Securing Data in the Cloud: Point of View

Similar documents
Security Readiness Assessment

IBM Cloud Security for the Cloud. Amr Ismail Security Solutions Sales Leader Middle East & Pakistan

Run the business. Not the risks.

CSA GUIDANCE VERSION 4 S TAT E O F T H E A R T CLOUD SECURITY AND GDPR NOTES. Hing-Yan Lee (Dr.) EVP, APAC, Cloud Security Alliance

Accelerate Your Enterprise Private Cloud Initiative

LTI Security Services. Intelligent & integrated Approach to Cyber & Digital Security

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

Secure & Unified Identity

Security In A Box. Modular Security Services Offering - BFSI. A new concept to Security Services Delivery.

Navigating the Clouds Fortifying ITIL for Cloud Governance

Mitigating Risks with Cloud Computing Dan Reis

Securing Your Cloud Introduction Presentation

Cloud Computing Standard 1.1 INTRODUCTION 2.1 PURPOSE. Effective Date: July 28, 2015

CipherCloud CASB+ Connector for ServiceNow

Cloud Customer Architecture for Securing Workloads on Cloud Services

BEYOND AUTHENTICATION IDENTITY AND ACCESS MANAGEMENT FOR THE MODERN ENTERPRISE

SECURITY SERVICES SECURITY

What It Takes to be a CISO in 2017

locuz.com SOC Services

TRUSTED IT: REDEFINE SOCIAL, MOBILE & CLOUD INFRASTRUCTURE. John McDonald

Delivering Complex Enterprise Applications via Hybrid Clouds

Fundamental Concepts and Models

Oracle Buys Automated Applications Controls Leader LogicalApps

Journey to the Private Cloud

Best Practices in Securing a Multicloud World

Service Provider Consulting

Deliver Data Protection Services that Boost Revenues and Margins

How Microsoft s Enterprise Mobility Suite Provides helps with those challenges

1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7

Securing Your Most Sensitive Data

Enterprise & Cloud Security

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO

Digital Renewable Ecosystem on Predix Platform from GE Renewable Energy

Challenges 3. HAWK Introduction 4. Key Benefits 6. About Gavin Technologies 7. Our Security Practice 8. Security Services Approach 9

The Device Has Left the Building

SIEM: Five Requirements that Solve the Bigger Business Issues

Sirius Security Overview

Data Security and Privacy Principles IBM Cloud Services

VMware Hybrid Cloud Solution

Managing Your Privileged Identities: The Choke Point of Advanced Attacks

Microsoft 365. A complete, intelligent, secure solution to empower employees. Integrated for simplicity. Built for teamwork. Unlocks creativity

CSP 2017 Network Virtualisation and Security Scott McKinnon

White Paper. View cyber and mission-critical data in one dashboard

Building a Secure and Compliant Cloud Infrastructure. Ben Goodman Principal Strategist, Identity, Compliance and Security Novell, Inc.

Trust in the Cloud. Mike Foley RSA Virtualization Evangelist 2009/2010/ VMware Inc. All rights reserved

Criminal Justice Information Security (CJIS) Guide for ShareBase in the Hyland Cloud

Capgemini Dynamic Services

"Charting the Course... Certified Information Systems Auditor (CISA) Course Summary

Transforming Security Part 2: From the Device to the Data Center

A guide for IT professionals. implementing the hybrid cloud

Cloud First Policy General Directorate of Governance and Operations Version April 2017

Transforming IT: From Silos To Services

Security and Privacy Governance Program Guidelines

Controlled Document Page 1 of 6. Effective Date: 6/19/13. Approved by: CAB/F. Approved on: 6/19/13. Version Supersedes:

The Etihad Journey to a Secure Cloud

Data Security: Public Contracts and the Cloud

Modelos de Negócio na Era das Clouds. André Rodrigues, Cloud Systems Engineer

McAfee MVISION Cloud. Data Security for the Cloud Era

Background FAST FACTS

Cloud Computing. Faculty of Information Systems. Duc.NHM. nhmduc.wordpress.com

Sentinet for BizTalk Server SENTINET

Managing SaaS risks for cloud customers

HCL GRC IT AUDIT & ASSURANCE SERVICES

Copyright 2011 EMC Corporation. All rights reserved.

Why the cloud matters?

AUTOTASK ENDPOINT BACKUP (AEB) SECURITY ARCHITECTURE GUIDE

RSA Solution Brief. Managing Risk Within Advanced Security Operations. RSA Solution Brief

Speaker Introduction Who Mate Barany, VMware Manuel Mazzolin, VMware Peter Schmitt, Deutsche Bahn Systel Why VMworld 2017 Understanding the modern sec

Cloud Computing Private Cloud

OFFICE 365 GOVERNANCE: Top FAQ s & Best Practices. Internal Audit, Risk, Business & Technology Consulting

Microsoft Security Management

Overview. Business value

CCISO Blueprint v1. EC-Council

Enhancing Security With SQL Server How to balance the risks and rewards of using big data

Data Management and Security in the GDPR Era

Enhanced Privacy ID (EPID), 156

Ready, Willing & Able. Michael Cover, Manager, Blue Cross Blue Shield of Michigan

Data Protection Everywhere. For the modern data center

About the DISA Cloud Playbook

SYMANTEC DATA CENTER SECURITY

Copyright 2011 Trend Micro Inc.

12,000+ Associates. Worldwide. Worldwide. 36 Countries. Customer Base 230+ Infra Supported Data Centers. 300,000+ End Users.

Getting Hybrid IT Right. A Softchoice Guide to Hybrid Cloud Adoption

IBM SmartCloud Engage Security

DATACENTER SERVICES DATACENTER

Making hybrid IT simple with Capgemini and Microsoft Azure Stack

NIST Cloud Computing Security Working Group

Practical Guide to Platform as a Service.

Supporting the Cloud Transformation of Agencies across the Public Sector

PREPARE FOR TAKE OFF. Accelerate your organisation s journey to the Cloud.

Don t Be the Next Data Loss Story

GDPR: A QUICK OVERVIEW

Government IT Modernization and the Adoption of Hybrid Cloud

How Microsoft Azure Stack Streamlines Bi-Modal IT

The Evolution of Data Center Security, Risk and Compliance

STRATEGIC PLAN

Choosing a Secure Cloud Service Provider

Access Governance in a Cloudy Environment. Nabeel Nizar VP Worldwide Solutions

SoftLayer Security and Compliance:

Virtustream Cloud and Managed Services Solutions for US State & Local Governments and Education

Transcription:

Securing Data in the Cloud: Point of View Presentation by Infosys Limited www.infosys.com

Agenda Data Security challenges & changing compliance requirements Approach to address Cloud Data Security requirements About Infosys Information and Cyber Risk management practice 2

Your Presenter today Saju brings in nearly 18 years of experience in IT consulting and advisory services. He currently heads Infrastructure and Cloud consulting for Infosys. Saju Sankaran Kutty Associate Vice President - Cloud Infrastructure & Security Infosys Limited He has been with Infosys for past 13 years and been instrumental in setting up the cloud business strategy for Infosys. Saju brings in experience in cloud and infrastructure strategy formulation, cloud technology advisory and cloud economics. Saju has executed several strategic engagements in technology, business transformation & optimization, Cloud and Infrastructure transformation, platform modernization, collaboration and end-user computing. He is an active member of partner advisory boards of product alliance partners and has been on steering committees with various clients. 3

The next-generation technology services company Infosys helps enterprises transform and thrive in a changing world by co-creating breakthrough solutions that combine strategic insights and execution excellence. We help them renew themselves while also creating new avenues to generate value. Corporate People Learning Purpose Clients Founded in Pune, India in 1981 179,000+ employees of 115 nationalities World s largest corporate university Transparency, ethics, and respect 4 out of top 5 US banks $8.7 billion in revenues 94% are consultants and engineers 1.3% of revenues invested in R&D $500 million innovation fund 7 out of top 10 global CPG 987+ clients 97% of staff are university educated More than 300 researchers 96.6% business is repeat business 8 out of top 10 global pharma Clients in 50+ countries 22% with masters degrees or doctorates Employees trained in Design Thinking 2% of avg. net profits over 3 fiscals to Infosys Foundation 4 out of top 5 global aerospace & defence 85 offices and 100 development centers 35% of employees are women 505 patents pending and 204 granted Award winning sustainable delivery centers 6 out of top 10 communications cos. 4

Infosys Huawei Partnership Infosys Huawei 5

The enterprise cloud ecosystem is evolving VM VM VM VM IaaS Siloed Consolidated Private Cloud VM VM Private Cloud PaaS IaaS PaaS SaaS A hybrid deployment, multi-cloud consumption model IaaS Enterprise Apps Hybrid Public Cloud Enterprise IT 6

Trends in Cloud adoption today 81 % of companies are either using or planning to use mission-critical apps on the cloud in the next 2 years 77 % of companies are using or planning to use IaaS, PaaS or SaaS for a wide range of business application in the next 2 years It takes 3 days for 55% of large enterprises to get new virtual infrastructure from their private or public Cloud 69% of companies are looking for the ability to detect, alert, and self-resolve issues in their cloud environment 77% of companies trust system integrators to be their cloud implementation providers 7 Infosys Study: Simplify and innovate the way you consume Cloud - http://www.experienceinfosys.com/cloudstudy

Key Data Security challenges for organization s leveraging the Cloud Available solutions in the market are still silo-based Security challenges exist when enterprises integrate private cloud with public cloud for cloud burst and other on need computing requirements. The challenges cut across 4 key pillars of security 8

Resulting in new and evolving requirements for data security in Cloud Cloud Security Alliance (CSA) Cloud control matrix is the comprehensive standard to ensure the data and privacy safety of the cloud environment NIST, the U.S. National Institute of Standards and Technology, last year published its Guidelines on Security and Privacy in Public Cloud Computing. ENISA has published Procure Secure: A Guide to Monitoring of security service levels in cloud contracts. HIPAA Omnibus expands the definition of business associate and define cloud service providers (CSPs) as business associates. Geo Specific regulations mandates organizations to ensure data ediscovery capabilities and controls in place while getting into Contract with cloud provider Geo Specific and Regulatory requirements mandates organization to ensure that legal hold discussion and agreement is the key part of cloud contract negotiations. 9

Business & IT Objectives which is driving key trends around Data Security oriented to Cloud Adoption Data Classification Is Key Privileged Access No Trust Model Persistent Data Encryption Cloud Adoption Unified approach for protecting Data in Cloud Customer Managed keys Data access governance Data Disposal gains importance 10

..which results in below decisions to make before cloud adoption Legal hold How to ensure Data availability if the CSP is going out of Business ediscovery- How to ensure that Data in hosted environment is identifiable and discoverable. Data Protection/Confidentiality - How to ensure that data confidentiality is being maintained in Shared cloud environment Data Integrity & Usage Governance - How to ensure that data integrity is being maintained Compliance & Governance - How to ensure compliancecompliance with Legal and Regulatory Standards Including data retention, archive and purge. 11

Solutions can be realized leveraging "Integrated approach for Cloud data Security based on traditional building blocks Cloud Security Alliance Reference Model Software as a Service (SaaS) Presentation Presentation Modality Platform APIs Applications Secure SDLC White/Black box testing Penetration testing Application Security Identity & Access Mgmt. Single sign-on / federation Adaptive authentication Authorization (RBAC, context-based, fine-grained) Provisioning access Segregation of Duties Security is shared responsibility Data Metadata Content Platform as a Service (PaaS) Integration & Middleware Infrastructure as a Service (IaaS) Information Systems Infra Security Endpoint Security SIEM Perimeter Security Platform Security Cloud Vendor Organization/ Vendor APIs Core Connectivity & Delivery Abstraction Hardware Facilities Data loss Prevention Data Tokenization Data Masking Information Rights Management Data Encryption Data Security Governanc e, Risk & Compliance Cloud-based Integrated Security solution Risk and Enterprise Security framework Integrated enforcement & validation of security controls Compliance enforcement Internal & External Compliance Audits Enterprise IT security policies & Procedures 12

..complimented by data centric technology controls to safeguard the data Key Tenet Technology Solution Leading product vendors Data protection/confidentiality Data Loss Prevention (DLP) Data Encryption: File/ Folders OS Application Database DLP: Websense, McAfee, Symantec Encryption: SafeNet, RSA Data management Integrity and usage governance Compliance with legal and regulatory standards Database Activity Monitoring File Integrity Management Data Rights Management Data Tokenization Data Masking Key Management Security Audits Data Protection Agreement DAM: IBM, Imperva FIM: McAfee, TrendMicro DRM: Microsoft Tokenization: SafeNet, RSA Masking: Informatica Key Management: Thales, SafeNet 13

Infosys approach & methodology for securing data and services in Cloud Initiate 14 Risk Analysis Identify cloud model Prioritize use cases, classify information Understand Risk & associated impact, liability, SLAs, RACI, etc. Secure virtual infrastructure Deploy network segregation, virtual firewalls, IDS, secure OS, application firewalls, AV, content security / malware Secure data & application Implement native data encryption, segregation, PKI Data Loss Prevention, in-line Data Tokenization / Encryption address in-transit / at rest / isolation security concerns Leverage claims-based application security model Adopt secure SDLC / testing Secure Integration Deploy web security solutions e.g. IBM DataPower, Intel SOAE Enable Secure Access Single sign-on using Federation, OpenID, Oauth Strong authentication & finegrained authorization Deploy adaptive / multi-factor authentication Integrated Monitoring Implement periodic attestation, continuous monitoring, integration with SIEM, etc. Adopt compliance & security Automated GRC Continuous monitoring and validation

Infosys Information and Cyber Risk (ICRM) Practice offers a Comprehensive set of Security Solutions and Services to ensure Secure Cloud Adoption CONSULTING INTEGRATION OPERATIONS Infra Security Perimeter and Network Security Endpoint Security Platform Security Email Security Vulnerability Assessment and Penetration Testing Data Security Data Loss Prevention Data Masking, Tokenization Encryption and PKI Information Rights Management Identity & Access Management Enterprise Security Identity & Access Mgmt. Directory Services Authorization, SSO, Federation, Social Coarse / Find grained authorization Identity lifecycle Management and Provisioning Governance Risk and Compliance (GRC) Security Framework, Policies and Procedures Compliance Audits Risk and Security Controls enforcement IT GRC tool configuration Security Operations Security tool administration Security monitoring and incident management On-premise Integrated Security solution Security Operations Cloud-based Integrated Security solution Application Security Secure SDLC White/black box testing Gray-box testing Penetration testing 15

Contact us www.infosys.com Email: askus@infosys.com Contact Saju Sankaran Kutty Associate Vice President Cloud Infrastructure & Security Infosys Limited Email saju_kutty@infosys.com 16

Copyright 2015 Huawei Technologies Co., Ltd. All Rights Reserved. The information in this document may contain predictive statements including, without limitation, statements regarding the future financial and operating results, future product portfolio, new technology, etc. There are a number of factors that could cause actual results and developments to differ materially from those expressed or implied in the predictive statements. Therefore, such information is provided for reference purpose only and constitutes neither an offer nor an acceptance. Huawei may change the information at any time without notice.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback