Security and Privacy Mechanisms: An Analysis of Cloud Service Providers for the US Government
|
|
- Marshall McGee
- 5 years ago
- Views:
Transcription
1 Security and Privacy Mechanisms: An Analysis of Cloud Service Providers for the US Government April 13, 2016 Presenter: Carlo Di Giulio Advisor: Dr. Masooda Bashir
2 Focus of the Research Security and privacy risks and pitfalls in commercial cloud services Help the US Airforce to identify the most secure and convenient Cloud Service Providers (CSPs) to the US Government among the selected ones Spot possible market trends How service providers are addressing government needs
3 Focus of the Research The research currently focuses on 5 major CSPs
4 Structure The research is organized in three pillars Norms, regulations, and guidelines Products and services General privacy and security policies
5 Pillar I: Norms and Guidelines Different level of security, different controls and authorizations
6 Pillar I: Norms and Guidelines The authorization process to provide a service to the DoD is rather complex Image: The FedRAMP and CC SRG Roadmap (1)
7 Pillar II: Offering Each CSP offers a number of services that may be classified and compared to others We classified products and services of each service provider into 3 main categories (NIST ): IaaS PaaS SaaS
8 Pillar II: Offering A few examples CSP Service AWS Microsoft (Azure) Google CS IBM Softlayer VMWare Data Analytics Event Hubs BigQuery vrealize Operations Manager Cloud Monitoring Amazon CloudWatch Cloud Monitoring Monitoring & Reporting Compute Amazon EC2 Cloud Services App Engine Virtual Servers Compute Relational Database Redshift SQL Database Cloud SQL Continuent Identity Management AWS IAM Active Directory Cloud IAM Identity Manager
9 Pillar III: Policies In order to classify the policies, standardization and classification are required NIST FedRAMP Baseline medium - high Frameworks issued by credible NGOs AICPA (SOC 2 criteria) CSA (CCM 3.0.1)
10 Pillar III: Policies - Examples Do you allow tenants/customers to define password and account lockout policies for their accounts? (IAM 12.9 Indicator, CCM 3.0.1) AWS Identity and Access Management (IAM) lets [the tenant] manage several types of long-term security credentials for IAM users (2) ( ) must at a minimum meet Microsoft internal IT requirements, but an internal organization can increase the strength past this standard (3) Not at this time (4)
11 Pillar III: Policies - Examples Do you leverage encryption to protect data and virtual machine images during transport across and between networks and hypervisor instances? (EKM Indicator, CCM 3.0.1) ( ) option of encrypting customer data transmitted to and from Microsoft datacenters over public networks. ( ) private networks with encryption for replication of non-public customer data between Microsoft datacenters (3) "Yes. ( ) uses AES-256 encryption to encapsulate in-transit workloads. For in-cloud vmotion activities, a dedicated, secure and encrypted network is used exclusively for this purpose ( ) (4) Tenant Control Consideration (5)
12 Next Steps Conclude the policy analysis Select relevant policy indicators Cross reference policies and services Explore features and differences among services more in detail Collaborate with a Technical SME (CS Grad Student) to specify security criterias for the analysis
13 Thanks for your Attention! For more information: Carlo Di Giulio: Dr. Masooda Bashir
14 References (1) Bockelman, P. and McDermott, A. (2015). DoD-Compliant Implementations in the AWS Cloud. Reference Architectures. Amazon Web Services, April Retrieved from (2) Amazon WS (2016). Amazon Web Services: Risk and Compliance. White Paper. Retrieved from (3) Microsoft (2015). Standard Response to Request for Information Microsoft Azure Security, Privacy, and Compliance. White Paper. Retrieved from (4) Vmware (2015). VMware vcloud Air IaaS CAIQ v1.0 - Consensus Assessments Initiative Questionnaire v Retrieved from (5) Softlayer (2016) CAIQ V1.0 - Consensus Assessments Initiative Questionnaire V Retrieved from
Auditing the Cloud. Paul Engle CISA, CIA
