Embracing a Secure Cloud. Cloud & Network Virtualisation India 2017

Similar documents
Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting

IBM Cloud Security for the Cloud. Amr Ismail Security Solutions Sales Leader Middle East & Pakistan

Security Readiness Assessment

Hybrid Identity de paraplu in de cloud

Designing an Enterprise GIS Security Strategy

CogniFit Technical Security Details

The New Normal. Unique Challenges When Monitoring Hybrid Cloud Environments

Introduction To Cloud Computing

Make Cloud the Most Secure Environment for Business. Seth Hammerman, Systems Engineer Mvision Cloud (formerly Skyhigh Networks)

Managing and Auditing Organizational Migration to the Cloud TELASA SECURITY

Cloud-Security: Show-Stopper or Enabling Technology?

Hosting DesktopNow in Amazon Web Services. Ivanti DesktopNow powered by AppSense

Passwords Are Dead. Long Live Multi-Factor Authentication. Chris Webber, Security Strategist

NEXT GENERATION CLOUD SECURITY

Business Strategy Theatre

Controlled Document Page 1 of 6. Effective Date: 6/19/13. Approved by: CAB/F. Approved on: 6/19/13. Version Supersedes:

Module Day Topic. 1 Definition of Cloud Computing and its Basics

Fundamental Concepts and Models

Mitigating Risks with Cloud Computing Dan Reis

ENDNOTE SECURITY OVERVIEW INCLUDING ENDNOTE DESKTOP AND ONLINE

Souhwan Jung.

Cloud FastPath: Highly Secure Data Transfer

Identity and Client Security for Remote Access Virtual Credential Container

Qualys Cloud Platform

Key words: Cloud computing, Reverse Proxy, SaaS, PaaS, IaaS and Security threats

Magento Commerce Architecture and Security Model Last updated: Aug 2017

Watson Developer Cloud Security Overview

Certificate of Registration

Cloud Computing Lectures. Cloud Security

Protecting Your Cloud

CLOUD SECURITY CRASH COURSE

Clouds in the Forecast. Factors to Consider for In-House vs. Cloud-Based Systems and Services

Spotlight Report. Information Security. Presented by. Group Partner

Enabling Public Cloud Interconnect Services F5 Application Connector

85% 89% 10/5/2018. Do You Have A Firewall Around Your Cloud? Conquering The Big Threats & Challenges

Symantec Endpoint Protection Family Feature Comparison

Security+ SY0-501 Study Guide Table of Contents

Migrating Enterprise Applications to the Cloud Session 672. Leighton L. Nelson

Introduction to ArcGIS Server Architecture and Services. Amr Wahba

Certified Ethical Hacker (CEH)

Programowanie w chmurze na platformie Java EE Wykład 1 - dr inż. Piotr Zając

ArcGIS Online A Security, Privacy, and Compliance Overview. Andrea Rosso Michael Young

The Emerging Role of a CDN in Facilitating Secure Cloud Deployments

Contents. Contents (ix) Chapter 1 EVOLUTION OF CLOUD COMPUTING. Chapter 2 INTRODUCTION TO CLOUD COMPUTING. (ix)

Securing Data in the Cloud: Point of View

Lessons from the Human Immune System Gavin Hill, Director Threat Intelligence

Multi Packed Security Addressing Challenges in Cloud Computing

Deploying to the Cloud: A Case study on the Development of EHNAC s Cloud Enabled Accreditation Program (CEAP)

RA-GRS, 130 replication support, ZRS, 130

How to Move Your Oracle Database to The Cloud. Clay Jackson Database Solutions Sales Engineer

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

RADIAN6 SECURITY, PRIVACY, AND ARCHITECTURE

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

Version 1/2018. GDPR Processor Security Controls

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

CIS Controls Measures and Metrics for Version 7

A broad set of policies, technologies, and controls deployed to protect data, applications, and infrastructure

Access Governance in a Cloudy Environment. Nabeel Nizar VP Worldwide Solutions

Data Security and Privacy Principles IBM Cloud Services

Next-Gen CASB. Patrick Koh Bitglass

A CISO GUIDE TO MULTI-CLOUD SECURITY Achieving Transparent Visibility and Control and Enhanced Risk Management

Cloud Security: Constant Innovation

Cloud Security. Presented by Richard Brown

ASD CERTIFICATION REPORT

Evolution of Cyber Security. Nasser Kettani Chief Technology Officer Microsoft, Middle East and Africa

Cloud Customer Architecture for Securing Workloads on Cloud Services

The Oracle Trust Fabric Securing the Cloud Journey

MEMORY AND BEHAVIORAL PROTECTION ENDPOINT SECURITY NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY

CIS Controls Measures and Metrics for Version 7

Ellipse Support. Contents

Cloud Transformation Program Cloud Change Champions June 20, 2018

SIGS AFTERWORK EVENT. Security: which operational model for which scenario. Hotel Warwick - Geneva

Introduction. The Safe-T Solution

Cloud Computing. Faculty of Information Systems. Duc.NHM. nhmduc.wordpress.com

Cloud Computing. Technologies and Types

JOURNEY TO CLOUD (J2C) CONSUMING TECHNOLOGY, NOT OWNING IT

Best Practices in Securing a Multicloud World

Accelerate GDPR compliance with the Microsoft Cloud Agustín Corredera

epldt Web Builder Security March 2017

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

CLOUD SECURITY 2017 SPOTLIGHT REPORT PRESENTED BY

Cloud Computing, SaaS and Outsourcing

Auditing the Cloud. Paul Engle CISA, CIA

Intro to Niara. no compromise behavioral analytics. Tomas Muliuolis HPE Aruba Baltics Lead

News and Updates June 1, 2017

Managing SaaS risks for cloud customers

10 FOCUS AREAS FOR BREACH PREVENTION

Cloud Security Strategy - Adapt to Changes with Security Automation -

NETWORK FORENSIC ANALYSIS IN THE AGE OF CLOUD COMPUTING.

Automated Response in Cyber Security SOC with Actionable Threat Intelligence

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

Building a More Secure Cloud Architecture

A different approach to Application Security

Top 10 use cases of HP ArcSight Logger

Whose Cloud Is It Anyway? Exploring Data Security, Ownership and Control

Secure Access & SWIFT Customer Security Controls Framework

Overview. Application security - the never-ending story

Stopping Advanced Persistent Threats In Cloud and DataCenters

Completing your AWS Cloud SECURING YOUR AMAZON WEB SERVICES ENVIRONMENT

Security Issues and Best Practices for Water Facilities

Transcription:

Embracing a Secure Cloud Cloud & Network Virtualisation India 2017

Cloud Computing Group of computing resources providing services such as servers, storage, databases, software, applications, networks etc. over the Internet/private network Benefits Flexibility Efficiency 2

Cloud Computing Security Incidents Dow Jones Data Leak Results (over 1 million users) sue to an AWS Configuration Error (2017) Salesforce Database Failure Wipes Out 5 Hours of Corporate Customer Data (2016) Millions of accounts of LinkedIn users have been extracted and put up for sale in Dark Web (2012) Intuit Cloud Outage Blocks Access to Financial Software for 36 Hours (2010) and there are many more. Economic Times India Telecom Summit 2017 3

Cloud Computing Security Threats Sovereignty and legal boundary Data leakage Compromised credential and broken authentication Hacked interface & APIs Vulnerabilities & weaknesses Malicious insider DOS/DDOS attacks Shared technology result in common issues 4

Major challenge for Indian telcos Sovereignty and legal boundary of Subscriber s information 5

Types of Cloud Computing SAAS PAAS IAAS 6

Way to Implement Private Cloud On premises virtualization Behind corporate firewalls Complete control of security A physical part of the corporate data center Can be hosted at a hosting facility Virtual Private Cloud Vendor hosted virtualization Isolated from the public Internet Vendor specific security, including specialized firewalls An extension to the corporate data center Public Cloud Vendor hosted virtualization Open to the public Internet Per host software firewalls Vendor Specific Security Controls Not an extension of the corporate Data Center 7

Information Security Processes in a Cloud IaaS Scope of Responsibility Network Layer Security Controls PaaS Middleware Security Controls C SaaS System Level Security Controls Platform Specific Controls Application Level Security Controls User Access Controls 8

Cloud Security Processes - SAAS Security Processes Vendor Shared Customer User Access Process Data Confidentiality Application Security Config. System Security Log Collection / Sec. Intelligence Patch Management Network Security Vulnerability Management Intrusion Detection / Prevention Incident Response Advanced Threat Management Physical Security Security technology in consideration Data encryption (In-Transit) Security Information and Event Management (SIEM) for application incidents Automated user access provisioning / deprovisioning Automation of user access reviews Role-based access controls Separation of duties considerations Single-sign on Data Loss Prevention Security Configurations: Transfer of data from DC to the application Timeouts CASB 9

Cloud Security Processes - PAAS Security Processes Vendor Shared Customer User Access Process Data Confidentiality Application Security Config. System Security Log Collection / Sec. Intelligence Patch Management Network Security Vulnerability Management Intrusion Detection / Prevention Incident Response Advanced Threat Management Physical Security In addition to security technology in consideration of SAAS, additional points for PAAS are Remote access controls API access controls VPN / B2B connectivity Patch Management Vulnerability Management Additional SIEM integrations at the platform level 10

Cloud Security Processes - IAAS Security Processes Vendor Shared Customer User Access Process Data Confidentiality Application Security Config. System Security Log Collection / Sec. Intelligence Patch Management Network Security Vulnerability Management Intrusion Detection / Prevention Incident Response Advanced Threat Management Physical Security In addition to security technology in consideration of SAAS & PAAS, additional points for IAAS are Encryption (at rest) Direct network connections Network firewalls Security groups (per instance firewalls) Intrusion protection End point malware End point data loss prevention Additional SIEM integration at the virtual hardware level 11

SAAS Security Integration Browser Proxy/ Web Proxy SaaS Application Salesforce, Office 365, etc. Other applications (Production & Development) LDAP server Email server File server CASB & SIEM Single Sign-on Identity Management On-premise Data Center Security Operations Analyst 12

PAAS Security Integration Browser Proxy/ Web Proxy PaaS Platform Azure, Force.com, Rackspace, RDS, Redshift, Access Controls On-premise Production Application environment On-premise application development environment LDAP server Email server File server Platform Administrator CASB & SIEM Vulnerability Management Single Sign-on Identity Management On-premise Data Center Security Operations Analyst 13

IAAS Security Integration Proxy/ Web Proxy SSL Encryption VPN Connection API Access / PKI IaaS Environment Amazon AWS, Rackspace, CSC, Terremark Access Controls Machine Images Full Disk Encryption Vulnerability Management On-premise Production Application environment IPS On-premise application development environment LDAP server Email server File server Single Sign-on Identity Management Platform Administrator CASB & SIEM Security Management Software On-premise Data Center Security Operations Analyst 14

Thank you! GISFI - IETE Workshop Presentation 15

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback