By 2020, a corporate no-cloud policy will be as rare as a no-internet policy is today. 1
|
|
- Lawrence Randall
- 6 years ago
- Views:
Transcription
1
2
3
4 By 2020, a corporate no-cloud policy will be as rare as a no-internet policy is today. 1 The question is no longer: How do I move to the cloud? Instead, it s Now that I m in the cloud, how do I make sure I ve optimized my investment and risk exposure? 2 By 2020 clouds will stop being referred to as public and private. It will simply be the way business is done and IT is provisioned. 3 1 Gartner: Smarter with Gartner, Why a No-Cloud Policy Will Become Extinct, February 2, KPMG: 2014 Cloud Survey Report, Elevating business in the cloud, December 10, IDC: IDC Market Spotlight, Cloud Definitions and Opportunity, April 2015
5 Old models no longer work (did they ever?).
6
7 ASSUME BREACH
8
9 38 Cloud regions worldwide North Central US United Kingdom South West US 2 West Central US West US US Gov Arizona 3 US Gov Texas 3 Central US US Gov Iowa US DoD West South Central US Canada Central US Gov Virginia Canada East US DoD East East US United Kingdom West East US 2 North Europe France 3 France 3 West Europe Germany Northeast 2 Germany Korea South 3 Central 2 China West 1 Japan East West India Central India South India Korea Central 3 China East 1 East Asia Japan West 100+ datacenters One of 3 largest networks in the world Southeast Asia 1 China datacenters operated by 21 Vianet 2 German data trustee services provided by T-systems 3 France, South Korea and US Gov datacenter regions have been announced but are not currently operational Brazil South Australia Southeast Australia East Global datacenters Sovereign datacenters
10 MICROSOFT DATACENTERS Microsoft invests heavily to help ensure that our datacenters are some of the most secure facilities on the planet
11
12 What separation exists between different consumers of the service? Are interfaces constrained to authenticated users only? What do you need to do to configure the service or your devices to access the service? What governance process is in place for the service? Are there processes for the operational security of the service? How does the supply chain support the security principles that the service implements? Is data in transit and at rest adequately protected? Are the service provider personnel with access to customer data subject to background checks? Do you have the tools available to securely manage the service? Are all external interfaces identified and have protections? How is the service protected from the administrators of the service? What is done to protect your data against, tampering, loss, damage or seizure? implementing-cloud-securityprinciples How is the service designed to identify and mitigate threats? What audit information is available to you to monitor access to the service?
13 HOLISTIC APPROACH TO SECURITY LEADERSHIP IN COMPLIANCE COMMITMENT TO TRANSPARENCY & PRIVACY
14 Platform Intelligence Partners
15
16 Customers expect Customer data will be safeguarded using state-of-the industry security technology and processes. Customer data will be encrypted in transit and at rest. What we re doing about it Our datacenters are equipped with state-of-the-art physical security measures. We operate a 24x7 incident response team to mitigate threats and attacks. We encrypt customer data transferred between our data centers. We protect your stored data with built-in tools and provide access to further encryption capabilities.
17
18
19 POWERED BY THE INTELLIGENT SECURITY GRAPH Unique insights, informed by trillions of signals. This signal is leveraged across all of Microsoft s security services 1.2B devices scanned each month Malware data from Windows Defender Shared threat data from partners, researchers and law Enforcement worldwide 400B s analyzed 200+ global cloud consumer and Commercial services Botnet data from Microsoft Digital Crimes Unit Enterprise security for 90% of Fortune M+ Azure user accounts 18+B Bing web pages scanned 450B monthly authentications
20
21 PARTNERING TO IMPROVE CYBER SECURITY
22 Customers expect Cloud services to enable compliance by adhering to international standards, certifications and applicable regulatory requirements. Ability to see the certifications for each of their cloud provider s cloud service. What we re doing about it We lead the industry in pursuing compliance with the latest standards for data privacy and security, such as ISO Our global infrastructure investments enables us to meet unique data residency, sovereignty and compliance requirements. We regularly undergo independent audits to certify our compliance. We collaborate with our partners, when requested, to work with their customers and regulators to help them meet their compliance requirements.
