the security controls provided by various cloud computing offerings. https://cloudsecurityalliance.org/star/ Source: Beamap
  • 7. 24/01/2013 7John Rhoton – 2013 The biggest cultural hurdle to cloud adoption is acceptance of shift from direct to indirect trust. • Whatstays the same? • Humans (subject to negligenceand malice) administer IT systems (subject to infectionand failure) • But explicitservice contracts replace implicitemploymentcontracts • Processesthat are audited,certified and exposed to public scrutinymay be much stronger than secret internalequivalents Trust Shift • Personal observation • Personal experience • Insight Employees Contractors Partners Suppliers Experts Legal Counsel Auditors Public Scrutiny• Public verification • Contracts • Compensation Directtrust model Indirect trustmodel
  • 8. 24/01/2013 8John Rhoton – 2013 Business Continuity Eliminate High Probability Low Probability High ImpactLow Impact Resilience Risk Treatment
  • 9. 24/01/2013 9John Rhoton – 2013 Barriers • Compliance • Data leakage • Data loss • Service loss • Vendor lock-in
  • 10. 24/01/2013 10John Rhoton – 2013 Compliance Enforce Logical Barriers Global Internet versus National Laws
  • 11. 24/01/2013 11John Rhoton – 2013 All governments have equivalent to Patriot Act Western Governments collaborate to satisfy requests regardless of location of provider and/or data Requests are executed regardless of whether data is hosted on cloud or on-premise. Cf comparison of governmental authorities’ access to data in the cloud (next slide) Hot Topic #1 Is Patriot Act an American phenomenon ?1 Governmental Compliance (Hot topics)
  • 12. 24/01/2013 12John Rhoton – 2013 May government require a Cloud provider to disclose customer data? May a Cloud provider voluntarily disclose customer data to the government in response to an informal request? If a Cloud provider must disclose customer data to the government, must the customer be notified? May government monitor Electronic communications sent through the systems of a Cloud provider? Are government orders to disclose Customer data subject to review by a judge? Can the government require the Cloud provider to disclose data in foreign country? Yes No – must request data through legal process Yes, for content data, except with a search warrant Yes Yes Yes Yes Yes, except for personal data without a legal Purpose No Yes Yes Yes Yes Yes, except for personal data without a legal Purpose No Yes Yes Yes Yes Yes, except for personal data without a legal purpose Yes, except may withhold until disclosure no longer would compromise the investigation Yes Yes No, not without cooperation from the other country’s government US laws are no more threatening than others ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! Source: Hogan Lovells White Paper “A Global Reality: Governmental Access to Data in the Cloud” bit.ly/PMDuWL Comparison of Governmental Access
  • 13. 24/01/2013 13John Rhoton – 2013 All governments have equivalent to Patriot Act Western Governments collaborate to satisfy requests regardless of location of provider and/or data Requests are executed regardless of whether data is hosted on cloud or on-premise. Cf comparison of governmental authorities’ access to data in the cloud (next slide) Sophisticated intelligence agencies (USA, Russia, China, Israel, France...) have means to obtain any information they require Corporate data is not usually an interesting target but may be in some instances. Interception of corporate data by an intelligence agency doesn't automatically result in harm to corporation. It depends on how they use it (e.g. corporate espionage). It is impossible to secure against this threat. Some agencies resort to unlawful means (e.g. bribery, extortion) to obtain this data. Protecting corporate data (e.g. through encryption) doesn't prevent access but makes it more costly to obtain and therefore less likely governments will obtain it unless they have a clear purpose. Hot Topic #1 Is Patriot Act an American phenomenon ? Hot Topic #2 Is PRISM a danger for Corporate Data ? 1 2 Shortly after Snowden's leaked documents, the big Internet companies and their allies issued dire warnings, predicting that American businesses would lose tens of billions of dollars in revenue abroad as distrustful customers seek out local alternatives. At Amazon, which was not named in Snowden's documents but is seen as a likely victim because it is a top provider of cloud computing services, a spokeswoman said global demand "has never been greater." There are multiple theories for why the business impact of the Snowden leaks has been so minimal. One is that cloud customers have few good alternatives, since U.S. companies have most of the market and switching costs money. Perhaps more convincing, Amazon, Microsoft and some others offer data centers in Europe with encryption that prevents significant hurdles to snooping by anyone including the service providers themselves and the U.S. agencies. Encryption, however, comes with drawbacks, making using the cloud more cumbersome. Hot Topic #3 PRISM: Risk or Opportunity for US Cloud Computing Industry ?3 Governmental Compliance (Hot topics) Source: Beamap