Auditing the Cloud Paul Engle CISA, CIA About the Speaker Paul Engle CISA, CIA o Fifteen years performing internal audit, IT internal audit, and consulting projects o Internal audit clients include ADP,
More informationAzure SQL Database Basics
Intro: Timothy P. McAliley timothy.mcaliley@microsoft.com Microsoft Account Technology Strategist, Washington, DC CISA, CISM, CISSP, ITIL V3, MCSA, MCSE, MCITP, MCTS, MCT, PMP www.itprocamp.com www.meetup.com/mfcf-dc
More informationCloud Customer Architecture for Securing Workloads on Cloud Services
Cloud Customer Architecture for Securing Workloads on Cloud Services http://www.cloud-council.org/deliverables/cloud-customer-architecture-for-securing-workloads-on-cloud-services.htm Webinar April 19,
More informationCompliance & Security in Azure. April 21, 2018
Compliance & Security in Azure April 21, 2018 Presenter Bio Jeff Gainer, CISSP Senior Information Security & Risk Management Consultant Senior Security Architect Have conducted multiple Third-Party risk
More informationDriving Cloud Governance and Avoiding Cloud Chaos
Driving Cloud Governance and Avoiding Cloud Chaos Key Take Aways What is Cloud Chaos? Why Do You Need Cloud Governance? Intro: Timothy P. McAliley timothy.mcaliley@microsoft.com Microsoft Premier Field
More informationRobert Brammer. Senior Advisor to the Internet2 CEO Internet2 NET+ Security Assessment Forum. 8 April 2014
Robert Brammer Senior Advisor to the Internet2 CEO rfbtech@internet2.edu Internet2 NET+ Security Assessment Forum 8 April 2014 INTERNET2 NET+ Security Initiative Primary objective -- develop guidance to
More informationThe Challenge of Cloud Security
The Challenge of Cloud Security Dr. Ray Klump Chair, Mathematics & Computer Science Director, MS in Information Security Lewis University Poll Question #1: What type of cloud service are you
More informationCSA GUIDANCE VERSION 4 S TAT E O F T H E A R T CLOUD SECURITY AND GDPR NOTES. Hing-Yan Lee (Dr.) EVP, APAC, Cloud Security Alliance
CSA GUIDANCE VERSION 4 S TAT E O F T H E A R T CLOUD SECURITY AND GDPR NOTES Hing-Yan Lee (Dr.) EVP, APAC, Cloud Security Alliance ABOUT THE BUILDING SECURITY BEST PRACTICES FOR NEXT GENERATION IT CLOUD
More informationSoftLayer Security and Compliance:
SoftLayer Security and Compliance: How security and compliance are implemented and managed Introduction Cloud computing generally gets a bad rap when security is discussed. However, most major cloud providers
More informationLaunching a Highly-regulated Startup in the Cloud
Launching a Highly-regulated Startup in the Cloud Poornaprajna Udupi (@poornaudupi) 1 Starting in the 86%by 2020 Cloud Cisco Global Cloud Index: Forecast and Methodology, 2015 2020 2 Building blocks, Cost,
More informationThe Nasuni Security Model
White Paper Nasuni enterprise file services ensures unstructured data security and privacy, enabling IT organizations to safely leverage cloud storage while meeting stringent governance and compliance
More informationSecurity & Compliance in the AWS Cloud. Vijay Rangarajan Senior Cloud Architect, ASEAN Amazon Web
Security & Compliance in the AWS Cloud Vijay Rangarajan Senior Cloud Architect, ASEAN Amazon Web Services @awscloud www.cloudsec.com #CLOUDSEC Security & Compliance in the AWS Cloud TECHNICAL & BUSINESS
More informationVMware Hybrid Cloud Solution
VMware Hybrid Cloud Solution Simplifying and Accelerating Your Multi-Cloud Strategy Bunyamin Ozyasar System Engineer Manager 2017 VMware Inc. All rights reserved. Today s Agenda 1 2 3 VMware SDDC Approach
More informationManaging and Auditing Organizational Migration to the Cloud TELASA SECURITY
Managing and Auditing Organizational Migration to the Cloud 1 TELASA SECURITY About Me Brian Greidanus bgreidan@telasasecurity.com 18+ years of security and compliance experience delivering consulting
More informationCloud Computing, SaaS and Outsourcing
Cloud Computing, SaaS and Outsourcing Michelle Perez, AGC Privacy, IPG Bonnie Yeomans, VP, AGC & Privacy Officer, CA Technologies PLI TechLaw Institute 2017: The Digital Agenda Introduction to the Cloud
