Why the cloud matters?

Size: px
Start display at page:

Download "Why the cloud matters?"

Transcription

1 Why the cloud matters? Speed and Business Impact Expertise and Performance Cost Reduction

2 Trend Micro Datacenter & Cloud Security Vision Enable enterprises to use private and public cloud computing with security equal or superior to their internal protection

3 Agenda Datacenter & Cloud Security Vision The Cloud Computing Evolution Security Challenges in the Cloud A New Architecture for Datacenter Security 3

4 The Evolving Datacenter Stage 1 Consolidation Stage 2 Expansion & Desktop Stage 3 Private > Public Cloud Cost-efficiency ü + Quality of Service ü + Business Agility ü Servers 85% 70% 30% 15% Desktops Datacenters are evolving to drive down costs and increase business flexibility

5 Agenda Datacenter & Cloud Security Vision The Cloud Computing Evolution Security Challenges in the Cloud A New Architecture for Datacenter Security Classification 11/7/2010 5

6 Security: the #1 Cloud Challenge Security and privacy were the foremost concerns by far, with a weighted score higher than the next three (performance, immaturity and regulatory compliance) combined. Gartner (April 2010) Classification 11/7/2010 6

7 Who Has Control? Servers Virtualization & Private Cloud Public Cloud IaaS Public Cloud PaaS Public Cloud SaaS End-User (Enterprise) Service Provider Trend Micro Confidential 11/7/2010 7

8 Amazon Web Services Customer Agreement 7.2. Security. We strive to keep Your Content secure, but cannot guarantee that we will be successful at doing so, given the nature of the Internet. Accordingly, without limitation to Section 4.3 above and Section 11.5 below, you acknowledge that you bear sole responsibility for adequate security, protection and backup of Your Content and Applications. We strongly encourage you, where available and appropriate, to (a) use encryption technology to protect Your Content from unauthorized access, (b) routinely archive Your Content, and (c) keep your Applications or any software that you use or run with our Services current with the latest security patches or updates. We will have no liability to you for any unauthorized access or use, corruption, deletion, destruction or loss of any of Your Content or Applications. (3 March 2010) The cloud customer has responsibility for security and needs to plan for protection. Trend Micro Confidential11/7/2010 8

9 Agenda Datacenter & Cloud Security Vision The Cloud Computing Evolution Security Challenges in the Cloud A New Architecture for Datacenter Security Classification 11/7/2010 9

10 Problem #1 Outside-in approach and rapid virtualization have created less secure application environments Through 2012, 60% of virtualized servers will be less secure than the physical servers they replace. Addressing the Most Common Security Risks in Data Center Virtualization Projects Gartner, 25 January

11 Virtualization & Cloud Computing Create New Security Challenges Inter-VM attacks PCI Mobility Cloud Computing Hypervisor New Challenges Require a New Security Architecture 11

12 Security Challenges of Virtualization Stage 1 Server Consolidation Stage 2 Expansion & Desktop Servers Stage 3 Private > Public Cloud 85% Desktops 70% 30% 15% Inter-VM attacks Instant-ON gaps Inter-VM attacks Instant-ON gaps Mixed Trust Level VMs Resource Contention Maintaining Compliance Inter-VM attacks Instant-ON gaps Mixed Trust Level VMs Resource Contention Maintaining Compliance Service Provider (in)security Multi-tenancy

13 What is Deep Security? Server & application protection for: PHYSICAL VIRTUAL CLOUD IDS / IPS Deep Packet Inspection Web App. Protection Application Control Firewall Integrity Monitoring Log Inspection Malware Protection 13

14 Retreat To The Server! De-Militarized Zone (DMZ) IDS/IPS Firewall IDS/IPS Gateway (Malware) Firewall & IDS/IPS File Integrity Monitoring & Log Inspection Anti-Malware Mission Critical Servers Business Servers / Endpoints 14 5/28/

15 Key benefits Security Operations Compliance Zero-day protection: shields vulnerabilities in web apps, enterprise apps and OSs Detects & blocks a broad range of threats Enables higher consolidation rates (virtualization) while reducing performance impacts Patch more efficiently & cost-effectively Eliminates need & cost of multiple security agents Ensures compliance with PCI DSS, internal policies, & other regulations Improves the efficiency of the compliance / audit process 15

16 Problem #2 Data protection is the most pressing concern, but data is mobile, distributed and unprotected. Gartner recommends that any data leaving the data center be encrypted, which includes cloud services. Emerging Technology Analysis: Storage Data Security, Gartner, 25 November

17 What is there to worry about? Use of encryption is rare: Who can see your information? Name: John Doe SSN: Visa #: Virtual volumes and servers are mobile: Your data is mobile has it moved? Rogue servers might access data: Who is attaching to your volumes? Rich audit and alerting modules lacking: What happened when you weren t looking? Name: John Doe SSN: Visa #: Encryption keys remain with vendor: Are you locked into a single security solution? Who has access to your keys? Virtual volumes contain residual data: Are your storage devices recycled securely? Classification 11/7/

18 SecureCloud: Enterprise Controlled Data Protection for the Cloud Patent pending Trend Micro technology enables enterprises to retain control of data in the cloud Trend Micro Confidential11/7/

19 A New Security Architecture For A New Era All environments should be considered un-trusted Users access app Datacenter Deep Security SecureCloud: Facilitates movement between datacenter & cloud Delivers control, security and compliance through encryption Avoids service provider Host lock-in defends Enables secure storage itself recycling from attack Public Cloud Data encrypted within the server SecureCloud Encryption keys controlled by you Data Encrypted Data Data Trend Micro Confidential11/7/

