Agenda GDPR Overview & Requirements IBM Secure Virtualization Solution Overview Summary / Call to Action Q & A 2

Similar documents
The Road to a Secure, Compliant Cloud

De kracht van IBM cloud: hoe je bestaande workloads verhuist naar de cloud

Increasing Security and Compliance in the Cloud

Virtual Machine Encryption Security & Compliance in the Cloud

EU General Data Protection Regulation (GDPR) Achieving compliance

DELIVERING TRUSTED CLOUDS How Intel and Red Hat integrated solutions for secure cloud computing

VMware Hybrid Cloud Solution

IBM Cloud IBM Cloud for VMware Solutions Zeb Ahmed Senior Offering Manager and BCDR Leader VMware on IBM Cloud VMworld 2017 Content: Not for publicati

IBM Cloud for VMware Solutions

Managing Privacy Risk & Compliance in Financial Services. Brett Hamilton Advisory Solutions Consultant ServiceNow

Getting ready for GDPR. Philipp Hobler EMEA Field CTO Global Technology Office Dell EMC Data Protection Solutions

IBM Cloud Lessons Learned: VMware Cloud Foundation on IBM Cloud VMworld 2017 We are a cognitive solutions and cloud platform company that leverages th

Enhanced Privacy ID (EPID), 156

General Data Protection Regulation (GDPR) The impact of doing business in Asia

Managing SaaS risks for cloud customers

Accelerate GDPR compliance with the Microsoft Cloud

Enterprise & Cloud Security

Data Management and Security in the GDPR Era

Our agenda. The basics

Best Practices in Securing a Multicloud World

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Deliver Data Protection Services that Boost Revenues and Margins

CONFIDENTLY INTEGRATE VMWARE CLOUD ON AWS WITH INTELLIGENT OPERATIONS

BUILDING SECURITY INTO YOUR DATA CENTER MODERNIZATION STRATEGY

SOLUTION BRIEF HELPING BREACH RESPONSE FOR GDPR WITH RSA SECURITY ADDRESSING THE TICKING CLOCK OF GDPR COMPLIANCE

Compliance of Panda Products with General Data Protection Regulation (GDPR) Panda Security

RSA Solution Brief. The RSA Solution for Cloud Security and Compliance

IT MANAGEMENT AND THE GDPR: THE VMWARE PERSPECTIVE

The GDPR Are you ready?

Cloud is the 'Only' Way Forward in Information Security. Leveraging Scale to Make the Unknown Known, in Dev, Sec & Ops.

The Impact of Hyper- converged Infrastructure on the IT Landscape

Do you handle EU residents personal data? The GDPR update is coming May 25, Are you ready?

BUILDING A PRIVATE CLOUD. By Mark Black Jay Muelhoefer Parviz Peiravi Marco Righini

General Data Protection Regulation April 3, Sarah Ackerman, Managing Director Ross Patz, Consultant

Security Models for Cloud

BHBIA New Data Protection Rules. Pharma Company Perspective. Guy Murray Director, Market Research & Analytics, GC&BI MR Operations and Compliance, MSD

Accelerate Your Enterprise Private Cloud Initiative

EU GDPR & NEW YORK CYBERSECURITY REQUIREMENTS 3 KEYS TO SUCCESS

Data Protection Policy

MODERNIZE INFRASTRUCTURE

Data Center and Cloud Automation

G DATA Whitepaper. The new EU General Data Protection Regulation - What businesses need to know

DATA PROCESSING TERMS

Emergency Compliance DG Special Case DAMA INDIANA

A Practitioner s Guide to Migrating Workloads to VMware Cloud on AWS

Adtech and GDPR What to consider when choosing your partner

VMWARE CLOUD FOUNDATION: INTEGRATED HYBRID CLOUD PLATFORM WHITE PAPER NOVEMBER 2017

Go Cloud. VMware vcloud Datacenter Services by BIOS

VxRail: Level Up with New Capabilities and Powers GLOBAL SPONSORS

Martijn Loderus. Merritt Maxim. Principal Analyst Forrester. Director & Global Practice Partner for Advisory Consulting Janrain

Cloud Computing An IT Paradigm Changer

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Google Cloud & the General Data Protection Regulation (GDPR)

AWS Webinar. Navigating GDPR Compliance on AWS. Christian Hesse Amazon Web Services

NEW DATA REGULATIONS: IS YOUR BUSINESS COMPLIANT?