More informationEU Cloud Computing Policy. Luis C. Busquets Pérez 26 September 2017
EU Cloud Computing Policy Luis C. Busquets Pérez 26 September 2017 The digital revolution is built on data Most economic activity will depend on data within a decade Potential of the data-driven economy
More informationSecurity & Compliance in the AWS Cloud. Amazon Web Services
Security & Compliance in the AWS Cloud Amazon Web Services Our Culture Simple Security Controls Job Zero AWS Pace of Innovation AWS has been continually expanding its services to support virtually any
More informationNS2 Cloud Overview The Cloud Built for Federal Security and Export Controlled Environments. Hunter Downey, Cloud Solution Director
NS2 Cloud Overview The Cloud Built for Federal Security and Export Controlled Environments Hunter Downey, Cloud Solution Director Why Organizations are investing in the Cloud Pressure on IT and business
More informationSecuring the cloud ISACA Korea. Han Ther, Lee CISA, CISM, CISSP, CRISC, ITILF, MCSA
Securing the cloud ISACA Korea Han Ther, Lee CISA, CISM, CISSP, CRISC, ITILF, MCSA What is cloud computing? Source: Wikipedia 2 What is cloud computing A model for enabling:- convenient on-demand network
More informationINTO THE CLOUD WHAT YOU NEED TO KNOW ABOUT ADOPTION AND ENSURING COMPLIANCE
INTO THE CLOUD WHAT YOU NEED TO KNOW ABOUT ADOPTION AND ENSURING COMPLIANCE INTRODUCTION AGENDA 01. Overview of Cloud Services 02. Cloud Computing Compliance Framework 03. Cloud Adoption and Enhancing
More informationBest Practices in Securing a Multicloud World
Best Practices in Securing a Multicloud World Actions to take now to protect data, applications, and workloads We live in a multicloud world. A world where a multitude of offerings from Cloud Service Providers
More informationIBM Cloud Security for the Cloud. Amr Ismail Security Solutions Sales Leader Middle East & Pakistan
IBM Cloud Security for the Cloud Amr Ismail Security Solutions Sales Leader Middle East & Pakistan Today s Drivers for Cloud Adoption ELASTIC LOWER COST SOLVES SKILLS SHORTAGE RAPID INNOVATION GREATER
More informationCOMPLIANCE IN THE CLOUD
COMPLIANCE IN THE CLOUD 3:45-4:30PM Scott Edwards, President, Summit 7 Dave Harris Society for International Affairs COMPLIANCE IN THE CLOUD Scott Edwards scott.edwards@summit7systems.com 256-541-9638
More informationProtecting Sensitive Data in the Cloud. Presented by: Eric Wolff Thales e-security
Protecting Sensitive Data in the Cloud Presented by: Eric Wolff Thales e-security Topics IT Perspectives on Cloud Security Tools for Security in the Cloud XaaS Encryption/Key Management Strategies Tweet
More informationPrivacy hacking & Data Theft
Privacy hacking & Data Theft Cloud Computing risks & the Patricia A RoweSeale CIA, CISA, CISSP, CRISC, CRMA The IIA (Barbados Chapter) Internal Audit Portfolio Director CIBC FirstCaribbean Objectives Cloud
More informationImplementing and maintaining a DevSecOps approach in the cloud George Gerchow - VP of Security &
Implementing and maintaining a DevSecOps approach in the cloud George Gerchow - VP of Security & Compliance @sumologic Agenda The Sumo Cloud DevSecOps = Baking Security into your DNA Sumo Logic Security
More informationCloud Computing: Technologies and Enterprise IT Strategies
Cloud Computing: Technologies and Enterprise IT Strategies Stephen Obioma Luis D. Morales 1 Instructor: Prof. Paul Lin January 05, 2013 Possible Transition Items IPFW IT web page enables students and staff
More informationCloud Computing: Is it safe for you and your customers? Alex Hernandez DefenseStorm
Presentation Title Cloud Computing: Is it safe for you and your customers? Alex Hernandez DefenseStorm Background A career of helping companies integrate new technologies into their existing infrastructure
More informationWhite Paper Impact of DoD Cloud Strategy and FedRAMP on CSP, Government Agencies and Integrators.
White Paper Impact of DoD Cloud Strategy and FedRAMP on CSP, Government Agencies and Integrators. www.spirentfederal.com Table of Contents 1.0 DOD CLOUD STRATEGY IMPACT.............................................................
