Cloud security
•Transferir como PPT, PDF•
0 gostou•961 visualizações
Cloud security Issues
Recomendados
Mais conteúdo relacionado
Mais procurados
Mais procurados (20)
Semelhante a Cloud security
Semelhante a Cloud security (20)
Último
Último (20)
Cloud security
- 1. Security Issues in Cloud Computing
- 2. Contents : • What is Cloud Computing? • Is it Really Secure? • Cases in Cloud Computing • Security Measures
- 3. What is Cloud Computing.. • A network of remote servers hosted on the internet to store, manage, and process data, rather than a local server or a personal computer.
- 4. • It is divided it into two sections: The front end and the back end. They connect to each other through a network, usually the Internet. The front end is the side the computer user, or client, sees. The back end is the "cloud" section of the system. • The front end includes the client's computer and the application required to access the cloud computing system. • On the back end of the system are the various computers, servers and data storage systems that create the "cloud" of computing services.
- 5. • It is a Web-based service which hosts all the programs the user would need for a job. • Potentially, everything from generic word processing software to customized computer programs designed for a specific company could work on a cloud computing system.. • It's called cloud computing.
- 6. Cloud Oriented ArchitectureCloud Oriented Architecture Virtual Data Center IaaS/PaaS Physical Data Center Mobile Web Applications
- 7. ARPANET TCPIP WWW HTML .COM SOCIAL NETWORKS INTERNET OF THINGS 100M100M 250M250M 500M500M 25B25B 50B50B Internet ConnectedInternet Connected DevicesDevices 12B12B The Internet of Things is HereThe Internet of Things is Here In 2012In 2012 2.4 Billion2.4 Billion peoplepeople connected to the Internetconnected to the Internet
- 8. Why care about securityWhy care about security at scale?at scale? • Perimeter isPerimeter is changing dramaticallychanging dramatically
- 9. • Attacks areAttacks are • non-stopnon-stop Virtual Data Center Physical Data Center Mobile Web Applications IaaS/PaaS
- 10. Is It Really Secure ? • No matter how careful you are with your personal data, by subscribing to the cloud you will be giving up some control to an external source. It may also create more space for a third party to access your information. • There is a lot of personal information and potentially secure data that people store on their computers, and this information is now being transferred to the cloud. • Cloud computing offers many benefits, but is vulnerable to threats, and it is equally important to take personal precautions to secure your data
- 11. • The cloud is enabling cybercriminals to conduct highly automated online banking theft •Like most online consumer bank fraud, the attacks started off with a phishing e-mail and urging the recipient to click a link to change the account password. •Once the link is clicked, a Trojan was downloaded onto the victim's computer, in early versions of the attacks. In later versions the malware is operating from a server.
- 12. • The server is the brains that does all the transactions in the bank account • The criminals don't have to change anything on the end user side. They can make modifications on the server side. They still have malware on the user's machine.
- 13. How many attacks?How many attacks? • Honestly too manyHonestly too many to countto count
- 14. How do breaches happen?How do breaches happen? •8888%% of all hacking attacksof all hacking attacks • use remote access from the internetuse remote access from the internet
- 15. How do breaches happen?How do breaches happen? (In 2013)(In 2013) •utilized some formutilized some form of hackingof hacking8181%% 6969%% 1010%% 77%% 55%% resulted fromresulted from privilege misuseprivilege misuse IncorporatedIncorporated malwaremalware Involved physicalInvolved physical attacksattacks employed socialemployed social tacticstactics +31+31%% -19-19%% +20+20%% -4-4%% -12-12%% Source: Verizon data breach report 2012
- 16. Web application securityWeb application security is a challengeis a challenge They areThey are CustomCustom
- 17. Web applications are theWeb applications are the underbelly of the internetunderbelly of the internet They areThey are Everywhere!Everywhere!
- 18. Continuous Security: Case StudyContinuous Security: Case Study US Department of StateUS Department of State 400 worldwide embassies400 worldwide embassies Grades based on formulaGrades based on formula Scan every 3 daysScan every 3 days 85% hosts fixed in 6 days85% hosts fixed in 6 days
- 20. New Security ArchitectureNew Security Architecture is neededis needed •Legacy EnterpriseLegacy Enterprise Point SolutionsPoint Solutions Do Not ScaleDo Not Scale
- 21. Is it enough to scan and pentestIs it enough to scan and pentest once a quarter?once a quarter? Security NeedsSecurity Needs to beto be ContinuousContinuous
- 22. • More thanMore than • 8080%% of all breachesof all breaches • are from known vulnerabilitiesare from known vulnerabilities Continuous Cloud SecurityContinuous Cloud Security You CAN protect yourselfYou CAN protect yourself
- 23. Security Measures • Are their security standards appropriate? • Is your data encrypted when being uploaded to or downloaded from the cloud? • Understand how access is shared with your cloud folder • Pick a good password. • Back up your data
- 24. COA platform deploymentCOA platform deployment COA can be a private cloudCOA can be a private cloud
- 25. Are you ready to protectAre you ready to protect against this onslaught?against this onslaught?
- 26. THANK YOU!!!
Notas do Editor
- As you can see in the image there are many devices connected to the virtual server i.e cloud which has ability to run a program or application on those connected devices at the same time.
- Services like Web-based e-mail programs leverage existing Web browsers like Internet Explorer or Firefox a cloud computing system could include practically any computer program you can imagine, from data processing to video games. Usually, each application will have its own dedicated server.
- Google drive /google docs Microsoft skydrive Dropbox Box Apple I cloud Amazon cloud
- This distance between you and the physical location of your data creates a barrier
- The same flexibility and freedom companies get from having their software and services hosted in the cloud is enabling cybercriminals to conduct highly automated online banking theft – without doing much of the necessary information processing on their victims' own computers. Phising typically pretending to be from a victim's bank
- 1 > Do some research. Make sure that the company has a good reputation and solid security policies. Remember, you are trusting this company to store your personal information. 2>Make sure that your browser or app requires an encrypted connection before you upload or download your data. Look for the “https://” or the padlock beside the URL in your browser. 3>Several cloud storage providers allow you to share access to your online folders with other people. Be sure you know in details how this works. Can they read only or can they change the file? Will you know who changed a file last? If you share the file with a group, do you know who all is in the group? Are you notified if the group changes? Does the service allow you to make files public? If you do are your personal details (name, account, email, etc.) attached to that file if a stranger looks at it? 4>Back up your data the same way you back up your computer’s hard drive, back up your Cloud data. There are some companies that offer a small amount of storage free of cost. Take advantage of this