23 Global requirements Local & regional compliance requirements Infrastructure investments Highly-regulated industries Future requirements
24 REGIONAL INDUSTRY US GOV GLOBAL Azure has the deepest and most comprehensive compliance coverage in the industry July 2017 ISO ISO ISO ISO ISO 9001 SOC 1 Type 2 SOC 2 Type 2 SOC 3 CSA STAR Self-Assessment CSA STAR Certification CSA STAR Attestation Moderate JAB P-ATO High JAB P-ATO DoD DISA SRG Level 2 DoD DISA SRG Level 4 DoD DISA SRG Level 5 SP FIPS Section 508 VPAT ITAR CJIS IRS 1075 PCI DSS Level 1 CDSA MPAA FACT UK Shared Assessments FISC Japan HIPAA / HITECH Act HITRUST GxP 21 CFR Part 11 MARS-E IG Toolkit UK FERPA GLBA FFIEC Argentina PDPA EU Model Clauses UK G-Cloud China DJCP China GB China TRUCS Singapore MTCS Australia IRAP/CCSL New Zealand GCIO Japan My Number Act ENISA IAF Japan CS Mark Gold Spain ENS Spain DPA India MeitY Canada Privacy Laws Privacy Shield Germany IT Grundschutz workbook
25 Providing clarity and consistency for the protection of personal data The General Data Protection Regulation (GDPR) imposes new rules on organizations in the European Union (EU) and those that offer goods and services to people in the EU, or that collect and analyze data tied to EU residents, no matter where they are located. Enhanced personal privacy rights Increased duty for protecting data Mandatory breach reporting Significant penalties for non-compliance Microsoft believes the GDPR is an important step forward for clarifying and enabling individual privacy rights
26 What are the key changes to address the GDPR? Personal privacy Controls and notifications Transparent policies IT and training Individuals have the right to: Access their personal data Correct errors in their personal data Erase their personal data Object to processing of their personal data Export personal data Organizations will need to: Protect personal data using appropriate security Notify authorities of personal data breaches Obtain appropriate consents for processing data Keep records detailing data processing Organizations are required to: Provide clear notice of data collection Outline processing purposes and use cases Define data retention and deletion policies Organizations will need to: Train privacy personnel & employee Audit and update data policies Employ a Data Protection Officer (if required) Create & manage compliant vendor contracts
27
28 Protecting customer privacy Supporting modern laws and treaties Increasing transparency
29 Customers expect Control over who has access to customer data. Data access will require permission from the customer before their cloud vendor s personnel or its subcontractors can obtain access. Their data can be permanently deleted or taken with them if they leave. What we re doing about it Your customers will have flexibility, choice and transparency on where customer data is stored. We will not use your customer s data for advertising or commercial purposes. We will not disclose your customer s information outside of Microsoft except with your customer s consent or when required by law. We can provide your customer with a variety of tools to extract their customer data. We delete your customer data after your service is terminated or expires.
30 PROTECTING CUSTOMER DATA PRIVACY
31 Customers expect Clear, plain-language explanation of how their cloud provider uses, manages and protects customer data. Proactive transparency in requests for customer data from law enforcement. What we re doing about it We provide understandable and strict policy of what we will and will NOT use customer data for. When responding to law enforcement requests, we strive to defend customer rights and privacy, and ensure due process is followed. For each of our services, we provide information on where customer data may be stored and processed.
32 Learn more at microsoft.com/transparency MICROSOFT TRANSPARENCY HUB Microsoft provides a number of disclosures to help stakeholders evaluate how we are meeting our commitments
33 GET ANSWERS TO COMMON ENTERPRISE QUESTIONS AT THE MICROSOFT TRUST CENTER AND SERVICE TRUST PREVIEW
34
35
U susret GDPR regulativi Dočekajmo spremni Maj 2018
U susret GDPR regulativi Dočekajmo spremni Maj 2018 Dragan Tasić Technology Solutions Professional This presentation is intended to provide an overview of GDPR and is not a definitive statement of the
More informationThis presentation is intended to provide an overview of GDPR and is not a definitive statement of the law.
Privacy, Trust, and the General Data Protection Regulation (GDPR) Robertas Tamosaitis Microsoft Business Solution Sales Specialist E-mail: rtamosa@microsoft.com This presentation is intended to provide
More informationAccelerate GDPR compliance with the Microsoft Cloud Ole Tom Seierstad National Security Officer Microsoft Norway
Accelerate GDPR compliance with the Microsoft Cloud Ole Tom Seierstad National Security Officer Microsoft Norway This presentation is intended to provide an overview of GDPR and is not a definitive statement
More informationMorgan Independent Software Vendor Lead
Morgan Webb @morgan_msft Independent Software Vendor Lead Digital transformation Hybrid Cloud Platform Choice Global: Hyper-scale, globally connected cloud services deployed from regional Microsoft datacenters.
More informationMicrosoft 365 Das modern Büro der Zukunft
Microsoft 365 Das modern Büro der Zukunft DI. Harald Leitenmüller Chief Technology Officer 3. Digital Business Forum, 14. Sept. 2017 Microsoft Österreich GmbH. Cloud Principles Standardisierung Automatisierung
More informationOur Mission. Empower every person and every organization on the planet to achieve more.