More informationTitle: Planning AWS Platform Security Assessment?
Title: Planning AWS Platform Security Assessment? Name: Rajib Das IOU: Cyber Security Practices TCS Emp ID: 231462 Introduction Now-a-days most of the customers are working in AWS platform or planning
More informationMitigating Risks with Cloud Computing Dan Reis
Mitigating Risks with Cloud Computing Dan Reis Director of U.S. Product Marketing Trend Micro Agenda Cloud Adoption Key Characteristics The Cloud Landscape and its Security Challenges The SecureCloud Solution
More informationMorgan Independent Software Vendor Lead
Morgan Webb @morgan_msft Independent Software Vendor Lead Digital transformation Hybrid Cloud Platform Choice Global: Hyper-scale, globally connected cloud services deployed from regional Microsoft datacenters.
More informationIntroduction to Cloud Computing. [thoughtsoncloud.com] 1
Introduction to Cloud Computing [thoughtsoncloud.com] 1 Outline What is Cloud Computing? Characteristics of the Cloud Computing model Evolution of Cloud Computing Cloud Computing Architecture Cloud Services:
More informationCLOUD COMPUTING. Lecture 4: Introductory lecture for cloud computing. By: Latifa ALrashed. Networks and Communication Department
1 CLOUD COMPUTING Networks and Communication Department Lecture 4: Introductory lecture for cloud computing By: Latifa ALrashed Outline 2 Introduction to the cloud comupting Define the concept of cloud
More informationSecurity and Compliance at Mavenlink
Security and Compliance at Mavenlink Table of Contents Introduction....3 Application Security....4....4....5 Infrastructure Security....8....8....8....9 Data Security.... 10....10....10 Infrastructure
More informationDeploying to the Cloud: A Case study on the Development of EHNAC s Cloud Enabled Accreditation Program (CEAP)
Deploying to the Cloud: A Case study on the Development of EHNAC s Cloud Enabled Accreditation Program (CEAP) May 16, 2016 Speakers Ron Moser, Managing Director, Moserhaus Consulting, LLC and Sr. Consultant,
More informationAccelerate GDPR compliance with the Microsoft Cloud Agustín Corredera
Accelerate GDPR compliance with the Microsoft Cloud Agustín Corredera This presentation is intended to provide an overview of GDPR and is not a definitive statement of the law. Businesses and users are
More informationSecurity Models for Cloud
Security Models for Cloud Kurtis E. Minder, CISSP December 03, 2011 Introduction Kurtis E. Minder, Technical Sales Professional Companies: Roles: Security Design Engineer Systems Engineer Sales Engineer
More informationWhy Choose MS Azure?
Why Choose MS Azure? Bio Dave Williams Cloud Architect AWS and Azure Expertise Agenda How to choose a public cloud service provider Microsoft Azure Strengths: Identity & Azure Active Directory Infrastructure
More informationCloud Connect. Gain highly secure, performance-optimized access to third-party public and private cloud providers
Cloud Connect Gain highly secure, performance-optimized access to third-party public and private cloud providers of the workload to run in the cloud by 2018 1 60 % Today s enterprise WAN environments demand
More informationPUBLIC AND HYBRID CLOUD: BREAKING DOWN BARRIERS
PUBLIC AND HYBRID CLOUD: BREAKING DOWN BARRIERS Jane R. Circle Manager, Red Hat Global Cloud Provider Program and Cloud Access Program June 28, 2016 WHAT WE'LL DISCUSS TODAY Hybrid clouds and multi-cloud
More informationVMware Cloud on AWS. A Closer Look. Frank Denneman Senior Staff Architect Cloud Platform BU
VMware Cloud on AWS A Closer Look Frank Denneman Senior Staff Architect Cloud Platform BU Speed is the New Currency Cloud Computing We are in the 3 rd fundamental structural transition in the history of
More informationCLOUD AND AWS TECHNICAL ESSENTIALS PLUS
1 P a g e CLOUD AND AWS TECHNICAL ESSENTIALS PLUS Contents Description... 2 Course Objectives... 2 Cloud computing essentials:... 2 Pre-Cloud and Need for Cloud:... 2 Cloud Computing and in-depth discussion...