2-4 April 2019 Taets Art and Event Park, Amsterdam CLICK TO KNOW MORE

VMWARE CLOUD FOUNDATION: THE SIMPLEST PATH TO THE HYBRID CLOUD WHITE PAPER AUGUST 2018

The GDPR and NIS Directive: Risk-based security measures and incident notification requirements

Single-Tenant vs. Multi-Tenant Enterprise Software

GDPR COMPLIANCE REPORT

NetApp Private Storage for Cloud: Solving the issues of cloud data privacy and data sovereignty

PROTECT WORKLOADS IN THE HYBRID CLOUD

A Checklist for Compliance in the Cloud 1. A Checklist for Compliance in the Cloud

SYMANTEC DATA CENTER SECURITY

PUBLIC AND HYBRID CLOUD: BREAKING DOWN BARRIERS

INTO THE CLOUD WHAT YOU NEED TO KNOW ABOUT ADOPTION AND ENSURING COMPLIANCE

2013 Cisco and/or its affiliates. All rights reserved. 1

ARE YOU READY FOR GDPR?

How icims Supports. Your Readiness for the European Union General Data Protection Regulation

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Private Cloud Public Cloud Edge. Consistent Infrastructure & Consistent Operations

EU GDPR and . The complete text of the EU GDPR can be found at What is GDPR?

Motorola Mobility Binding Corporate Rules (BCRs)

HARNESSING THE HYBRID CLOUD TO DRIVE GREATER BUSINESS AGILITY

Cisco Spark and GDPR. Thomas Flambeaux. Collaboration Consulting Solution Engineer, Security and Compliance. Cisco Connect 2018 Copenhagen April 12th

VxRack FLEX Technical Deep Dive: Building Hyper-converged Solutions at Rackscale. Kiewiet Kritzinger DELL EMC CPSD Snr varchitect

Introduction to AWS GoldBase

Controlled Document Page 1 of 6. Effective Date: 6/19/13. Approved by: CAB/F. Approved on: 6/19/13. Version Supersedes:

On Demand Cryptographic Resources for Your Virtual Data Center and the Cloud: Introducing SafeNet s Crypto Hypervisor

Agenda Integrated Multi-Cloud Management (imcm) TOPIC Context and Solution Overview Common Challenges and Opportunities 4-5 Key Elements and Features

Choosing the Right Cloud. ebook

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO

Table of Contents HOL SLN

General Data Protection Regulation: Knowing your data. Title. Prepared by: Paul Barks, Managing Consultant

GDPR: A QUICK OVERVIEW

1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7

Cloud Under Control. HyTrust Two-Man Rule Solution Brief

Achieving Digital Transformation: FOUR MUST-HAVES FOR A MODERN VIRTUALIZATION PLATFORM WHITE PAPER

Cisco CloudCenter Use Case Summary

The Etihad Journey to a Secure Cloud

A High-Performing Cloud Begins with a Strong Foundation. A solution guide for IBM Cloud bare metal servers

Strong Security Elements for IoT Manufacturing

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

VM-SERIES FOR VMWARE VM VM

Hybrid IT with VMware on IBM Cloud and SoftLayer

VMware Cloud on AWS. A Closer Look. Frank Denneman Senior Staff Architect Cloud Platform BU

COMPUTAMATRIX LIMITED T/A MATRICA Data Protection Policy September Table of Contents. 1. Scope, Purpose and Application to Employees 2

Oktober 2018 Dell Tech. Forum München

Disruptive Technologies Legal and Regulatory Aspects. 16 May 2017 Investment Summit - Swiss Gobal Enterprise

Securing Your Most Sensitive Data

Transcription:

GRC3386BUS GDPR Readiness with IBM Cloud Secure Virtualization Raghu Yeluri, Intel Corporation Shantu Roy, IBM Bill Hackenberger, Hytrust #VMworld #GRC3386BUS

Agenda GDPR Overview & Requirements IBM Secure Virtualization Solution Overview Summary / Call to Action Q & A 2

Security Continues to be #1 Barrier for Cloud Adoption #1 General security risks #2 Lack of staff resources or expertise 33% 28% Data Loss/Leakage 57% Data Privacy 49% CLOUD ADOPTION BARRIERS #3 Integration with existing IT environments 27% MAIN CONCERNS Confidentiality 47% #4 Data loss & leakage risks 26% Regulatory compliance 36% #5 Legal & regulatory compliance 24% Data from Cloud Research Partners Data Sovereignty/Control 30% 3

General Data Protection Regulation (GDPR) Overview

Is GDPR the next Y2K for data privacy and data protection?

Replaces the Data Protection legislation of the 90 s One single set of data protection rules across EU Will come into force throughout the EU on May 25, 2018 VMworld 2017 Gives individuals much more control over their personal data Content: Not for publication

One Law Top 10 GDPR Provisions Territorial Scope Increased Fines Breach Notification Opt-in Consent Joint Liability Right to Removal (RTBF) Data Transfer Common Enforcement Collective Redress

Key GDPR Definitions Data Controller The organization that defines the reason for the data collection, decides how the data is collected and processed and is ultimately responsible for its safekeeping Data Processor A person or body acting on behalf of the data controller to store or process the data Supervisory Authorities Public bodies set up by the governments of the EU countries to help advise data controllers and data subjects on the law and enforce the regulation Data Subject The individual whose data is being collected and can be identified from that data Personal Data (PII) Any information relating to an identified or identifiable natural person (data subject)

Types of Personal Information VMworld 2017 Name Address Date of Birth Online Identifier Personal Email Address Business Email Address Content: Not for publication Phone Number Ethnic Origin Health Religious Beliefs Sensitive Personal Data

No matter where you are in the world, if you do business within the EU, you need to comply with GDPR!

Substantial increase in fines for organizations that do not comply with GDPR Two-tier fine structure for different violations can vary from 2% to 4% of global revenue or 10M euro to 20M euro which ever is greater

The local supervisory authority must be informed within 72 hours of any data loss and users informed as soon as possible unless

data was encrypted or a form of pseudonymization was used, the data is automatically deemed secure and the organization is not required to notify the data subject or supervisory authority of the breach or distribution

Data belongs to the data subject NOT the data controller

The Right to be Forgotten

Organizations will be required to implement appropriate technical and organizational measures in relation to the nature, scope, context and purposes of their handling and processing of personal data GDPR = 11 Chapters, 81 Pages, 99 Articles, 100+ Recitals VMworld 2017 ~ 12 articles address technical measures Content: Not for publication

GDPR Articles - some specifics Article 5 Article 24 Article 24 Article 28 Article 32 Article 6 Article 17 Article 34 Article 44 Principles relating to personal data processing Responsibility of the controller Data protection by design and by default Processor Security of processing Lawfulness of processing The Right to Erasure (aka The Right to Be Forgotten ) Communication of a personal data breach to the data subject General Principle for Transfers Core Requirements* Encryption Audit and Compliance Data Sovereignty Records of processing activities Notification of a personal data breach to the supervisory authority General Principle for Transfers Article 30 Article 33 Article 44 17

Agenda GDPR Overview & Requirements IBM Secure Virtualization Solution Overview Summary / Call to Action Q & A 18

IBM Cloud Secure Virtualization (ICSV) A VMware Portfolio Solution Customer Demographics Point of Sale Transactions App OS CloudControl App OS App OS VMware Cloud Foundation DataControl Customer Credentials Intellectual Property App OS IBM Cloud is first to market with a solution that captures the benefits of both HyTrust software and Intel Trusted Execution Technology to protect virtualized workloads down to the microchip level. Includes VMware Cloud Foundation licenses and infrastructure (NSX, VSAN, Vcenter, Vsphere). Intel Xeon Processor Bare Metal Servers + Intel TXT Enabled 19

ICSV Solution Benefits A Combined Security Offering from IBM, HyTrust and Intel A powerful solution together HyTrust Software Provides Policy and access controls for cloud security, reporting, and encryption software Policy-enforced controls and access management Confidence that workloads always run IBM Cloud on known Provides trusted hardware and Automated software VMware stacks solutions on trusted Bluemix bare metal infrastructure Keys under Tenant-control, and, Data decryption only when access, location policies are met. Intel Trusted Execution Technology Streamlined Provides visibility and reporting for Hardware-based corporate (chipset) and regulatory compliance security technology to protect workloads CloudControl Virtualization Layer Physical Layer Storage Layer Virtualization Admin Virtual Machine Intel TXT Application Application User DataControl Encrypted VMs and Data 20

Benefits of IBM Cloud for VMware Solutions IBM Differentiation Compatibility Speed & Flexibility Cloud Economics Full Compatibility with vcenter on and off premises Workload portability puts you in charge Continue with existing staff, tools and infrastructure Deploy in hours in multiple configuration sizes Expand and contract capacity as your needs change Deploy single site or multi-site configurations globally Predictable & simplified budgeting No long term contract overhead Pay for what you use with cloud OpEx model 21

Translating to Requirements How does the Data Controller: Maintain environment control and visibility to manage, monitor, and govern data access? Provide Security policies and implement granular security controls? Protect the Personal Data related to data Subject? Audit/Verify Security Controls implemented by the Data Processor? VMworld 2017 How does the Data Processor: 1. Verify the provisioning of the Infrastructure of sub-processor? 2. Protect workloads (inc. data) from deploying on compromised or unsanctioned infrastructure 3. Control where workloads and Applications running? Content: Not for publication 4. Enable Right to be Forgotten? 5. Support Data Sovereignty Requirements of the Data Controller? 22