#techsummitch Our Mission Empower every person and every organization on the planet to achieve more. Innovation, Security, and Education Microsoft s investment in Switzerland David Kurth Cloud + Enterprise
More informationClosing Keynote: Addressing Data Privacy and GDPR on Microsoft Data Platform Technologies. Ronit Reger, Senior Program Manager at Microsoft
Closing Keynote: Addressing Data Privacy and GDPR on Microsoft Data Platform Technologies Ronit Reger, Senior Program Manager at Microsoft Session goals 1. Data Privacy and the GDPR - Data privacy as a
More informationAccelerate GDPR compliance with the Microsoft Cloud
Accelerate GDPR compliance with the Microsoft Cloud Michal Jaworski National Technology Officer Microsoft Poland This presentation is intended to provide an overview of GDPR and is not a definitive statement
More informationQBS Talks. June GDPR a Microsoft perspective Ole Kjeldsen, CTO Microsoft DK
QBS Talks June 26 2017 GDPR a Microsoft perspective Ole Kjeldsen, CTO Microsoft DK House rules: All participants are on mute Use the chat window for questions during presentation moderator will collect
More informationAvanade Zerouno : Cloud Experience. Version 1.0 May 16, 2017 Author(s): Ivan Loreti
Avanade Zerouno : Cloud Experience Version 1.0 May 16, 2017 Author(s): Ivan Loreti Cloud s opportunities range beyond IT The Intelligent Business Cloud enables the digital business Smartly connects infrastructure,
More informationKimberly Nelson Executive Director Government Solutions US SLG. March 2017
Kimberly Nelson Executive Director Government Solutions US SLG March 2017 We will always be partner led. Satya Nadella Fourth industrial revolution Gartner s Digital Maturity Model for Government
More informationKlaus Schwab, Founder & Executive Chairman
"We stand on the brink of a technological revolution that will fundamentally alter the way we live, work, and relate to one another. In its scale, scope, and complexity, the transformation will be unlike
More informationToday s top THREAT ACTORS pose unique challenges
Today s top THREAT ACTORS pose unique challenges An effective strategy must respond to a broad range of continually evolving attack types CYBERCRIMINALS NATION-STATE HACKTIVISTS INSIDERS FINANCIAL Persistent
More informationWhat is Dell EMC Cloud for Microsoft Azure Stack?
What is Dell EMC Cloud for Microsoft Azure Stack? Harry Meier GLOBAL SPONSORS Why Hybrid Cloud? The Trend Toward Hybrid Cloud Larger circles = most cost and complexity IDC 2016 Hybrid cloud is now % 9
More informationAccelerate GDPR compliance with the Microsoft Cloud Agustín Corredera
Accelerate GDPR compliance with the Microsoft Cloud Agustín Corredera This presentation is intended to provide an overview of GDPR and is not a definitive statement of the law. Businesses and users are
More informationCOMPLIANCE IN THE CLOUD
COMPLIANCE IN THE CLOUD 3:45-4:30PM Scott Edwards, President, Summit 7 Dave Harris Society for International Affairs COMPLIANCE IN THE CLOUD Scott Edwards scott.edwards@summit7systems.com 256-541-9638
More informationMatt Holden-Milner Richard Willmott
Matt Holden-Milner Richard Willmott 1780s 1870s 2015+ 1969-70 s Astonishing Pace of Change Drones 2007 $100,000 2013 $700 Typical Fortune 500 20 3D Printing 2007 $40,000 2014 $100 Google Facebook 6 8
More informationCompliance & Security in Azure. April 21, 2018
Compliance & Security in Azure April 21, 2018 Presenter Bio Jeff Gainer, CISSP Senior Information Security & Risk Management Consultant Senior Security Architect Have conducted multiple Third-Party risk
More informationMicrosoft Azure. The cloud platform for digital transformation
Microsoft Azure The cloud platform for digital transformation What is Microsoft Azure Microsoft Azure is Microsoft s cloud computing platform Azure is a comprehensive set of cloud services that developers
More informationHyper scale Infrastructure is the enabler
Hyper scale Infrastructure is the enabler 100+ Datacenters across 34 Regions Worldwide US DoD West TBD US Gov Iowa West US California Central US Iowa South Central US Texas North Central US Illinois Canada
More informationMicrosoft + SUSE This partnership gets stronger every day
Microsoft + SUSE This partnership gets stronger every day Johan Sollbe Business Manager, Open Source Azure Microsoft WE THE WORLD HAS CHANGED Forrester: open source will lie at the heart of the applications
More informationEnterprise Mobility + Security
Enterprise Mobility + Security Assume Breach Identity Data Flexible Workforce 250 million Millions Billions 700 million 40 billion 18+ billion 420 million Millions 35 billion messages/month United Kingdom
More informationAmit Panchal Enterprise Technology Strategist
Amit Panchal Enterprise Technology Strategist amitp@microsoft.com Who is Amit Panchal IT Industry Personal Education Executive Experience MORE DEVICES I love my PC, my phone, and my slate. MORE MOBILE
More informationHow do you decide what s best for you?