More informationIntroduction to Cloud Computing
You will learn how to: Build and deploy cloud applications and develop an effective implementation strategy Leverage cloud vendors Amazon EC2 and Amazon S3 Exploit Software as a Service (SaaS) to optimize
More information` 2017 CloudEndure 1
` 2017 CloudEndure 1 Table of Contents Executive Summary... 3 Production Machines in the Organization... 4 Production Machines Using Disaster Recovery... 5 Workloads Primarily Covered by Disaster Recovery...
More informationPractical Guide to Cloud Computing Version 2. Read whitepaper at
Practical Guide to Cloud Computing Version 2 Read whitepaper at www.cloud-council.org/resource-hub Sept, 2015 The Cloud Standards Customer Council THE Customer s Voice for Cloud Standards! 2011/2012 Deliverables
More informationCS 6393 Lecture 10. Cloud Computing. Prof. Ravi Sandhu Executive Director and Endowed Chair. April 12,
CS 6393 Lecture 10 Cloud Computing Prof. Ravi Sandhu Executive Director and Endowed Chair April 12, 2013 ravi.sandhu@utsa.edu www.profsandhu.com Ravi Sandhu 1 The Cloud The Network is the Computer - Sun
More informationWhat is Dell EMC Cloud for Microsoft Azure Stack?
What is Dell EMC Cloud for Microsoft Azure Stack? Harry Meier GLOBAL SPONSORS Why Hybrid Cloud? The Trend Toward Hybrid Cloud Larger circles = most cost and complexity IDC 2016 Hybrid cloud is now % 9
More informationThis presentation is intended to provide an overview of GDPR and is not a definitive statement of the law.
Privacy, Trust, and the General Data Protection Regulation (GDPR) Robertas Tamosaitis Microsoft Business Solution Sales Specialist E-mail: rtamosa@microsoft.com This presentation is intended to provide
More informationCLOUD COMPUTING PRIMER FOR EXECUTIVES
CLOUD COMPUTING PRIMER FOR EXECUTIVES Cloud Computing Who Cares? Enables New products, services, business models (digital) Faster growth (agility) Better efficiency (not necessarily cheaper) Requires different
More informationIntroduction to AWS GoldBase
Introduction to AWS GoldBase A Solution to Automate Security, Compliance, and Governance in AWS October 2015 2015, Amazon Web Services, Inc. or its affiliates. All rights reserved. Notices This document
More information10 Considerations for a Cloud Procurement. March 2017
10 Considerations for a Cloud Procurement March 2017 2017, Amazon Web Services, Inc. or its affiliates. All rights reserved. Notices This document is provided for informational purposes only. It represents
More informationCLOUD SECURITY CRASH COURSE
CLOUD SECURITY CRASH COURSE ADDRESSING REAL WORLD CONCERNS Joel Friedman, CTSO ABOUT ME Name: Joel Friedman Title: Chief Technology & Security Officer of Datapipe Certifications: CISSP, CISA, CISM, CRISC,
More informationSecurity Readiness Assessment
Security Readiness Assessment Jackson Thomas Senior Manager, Sales Consulting Copyright 2015 Oracle and/or its affiliates. All rights reserved. Cloud Era Requires Identity-Centric Security SaaS PaaS IaaS
More informationAWS Well Architected Framework
AWS Well Architected Framework What We Will Cover The Well-Architected Framework Key Best Practices How to Get Started Resources Main Pillars Security Reliability Performance Efficiency Cost Optimization
More informationMulti Packed Security Addressing Challenges in Cloud Computing
Global Journal of Computer Science and Technology Cloud and Distributed Volume 13 Issue 1 Version 1.0 Year 2013 Type: Double Blind Peer Reviewed International Research Journal Publisher: Global Journals
More informationExam C Foundations of IBM Cloud Reference Architecture V5
Exam C5050 287 Foundations of IBM Cloud Reference Architecture V5 1. Which cloud computing scenario would benefit from the inclusion of orchestration? A. A customer has a need to adopt lean principles
More informationVMware, SQL Server and Encrypting Private Data Townsend Security
VMware, SQL Server and Encrypting Private Data Townsend Security 724 Columbia Street NW, Suite 400 Olympia, WA 98501 360.359.4400 Today s Agenda! Compliance, standards, and best practices! Encryption and
More informationModule Day Topic. 1 Definition of Cloud Computing and its Basics
Module Day Topic 1 Definition of Cloud Computing and its Basics 1 2 3 1. How does cloud computing provides on-demand functionality? 2. What is the difference between scalability and elasticity? 3. What
More informationBuilding Trust in the Era of Cloud Computing
Building Trust in the Era of Cloud Computing ICMC 2017 Conference May 17, 2017 v1.0 David Gerendas Group Product Manager TRUST A FIRM belief in the! Reliability! Truth! Ability of someone or something.
More informationAccelerating the HCLS Industry Through Cloud Computing
Accelerating the HCLS Industry Through Cloud Computing Use cloud computing to accelerate life sciences and healthcare specific workloads, and meet the unique computation, storage, security, and compliance
More informationOFFICE 365 GOVERNANCE: Top FAQ s & Best Practices. Internal Audit, Risk, Business & Technology Consulting
OFFICE 365 GOVERNANCE: Top FAQ s & Best Practices Internal Audit, Risk, Business & Technology Consulting CLOUD ADOPTION Business demands faster, more agile and less costly solutions to achieve digital
More informationCopyright 2011 EMC Corporation. All rights reserved.
1 2 How risky is the Cloud? 3 Is Cloud worth it? YES! 4 Cloud adds the concept of Supply Chain 5 Cloud Computing Definition National Institute of Standards and Technology (NIST Special Publication 800-145
More informationSecure Esri Solutions in the AWS Cloud. CJ Moses, AWS Deputy CISO
Secure Esri Solutions in the AWS Cloud CJ Moses, AWS Deputy CISO Security in the cloud is a shared responsibility between AWS and the customer AWS Facilities Physical Security Physical Infrastructure Network
More informationPractical Guide to Hybrid Cloud Computing. Cloud-Computing.
Practical Guide to Hybrid Cloud Computing http://www.cloud-council.org/deliverables/cscc-practical-guide-to-hybrid- Cloud-Computing.pdf April 21, 2016 The Cloud Standards Customer Council THE Customer
More informationCAN MICROSOFT HELP MEET THE GDPR
CAN MICROSOFT HELP MEET THE GDPR REQUIREMENTS? Danny Uytgeerts Microsoft 365 TSP / P-Seller Privacy Consultant (certified DPO) Member of DPO-Pro (Professional association of Belgian DPOs) danny.uytgeerts@realdolmen.com
More informationData Protection Modernization: Meeting the Challenges of a Changing IT Landscape
Data Protection Modernization: Meeting the Challenges of a Changing IT Landscape Tom Clark IBM Distinguished Engineer, Chief Architect Software 1 Data growth is continuing to explode Sensors & Devices
More informationA CISO GUIDE TO MULTI-CLOUD SECURITY Achieving Transparent Visibility and Control and Enhanced Risk Management
A CISO GUIDE TO MULTI-CLOUD SECURITY Achieving Transparent Visibility and Control and Enhanced Risk Management CONTENTS INTRODUCTION 1 SECTION 1: MULTI-CLOUD COVERAGE 2 SECTION 2: MULTI-CLOUD VISIBILITY
More informationNET+ INFRASTRUCTURE AND PLATFORM SERVICES PORTFOLIO STATUS & UPDATE
NET+ INFRASTRUCTURE AND PLATFORM SERVICES PORTFOLIO STATUS & UPDATE Andrew Keating, Sean O'Brien, and Sara Jeanes NET+ Cloud Services 2014 Internet2 NET+ IPS Portfolio Update CONTENTS Goals and Updates
More informationMANAGED CLOUD SERVICES
JARGON BUSTERS MANAGED CLOUD SERVICES CLOUD SERVICES Any IT service that is accessed on demand via the internet rather than from your own computers and servers. PRIVATE CLOUD Services offered over the
More informationCloud Computing Standard 1.1 INTRODUCTION 2.1 PURPOSE. Effective Date: July 28, 2015
Cloud Computing Standard Effective Date: July 28, 2015 1.1 INTRODUCTION Cloud computing services are application and infrastructure resources that users access via the Internet. These services, contractually
More informationLeveraging the Cloud for Law Enforcement. Richard A. Falkenrath, PhD Principal, The Chertoff Group
Leveraging the Cloud for Law Enforcement Richard A. Falkenrath, PhD Principal, The Chertoff Group Law Enforcement Information Management Training Conference & Technology Exposition May 21,2013 Outline
More informationCloud is the 'Only' Way Forward in Information Security. Leveraging Scale to Make the Unknown Known, in Dev, Sec & Ops.
George Gerchow, Sumo Logic Chief Information Security Officer Cloud is the 'Only' Way Forward in Information Security. Leveraging Scale to Make the Unknown Known, in Dev, Sec & Ops. Agenda Sumo Security
More informationFaculté Polytechnique
Faculté Polytechnique INFORMATIQUE PARALLÈLE ET DISTRIBUÉE CHAPTER 7 : CLOUD COMPUTING Sidi Ahmed Mahmoudi sidi.mahmoudi@umons.ac.be 13 December 2017 PLAN Introduction I. History of Cloud Computing and
More informationPrivate Cloud Public Cloud Edge. Consistent Infrastructure & Consistent Operations
Hybrid Cloud Native Public Cloud Private Cloud Public Cloud Edge Consistent Infrastructure & Consistent Operations VMs and Containers Management and Automation Cloud Ops DevOps Existing Apps Cost Management
More informationIntroduction to data centers
Introduction to data centers Paolo Giaccone Notes for the class on Switching technologies for data centers Politecnico di Torino December 2017 Cloud computing Section 1 Cloud computing Giaccone (Politecnico
More informationDefense Information Systems Agency (DISA) Department of Defense (DoD) Cloud Service Offering (CSO) Initial Contact Form
Defense Information Systems Agency (DISA) Department of Defense (DoD) Cloud Service Offering (CSO) Initial Contact Form Page 1 of 5 Submitted to DISA s DoD Cloud Support Office by: Signature (Prefer CAC
More informationCLOUD COMPUTING. The Old Ways Are New Again. Jeff Rowland, Vice President, USAA IT/Security Audit Services. Public Information
CLOUD COMPUTING The Old Ways Are New Again Jeff Rowland, Vice President, USAA IT/Security Audit Services Public Information Who We Are Our Mission The mission of the association is to facilitate the financial
More informationNIST Cloud Security Architecture Tool (CSAT) Leveraging Cyber Security Framework to Architect a FISMA-compliant Cloud Solution
NIST Cloud Security Architecture Tool (CSAT) Leveraging Cyber Security Framework to Architect a FISMA-compliant Cloud Solution Dr. Michaela Iorga NIST October 2018 A Triple Inflection Point Marked A New
More informationAccelerate GDPR compliance with the Microsoft Cloud Ole Tom Seierstad National Security Officer Microsoft Norway
Accelerate GDPR compliance with the Microsoft Cloud Ole Tom Seierstad National Security Officer Microsoft Norway This presentation is intended to provide an overview of GDPR and is not a definitive statement
More informationHealthcare and the Cloud:
Healthcare and the Cloud: Pros & Cons of Security and Privacy Information Systems Security Association (ISSA) Healthcare SIG and Cloud Security Alliance (CSA) March 16, 2017 1 Vince Campitelli Enterprise
More informationCompute - 36 PCPUs (72 vcpus) - Intel Xeon E5 2686 v4 (Broadwell) - 512GB RAM - 8 x 2TB NVMe local SSD - Dedicated Host vsphere Features - vsphere HA - vmotion - DRS - Elastic DRS Storage - ESXi boot-from-ebs
More informationDomain Registrations. Shared Hosting. Office 365 and Hosted Exchange #DOMAINS #HOSTING #
GDPR Compliance Responsibilities on Blacknight Products April 2018 GDPR is due to come into force May 25 th 2018. It sets out regulations for security and privacy controls required when handling Personally
More informationAPPLICATION & INFRASTRUCTURE SECURITY CONTROLS
APPLICATION & INFRASTRUCTURE SECURITY CONTROLS ON THE KINVEY PLATFORM APPLICATION KINVEY PLATFORM SERVICES END-TO-END APPLICATION & INFRASTRUCTURE SERCURITY CONTROLS ENTERPRISE DATA & IDENTITY 2015 Kinvey,
More informationLINUX, WINDOWS(MCSE),
Virtualization Foundation Evolution of Virtualization Virtualization Basics Virtualization Types (Type1 & Type2) Virtualization Demo (VMware ESXi, Citrix Xenserver, Hyper-V, KVM) Cloud Computing Foundation
More informationIntroduction To Cloud Computing
Introduction To Cloud Computing What is Cloud Computing? Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g.,
More informationMigrating Enterprise Applications to the Cloud Session 672. Leighton L. Nelson
Migrating Enterprise Applications to the Cloud Session 672 Leighton L. Nelson Leighton L. Nelson Instructional Technology Principal Oracle ACE & Oracle Certified Expert Oracle Database Administrator Author/blogger
More informationVirtual Machine Encryption Security & Compliance in the Cloud
Virtual Machine Encryption Security & Compliance in the Cloud Pius Graf Director Sales Switzerland 27.September 2017 Agenda Control Your Data In The Cloud Overview Virtual Machine Encryption Architecture
More informationCloud Computing 4/17/2016. Outline. Cloud Computing. Centralized versus Distributed Computing Some people argue that Cloud Computing. Cloud Computing.
Cloud Computing By: Muhammad Naseem Assistant Professor Department of Computer Engineering, Sir Syed University of Engineering & Technology, Web: http://sites.google.com/site/muhammadnaseem105 Email: mnaseem105@yahoo.com
More informationDyadic Security Enterprise Key Management
Dyadic Security Enterprise Key Management The Secure-as-Hardware Software with a Mathematical Proof Dyadic Enterprise Key Management (EKM) is the first software-only key management and key protection system
More informationCapgemini Dynamic Services
Capgemini Dynamic Services Evolution and dynamics of Copyright Capgemini 2015. All Rights Reserved 2 GEN 1 Simple IT GEN 2 Full Outsourcing GEN 3 Tower Sourcing GEN NEXT Micro Sourcing Business IT Interface
More informationEnhanced Privacy ID (EPID), 156
Index A Accountability, 148 ActiveDirectory, 153 Amazon AWS EC2, 168 Anonymity, 148 Asset tagging, 96 Attestation definition, 65 dynamic remote attestation techniques, 66 IMA, 67 Intel Trust Attestation
More informationCloud Computing. Faculty of Information Systems. Duc.NHM. nhmduc.wordpress.com
Cloud Computing Faculty of Information Systems Duc.NHM nhmduc.wordpress.com Evaluating Cloud Security: An Information Security Framework Chapter 6 Cloud Computing Duc.NHM 2 1 Evaluating Cloud Security
More informationCrises Control Cloud Security Principles. Transputec provides ICT Services and Solutions to leading organisations around the globe.
Crises Control Cloud Security Principles Transputec provides ICT Services and Solutions to leading organisations around the globe. As a provider of these services for over 30 years, we have the credibility
More informationCLOUD STORAGE. Predictive Analytics The Art of Service
CLOUD STORAGE 2 0 1 6 Predictive Analytics 2016 The Art of Service www.theartofservice.com TABLE OF CONTENTS TOP 20 OVERALL PREDICTIVE ANALYTICS SCORES TOP 20 IN EACH RESEARCH AREA COMPLETE RESULTS BY
More informationClick to edit Master title style
Federal Risk and Authorization Management Program Presenter Name: Peter Mell, Initial FedRAMP Program Manager FedRAMP Interagency Effort Started: October 2009 Created under the Federal Cloud Initiative
More informationCertificate of Registration
Certificate of Registration THIS IS TO CERTIFY THAT 2001 8th Ave, Seattle, WA 98121 USA operates AWS using IaaS model (Amazon CloudFront, Amazon Elastic Block Store (EBS), Amazon Elastic Compute Cloud
More informationUnderstanding Cloud Migration. Ruth Wilson, Data Center Services Executive
Understanding Cloud Migration Ruth Wilson, Data Center Services Executive rhwilson@us.ibm.com Migrating to a Cloud is similar to migrating data and applications between data centers with a few key differences
More informationCSA Consensus Assessments Initiative Questionnaire. May 2017
CSA s Initiative Questionnaire May 2017 2017, Amazon Web Services, Inc. or its affiliates. All rights reserved. Notices This document is provided for informational purposes only. It represents AWS s current
More informationTelos and Amazon Web Services (AWS): Accelerating Secure and Compliant Cloud Deployments
` Telos and Amazon Web Services (AWS): Accelerating Secure and Compliant Cloud Deployments Telos Corporation 19886 Ashburn Road Ashburn, VA 24445 www.telos.com ` Introduction Telos Corporation and Amazon
More information