German IT-Grundschutz Cloud Management
|
|
- Gloria Alexander
- 8 years ago
- Views:
Transcription
1 German IT-Grundschutz Cloud Management Workshop Certification, InteRnationalisation and standardization in cloud Security Cooperation with Dominic Mylo
2
3 Introduction Dominic Mylo 3
4 Atos Cloud Competencies Experience in providing Cloud Services Canopy Research & Innovation department of Atos has more than 10 ongoing research projects related to cloud security Corporate Member Alliance Atos is member of European Cloud Partnership Actively participating in initiatives run by ETSI, ENISA, CEN Atos is participating in Helix Nebula federated cloud for science Cloud Leader Award
5
6 IT-Grundschutz Methodology Describes a method for setting up and integrating IS management in an organisation. ISO certification process in accordance with IT-Grundschutz by german BSI as accreditation body per law. The IT-Grundschutz Catalogues contain over 4500 pages describing potential threats and protective security controls. The IT-Grundschutz Catalogues are constantly being revised, and new, specialised subjects are added as required. Enhanced with new trends and technologies e.g. cloud 6
7 Security Concept IT-Grundschutz simplified process Structure analysis Protection requirments determination Modelling of domain (select safeguards) Basic security check (compare target / current state) normal prot. Requirements Risk analysis High protection Requirements Implementation of safeguards IT-Grundschutz sec controls Individual sec controls 7
8 Protection Requirements Technical, organisational, personnel, and infrastructural security safeguards Reach a baseline security level Protect business-related information having normal protection requirements. Basis for IT systems and applications requiring a high level of protection. Protection requirements are define by possible impact caused by loss of CIA. Cloud Problem: CSP cannot rate the protection value of cloud data (CSP is not information owner) a) Ask the cloud user b) CSP defines data allowed to put in the Cloud 8
9 Layer Model IT-Grundschutz Layer 1 Layer 2 Layer 3 Layer 4 Layer 5 covers all generic information security issues. These include the human resources, data backup concept covers the technical issues related to building construction. Examples include the modules for buildings, server rooms covers individual IT systems. Examples include the general client, general server, telecommunication system, laptop modules. concerns the issues relating to networking IT systems. Examples include WLAN, VoIP, network management modules deals with the actual applications. Examples include the , web server, and database modules. Cloud Modules Virtualisation (Cloud) Storage systems Cloud Modules Cloud Usage Cloud Management Webservices 9
10
11 Information sources International Best Practices Alliance Cloud Control Matrix Guidance ENISA Cloud Computing Risk Assessment BSI Security Recommendations for Cloud Computing Providers VMware Study VCE Vblock IETF Cloud Computing Reference Framework 11
12 Target Group Cloud Management Module Cloud Service Provider Cloud User should use Module Cloud usage Target group german public agencies Applicable cross market Secure providing, management & operation of cloud environments Out of scope: infrastructure security system security Application security 12
13 Cloud Reference Model IETF data / content Cloud Portal Cloud Self-Service- Portal Cloud Management: Cloud Services (SaaS, PaaS, IaaS) Cloud configuration Registry & Repository resource control layer Audit & Logging SLA virtual resource control layer Security physical resource control layer 13
14 Cloud Management Threats Summary Failures in Planning Cloud Service Templates Incorrect Provisioning of Cloud Services Insufficient isolation of cloud services Insufficient Business Continuity Mgt organisational shortcomings Insufficient configuration of cloud services and management components Failures in automated Cloud Management deliberate acts Human error fraudulent use of administrative permissions technical failures Outage of cloud management components unauthorised usage of snapshots incompatibility between cloud-management and cloud-ressources information leakage by cloud cartography 14
15 Security Controls Summary Planning Cloud Service Templates and Cloud-Ressources Third party contracts Selection of cloud-components Business continuity backup Planning concepts Provisioning Secure communication for cloud access BCM implemen tation Training for cloud administrators operation Event logging and monitoring patch management Security Controls to ensure continuous Multitenancy Cloud user administration Complete and secure deletion of cloud data for sensible information Controlled provisioning & deprovisioning of cloud services secure automation 15
16 For more information please contact: Dominic Mylo Security Consultant T +49 (5931) M +49 (177) dominic.mylo@atos.net Lohberg Meppen Atos, the Atos logo, Atos Consulting, Atos Worldline, Atos Sphere, Atos Cloud and Atos WorldGrid are registered trademarks of Atos SE Atos. 16
Cloud Security Introduction and Overview
Introduction and Overview Klaus Gribi Senior Security Consultant klaus.gribi@swisscom.com May 6, 2015 Agenda 2 1. Cloud Security Cloud Evolution, Service and Deployment models Overview and the Notorious
More informationCloud Computing - Starting Points for Privacy and Transparency
Computing - Starting Points for Privacy and Transparency Ina Schiering Ostfalia University of Applied Science Wolfenbüttel, Germany IFIP Summerschool: Privacy and Identity Management for Life, Helsingborg,
More informationCloud Management. Description
B 5.XXCloud Management B 5.XX Cloud Management Description Cloud Computing refers to the dynamic provisioning, use and invoicing of IT services, based on demand, via a network. These services are only
More informationCloud Security. Peter Jopling joplingp@uk.ibm.com IBM UK Ltd Software Group Hursley Labs. peterjopling. 2011 IBM Corporation
Cloud Security Peter Jopling joplingp@uk.ibm.com IBM UK Ltd Software Group Hursley Labs peterjopling 2011 IBM Corporation Cloud computing impacts the implementation of security in fundamentally new ways
More informationThe Copernicus Value Chain Workshop
The Copernicus Value Chain Workshop Panelist: Mick Symonds Atos and Helix Nebula 26 27 April 2016 Brussels, Belgium DG GROW Slide 1-2: introduction about yourself and your organisation Atos is a leader
More informationWhitepaper. Canopy Security. Simplicity, Agility, Transparency. An Atos company. Powered by EMC 2 and VMware
Whitepaper Canopy Security Simplicity, Agility, Transparency 2 Whitepaper Summary Introduction While business is turning to the cloud to save costs and improve agility, for many enterprises security is
More informationCloud Computing Governance & Security. Security Risks in the Cloud
Cloud Computing Governance & Security The top ten questions you have to ask Mike Small CEng, FBCS, CITP Fellow Analyst, KuppingerCole This Webinar is supported by Agenda What is the Problem? Ten Cloud
More informationSeeing Though the Clouds
Seeing Though the Clouds A PM Primer on Cloud Computing and Security NIH Project Management Community Meeting Mark L Silverman Are You Smarter Than a 5 Year Old? 1 Cloud First Policy Cloud First When evaluating
More information2008 by Bundesamt für Sicherheit in der Informationstechnik (BSI) Godesberger Allee 185-189, 53175 Bonn
2008 by Bundesamt für Sicherheit in der Informationstechnik (BSI) Godesberger Allee 185-189, 53175 Bonn Contents Contents 1 Introduction 1.1 Version History 1.2 Objective 1.3 Target group 1.4 Application
More informationBSI Baseline Protection Manual - How to measure IT-Security -
BSI Baseline Protection Manual - How to measure IT-Security - Thomas Biere Federal Information Security Agency, Germany Prejudices against IT-Security! IT-Security - causes a lot of expenses - is too expencive
More informationCloud Security. DLT Solutions LLC June 2011. #DLTCloud
Cloud Security DLT Solutions LLC June 2011 Contact Information DLT Cloud Advisory Group 1-855-CLOUD01 (256-8301) cloud@dlt.com www.dlt.com/cloud Your Hosts Van Ristau Chief Technology Officer, DLT Solutions
More informationCloud Computing Standards: Overview and ITU-T positioning
ITU Workshop on Cloud Computing (Tunis, Tunisia, 18-19 June 2012) Cloud Computing Standards: Overview and ITU-T positioning Dr France Telecom, Orange Labs Networks & Carriers / R&D Chairman ITU-T Working
More informationGovernance and Control in the Cloud. Infrastructure as a Service
1 Governance and Control in the Cloud Infrastructure as a Service Cows 2 The Triumph of the Utility 3 Our Discussion 4 How we ll talk about Governance and Controls today Not an IT-assurance methodology
More informationCloud Computing Standards: Overview and first achievements in ITU-T SG13.
Cloud Computing Standards: Overview and first achievements in ITU-T SG13. Dr ITU-T, Chairman of Cloud Computing Working Party, SG 13 Future Networks Orange Labs Networks, Cloud & Future Networks Standard
More informationTable of Contents. FME Cloud Architecture Overview. Secure Operations. Application Security. Shared Responsibility.
FME Cloud Security Table of Contents FME Cloud Architecture Overview Secure Operations I. Backup II. Data Governance and Privacy III. Destruction of Data IV. Incident Reporting V. Development VI. Customer
More informationHealthcare: La sicurezza nel Cloud October 18, 2011. 2011 IBM Corporation
Healthcare: La sicurezza nel Cloud October 18, 2011 Cloud Computing Tests The Limits Of Security Operations And Infrastructure Security and Privacy Domains People and Identity Data and Information Application
More informationSecurity Recommendations for Cloud Computing Providers
White Paper Security Recommendations for Cloud Computing Providers (Minimum information security requirements) www.bsi.bund.de Contents Contents Preamble 3 The BSI Serving the Public 5 1 Introduction 7
More informationCloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab Qing.Liu@chi.frb.org
Cloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab Qing.Liu@chi.frb.org 1 Disclaimers This presentation provides education on Cloud Computing and its security
More informationEnterprise Program Management Service
Enterprise Program Service Customer presentation 06/07/2012 Agenda Overview The Situation The Services The Benefits Experience 2 Enterprise Program requirements A suitable Enterprise Program solution for
More informationInformation Security Team
Title Document number Add document Document status number Draft Owner Approver(s) CISO Information Security Team Version Version history Version date 0.01-0.05 Initial drafts of handbook 26 Oct 2015 Preface
More informationInvest in your business with Ubuntu Advantage.
Invest in your business with Ubuntu Advantage. Expert advice. Specialist tools. Dedicated support. Introducing Ubuntu Advantage Contents 02 Introducing Ubuntu Advantage 03 Ubuntu Advantage 04 - Landscape
More informationCloud Computing Alignment to Service Management (ITIL v3)
Cloud Computing Alignment to Service Management (ITIL v3) Written by: Amit Kumar Purpose : Educational Use Only Table of Contents What is Cloud Computing? What is Software as a Service? What is Infrastructure
More informationFederal Aviation Administration. efast. Cloud Computing Services. 25 October 2012. Federal Aviation Administration
efast Cloud Computing Services 25 October 2012 1 Bottom Line Up Front The FAA Cloud Computing Vision released in 2012 identified the agency's road map to meet the Cloud First Policy efast must provide
More informationWorking anytime anywhere
1 28/11/2014 Working anytime anywhere Future Workplace 3 28/11/2014 Future Workplace 4 28/11/2014 Future Workplace 5 28/11/2014 Future Workplace 6 28/11/2014 Future Workplace 7 28/11/2014 Future Workplace
More informationCloud Security. Nantawan Wongkachonkitti Electronic Government Agency, Thailand Cloud Security Alliance, Thailand Chapter October 2014
Cloud Security Nantawan Wongkachonkitti Electronic Government Agency, Thailand Cloud Security Alliance, Thailand Chapter October 2014 Agenda Introduction Security Assessment for Cloud Secure Cloud Infrastructure
More informationG-Cloud Service Definition. Canopy Unmanaged Enterprise Private Cloud (IL3 Capable) IaaS
G-Cloud Service Definition Canopy Unmanaged Enterprise Private Cloud (IL3 Capable) IaaS Canopy Unmanaged Enterprise Private Cloud IaaS Canopy Unmanaged Enterprise Private Cloud delivers the efficiencies,
More informationCloud Security Who do you trust?
Thought Leadership White Paper Cloud Computing Cloud Security Who do you trust? Nick Coleman, IBM Cloud Security Leader Martin Borrett, IBM Lead Security Architect 2 Cloud Security Who do you trust? Cloud
More informationG-Cloud Service Description. Atos Microsoft Dynamics CRM on Demand
G-Cloud Service Description Atos Microsoft Dynamics CRM on Demand February 2013 Atos, the Atos logo, Atos Consulting, Atos Worldline, Atos Sphere, Atos Cloud, Atos Healthcare (in the UK) and Atos WorldGrid
More informationIT Security Risk Management Model for Cloud Computing: A Need for a New Escalation Approach.
IT Security Risk Management Model for Cloud Computing: A Need for a New Escalation Approach. Gunnar Wahlgren 1, Stewart Kowalski 2 Stockholm University 1: (wahlgren@dsv.su.se), 2: (stewart@dsv.su.se) ABSTRACT
More informationHP POWERING THE CLOUD
HP POWERING THE CLOUD Get the benefits of cloud today Duško Milošević ESSN Technical Consultant Serbia and Montenegro 2011 Hewlett-Packard Development Company, L.P. The information contained herein is
More informationCloud Security Who do you trust?
Thought Leadership White Paper Cloud Computing Cloud Security Who do you trust? Nick Coleman, IBM Cloud Security Leader Martin Borrett, IBM Lead Security Architect 2 Cloud Security Who do you trust? Cloud
More informationEXIN Cloud Computing Foundation
Sample Questions EXIN Cloud Computing Foundation Edition April 2013 Copyright 2013 EXIN All rights reserved. No part of this publication may be published, reproduced, copied or stored in a data processing
More informationIBM Cloud Security Draft for Discussion September 12, 2011. 2011 IBM Corporation
IBM Cloud Security Draft for Discussion September 12, 2011 IBM Point of View: Cloud can be made secure for business As with most new technology paradigms, security concerns surrounding cloud computing
More informationAtos Cloud Solutions with EMC. Milena Pavlović Infrastructure and Cloud Solutions
Atos Cloud Solutions with EMC Milena Pavlović Infrastructure and Cloud Solutions 1 Cloud Infrastructure Services (CIS) - the fundamental service of Atos Sphere TM The Cloud Infrastructure services are
More informationBuilding Private & Hybrid Cloud Solutions
Solution Brief: Building Private & Hybrid Cloud Solutions WITH EGENERA CLOUD SUITE SOFTWARE Egenera, Inc. 80 Central St. Boxborough, MA 01719 Phone: 978.206.6300 www.egenera.com Introduction When most
More informationvision realize your software-defined with the Digital Data Center from Atos Whitepaper
realize your software-defined vision with the Digital Data Center from Atos Whitepaper Revolutionize agility and flexibility. Accelerate time to market. Mitigate risk without inhibiting innovation. Reduce
More informationJohn Essner, CISO Office of Information Technology State of New Jersey
John Essner, CISO Office of Information Technology State of New Jersey http://csrc.nist.gov/publications/nistpubs/800-144/sp800-144.pdf Governance Compliance Trust Architecture Identity and Access Management
More informationHow To Protect Your Cloud From Attack
A Trend Micro White Paper August 2015 Trend Micro Cloud Protection Security for Your Unique Cloud Infrastructure Contents Introduction...3 Private Cloud...4 VM-Level Security...4 Agentless Security to
More informationHow To Secure Cloud Computing
A hole in the cloud: Is cloud secure? N. Vijaykumar Infosys Technologies Limited, Bangalore presented at Security in cloud is a key challenge! 70% 60% 50% 40% 30% 20% 10% 0% Data integrity tampering Hacker
More informationRedesigning IT Service Organization for Digital Era
1 28/11/2014 Redesigning IT Service Organization for Digital Era Digital Era 3 28/11/2014 IT Organization redesign drivers 4 28/11/2014 Business Model Transformation General approach Performance bottlenecks
More informationHow To Protect Your Cloud Computing Resources From Attack
Security Considerations for Cloud Computing Steve Ouzman Security Engineer AGENDA Introduction Brief Cloud Overview Security Considerations ServiceNow Security Overview Summary Cloud Computing Overview
More informationLEVERAGE VBLOCK SYSTEMS FOR Esri s ArcGIS SYSTEM
Leverage Vblock Systems for Esri's ArcGIS System Table of Contents www.vce.com LEVERAGE VBLOCK SYSTEMS FOR Esri s ArcGIS SYSTEM August 2012 1 Contents Executive summary...3 The challenge...3 The solution...3
More informationEsri Managed Cloud Services and FedRAMP
Federal GIS Conference February 9 10, 2015 Washington, DC Esri Managed Cloud Services and FedRAMP Erin Ross & Michael Young Agenda Esri Managed Services Program Overview Example Deployments New FedRAMP
More informationService Description for Hosted Server
Service Overview tolomy has created its Hosted Server environment using VMware ESXi which provides the foundation for building and managing a virtualised IT infrastructure. These market leading, production-proven
More informationIT Services. Capita Private Cloud. Cloud potential unleashed
IT Services Capita Private Cloud Cloud potential unleashed Cloud computing at its best Cloud is fast becoming an integral part of every IT strategy. It reduces cost and complexity, whilst bringing freedom,
More informationM A N A G I N G C O N U S U L T A N T
UNDERSTANDING MANAGED SERVICES RUSS HENDERSON M A N A G I N G C O N U S U L T A N T AGENDA Define Compare Implement DEFINE DEFINE Managed Services is the proactive management of an IT asset or object,
More informationCloud Security and Managing Use Risks
Carl F. Allen, CISM, CRISC, MBA Director, Information Systems Security Intermountain Healthcare Regulatory Compliance External Audit Legal and ediscovery Information Security Architecture Models Access
More informationvcd Cloud Marketplace Portal
vcd Cloud Marketplace Portal Are you a VMware vcloud Air Network service provider in need of a turnkey portal for your vcloud Director infrastructure? Now you can use the AirSembly cloud marketplace portal.
More informationThe ODCA, Helix Nebula and Federated Identity Management. Mick Symonds Principal Solutions Architect Atos Managed Services NL
The ODCA, Helix Nebula and Federated Identity Management Principal Solutions Architect Atos Managed Services NL Agenda The Open Data Center Alliance Helix Nebula Federated Identity Management as a service
More informationintegrating cutting-edge security technologies the case for SIEM & PAM
integrating cutting-edge security technologies the case for SIEM & PAM Introduction A changing threat landscape The majority of organizations have basic security practices in place, such as firewalls,
More informationData Analytics as a Service
Data Analytics as a Service unleashing the power of Cloud and Big Data 05-06-2014 Big Data in a Cloud DAaaS: Data Analytics as a Service DAaaS: Data Analytics as a Service Introducing Data Analytics as
More informationPCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP
solution brief PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP AWS AND PCI DSS COMPLIANCE To ensure an end-to-end secure computing environment, Amazon Web Services (AWS) employs a shared security responsibility
More informationHow To Monitor Hybrid It From A Hybrid Environment
IT Monitoring for the Hybrid Enterprise With a Look at ScienceLogic Perspective 2012 Neovise, LLC. All Rights Reserved. Report Published April, 2015 Hybrid IT Goes Mainstream Enterprises everywhere are
More informationMarval Software Limited. G Cloud iii Framework Service Definition
1 Marval Software Limited G Cloud iii Framework Service Definition Page 1 of 9 2 Contents An overview of the Marval Service Management (MSM) Software Solution... 3 Information assurance Impact Level (IL)
More informationCloud Security considerations for business adoption. Ricci IEONG CSA-HK&M Chapter
Cloud Security considerations for business adoption Ricci IEONG CSA-HK&M Chapter What is Cloud Computing? Slide 2 What is Cloud Computing? My Cloud @ Internet Pogoplug What is Cloud Computing? Compute
More informationSee Appendix A for the complete definition which includes the five essential characteristics, three service models, and four deployment models.
Cloud Strategy Information Systems and Technology Bruce Campbell What is the Cloud? From http://csrc.nist.gov/publications/nistpubs/800-145/sp800-145.pdf Cloud computing is a model for enabling ubiquitous,
More informationSecurity in the Green Cloud
Security in the Green Cloud Smart and Green infrastructure symposium 2011 Prague May 19 th 2011 Steinthor Bjarnason sbjarnas@cisco.com 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public
More informationCopyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The image part with relationship ID rid2 was not found in the file. Insight
More informationThe Cloud is Not Enough Why Hybrid Infrastructure is Shaping the Future of Cloud Computing
Your Platform of Choice The Cloud is Not Enough Why Hybrid Infrastructure is Shaping the Future of Cloud Computing Mark Cravotta EVP Sales and Service SingleHop LLC Talk About Confusing? Where do I start?
More informationHow to survive in a world of Virtualization and Cloud Computing, where you even can t trust your own environment anymore. Raimund Genes, CTO
How to survive in a world of Virtualization and Cloud Computing, where you even can t trust your own environment anymore. Raimund Genes, CTO Data everywhere but protection? Unprotected Data Needing Protection
More informationCloud Computing: Opportunities, Challenges, and Solutions. Jungwoo Ryoo, Ph.D., CISSP, CISA The Pennsylvania State University
Cloud Computing: Opportunities, Challenges, and Solutions Jungwoo Ryoo, Ph.D., CISSP, CISA The Pennsylvania State University What is cloud computing? What are some of the keywords? How many of you cannot
More informationsecurity in the cloud White Paper Series
security in the cloud White Paper Series 2 THE MOVE TO THE CLOUD Cloud computing is being rapidly embraced across all industries. Terms like software as a service (SaaS), infrastructure as a service (IaaS),
More informationEnabling Storage Services in Virtualized Cloud Environments
Cloud Environments Contents 1. Multi-Tenant Architecture... 4 2. Server Groups, Attributes, and Aggregation... 4 3. Capacity Planning as a Service... 6 4. Chargeback as a Service... 9 4.1. Storage Chargeback...
More informationCloud Security: An Independent Assessent
Cloud Security: An Independent Assessent A Quantix White Paper Dec 2010 Call us on: 0115 983 6200 Visit us on-line at: www.quantix-uk.com E-mail us at : enquiries@quantix-uk.com Why are people concerned
More informationCloud Computing Security Issues
Copyright Marchany 2010 Cloud Computing Security Issues Randy Marchany, VA Tech IT Security, marchany@vt.edu Something Old, Something New New: Cloud describes the use of a collection of services, applications,
More informationRE Think. IT & Business. Invent. IBM SmartCloud Security. Dr. Khaled Negm, SMIEEE, ACM Fellow IBM SW Global Competency Center Leader GCC
RE Think Invent IT & Business IBM SmartCloud Security Dr. Khaled Negm, SMIEEE, ACM Fellow IBM SW Global Competency Center Leader GCC 2014 IBM Corporation Some Business Questions Is Your Company is Secure
More informationEnsuring security the last barrier to Cloud adoption
Ensuring security the last barrier to Cloud adoption Publication date: March 2011 Ensuring security the last barrier to Cloud adoption Cloud computing has powerful attractions for the organisation. It
More informationWHITE PAPER: Egenera Cloud Suite
WHITE PAPER: Egenera Cloud Suite ... Introduction Driven by ever-increasing business demand, cloud computing has become part of many organizations IT strategy today. Driving this transition is the need
More informationSecurity Challenges of Cloud Providers ( Wie baue ich sichere Luftschlösser in den Wolken )
23.11.2015 Jan Philipp Manager, Cyber Risk Services Enterprise Architect Security Challenges of Cloud Providers ( Wie baue ich sichere Luftschlösser in den Wolken ) Purpose today Introduction» Who I am
More informationCloud Security Alliance New Zealand Contribution to the Privacy Commissioner. 23 February 2012
Cloud Security Alliance New Zealand Contribution to the Privacy Commissioner 23 February 2012 Foreword Cloud Security Alliance New Zealand Chapter is grateful to Privacy Commissioner for giving an opportunity
More informationHP CloudSystem Enterprise
Technical white paper HP CloudSystem Enterprise Creating a multi-tenancy solution with HP Matrix Operating Environment and HP Cloud Service Automation Table of contents Executive summary 2 Multi-tenancy
More informationDynamic Services from T-Systems: Enterprise Cloud Computing in practice
Dynamic Services from T-Systems: ntral & Eastern European Software Engineering Conference, Moscow, November 1, 2011 him Stohr, Head of SAP Global Services Architecture, T-Systems 1 Best of clouds which
More informationConnecting to the Cloud
Connecting to the Cloud Six Degrees Group www.6dg.co.uk Managed Cloud Hosting Companies all over the world are intrigued by the possibility of cloud services but they have profound concerns about the privacy,
More informationAdopting Cloud Computing with a RISK Mitigation Strategy
Adopting Cloud Computing with a RISK Mitigation Strategy TS Yu, OGCIO 21 March 2013 1. Introduction 2. Security Challenges Agenda 3. Risk Mitigation Strategy Before start using When using 4. Policy & Guidelines
More informationSecuring the Cloud with IBM Security Systems. IBM Security Systems. 2012 IBM Corporation. 2012 2012 IBM IBM Corporation Corporation
Securing the Cloud with IBM Security Systems 1 2012 2012 IBM IBM Corporation Corporation IBM Point of View: Cloud can be made secure for business As with most new technology paradigms, security concerns
More informationBecoming a Cloud Services Broker. Neelam Chakrabarty Sr. Product Marketing Manager, HP SW Cloud Products, HP April 17, 2013
Becoming a Cloud Services Broker Neelam Chakrabarty Sr. Product Marketing Manager, HP SW Cloud Products, HP April 17, 2013 Hybrid delivery for the future Traditional IT Evolving current state Future Information
More informationInteroute Virtual Data Centre. Hands on cloud control.
Interoute Virtual Data Centre. Hands on cloud control. Scale your computing resource on demand Choose where in Europe you want your data Europe s most trusted and secure network www.interoute.com/vdc Interoute
More informationConsolidated Technology Services PRIVATE CLOUD SERVICE. March 2014
Consolidated Technology Services PRIVATE CLOUD SERVICE March 2014 Topics Service Strategy Features and Benefits Service Options Rates Deployment Strategy Next Steps 2 Private Cloud Service Strategy Transform
More informationMaindec Computer Solutions Ltd. Service Definition for Infrastructure as a Service. Prepared by Mark Butcher
Maindec Computer Solutions Ltd Definition for Infrastructure as a Prepared by Mark Butcher 1. Infrastructure as a Overview 1.1 What is it? Delivering an IT service that can adapt to business needs without
More informationSecurity Issues in Cloud Computing
Security Issues in Computing CSCI 454/554 Computing w Definition based on NIST: A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources
More informationData Protection Act 1998. Guidance on the use of cloud computing
Data Protection Act 1998 Guidance on the use of cloud computing Contents Overview... 2 Introduction... 2 What is cloud computing?... 3 Definitions... 3 Deployment models... 4 Service models... 5 Layered
More informationConfiguration Management Why we should care! Anne-Rose Suriel Senior Systems Engineer
Configuration Management Why we should care! Anne-Rose Suriel Senior Systems Engineer Agenda 1. Introduction to Configuration Management 2. Importance of Configuration Management 3. Should we care? 4.
More informationAccenture Cloud Enterprise Services
BMC User Forum 2011 Accenture Cloud Enterprise Services Martin Jureit, Accenture GmbH Accenture, its logo, and High Performance Delivered are trademarks of Accenture. Agenda Accenture Cloud Enterprise
More informationCompliance in Clouds A cloud computing security perspective
Compliance in Clouds A cloud computing security perspective Kristian Beckers, Martin Hirsch, Jan Jürjens GI Workshop: Governance, Risk & Compliance on the 19th of March 2010 What is Cloud Computing? Today:
More informationIntercloud Brokerage.
Intercloud Brokerage. A customer case for on-demand 3D CAD/CAM Workspaces... Customer case. On-demand 3D CAD/CAM Workspaces. Introduction. The IT department of a leading European company in the Consulting
More informationOrchestrating the New Paradigm Cloud Assurance
Orchestrating the New Paradigm Cloud Assurance Amsterdam 17 January 2012 John Hermans - Partner Current business challenges versus traditional IT Organizations are challenged with: Traditional IT seems
More informationPage 1 of 45. IT Grundschutz Compliance on Amazon Web Services
Page 1 of 45 IT Grundschutz Compliance on Amazon Web Services Table of contents Table of contents... 2 Abstract... 3 Basic remarks... 3 Shared Responsibility of Security... 4 Section 1 Customer View...
More informationBMC Cloud Management Functional Architecture Guide TECHNICAL WHITE PAPER
BMC Cloud Management Functional Architecture Guide TECHNICAL WHITE PAPER Table of Contents Executive Summary............................................... 1 New Functionality...............................................
More informationCloud Computing Risk and Rewards
Cloud Computing Risk and Rewards John Lazarine Vice President and Chief Audit Executive Mark Salamasick Director of Center for Internal Auditing For Dallas CPA Society Convergence 2013 May 8, 2013 John
More informationFujitsu Private Cloud Customer Service Description
Fujitsu Private Cloud Customer Service Description Fujitsu Private Cloud forms part of Fujitsu Hybrid IT portfolio to address the full range of Customers requirements and business needs by providing agility
More informationAn Overview of the Most Important Reference Architectures for Cloud Computing
26 Informatica Economică vol. 18, no. 4/2014 An Overview of the Most Important Reference Architectures for Cloud Computing Răzvan ZOTA, Ionuț Alexandru PETRE The Bucharest University of Economic Studies
More informationCloud Terminology Handbook
Cloud Terminology Handbook Cloud Terminology Handbook 2 Cloud advocates love to argue over semantics. That s fine for them. But when it comes to procuring services, language shouldn t get in the way of
More informationOpen Source Sales Force Automation (SFA) in the Cloud SaaS
Open Source Sales Force Automation (SFA) in the Cloud SaaS Service Overview Our open source Sales Force Automation (SFA) in the cloud service allows customers to perform marketing automation through multi
More informationDelivering actionable service knowledge
Delivering actionable service knowledge Converged Infrastructure Monitoring and Management (CIM 2 ) Delivering actionable service knowledge Converged Infrastructure Monitoring & Management (CIM 2 ) from
More informationService Automation to implement and operate your Cloud initiatives
Service Automation to implement and operate your Cloud initiatives Pierre AESCHLIMANN Principal Solution Consultant (EMEA Global Accounts) BMC Software ! Request, change, and support business services!
More informationAtos Services Supporting Document
Service Description Atos Services Supporting Document for: Atos G-Cloud Success Factors Offerings February 2013 Atos, the Atos logo, Atos Consulting, Atos Worldline, Atos Sphere, Atos Cloud, Atos Healthcare
More informationSOLUTIONS. Secure Infrastructure as a Service for Production Workloads
IaaS SOLUTIONS Secure Infrastructure as a Service for Production Workloads THE CHALLENGE Now more than ever, business and government are facing the challenge of balancing conflicting demands. Market pressures
More informationLeveraging the Private Cloud for Competitive Advantage
Leveraging the Private Cloud for Competitive Advantage Introduction While it is universally accepted that organisations will leverage cloud solutions to service their IT needs, there is a lack of clarity
More informationAssessing Risks in the Cloud
Assessing Risks in the Cloud Jim Reavis Executive Director Cloud Security Alliance Agenda Definitions of Cloud & Cloud Usage Key Cloud Risks About CSA CSA Guidance approach to Addressing Risks Research
More informationPresentation for ISACA Chapter NL. Auditing Virtual Servers. VMware: Security and Operations. Gert-Jan Timmer 3. September, 2012
Presentation for ISACA Chapter NL Auditing Virtual Servers VMware: Security and Operations Gert-Jan Timmer 3. September, 2012 Auditing Virtual Servers: Vmware: Security and Operations Presentation today:
More information