How do you decide what s best for you? Experience Transparency Leadership Commitment Cost reduction Security Trustworthiness Credibility Confidence Reliability Compliance Privacy Expertise Flexibility
More informationAccelerate GDPR compliance with the Microsoft Cloud
Regional Forum on Cybersecurity in the Era of Emerging Technologies & the Second Meeting of the Successful Administrative Practices -2017 Cairo, Egypt 28-29 November 2017 Accelerate GDPR compliance with
More informationAzure: The Cloud On Your Terms. Herns Hermida Cloud and Enterprise Business Lead Microsoft Philippines
Azure: The Cloud On Your Terms Herns Hermida Cloud and Enterprise Business Lead Microsoft Philippines hhermida@microsoft.com Business & Government are powered by the cloud Cloud is a given. CIOs no longer
More informationMicrosoft Azure: Using the Public Cloud to solve the Big Questions
Microsoft Azure: Using the Public Cloud to solve the Big Questions Kent Altena Global Black Belt TSP, Big Compute Microsoft kaltena@microsoft.com http://microsoft.com/hpc Introduction to Azure Hyper-scale
More informationDie intelligente Cloud als Kernelement der IT Transformation. Dr. Bernd Kiupel Business Group Lead Cloud & Enterprise, Microsoft Schweiz
Die intelligente Cloud als Kernelement der IT Transformation Dr. Bernd Kiupel Business Group Lead Cloud & Enterprise, Microsoft Schweiz The next strategic opportunity is here Cloud Mobile Social How do
More informationYour vision, your results, your cloud
Your vision, your results, your cloud Engage your customers Transform your products Digital transformation Empower your employees Optimize your operations 1 million/hour new devices coming online by 2020
More informationCloud Transformation and Significance of Security
Cloud Transformation and Significance of Security Mohit Sharma, Chief Architect & Cloud Evangelist @onlinesince2009 www.cloudsec.com Datacenter Management Change Management Policy Physical Network Management
More informationWhat is Blockchain? Cryptographically Authentic Shared Distributed Ledger. Cryptographically Authentic Each transaction recorded in the database is
R3 What is Blockchain? Cryptographically Authentic Shared Distributed Ledger. Cryptographically Authentic Each transaction recorded in the database is digitally signed and mathematically guaranteed to
More informationPostgreSQL & The Cloud
PostgreSQL & The Cloud Deploying PostgreSQL on Azure Ali Sufyan Butt Microsoft Most Valuable Professional for Visual Studio & Development Technologies Agenda Agenda for the meetup session Introduction
More informationIntroductie Intercept
Introductie Intercept Intercept Microsoft Azure Triple Gold Cloud Partner Managed Partner Microsoft ISO27001 BSI gecertificeerd Azure Expert MSP Azure Solution Architects / CISSP Focus op Azure Cloud Security
More informationΟ ρόλος της τεχνολογίας στο ταξίδι της συμμόρφωσης με τον Γενικό Κανονισμό. Αντιγόνη Παπανικολάου & Νίκος Αναστόπουλος
Ο ρόλος της τεχνολογίας στο ταξίδι της συμμόρφωσης με τον Γενικό Κανονισμό Αντιγόνη Παπανικολάου & Νίκος Αναστόπουλος Providing clarity and consistency for the protection of personal data The General
More informationDublin* Amsterdam. London
Onur Dogruoz Chicago Dublin* Amsterdam Korea Central Silicon Valley US DoD West Dallas Atlanta New York Washington DC US DoD East London Korea South Osaka Tokyo Chennai Hong Kong Mumbai* Singapore Sydney
More informationSecurity & Compliance in the AWS Cloud. Amazon Web Services
Security & Compliance in the AWS Cloud Amazon Web Services Our Culture Simple Security Controls Job Zero AWS Pace of Innovation AWS has been continually expanding its services to support virtually any
More informationWhite Paper. How Organizations. Can Use The Cloud In Confidence. In business for people.
White Paper How Organizations Can Use The Cloud In Confidence In business for people. Safety in the Cloud According to a recent Forrester Research study, spending on public cloud services is expected to
More informationSecurity & Compliance in the AWS Cloud. Vijay Rangarajan Senior Cloud Architect, ASEAN Amazon Web
Security & Compliance in the AWS Cloud Vijay Rangarajan Senior Cloud Architect, ASEAN Amazon Web Services @awscloud www.cloudsec.com #CLOUDSEC Security & Compliance in the AWS Cloud TECHNICAL & BUSINESS
More informationcelerate GDPR compliance h the use of new technologies oni Papanikolaou orate, External & Legal Affairs Director soft Greece, Cyprus & Malta
celerate GDPR compliance h the use of new technologies oni Papanikolaou orate, External & Legal Affairs Director soft Greece, Cyprus & Malta Regulations Digital Economy Externa al Challenges g Cyber Crime
More informationMicrosoft Azure Security, Privacy, & Compliance
Security, Privacy, & Compliance Andreas Grigull Geschäftsentwicklung Assekuranz Installation von 2000 Servern in 3 Stunden Technology trends: driving cloud adoption BENEFITS Speed Scale Economics Cloud
More informationHerausforderungen und Lösungen um Devices mit der Cloud zu verbinden. 14. Dezember 2017, München Oliver Niedung
Herausforderungen und Lösungen um Devices mit der Cloud zu verbinden 14. Dezember 2017, München Oliver Niedung olivern@microsoft.com Herausforderungen - Gerätekonnektivität Geschäftsmodell Referenzarchitektur
More informationWorkday s Robust Privacy Program
Workday s Robust Privacy Program Workday s Robust Privacy Program Introduction Workday is a leading provider of enterprise cloud applications for human resources and finance. Founded in 2005 by Dave Duffield
More informationData Protection and GDPR
Data Protection and GDPR At DPDgroup UK Ltd (DPD & DPD Local) we take data protection seriously and have updated all our relevant policies and documents to ensure we meet the requirements of GDPR. We have
More informationTRACKVIA SECURITY OVERVIEW
TRACKVIA SECURITY OVERVIEW TrackVia s customers rely on our service for many mission-critical applications, as well as for applications that have various compliance and regulatory obligations. At all times
More informationMicrosoft Security Management
Microsoft Security Management MICROSOFT SECURITY MANAGEMENT SECURITY MANAGEMENT CHALLENGES Some large financial services organizations have as many as 40 or more different security vendors inside their
More informationCybersecurity Considerations for GDPR
Cybersecurity Considerations for GDPR What is the GDPR? The General Data Protection Regulation (GDPR) is a brand new legislation containing updated requirements for how personal data of European Union
More informationYour vision. Your cloud.
Your vision. Your cloud. John F. Schaller Azure Solutions Specialist Optimized Data Center Cloud Attributes Consolidated Managed Virtualized Cost Efficient Pooled resources Automation + Self-service Elasticity
More informationGDPR - What does this mean for you? Accelerate GDPR compliance with the Microsoft Services. Konstantin Sviridov Andrey Ivanov.
You Trust IT Путь к безопасности бизнеса GDPR - What does this mean for you? Accelerate GDPR compliance with the Microsoft Services Konstantin Sviridov Andrey Ivanov 06 September 2017 This presentation
More informationGoogle Cloud & the General Data Protection Regulation (GDPR)
Google Cloud & the General Data Protection Regulation (GDPR) INTRODUCTION General Data Protection Regulation (GDPR) On 25 May 2018, the most significant piece of European data protection legislation to
More informationProtecting your data. EY s approach to data privacy and information security
Protecting your data EY s approach to data privacy and information security Digital networks are a key enabler in the globalization of business. They dramatically enhance our ability to communicate, share
More informationThe growing global data platform market
OSS DB on Azure The growing global data platform market Global Data Platform Market is growing at 11.2% CAGR 120.0 106.9 Growth is expected to exceed $100B in FY22 Primary growth is driven by relational
More informationINTO THE CLOUD WHAT YOU NEED TO KNOW ABOUT ADOPTION AND ENSURING COMPLIANCE
INTO THE CLOUD WHAT YOU NEED TO KNOW ABOUT ADOPTION AND ENSURING COMPLIANCE INTRODUCTION AGENDA 01. Overview of Cloud Services 02. Cloud Computing Compliance Framework 03. Cloud Adoption and Enhancing
More informationControlled Document Page 1 of 6. Effective Date: 6/19/13. Approved by: CAB/F. Approved on: 6/19/13. Version Supersedes:
Page 1 of 6 I. Common Principles and Approaches to Privacy A. A Modern History of Privacy a. Descriptions, definitions and classes b. Historical and social origins B. Types of Information a. Personal information
More informationData Security and Privacy at Handshake
Data Security and Privacy at Handshake Introduction 3 A Culture of Security 3 Employee Background Checks 3 Dedicated Security and Privacy Teams 3 Ongoing Team Training 4 Compliance 4 FERPA 4 GDPR 4 Security
More informationGeneral Data Protection Regulation (GDPR) The impact of doing business in Asia
SESSION ID: GPS-R09 General Data Protection Regulation (GDPR) The impact of doing business in Asia Ilias Chantzos Senior Director EMEA & APJ Government Affairs Symantec Corporation @ichantzos Typical Customer
More informationIntroduction to AWS GoldBase
Introduction to AWS GoldBase A Solution to Automate Security, Compliance, and Governance in AWS October 2015 2015, Amazon Web Services, Inc. or its affiliates. All rights reserved. Notices This document
More informationPlan a Pragmatic Approach to the new EU Data Privacy Regulation
AmChamDenmark event: EU Compliant & Cyber Resistant Plan a Pragmatic Approach to the new EU Data Privacy Regulation Janus Friis Bindslev, Partner Cyber Risk Services, Deloitte 4 February 2016 Agenda General
More informationIntermedia s Private Cloud Exchange
Intermedia s Private Cloud Exchange This is a practical guide to implementing Intermedia s Private Cloud Exchange on AWS. Intermedia, the world s independent provider of Hosted Exchange, and AWS, the leading
More informationEU General Data Protection Regulation (GDPR) Achieving compliance
EU General Data Protection Regulation (GDPR) Achieving compliance GDPR enhancing data protection and privacy The new EU General Data Protection Regulation (GDPR) will apply across all EU member states,
More informationManaging Privacy Risk & Compliance in Financial Services. Brett Hamilton Advisory Solutions Consultant ServiceNow
Managing Privacy Risk & Compliance in Financial Services Brett Hamilton Advisory Solutions Consultant ServiceNow 1 Speaker Introduction INSERT PHOTO Name: Brett Hamilton Title: Advisory Solutions Consultant
More informationIdentity & Access Management
Identity & Access Management THE PROBLEM: HOW DO WE ENABLE PRODUCTIVITY WITHOUT COMPROMISING SECURITY? S E C U R I T Y OR P R O D U C T I V I T Y On-premises THE PROBLEM: HOW DO WE ENABLE PRODUCTIVITY
More informationAutomate sharing. Empower users. Retain control. Utilizes our purposebuilt cloud, not public shared clouds
EXECUTIVE BRIEF SHAREBASE BY HYLAND Automate sharing. Empower users. Retain control. With ShareBase by Hyland, empower users with enterprise file sync and share (EFSS) technology and retain control over
More informationIMPACT OF INTERNATIONAL PRIVACY REGULATIONS. Michelle Caswell, Coalfire Julia Jacobson, K&L Gates
IMPACT OF INTERNATIONAL PRIVACY REGULATIONS Michelle Caswell, Coalfire Julia Jacobson, K&L Gates Introduction to International Privacy Law General Data Protection Regulation 2 2018 HITRUST Alliance What
More informationGDPR Compliance. Clauses
1 Clauses GDPR The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a privacy and data protection regulation in the European Union (EU). It became enforceable from May 25 2018. The
More informationAltius IT Policy Collection Compliance and Standards Matrix
Governance Context and Alignment Policy 4.1 4.4 800-26 164.308 12.4 EDM01 IT Governance Policy 5.1 800-30 12.5 EDM02 Leadership Mergers and Acquisitions Policy A.6.1.1 800-33 EDM03 Context Terms and Definitions
More informationISO in the world today
ISO 27001 in the world today 1 Agenda ISO 27001 worldwide Why ISO 27001 Framework to implement ISO 27001 2 ISO 27001 worldwide Source: ISO Annual Survey 3 ISO 27001 worldwide Number of Certificates Year
More informationA Checklist for Compliance in the Cloud 1. A Checklist for Compliance in the Cloud
A Checklist for Compliance in the Cloud 1 A Checklist for Compliance in the Cloud A Checklist for Compliance in the Cloud 1 With the industrialization of hacking and the enormous impact of security breaches,
More informationCloud is the 'Only' Way Forward in Information Security. Leveraging Scale to Make the Unknown Known, in Dev, Sec & Ops.