  • 14. 24/01/2013 14John Rhoton – 2013 Host Guest Guest Guest Guest Host Guest Guest 1 2 3 4 5 6 Multi-tenancy Increases Threat Vectors Expand Monitoring Scope and Depth
  • 15. 24/01/2013 15John Rhoton – 2013 Confidentiality • Data Governance – Data loss prevention • Compartmentalization • Encryption Classify data, Select and Combine Options
  • 16. 24/01/2013 16John Rhoton – 2013 Identity Federation Identity challenges • Password proliferation • Weak authentication • Support costs • User productivity Implement Identity Standards (SAML, SCIM)
  • 17. 24/01/2013 17John Rhoton – 2013 Redundancy • Dimensions – Physical – Geographical – Technological – Organizational • Horizontal Scalability • ACID (Atomic Consistent Isolated Durable) => BASE (Basic Availability, Soft-state, Eventual consistency) Architect for scale
  • 18. 24/01/2013 18John Rhoton – 2013 Business Continuity • Cold Site • Warm Site • Hot Site • Double-Active Multi-dimensional redundancy is critical
  • 19. 24/01/2013 19John Rhoton – 2013 Lock-in vs. Cloud Stacks Proprietary Hardware Proprietary Software Open Source Consortium Driven Balance ease with flexibility
  • 20. 24/01/2013 20John Rhoton – 2013 Denial of Service Account/ Service Hijacking Insecure Interfaces and API Data Loss Shared Technologies Data Breaches REMEDIATION PRINCIPLES CLOUD RISKS Cloud Risks and Remediation Source: Beamap
  • 21. 24/01/2013 21John Rhoton – 2013 On-premise Datacenter Public Cloud Public Cloud This scenario is based on the following concepts: • Mobility of VM from on-premise Datacenter to Cloud with the same “Security” requirements • Propagation of the Network security rules to the Cloud (firewalling, IP addresses…) • Propagation of QoS rules (Resiliency, back-up & restores…) Scenario illustration Description Network Security Resiliency Identity and access management Attack protection Encryption Application Security Sample Cloud Architecture Source: Beamap
  • 22. 24/01/2013 22John Rhoton – 2013 Cloud-based Protection Services • Malware • Denial of Service • Identity Management • Backup and Restore • Intrusion Prevention
  • 23. 24/01/2013 23John Rhoton – 2013 The Key components of the Cloud reference architecture: 1. Virtual Private Cloud with VPN connection to the corporate Datacenter 2. Dual connectivity (Direct connection to back-up VPN connection) 3. At least two Availability zones used to provide application resiliency 4. Elastic Load Balancers to distribute workloads across servers and availability zones 5. Data replication across availability zones 6. Application tiering 7. Database tiering 8. Database snapshots 9. DoS filter 10.Identity Router 11.API Security Management module 12.Cloud Management module Cloud Management Layer Cloudreferencearchitecture Key Management System (External system) (External system) 1 2 3 4 5 6 7 8 9 10 11 12 Cloud Reference Architecture Source: Beamap
  • 24. 24/01/2013 24John Rhoton – 2013 Summary • Security is perceived as biggest challenge to cloud computing • Risks are often over-hyped for dubious reasons – Market protection – Job security • Cloud security is under-rated • Internal security is over-rated • Security challenges real but addressable – Encryption / Strong Authentication – Network security / Isolation – Multi-sourcing strategy – Redundancy
  • 25. 24/01/2013 25John Rhoton – 2013 Emotional vs Factual • Fear, Uncertainty and Doubt • Increased Effort – Evaluation – Negotiation – Integration – Implementation • Reduce CAPEX benefits Plan early, think objectively
  • 26. 24/01/2013 26John Rhoton – 2013 Contact Details Feel free to reach out to me at: linkedin/in/rhoton or look me up at: amazon.com/author/rhoton slideshare.net/rhoton

Notas do Editor

  1. Risk Mitigation Data leakage Encryption Data loss Multi-source, backup Vendor Standards, multi-source, backup, exit strategy lock-in Service loss SLA, audit, certifications Compliance SLA, audit, certifications Old trust basis:Personal observationPersonal experienceHuman InsightNew trust basis:Public verificationContractsCompensationDesign challenges:IntegrationUser managementReliabilityGovernance / SLAsSecurity
  2. Backdoor in Dual-EC DRBG (Dual Elliptic Curve Deterministic Random Bit Generator) http://rump2007.cr.yp.to/15-shumow.pdf
  3. Backdoor in Dual-EC DRBG (Dual Elliptic Curve Deterministic Random Bit Generator) http://rump2007.cr.yp.to/15-shumow.pdf
  4. ACID: Atomic Consistent Isolated DurableBASE: Basic Availability, Soft-state,Eventual consistency
  5. Risk Mitigation Data leakage Encryption Data loss Multi-source, backup Vendor Standards, multi-source, backup, exit strategy lock-in Service loss SLA, audit, certifications Compliance SLA, audit, certifications Old trust basis:Personal observationPersonal experienceHuman InsightNew trust basis:Public verificationContractsCompensationDesign challenges:IntegrationUser managementReliabilityGovernance / SLAsSecurity