20 What To Consider Future Proof Facilitates evolution from datacenter to the cloud Business Power Avoids lock-in & enables portability between cloud providers Control Enterprise retains control of the data in the cloud

21 Thank You

22 Appendix

23 A working definition of Cloud Computing Cloud computing is a pay-per-use model for enabling available, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. National Institute of Standards & Technology (NIST), USA 5 Key Cloud Characteristics On-demand self-service Ubiquitous network access Location independent resource pooling Rapid elasticity Pay per use Sep/15/2009 Page: 23

24 Data Security Challenges in the Cloud Encryption rarely used: - Who can see your information? Name: John Doe SSN: Visa #: Storage volumes and servers are mobile: - Where is your data? Has it moved? Rogue servers might access data: - Who is attaching to your storage? Audit and alerting modules lacking: - What happened when you weren t looking? Name: John Doe SSN: Visa #: Encryption keys tied to vendor: - Are you locked into a single security solution? Who has access to your keys? Storage volumes contain residual data: - Are your storage devices recycled securely? Classification 11/7/

25 Data Privacy Concerns in the Cloud Data is stored in plain text Virtual volumes can be moved without the owners knowledge Little ability to audit or monitor access to resources or data Hypervisors and storage are shared with other users Storage devices contain residual data

26 Trend Micro Security for the Public Cloud Software as a Service (SaaS) Trend Micro Offerings HouseCall, Hosted Security (HES), Encryption, Reputation Services (ERS) Platform as a Service (PaaS) Deep Security, Core Protection for Virtual Machines Infrastructure as a Service (IaaS) Deep Security, Core Protection for Virtual Machines 26

27 Challenges for Public Cloud: The Private Security Answer Shared network inside the firewall Doesn t matter treat the LAN as public Private Security 1) A self-defending host 2) Encrypt the data Multiple customers on one physical server potential for attacks via the hypervisor Doesn t matter the edge of my virtual machine is protected Internet Shared Firewall Shared Storage Shared firewall Lowest common denominator less fine grained control Doesn t matter treat the LAN as public Easily copied machine images who else has your server? Doesn t matter They can start my server but only I can unlock my data Virtual Servers Classification 11/7/ Shared storage is customer segmentation secure against attack? Doesn t matter My data is encrypted

28 Public Cloud Service Models Software as a Service (SaaS) Use provider s application over the Internet Proprietary infrastructure Platform as a Service (PaaS) Deploy enterprise-created applications to a cloud Proprietary infrastructure Infrastructure as a Service (IaaS) Rent processing, storage, network capacity, and other fundamental computing resources Full access to infrastructure stack with basic security services (Firewall, Load Balancers etc.) Based on National Institutes of Standards & Technology (NIST) definitions - Classification 11/7/

29 Security in Public Cloud Service Models Software as a Service (SaaS) SaaS vendor has responsibility for security Platform as a Service (PaaS) PaaS vendor has responsibility bulk of security Infrastructure as a Service (IaaS) IaaS customer has responsibility for security of their virtual machine IaaS provides huge business benefits, but poses new security challenges Classification 11/7/

Mitigating Risks with Cloud Computing Dan Reis

Mitigating Risks with Cloud Computing Dan Reis Mitigating Risks with Cloud Computing Dan Reis Director of U.S. Product Marketing Trend Micro Agenda Cloud Adoption Key Characteristics The Cloud Landscape and its Security Challenges The SecureCloud Solution

More information

Securing Your Virtual World Harri Kaikkonen Channel Manager

Securing Your Virtual World Harri Kaikkonen Channel Manager Securing Your Virtual World Harri Kaikkonen Channel Manager Copyright 2009 Trend Micro Inc. Virtualisation On The Rise 16,000,000 Virtualized x86 shipments 14,000,000 12,000,000 10,000,000 8,000,000 6,000,000

More information

Dynamic Datacenter Security Solidex, November 2009

Dynamic Datacenter Security Solidex, November 2009 Dynamic Datacenter Security Solidex, November 2009 Deep Security: Securing the New Server Cloud Virtualized Physical Servers in the open Servers virtual and in motion Servers under attack 2 11/9/09 2 Dynamic

More information

Copyright 2011 Trend Micro Inc.

Copyright 2011 Trend Micro Inc. Copyright 2011 Trend Micro Inc. 2008Q1 2008Q2 2008Q3 2008Q4 2009Q1 2009Q2 2009Q3 2009Q4 2010Q1 2010Q2 2010Q3 2010Q4 2011Q1 2011Q2 2011Q3 2011Q4 M'JPY Cloud Security revenue Q to Q Growth DeepSecurity/Hosted/CPVM/IDF

More information

Securing the Modern Data Center with Trend Micro Deep Security

Securing the Modern Data Center with Trend Micro Deep Security Advania Fall Conference Securing the Modern Data Center with Trend Micro Deep Security Okan Kalak, Senior Sales Engineer okan@trendmicro.no Infrastructure change Containers 1011 0100 0010 Serverless Public

More information

CYBER SECURITY MALAYSIA AWARDS, CONFERENCE & EXHIBITION (CSM-ACE) Securing Virtual Environments

CYBER SECURITY MALAYSIA AWARDS, CONFERENCE & EXHIBITION (CSM-ACE) Securing Virtual Environments CYBER SECURITY MALAYSIA AWARDS, CONFERENCE & EXHIBITION (CSM-ACE) 2010 October 25 29, 2010 Kuala Lumpur Convention Centre Securing Virtual Environments Raimund Genes CTO Trend Micro The Changing Datacenter

More information

NETWORK FORENSIC ANALYSIS IN THE AGE OF CLOUD COMPUTING.

NETWORK FORENSIC ANALYSIS IN THE AGE OF CLOUD COMPUTING. NETWORK FORENSIC ANALYSIS IN THE AGE OF CLOUD COMPUTING. The old mantra of trust but verify just is not working. Never trust and verify is how we must apply security in this era of sophisticated breaches.

More information

Introduction to Cloud Computing. [thoughtsoncloud.com] 1

Introduction to Cloud Computing. [thoughtsoncloud.com] 1 Introduction to Cloud Computing [thoughtsoncloud.com] 1 Outline What is Cloud Computing? Characteristics of the Cloud Computing model Evolution of Cloud Computing Cloud Computing Architecture Cloud Services:

More information

Securing Your Cloud Introduction Presentation

Securing Your Cloud Introduction Presentation Securing Your Cloud Introduction Presentation Slides originally created by IBM Partial deck derived by Continental Resources, Inc. (ConRes) Security Division Revision March 17, 2017 1 IBM Security Today

More information

Introduction To Cloud Computing

Introduction To Cloud Computing Introduction To Cloud Computing What is Cloud Computing? Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g.,

More information

AS Stallion. Security for Virtual Server Environments. Urmas Püss

AS Stallion. Security for Virtual Server Environments. Urmas Püss AS Stallion 110311 Security for Virtual Server Environments Urmas Püss 1 Trend 1: Threat Evolution & Perimeter Porosity Trend 2: Challenges of Dynamic Datacenter Deep Security: Make Servers Self-Defending

More information

Computing as a Service

Computing as a Service Cloud Computing? Dipl. Ing. Abdelnasser Abdelhadi Islamic University Gaza Department of Computer Engineering April 2010 Computing as a Service Business Processes Collaboration Industry Applications Software

More information

Securing Dynamic Data Centers. Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan &

Securing Dynamic Data Centers. Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan & Securing Dynamic Data Centers Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan & Afghanistan @WajahatRajab Modern Challenges By 2020, 60% of Digital Businesses will suffer Major Service

More information

Enterprise & Cloud Security

Enterprise & Cloud Security Enterprise & Cloud Security Greg Brown VP and CTO: Cloud and Internet of Things McAfee An Intel Company August 20, 2013 You Do NOT Want to Own the Data Intel: 15B 2015 Cisco: 50B 2020 2 August 21, 2013

More information

Multi Packed Security Addressing Challenges in Cloud Computing

Multi Packed Security Addressing Challenges in Cloud Computing Global Journal of Computer Science and Technology Cloud and Distributed Volume 13 Issue 1 Version 1.0 Year 2013 Type: Double Blind Peer Reviewed International Research Journal Publisher: Global Journals

More information

Network Security Protection Alternatives for the Cloud

Network Security Protection Alternatives for the Cloud A Trend Micro White Paper May 2016 Network Security Protection Alternatives for the Cloud» A technical brief summarizing the deployment options that can be used to deploy IDS/IPS protection for cloud instances

More information

The Evolution of Data Center Security, Risk and Compliance

The Evolution of Data Center Security, Risk and Compliance #SymVisionEmea #SymVisionEmea The Evolution of Data Center Security, Risk and Compliance Taha Karim / Patrice Payen The Adoption Curve Virtualization is being stalled due to concerns around Security and

More information

VMware Hybrid Cloud Solution

VMware Hybrid Cloud Solution VMware Hybrid Cloud Solution Simplifying and Accelerating Your Multi-Cloud Strategy Bunyamin Ozyasar System Engineer Manager 2017 VMware Inc. All rights reserved. Today s Agenda 1 2 3 VMware SDDC Approach

More information

The Virtualisation Security Journey: Beyond Endpoint Security with VMware and Symantec

The Virtualisation Security Journey: Beyond Endpoint Security with VMware and Symantec The Virtualisation Security Journey: Beyond Endpoint Security with VMware and Symantec James Edwards Product Marketing Manager Dan Watson Senior Systems Engineer Disclaimer This session may contain product

More information

Cloud Computing, SaaS and Outsourcing

Cloud Computing, SaaS and Outsourcing Cloud Computing, SaaS and Outsourcing Michelle Perez, AGC Privacy, IPG Bonnie Yeomans, VP, AGC & Privacy Officer, CA Technologies PLI TechLaw Institute 2017: The Digital Agenda Introduction to the Cloud

More information

Privacy hacking & Data Theft

Privacy hacking & Data Theft Privacy hacking & Data Theft Cloud Computing risks & the Patricia A RoweSeale CIA, CISA, CISSP, CRISC, CRMA The IIA (Barbados Chapter) Internal Audit Portfolio Director CIBC FirstCaribbean Objectives Cloud

More information

Managing SaaS risks for cloud customers

Managing SaaS risks for cloud customers Managing SaaS risks for cloud customers Information Security Summit 2016 September 13, 2016 Ronald Tse Founder & CEO, Ribose For every IaaS/PaaS, there are 100s of SaaS PROBLEM SaaS spending is almost

More information

Cloud Computing Introduction & Offerings from IBM

Cloud Computing Introduction & Offerings from IBM Cloud Computing Introduction & Offerings from IBM Gytis Račiukaitis IT Architect, IBM Global Business Services Agenda What is cloud computing? Benefits Risks & Issues Thinking about moving into the cloud?

More information

1/10/2011. Topics. What is the Cloud? Cloud Computing

1/10/2011. Topics. What is the Cloud? Cloud Computing Cloud Computing Topics 1. What is the Cloud? 2. What is Cloud Computing? 3. Cloud Service Architectures 4. History of Cloud Computing 5. Advantages of Cloud Computing 6. Disadvantages of Cloud Computing

More information

HALO IN ACTION COMPLIANCE DON T LET LEGACY SECURITY TOOLS HOLD UP PCI COMPLIANCE IN THE CLOUD. Automated PCI compliance anytime, anywhere.

HALO IN ACTION COMPLIANCE DON T LET LEGACY SECURITY TOOLS HOLD UP PCI COMPLIANCE IN THE CLOUD. Automated PCI compliance anytime, anywhere. HALO IN ACTION COMPLIANCE DON T LET LEGACY SECURITY TOOLS HOLD UP PCI COMPLIANCE IN THE CLOUD Automated PCI compliance anytime, anywhere. THE PROBLEM Online commercial transactions will hit an estimated

More information

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS Security Without Compromise CONTENTS INTRODUCTION 1 SECTION 1: STRETCHING BEYOND STATIC SECURITY 2 SECTION 2: NEW DEFENSES FOR CLOUD ENVIRONMENTS 5 SECTION

More information

Carbon Black PCI Compliance Mapping Checklist

Carbon Black PCI Compliance Mapping Checklist Carbon Black PCI Compliance Mapping Checklist The following table identifies selected PCI 3.0 requirements, the test definition per the PCI validation plan and how Carbon Black Enterprise Protection and

More information

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER Bret Hartman Cisco / Security & Government Group Session ID: SPO1-W25 Session Classification: General Interest 1 Mobility Cloud Threat Customer centric

More information

In this unit we are going to look at cloud computing. Cloud computing, also known as 'on-demand computing', is a kind of Internet-based computing,

In this unit we are going to look at cloud computing. Cloud computing, also known as 'on-demand computing', is a kind of Internet-based computing, In this unit we are going to look at cloud computing. Cloud computing, also known as 'on-demand computing', is a kind of Internet-based computing, where shared resources, data and information are provided

More information

Cloud Computing and Service-Oriented Architectures

Cloud Computing and Service-Oriented Architectures Material and some slide content from: - Atif Kahn SERVICES COMPONENTS OBJECTS MODULES Cloud Computing and Service-Oriented Architectures Reid Holmes Lecture 29 - Friday March 22 2013. Cloud precursors

More information

Enterprise Cloud Computing. Eddie Toh Platform Marketing Manager, APAC Data Centre Group Cisco Summit 2010, Kuala Lumpur

Enterprise Cloud Computing. Eddie Toh Platform Marketing Manager, APAC Data Centre Group Cisco Summit 2010, Kuala Lumpur 1 Enterprise Cloud Computing Eddie Toh Platform Marketing Manager, APAC Data Centre Group Cisco Summit 2010, Kuala Lumpur Agenda 2 Fundamentals of Enterprise Cloud Computing IT & Cloud Computing Requirements

More information

Welcome to the Jungle: (If we act like prey, they ll act like predators)

Welcome to the Jungle: (If we act like prey, they ll act like predators) Welcome to the Jungle: (If we act like prey, they ll act like predators) Chris Hoke April 6, 2017 www.siriuscom.com 4/4/2017 1 Agenda Who I am Basics of information security Target rich environment Defend

More information

TREND MICRO SMART PROTECTION SUITES

TREND MICRO SMART PROTECTION SUITES SOLUTION BROCHURE TREND MICRO SMART ROTECTION SUITES Maximum Trend Micro XGen security from your proven security partner Get smarter security that goes where your users go The threat landscape is constantly

More information

Deep Security 9. A Server Security Platform for Physical, Virtual, Cloud. Territory Sales Manager SEE, Trend Micro. Copyright 2011 Trend Micro Inc.

Deep Security 9. A Server Security Platform for Physical, Virtual, Cloud. Territory Sales Manager SEE, Trend Micro. Copyright 2011 Trend Micro Inc. Deep Security 9 A Server Security Platform for Physical, Virtual, Cloud Marko Djordjevic, Available Aug 30, 2011 Territory Sales Manager SEE, Trend Micro Deep Security 9 Exec Summary Market Trends Deep

More information

Demystifying the Cloud With a Look at Hybrid Hosting and OpenStack

Demystifying the Cloud With a Look at Hybrid Hosting and OpenStack Demystifying the Cloud With a Look at Hybrid Hosting and OpenStack Robert Collazo Systems Engineer Rackspace Hosting The Rackspace Vision Agenda Truly a New Era of Computing 70 s 80 s Mainframe Era 90

More information

SYMANTEC DATA CENTER SECURITY

SYMANTEC DATA CENTER SECURITY SYMANTEC DATA CENTER SECURITY SYMANTEC UNIFIED SECURITY STRATEGY Users Cyber Security Services Monitoring, Incident Response, Simulation, Adversary Threat Intelligence Data Threat Protection Information

More information

Managing and Auditing Organizational Migration to the Cloud TELASA SECURITY

Managing and Auditing Organizational Migration to the Cloud TELASA SECURITY Managing and Auditing Organizational Migration to the Cloud 1 TELASA SECURITY About Me Brian Greidanus bgreidan@telasasecurity.com 18+ years of security and compliance experience delivering consulting

More information

STRATEGIC WHITE PAPER. Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview

STRATEGIC WHITE PAPER. Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview STRATEGIC WHITE PAPER Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview Abstract Cloud architectures rely on Software-Defined Networking

More information

Symantec Reference Architecture for Business Critical Virtualization

Symantec Reference Architecture for Business Critical Virtualization Symantec Reference Architecture for Business Critical Virtualization David Troutt Senior Principal Program Manager 11/6/2012 Symantec Reference Architecture 1 Mission Critical Applications Virtualization

More information

Transform Your Business To An Open Hybrid Cloud Architecture. Presenter Name Title Date

Transform Your Business To An Open Hybrid Cloud Architecture. Presenter Name Title Date Transform Your Business To An Open Hybrid Cloud Architecture Presenter Name Title Date Why You Need To Transform Your Business Public cloud performance setting new expectations for: IT speed, flexibility

More information

Choosing the Right Cloud Computing Model for Data Center Management

Choosing the Right Cloud Computing Model for Data Center Management Choosing the Right Cloud Computing Model for Data Center Management www.nsi1.com NETWORK SOLUTIONS INCOPORATED NS1.COM UPDATING YOUR NETWORK SOLUTION WITH CISCO DNA CENTER 1 Section One Cloud Computing

More information

CSP 2017 Network Virtualisation and Security Scott McKinnon

CSP 2017 Network Virtualisation and Security Scott McKinnon CSP 2017 Network Virtualisation and Security Scott McKinnon smckinnon@vmware.com Security Lead, Northern EMEA Network & Security, VMware Disclaimer This presentation may contain product features that are

More information

90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation

90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation Compliance Report PCI DSS 2.0 Generated by Check Point Compliance Blade, on April 16, 2018 15:41 PM O verview 1 90% Compliance About PCI DSS 2.0 PCI-DSS is a legal obligation mandated not by government

More information

TREND MICRO SMART PROTECTION SUITES

TREND MICRO SMART PROTECTION SUITES SOLUTION BROCHURE TREND MICRO SMART ROTECTION SUITES Maximum endpoint security from your proven security partner Get smarter security that goes where your users go The threat landscape is constantly changing,

More information

Chapter. Securing the Cloud THE FOLLOWING COMPTIA SECURITY+ EXAM OBJECTIVES ARE COVERED IN THIS CHAPTER:

Chapter. Securing the Cloud THE FOLLOWING COMPTIA SECURITY+ EXAM OBJECTIVES ARE COVERED IN THIS CHAPTER: Chapter 6 Securing the Cloud THE FOLLOWING COMPTIA SECURITY+ EXAM OBJECTIVES ARE COVERED IN THIS CHAPTER: 1.3 Explain network design elements and components. Virtualization Cloud computing: Platform as

More information

Cloud Computing: Making the Right Choice for Your Organization

Cloud Computing: Making the Right Choice for Your Organization Cloud Computing: Making the Right Choice for Your Organization A decade ago, cloud computing was on the leading edge. Now, 95 percent of businesses use cloud technology, and Gartner says that by 2020,

More information

ECE Enterprise Storage Architecture. Fall ~* CLOUD *~. Tyler Bletsch Duke University

ECE Enterprise Storage Architecture. Fall ~* CLOUD *~. Tyler Bletsch Duke University ECE590-03 Enterprise Storage Architecture Fall 2017.~* CLOUD *~. Tyler Bletsch Duke University Includes material adapted from the course Information Storage and Management v2 (module 13), published by

More information

The threat landscape is constantly

The threat landscape is constantly A PLATFORM-INDEPENDENT APPROACH TO SECURE MICRO-SEGMENTATION Use Case Analysis The threat landscape is constantly evolving. Data centers running business-critical workloads need proactive security solutions

More information

Best Practices in Securing a Multicloud World

Best Practices in Securing a Multicloud World Best Practices in Securing a Multicloud World Actions to take now to protect data, applications, and workloads We live in a multicloud world. A world where a multitude of offerings from Cloud Service Providers

More information

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW: SOLUTION OVERVIEW: ALERT LOGIC THREAT MANAGER WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE Protecting your business assets and sensitive data requires regular vulnerability assessment,

More information

Secure & Unified Identity

Secure & Unified Identity Secure & Unified Identity for End & Privileged Users Copyright 2015 Centrify Corporation. All Rights Reserved. 1 Key Point #1: Perimeter is Dissolving Making Identity Matter Most You must plant a strong

More information

Cloud Essentials for Architects using OpenStack

Cloud Essentials for Architects using OpenStack Cloud Essentials for Architects using OpenStack Course Overview Start Date 5th March 2015 Duration 2 Days Location Dublin Course Code SS15-13 Programme Overview Cloud Computing is gaining increasing attention

More information

Programowanie w chmurze na platformie Java EE Wykład 1 - dr inż. Piotr Zając

Programowanie w chmurze na platformie Java EE Wykład 1 - dr inż. Piotr Zając Programowanie w chmurze na platformie Java EE Wykład 1 - dr inż. Piotr Zając Cloud computing definition Cloud computing is a model for enabling ubiquitous, convenient, ondemand network access to a shared

More information

Cloud First Policy General Directorate of Governance and Operations Version April 2017

Cloud First Policy General Directorate of Governance and Operations Version April 2017 General Directorate of Governance and Operations Version 1.0 24 April 2017 Table of Contents Definitions/Glossary... 2 Policy statement... 3 Entities Affected by this Policy... 3 Who Should Read this Policy...

More information

Google Cloud Platform: Customer Responsibility Matrix. April 2017

Google Cloud Platform: Customer Responsibility Matrix. April 2017 Google Cloud Platform: Customer Responsibility Matrix April 2017 Introduction 3 Definitions 4 PCI DSS Responsibility Matrix 5 Requirement 1 : Install and Maintain a Firewall Configuration to Protect Cardholder

More information

Journey to the Cloud. Jeff Hoehing, Principal Consultant

Journey to the Cloud. Jeff Hoehing, Principal Consultant Journey to the Cloud Jeff Hoehing, Principal Consultant Agenda! Industry/Business Trends! Cloud and DR in the Cloud! Verizon Terremark Overview! Q&A The World in which we Operate has Changed Consumerization

More information

Securing Data in the Cloud: Point of View

Securing Data in the Cloud: Point of View Securing Data in the Cloud: Point of View Presentation by Infosys Limited www.infosys.com Agenda Data Security challenges & changing compliance requirements Approach to address Cloud Data Security requirements

More information

PROTECT WORKLOADS IN THE HYBRID CLOUD

PROTECT WORKLOADS IN THE HYBRID CLOUD PROTECT WORKLOADS IN THE HYBRID CLOUD SPOTLIGHTS Industry Aviation Use Case Protect workloads in the hybrid cloud for the safety and integrity of mission-critical applications and sensitive data across

More information

Security and Compliance Powered by the Cloud. Ben Friedman / Strategic Accounts Director /

Security and Compliance Powered by the Cloud. Ben Friedman / Strategic Accounts Director / Security and Compliance Powered by the Cloud Ben Friedman / Strategic Accounts Director / bf@alertlogic.com Founded: 2002 Headquarters: Ownership: Houston, TX Privately Held Customers: 1,200 + Employees:

More information

Evolved Backup and Recovery for the Enterprise

Evolved Backup and Recovery for the Enterprise Evolved Backup and Recovery for the Enterprise with Asigra technology Working gives me confidence in my data protection plan. I know that if I ever need to restore, it will take a few minutes rather than

More information

PCI DSS Compliance. White Paper Parallels Remote Application Server

PCI DSS Compliance. White Paper Parallels Remote Application Server PCI DSS Compliance White Paper Parallels Remote Application Server Table of Contents Introduction... 3 What Is PCI DSS?... 3 Why Businesses Need to Be PCI DSS Compliant... 3 What Is Parallels RAS?... 3

More information

Cloud Computing: Is it safe for you and your customers? Alex Hernandez DefenseStorm

Cloud Computing: Is it safe for you and your customers? Alex Hernandez DefenseStorm Presentation Title Cloud Computing: Is it safe for you and your customers? Alex Hernandez DefenseStorm Background A career of helping companies integrate new technologies into their existing infrastructure

More information

JOURNEY TO CLOUD (J2C) CONSUMING TECHNOLOGY, NOT OWNING IT

JOURNEY TO CLOUD (J2C) CONSUMING TECHNOLOGY, NOT OWNING IT JOURNEY TO CLOUD (J2C) CONSUMING TECHNOLOGY, NOT OWNING IT CLOUD IS HERE. The conversation has changed from should we move to cloud to how do we move to cloud. We are at a tipping point there is an explosion

More information

CLOUD COMPUTING. A New Era of Business Opportunity. Matthew Maderios, CA Enterprise. IT Roadmap Conference & Expo San Jose, CA.

CLOUD COMPUTING. A New Era of Business Opportunity. Matthew Maderios, CA Enterprise. IT Roadmap Conference & Expo San Jose, CA. CLOUD COMPUTING A New Era of Business Opportunity Matthew Maderios, CA Enterprise IT Roadmap Conference & Expo San Jose, CA Date MAKING A POSITIVE IMPACT Cloud Computing a new way of delivering resources,

More information

AT&T Endpoint Security

AT&T Endpoint Security AT&T Endpoint Security November 2016 Security Drivers Market Drivers Online business 24 x 7, Always on Globalization Virtual Enterprise Business Process / IT Alignment Financial Drivers CapEx / OpEx Reduction

More information

CHEM-E Process Automation and Information Systems: Applications

CHEM-E Process Automation and Information Systems: Applications CHEM-E7205 - Process Automation and Information Systems: Applications Cloud computing Jukka Kortela Contents What is Cloud Computing? Overview of Cloud Computing Comparison of Cloud Deployment Models Comparison

More information

Getting Started with AWS Security

Getting Started with AWS Security Getting Started with AWS Security Tomas Clemente Sanchez Senior Consultant Security, Risk and Compliance September 21st 2017 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Move

More information

Domain Registrations. Shared Hosting. Office 365 and Hosted Exchange #DOMAINS #HOSTING #

Domain Registrations. Shared Hosting. Office 365 and Hosted Exchange #DOMAINS #HOSTING # GDPR Compliance Responsibilities on Blacknight Products April 2018 GDPR is due to come into force May 25 th 2018. It sets out regulations for security and privacy controls required when handling Personally

More information

A guide for IT professionals. implementing the hybrid cloud

A guide for IT professionals. implementing the hybrid cloud A guide for IT professionals implementing the hybrid cloud A guide for IT professionals implementing the hybrid cloud Cloud technology is maturing and advancing rapidly. And for schools today, hybrid cloud

More information

Data Protection Modernization: Meeting the Challenges of a Changing IT Landscape

Data Protection Modernization: Meeting the Challenges of a Changing IT Landscape Data Protection Modernization: Meeting the Challenges of a Changing IT Landscape Tom Clark IBM Distinguished Engineer, Chief Architect Software 1 Data growth is continuing to explode Sensors & Devices

More information

Developing, Deploying and Managing Applications on the Cloud

Developing, Deploying and Managing Applications on the Cloud Developing, Deploying and Managing Applications on the Cloud Jayabalan S CTO & Co-Founder September 10, 2011 Agenda 1 2 3 4 5 6 7 8 9 10 Introduction Computing Evolution IT Challenges and Importance of

More information

IBM Cloud Security for the Cloud. Amr Ismail Security Solutions Sales Leader Middle East & Pakistan

IBM Cloud Security for the Cloud. Amr Ismail Security Solutions Sales Leader Middle East & Pakistan IBM Cloud Security for the Cloud Amr Ismail Security Solutions Sales Leader Middle East & Pakistan Today s Drivers for Cloud Adoption ELASTIC LOWER COST SOLVES SKILLS SHORTAGE RAPID INNOVATION GREATER

More information

Cloud Operations for Oracle Cloud Machine ORACLE WHITE PAPER MARCH 2017

Cloud Operations for Oracle Cloud Machine ORACLE WHITE PAPER MARCH 2017 Cloud Operations for Oracle Cloud Machine ORACLE WHITE PAPER MARCH 2017 Disclaimer The following is intended to outline our general product direction. It is intended for information purposes only, and

More information

Twilio cloud communications SECURITY

Twilio cloud communications SECURITY WHITEPAPER Twilio cloud communications SECURITY From the world s largest public companies to early-stage startups, people rely on Twilio s cloud communications platform to exchange millions of calls and

More information

Security Models for Cloud

Security Models for Cloud Security Models for Cloud Kurtis E. Minder, CISSP December 03, 2011 Introduction Kurtis E. Minder, Technical Sales Professional Companies: Roles: Security Design Engineer Systems Engineer Sales Engineer

More information

ASD CERTIFICATION REPORT

ASD CERTIFICATION REPORT ASD CERTIFICATION REPORT Amazon Web Services Elastic Compute Cloud (EC2), Virtual Private Cloud (VPC), Elastic Block Store (EBS) and Simple Storage Service (S3) Certification Decision ASD certifies Amazon

More information

Securing the Data Center against

Securing the Data Center against Securing the Data Center against vulnerabilities & Data Protection Agenda Virtual Virtualization Technology How Virtualization affects the Datacenter Security Keys to a Secure Virtualized Deployment and

More information

COMPTIA CLO-001 EXAM QUESTIONS & ANSWERS

COMPTIA CLO-001 EXAM QUESTIONS & ANSWERS COMPTIA CLO-001 EXAM QUESTIONS & ANSWERS Number: CLO-001 Passing Score: 800 Time Limit: 120 min File Version: 39.7 http://www.gratisexam.com/ COMPTIA CLO-001 EXAM QUESTIONS & ANSWERS Exam Name: CompTIA

More information

Auditing the Cloud. Paul Engle CISA, CIA

Auditing the Cloud. Paul Engle CISA, CIA Auditing the Cloud Paul Engle CISA, CIA About the Speaker Paul Engle CISA, CIA o Fifteen years performing internal audit, IT internal audit, and consulting projects o Internal audit clients include ADP,

More information

Microsoft Security Management

Microsoft Security Management Microsoft Security Management MICROSOFT SECURITY MANAGEMENT SECURITY MANAGEMENT CHALLENGES Some large financial services organizations have as many as 40 or more different security vendors inside their

More information

Stopping Advanced Persistent Threats In Cloud and DataCenters

Stopping Advanced Persistent Threats In Cloud and DataCenters Stopping Advanced Persistent Threats In Cloud and DataCenters Frederik Van Roosendael PSE Belgium Luxembourg 10/9/2015 Copyright 2013 Trend Micro Inc. Agenda How Threats evolved Transforming Your Data

More information

ForeScout CounterACT. Continuous Monitoring and Mitigation. Real-time Visibility. Network Access Control. Endpoint Compliance.

ForeScout CounterACT. Continuous Monitoring and Mitigation. Real-time Visibility. Network Access Control. Endpoint Compliance. Real-time Visibility Network Access Control Endpoint Compliance Mobile Security ForeScout CounterACT Continuous Monitoring and Mitigation Rapid Threat Response Benefits Rethink IT Security Security Do

More information

Cloud Infrastructure and Operations Chapter 2B/8 Page Main concept from which Cloud Computing developed

Cloud Infrastructure and Operations Chapter 2B/8 Page Main concept from which Cloud Computing developed Cloud Infrastructure and Operations Chapter 2B/8 Page 1 Chapter 2: Cloud Layer Setup and Maintenance Topics covered: 2.1 Basic Cloud Computing Concept 2.2 Benefits of Cloud Computing 2.3 Main concept from

More information

Cloud-Security: Show-Stopper or Enabling Technology?

Cloud-Security: Show-Stopper or Enabling Technology? Cloud-Security: Show-Stopper or Enabling Technology? Fraunhofer Institute for Secure Information Technology (SIT) Technische Universität München Open Grid Forum, 16.3,. 2010, Munich Overview 1. Cloud Characteristics

More information

Data Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle

Data Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle Data Security and Privacy : Compliance to Stewardship Jignesh Patel Solution Consultant,Oracle Agenda Connected Government Security Threats and Risks Defense In Depth Approach Summary Connected Government

More information

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation Defense-in-Depth Against Malicious Software Speaker name Title Group Microsoft Corporation Agenda Understanding the Characteristics of Malicious Software Malware Defense-in-Depth Malware Defense for Client

More information

Completing your AWS Cloud SECURING YOUR AMAZON WEB SERVICES ENVIRONMENT

Completing your AWS Cloud SECURING YOUR AMAZON WEB SERVICES ENVIRONMENT Completing your AWS Cloud SECURING YOUR AMAZON WEB SERVICES ENVIRONMENT Introduction Amazon Web Services (AWS) provides Infrastructure as a Service (IaaS) cloud offerings for organizations. Using AWS,

More information

The Challenge of Cloud Security

The Challenge of Cloud Security The Challenge of Cloud Security Dr. Ray Klump Chair, Mathematics & Computer Science Director, MS in Information Security Lewis University Poll Question #1: What type of cloud service are you

More information

Datacenter Security: Protection Beyond OS LifeCycle

Datacenter Security: Protection Beyond OS LifeCycle Section Datacenter Security: Protection Beyond OS LifeCycle 1 Not so fun Facts from the Symantec ISTR 2017 Report Zero-Day Vulnerability, annual total Legitimate tools, annual total 6,000 5 5,000 4,000

More information

Automating the Top 20 CIS Critical Security Controls

Automating the Top 20 CIS Critical Security Controls 20 Automating the Top 20 CIS Critical Security Controls SUMMARY It s not easy being today s CISO or CIO. With the advent of cloud computing, Shadow IT, and mobility, the risk surface area for enterprises

More information

MySQL CLOUD SERVICE. Propel Innovation and Time-to-Market

MySQL CLOUD SERVICE. Propel Innovation and Time-to-Market MySQL CLOUD SERVICE Propel Innovation and Time-to-Market The #1 open source database in Oracle. Looking to drive digital transformation initiatives and deliver new modern applications? Oracle MySQL Service

More information

Qualys Cloud Platform

Qualys Cloud Platform Qualys Cloud Platform Our Journey into the Cloud: The Qualys Cloud Platform & Architecture Thomas Wendt Regional Manager Post-Sales, DACH, Qualys Inc. Digital Transformation More than just adopting new

More information

Kroll Ontrack VMware Forum. Survey and Report

Kroll Ontrack VMware Forum. Survey and Report Kroll Ontrack VMware Forum Survey and Report Contents I. Defining Cloud and Adoption 4 II. Risks 6 III. Challenging Recoveries with Loss 7 IV. Questions to Ask Prior to Engaging in Cloud storage Solutions

More information

Cato Cloud. Software-defined and cloud-based secure enterprise network. Solution Brief

Cato Cloud. Software-defined and cloud-based secure enterprise network. Solution Brief Cato Cloud Software-defined and cloud-based secure enterprise network Solution Brief Legacy WAN and Security Appliances are Incompatible with the Modern Enterprise Cato Networks: Software-defined and Cloud-based

More information

Cloud Computing and Service-Oriented Architectures

Cloud Computing and Service-Oriented Architectures Material and some slide content from: - Atif Kahn SERVICES COMPONENTS OBJECTS MODULES Cloud Computing and Service-Oriented Architectures Reid Holmes Lecture 20 - Tuesday November 23 2010. SOA Service-oriented

More information

1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7

1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7 1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7 ORACLE PRODUCT LOGO 20. oktober 2011 Hotel Europa Sarajevo Platform

More information

Security Readiness Assessment

Security Readiness Assessment Security Readiness Assessment Jackson Thomas Senior Manager, Sales Consulting Copyright 2015 Oracle and/or its affiliates. All rights reserved. Cloud Era Requires Identity-Centric Security SaaS PaaS IaaS

More information

Security Considerations for Cloud Readiness

Security Considerations for Cloud Readiness Application Note Zentera Systems CoIP Platform CoIP Defense-in-Depth with Advanced Segmentation Advanced Segmentation is Essential for Defense-in-Depth There is no silver bullet in security a single solution

More information

CLOUD COMPUTING. Lecture 4: Introductory lecture for cloud computing. By: Latifa ALrashed. Networks and Communication Department

CLOUD COMPUTING. Lecture 4: Introductory lecture for cloud computing. By: Latifa ALrashed. Networks and Communication Department 1 CLOUD COMPUTING Networks and Communication Department Lecture 4: Introductory lecture for cloud computing By: Latifa ALrashed Outline 2 Introduction to the cloud comupting Define the concept of cloud

More information

Sichere Applikations- dienste

Sichere Applikations- dienste Sichere Applikations- dienste Innovate, Expand, Deliver Manny Rivelo Für SaaS und traditionelle Service-Modelle EVP, Strategic Solutions Carsten Langerbein Field Systems Engineer c.langerbein@f5.com Es

More information