George Gerchow, Sumo Logic Chief Information Security Officer Cloud is the 'Only' Way Forward in Information Security. Leveraging Scale to Make the Unknown Known, in Dev, Sec & Ops. Agenda Sumo Security
More informationInformation Technology Security Plan Policies, Controls, and Procedures Identify Governance ID.GV
Information Technology Security Plan Policies, Controls, and Procedures Identify Governance ID.GV Location: https://www.pdsimplified.com/ndcbf_pdframework/nist_csf_prc/documents/identify/ndcbf _ITSecPlan_IDGV2017.pdf
More informationGDPR Update and ENISA guidelines
GDPR Update and ENISA guidelines 2016 [Type text] There are two topics that should be uppermost in every CISO's mind, how to address the growing demand for Unified Communications (UC) and how to ensure
More informationLayer Security White Paper
Layer Security White Paper Content PEOPLE SECURITY PRODUCT SECURITY CLOUD & NETWORK INFRASTRUCTURE SECURITY RISK MANAGEMENT PHYSICAL SECURITY BUSINESS CONTINUITY & DISASTER RECOVERY VENDOR SECURITY SECURITY
More informationData Protection. Code of Conduct for Cloud Infrastructure Service Providers
Data Protection Code of Conduct for Cloud Infrastructure Service Providers 27 JANUARY 2017 Introduction... 3 1 Structure of the Code... 5 2 Purpose... 6 3 Scope... 7 4 Data Protection Requirements... 9
More informationProCloud An Overview
ProCloud An Overview Why Should I Move To The Cloud? What You May Manage Today How We Transform You Tomorrow Virus/Malware Protection Legal Compliance Data Loss Prevention Multiple Contracts & Agreements
More informationGDPR COMPLIANCE REPORT
2018 GDPR COMPLIANCE REPORT INTRODUCTION Effective as of May 25, 2018, the European Union General Data Protection Regulation (GDPR) represents the most sweeping change in data privacy regulation in decades.
More informationGeneral Data Protection Regulation (GDPR)
BCD Travel s Response to the EU General Data Protection Regulation (GDPR) November 2017 Page 1 Response to the EU GDPR Copyright 2017 by BCD Travel N.V. All rights reserved. November 2017 Copyright 2017
More informationThe Common Controls Framework BY ADOBE
The Controls Framework BY ADOBE The following table contains the baseline security subset of control activities (derived from the Controls Framework by Adobe) that apply to Adobe s enterprise offerings.
More informationBuilding Cloud Trust. Ioannis Stavrinides. Technical Evangelist MS Cyprus
Building Cloud Trust Ioannis Stavrinides Technical Evangelist MS Cyprus If you re resisting the cloud because of security concerns, you re running out of excuses. The question is no longer: How do I move
More informationSmart Software Licensing tools and Smart Account Management Privacy DataSheet
Smart Software Licensing tools and Smart Account Management Privacy DataSheet This Privacy DataSheet describes the processing of personal data (or personal identifiable information) by Smart Software Licensing
More informationBULLETPROOF365 SECURING YOUR IT. Bulletproof365.com
BULLETPROOF365 SECURING YOUR IT Bulletproof365.com INTRODUCING BULLETPROOF365 The world s leading productivity platform wrapped with industry-leading security, unmatched employee education and 24x7 IT
More informationlocuz.com SOC Services
locuz.com SOC Services 1 Locuz IT Security Lifecycle services combine people, processes and technologies to provide secure access to business applications, over any network and from any device. Our security
More informationSAS 70 Audit Concepts. and Benefits JAYACHANDRAN.B,CISA,CISM. August 2010
JAYACHANDRAN.B,CISA,CISM jb@esecurityaudit.com August 2010 SAS 70 Audit Concepts and Benefits Agenda Compliance requirements Overview Business Environment IT Governance and Compliance Management Vendor
More informationSecurity Information & Policies
Security Information & Policies 01 Table of Contents OVERVIEW CHAPTER 1 : CHAPTER 2: CHAPTER 3: CHAPTER 4: CHAPTER 5: CHAPTER 6: CHAPTER 7: CHAPTER 8: CHAPTER 9: CHAPTER 10: CHAPTER 11: CHAPTER 12: CHAPTER
More informationMicrosoft Professional Services And Support Data Protection
Microsoft Professional Services And Support Data Protection May 2018 MICROSOFT CORPORATION 2018 Microsoft Corporation. All rights reserved. This document is provided as-is. Information and views expressed
More informationKenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data
Kenna Platform Security A technical overview of the comprehensive security measures Kenna uses to protect your data V3.0, MAY 2017 Multiple Layers of Protection Overview Password Salted-Hash Thank you
More informationBULLETPROOF365 SECURING YOUR IT. Bulletproof365.com
BULLETPROOF365 SECURING YOUR IT Bulletproof365.com INTRODUCING BULLETPROOF365 The world s leading productivity platform wrapped with industry-leading security, unmatched employee education and 24x7 IT
More informationMagento GDPR Frequently Asked Questions
Magento GDPR Frequently Asked Questions Whom does GDPR impact? Does this only impact European Union (EU) based companies? The new regulation provides rules that govern how companies may collect and handle
More informationCrises Control Cloud Security Principles. Transputec provides ICT Services and Solutions to leading organisations around the globe.
Crises Control Cloud Security Principles Transputec provides ICT Services and Solutions to leading organisations around the globe. As a provider of these services for over 30 years, we have the credibility
More informationAUTOTASK ENDPOINT BACKUP (AEB) SECURITY ARCHITECTURE GUIDE
AUTOTASK ENDPOINT BACKUP (AEB) SECURITY ARCHITECTURE GUIDE Table of Contents Dedicated Geo-Redundant Data Center Infrastructure 02 SSAE 16 / SAS 70 and SOC2 Audits 03 Logical Access Security 03 Dedicated
More informationCybersecurity in Higher Ed
Cybersecurity in Higher Ed 1 Overview Universities are a treasure trove of information. With cyber threats constantly changing, there is a need to be vigilant in protecting information related to students,
More informationAll Aboard the HIPAA Omnibus An Auditor s Perspective
All Aboard the HIPAA Omnibus An Auditor s Perspective Rick Dakin CEO & Chief Security Strategist February 20, 2013 1 Agenda Healthcare Security Regulations A Look Back What is the final Omnibus Rule? Changes
More informationTrusted Cloud: Microsoft Azure Security, Privacy, and Compliance. April 2015
Trusted Cloud: Microsoft Azure Security, Privacy, and Compliance April 2015 Trusted Cloud: Microsoft Azure Security, Privacy, and Compliance April, 2015 Contents Introduction...4 What customers want from
More informationCyber Risks in the Boardroom Conference
Cyber Risks in the Boardroom Conference Managing Business, Legal and Reputational Risks Perspectives for Directors and Executive Officers Preparing Your Company to Identify, Mitigate and Respond to Risks
More informationTwilio cloud communications SECURITY
WHITEPAPER Twilio cloud communications SECURITY From the world s largest public companies to early-stage startups, people rely on Twilio s cloud communications platform to exchange millions of calls and
More informationChanging times in Swiss Data Privacy: new opportunities? Microsoft Security Day 27 April 2017 Clara-Ann Gordon
Changing times in Swiss Data Privacy: new opportunities? Clara-Ann Gordon Which countries have Data Protection Laws? Source: https://www.taylorwessing.com/globaldatahub/risk_map.html Page 2 Different Data
More informationAXCIENT FUSION: TECHNICAL WHITE PAPER
AXCIENT FUSION: TECHNICAL WHITE PAPER Table of Contents The True Cost of Legacy Solutions to Businesses 3 Axcient Fusion Overview 4 Fusion Infrastructure 5 Availability, Security, and Compliance 6 Deployment
More informationCriminal Justice Information Security (CJIS) Guide for ShareBase in the Hyland Cloud
Criminal Justice Information Security (CJIS) Guide for ShareBase in the Hyland Cloud Introduction The Criminal Justice Information Security (CJIS) Policy is a publically accessible document that contains
More informationSafeguards on Personal Data Privacy.
Safeguards on Personal Data Privacy. Peter Koo Partner, Enterprise Risk Services Deloitte Touche Tohmatsu Maverick Tam Associate Director, Enterprise Risk Services Deloitte Touche Tohmatsu Deloitte ERS
More informationCompliance with NIST
Compliance with NIST 800-171 1 What is NIST? 2 Do I Need to Comply? Agenda 3 What Are the Requirements? 4 How Can I Determine If I Am Compliant? 5 Corserva s NIST Assessments What is NIST? NIST (National
More informationMicrosoft 365 Business FAQs
Microsoft 365 Business FAQs Last updated April 27 th, 2018 Table of Contents General... 3 What is Microsoft 365 Business?... 3 Who should consider adopting Microsoft 365 Business?... 3 How can I get Microsoft
More informationEU DATA PRIVACY COMPLIANCE FOR US DRIVEN PROJECTS
EU DATA PRIVACY COMPLIANCE FOR US DRIVEN PROJECTS 18 May 2014 Monica Salgado Portuguese Laywer (Advogada) / Registered European Lawyer Janine Regan Solicitor Monica Salgado Monica is a Portuguese qualified
More information