Intel BENEFITS TRUST RESILIENCE VISIBILITY/ CONTROL SECURE THE PLATFORM PROTECT THE DATA WITHOUT COMPROMISING PERFORMANCE AT-REST IN-FLIGHT IN-USE Effective security is built on a foundation of trust 23

Intel Trusted Execution Technology Hardware Root of Trust 1. System powers on and Intel TXT verifies system BIOS/Firmware 2. Hypervisor measure does not match 3. Policy action enforced, known untrusted POSSIBLE EXPLOIT! SERVER WITH TPM MATCH! 2. Hypervisor measure matches 3. OS and applications are launched, known trusted Ensure a measured environment baseline with Intel Trusted Execution Technology (Intel TXT) System boot stack gets crypto-hashed before execution Hash values get safely stored in Trusted Platform Module (TPM) Match to known-good values determines system trust status 24

Intel Cloud Integrity Technology Intel Provides a Protected Launch & Hardware-enforced Geo location Trusted Platform and Workloads Launch Verification of the integrity of the launch of the platform and workloads (VMs, containers ) to provide trust and assurance Trusted Compute Pools Attestation provides information to inform which systems are trustworthy for hosting workloads Compliance VMworld 2017 Attestation allows verification of platform and workload trust for comparison against policy and use in audit this includes Geo-boundaries Chain of trust Capability Workload integrity Location and boundary control Platform integrity Intel TXT + TPM Data center Firmware BIOS Hypervisor Intel TXT Data center Firmware Content: Not for publication BIOS Hypervisor Intel TXT Intel Cloud Integrity Technology leverages Intel TXT 25

HyTrust Benefits HyTrust CloudControl with Intel TXT Protect server virtualization Control of private cloud Secure single-tenancy Continuous compliance HyTrust Simplifies Security at Scale HyTrust DataControl Workload encryption Key management Public/hybrid cloud IaaS migration HyTrust BoundaryControl with Intel TXT Workload & data geo-fencing Tenant-defined boundaries Data sovereignty Contextual tagging 26

HyTrust BoundaryControl Define and create a logical boundary by geography, regulatory standard, department, etc. Assign tags to key assets Finance Finance PCI PCI PCI PCI PII* German Define policies and automate security control enforcement for your defined boundary Do not decrypt workload unless it is running on Host B PCI PCI PCI PCI PCI Automatically encrypt workloads within the boundary Automatically provision, configure, and enforce security controls for all things inside your defined logical boundaries Intel TXT provides Hardware Root-of-Trust Workload Host/Server Network Storage 27

IBM Benefits IBM Cloud Automates the Infrastructure VMware Cloud Foundation on IBM Cloud natively integrates vsphere, NSX and vsan full stack virtualization along with the lifecycle management of SDDC manager. This deployment is automated offering fast and repeatable installation. IBM Cloud offers the benefits of global scale with over 50 interconnected data centers worldwide. VMworld 2017 Management Apps Apps Apps Apps Apps Network Virtualization Content: Not for publication Compute Virtualization Storage Virtualization Physical Infrastructure 28

Solution Benefits Server Platform Integrity VM1 Only allow virtual workloads to run on untampered hardware and software VM1 Privileged User Controls Security and Compliance Automation Public Cloud Reduce admin risk with advanced role based access controls and secondary approval workflows VM1 VM1 VM1 Data Decryption by Location Only allow virtual server data to be decrypted in authorized locations Deployment Control by Location Ensure only certain virtual servers run on hardware in authorized locations Continuous monitoring and reporting of controls to support regulatory and industry compliance 29

Agenda GDPR Overview & Requirements IBM Secure Virtualization Solution Overview Summary / Call to Action Q & A 31

Take Action Identify Customers with intensive data security & compliance needs (GDPR, PCI, HIPAA) Schedule a discovery meeting to assess customers needs IBM Technical solutions team - Intel & HyTrust can assist Set up Technical Workshop to engage Security & Compliance Teams IBM Technical solutions team - Intel & HyTrust can assist pilot planning Execute a pilot or proof of concept for interested customers Process and promotion for POC is on the wiki Check out more information on the wiki 2017 HyTrust, Inc. 32

Ordering Codes Cloud BU L30 6950-17V - IBM Bluemix Secure Virtualization (Cloud BU) (for Cloud Foundation) L30 6950-16F IBM Bluemix Implementation Services (Cloud BU CPS) GTS BU L30 6941-95X - IBM Bluemix Secure Virtualization (GTS BU) (for Cloud Foundation) L30 6941-95A IBM Bluemix Implementation Services (GTS mirror code) *Latest ordering codes can be found on VMware wiki 2017 HyTrust, Inc. 33

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback