Cloud Security Challenges and Guidelines

Size: px
Start display at page:

Download "Cloud Security Challenges and Guidelines"

Transcription

1 Cloud Security Challenges and Guidelines Theo Dimitrakos Chief Security Researcher, BT Research & Technology Professor of Computer Science, University of Kent Contact: British Telecommunications plc Template Version 1.2 BT Assure. Security that matters

2 Security Research & Innovation Protect BT Cyber SOC Global Threat Monitoring Cable Theft Physical Security Application areas Future Home Security Secure Cloud Storage Intelligent Protection Network Alarm Correlation. Enabling technologies Visual Analytics AI Malware Evolution Virtualisation and application security

3 Change factors in a networked world Cloud Computing Network Virtualisation Internet of Things Content Networks & New Media Mobile Network Evolution Social Networks Cyber Crime Cyber Terrorism Disappearing perimeters Business services distributed over the network Global operations Big data at rest on the network / exposed via the network Virtualisation of networks and network devices New ways of operating network infrastructures Massive interconnection of cloud services and smart devices Global distribution (Smart Cities, Smart Health, Smart Energy, etc.) Fusion of services with nw areas that did not rely on IT networks New and more complex content Complex content and media delivery schemes 4G evolution and deployment BOYD proliferation Complex interleaving communication channels New socio-technical models Fusion of traditional and internet crime Reputation damage and attacks Network increasingly a theatre of state, group and activist terrorism Complex supply chains Fusion of civil/defence networks

4 Example: Commonly referenced cloud security incidents Bad co-hosts Service Availability Amazon: Hey Spammers, Get Off My Cloud! (2008) Megaupload US prosecutor investigation (2012) Bitbucket's Amazon DDoS - what went wrong (2009) AWS EBS cloud storage services outage (2011) impact on Netflix vs. Foursquare Risk communication & Response Diginotar (June 2011) RSA SecureID (March2011) In-cloud federated Identity Management Entitlement Management Security issues with Google Docs Security Issues with Sony User Network Lack of Standards Hypervisor & Virtual Machine Vulnerabilities An Empirical Study into the Security Exposure to Hosts of Hostile Virtualized Environments (Tavis Ormandy, Google Inc.) Blue Pill see also Cloudburst: Arbitrary code execution vulnerability for VMWare Crypto Ops in VM Resettable Public-Key Encryption: How to Encrypt on a Virtual Machine Data Provanence Where did the data come from? Data Remanence You can check out but can t leave Location & Privacy Who looks at/after your data? And where? Jurisdictions?

5 Cloud Security: the challenges Shared processor and memory among virtual appliances Overhead on packet processing Overhead on forwarding rate Security processing impact Virtualized network governance Network Virtualisation Packet processing on a virtualized infrastructure Improperly configured virtual firewalls or networking Inspection of intra-vm traffic on virtual networks Virtualisation / Hypervisor Security threats Data leakage through offline images Improperly configured hypervisor Hypervisor vulnerabilities & malware Virtual machine images / virtual appliances containing malicious code (prebuilt) Confidentiality efficient data encryption process & encrypted processing function Integrity integrity monitoring: virtual image, network traffic & protocol processing ; accountability Resource isolation bandwidth slicing ; virtual to physical mapping ; network processor scheduling

6 Cloud Security: the challenges CSPs don t: allow clients to classify data offer different levels of security based upon data sensitivity offer DLP services Data Leakage Prevention Co-ordinate security policies & provisioning for network & server virtualisation Location/resource optimisation End-to-end Virtualisati on Active Shielding Cloud & Virtual Infrastructure Security Near real-time virtual patching Intrusion Prevention at Hypervisor level below Guest OS Malware prevention / detection at Hypervisor level Isolation (Inter-VM & Hypervisor) VM Security Robust at system level (modulo kernel bugs) Issues at management plane Memory hijacking Guest OS needs security protection Resilient VM lifecycle dynamic at massive scale Crypto doesn t like virtual Current algorithms set to optimise resource pooling Can t always use specialised HW Encryption key management Physical - to- Virtual Mapping Hypervisor Security Hypervisor / trusted VM: the best place to secure Limited compute resources Security API standards Difficult to exploit but high-impact Do you trust Microsoft? Do you trust VMWare?

7 Cloud Security: the challenges Lack of standards Lack of interoperability Limited service portability Incompatible management processes Security of shared resources Process isolation Data segregation Data sharding (fragment across images) Entitlement & Access Mgmt (policy issuing authority) Multitenancy Cloud Platform Lock-in Law & Compliance Cloud Data & Services Security Provider & resource / data location Cross-border data movement PII and privacy obligations (HIPAA, GLBA) Auditing and compliance (PCI, ISO 27001) Poor quality of evidence Data Location & Mobility Resilience & Availability EU vs. US vs. China (Gov. access) Differences in data protection Cost of keeping data hosting in EU Audit data legally owned by CSP refusal to hand over audit logs? Difficult to involve law enforcement with CSP activities Latency sensitive applications Enforcement of SLA obligations Insufficient capabilities to cater for managing critical data In-cloud segregation of data: difficult Accidental seizure of customer data during forensic investigations Data Comingling Security in Depth VMs provided by IaaS provider Platform stack by PaaS provider IaaS, PaaS issues + application security

8 Cloud Security: the challenges Distributed Access Management Credential Mapping Authorization with Constrained Delegation (Policy Integrity & Recognition of Authority) Trust & Federation Security Auditing Identity Lifecycle Management Provisioning Identity Integration User Management Credential Management Entitlement Management Device Credentials, PKI Infrastructure Cloud Application Security Application Service Integration Virtual Directory Services Active Directory/LDAP - Attributes, Credentials and Groups for Edge servers Federation and Edge Server Security Secure Application Integration Fabric (Secure ESB Gateway)

9 Example: Cloud Computing Technology Innovation vs Cyber Security Challenges Commoditised virtualisation Cloud islands Common capabilities Virtual Private Clouds Community Clouds Cloud aware applications Cloud service assembly Open cloud federation Cloud Aggregation Ecosystem Security API for hypervisor Virtual Data Centre Service Management Layer Commoditised elasticity Commoditised data abstraction & data federation User-defined hosting On-demand Elasticity Flexible charging model Rapid provisioning / de-provisioning Customer defined standalone cloud applications Cloud islandspecific security indepth Pre-customer isolation & multitenancy Cloud vs. managed service delivery model Reusable and customisable enabling services offered via a cloud service delivery model: Identity & access, Data & system security, Data federation, Performance monitoring, Intelligent reporting Auditing Usage control, Licensing, Optimisation Customer defined security and QoS Customer-centric identity & access federation Customer-aware process & data isolation Customer-defined process and data federation Secure private network overlay offered as a service over the internet customer-centric loud application composition Communityspecific virtual private clouds In-cloud collaboration, community management & identity federation services Vertical integration of hosting and community-specific cloud applications Shared Commoditisation of cloud application stores Commoditisation of SDK for cloud applications Take advantage of cloud IaaS or PaaS to develop SaaS Ability deploy your cloud SaaS over a targeted SaaS / PaaS SDK methods for on-demand elasticity, in-cloud hosting and dynamic resource provisioning Standardisation of cloud service management interfaces Commoditisation of cloud assembly processes & tools Vertical value chain specific federation Ability to mix-andmatch cloud infrastructure & incloud common capabilities when producing cloud applications Ability to specify and rapidly provision mixed delivery models: eg. SaaS on 3 rd party PaaS; PaaS on 3 rd party IaaS Standardisation of cloud common capabilities cloud service management interfaces cloud access management & federated identity models cloud service monitoring & reporting cloud license management services Virtual Private Local Network over the Internet User defined Virtual Private Cloud Standardised cloud charging models including auctions Standardisation of cloud service assembly processes Virtual Data Centres assembled over multiple IaaS clouds by different providers PaaS over federated IaaS with integrated common capabilities by multiple 3 rd parties Commoditisation of Make your own Cloud capability

10 Example: Cloud security innovation roadmap at BT Research & Technology Cloud Security Innovation Strategy Strategic Foresight Market evolution analysis Cloud information assurance metrics In-cloud security cost-benefit analysis Cloud ecosystem security value network Market analysis revision Cloud security value network revision Technical innovation challenges & solutions Cloud security risk assessment (egov) Recommendations for High-level Secure Cloud Architecture for Government (IaaS) Recommendations for High-level Secure Cloud Architecture for Government (SaaS) Cloud federation Secure Cloud Service Broker Virtual hosing on federated clouds Multi-Cloud Intelligent Protection Multi-Cloud Secure Storage Cloud Federation Management Cloud Federation Fabric Cloud Aggregation Environment Cloud CERT Cloud Security services SSO & Identity Management as a Cloud Service Accountable Entitlement Management (in-cloud) Secure cloud storage service Cloud SaaS securityconfidentiality enhancements Cloud Cyber-Incident Management Cloud Security infrastructure Virtual Patching In-cloud malware scanning Cloud information assurance metrics Cloud security analytics Application aware Behavioural Malware detection (in-cloud) Secure Virtualisation Hypervisor level Malware Detection Hypervisor level Intrusion Prevention Hypervisor level Data Leak Prevention Use of trusted hardware in Virtual Data Centres & Cloud BT core technology innovation activity Long term research British Telecommunications plc Research Collaboration Strategy / Guidelines Slide 10

11 Cloud Security Challenges and how we address them Technology Risks Multi-tenancy (shared infrastructure) Protection in depth & Security at multiple layers Resilience & Availability Data Location & Mobility Information Assurance & Compliance Hypervisor vulnerabilities. Lack of cloud specific security solutions Defence in depth is complex to achieve in the Cloud Resource sharing Poor Process isolation /Data Segregation Data Sharding, remanance (erasure), Co-mingling Virtual image provided by IaaS provider Platform stack provided by PaaS SaaS application security Latency controls for sensitive applications Inability to enforce high-assurance SLAs CSP unable to provide QoS for sensitive applications EU vs. US vs. China regulations (Government access) Differences in data protection between EU regions Examples of CSP refusing to hand over audit logs Cross-border data movement Privacy obligations ( DPA, HIPAA, GLBA) Auditing and compliance (PCI, ISO 27001) Direct Innovation downstream to BT MFUs / Platforms Influence EU / UK policy (via expert advisory groups / agencies) Cloud vendor lock in Corporate Risks British Telecommunications plc Lack of standards / interoperability Limited service portability Incompatible management processes Lack of transparency Limited audit ability Global CSP - Regulatory compliance. Influence industry via CSA and ISF Slide 11

12 Examples of Collaborative Research Impact & Value Generation: overview Cloud Computing: Benefits, Risks Recommendations Security and Resilience of Governmental Clouds Procure Secure: security levels in cloud contracts Governmental Clouds: Good Practice Guide Incident Reporting in the Cloud Influence Strategy & Policy at EU British Telecommunications plc and National Level: Contributors to ENISA advisory reports on Cloud Security Intelligent Protection Secure Cloud Storage Multi-cloud VPN overlay Trust Assessment Cloud Compliance Assessment EU collaboration Cloud Technology Development Governmental Cloud Store Capabilities Intelligent Protection for Governmental Applications Cloud Data Protection Services Federated Identity as a Service for PSN and G-Cloud Trials Central Government Greek Ministry of Finance Municipalities London, UK Genova, Italy Belgrade, Serbia Cloud Technology Trials & Validation Slide 12

13 Examples of Collaborative Research Impact & Value Generation: illustrative case FP6 TrustCoM IP Security policy management automation FP6 BEinGRID IP Common Capabilities for Cloud, Cloud Architecture Security Patterns FP6 OPTIMIS IP Secure Cloud Broker, Common capabilities for Cloud Data & Application Protection FP7 FED4FIRE experiments 2014 Multi-cloud Data & Application Protection at large scale CIP STRATEGIC Secure cloud service store EIT HII Trusted Cloud Secure cloud platform BT Cloud Compute - Platform, Application, Data Security - Identity Federation BT Security - Cloud Security Services - Identity as a Service British Telecommunications plc Research, Development & Experimentation Technology & Business Validation BT customisation & productisation Slide 13

14 Cloud security: current areas of BT innovation and solutions In-Cloud Security Services Secure Community Clouds Cloud security research Cloud security research Application & Identity & Storage & Data Virtual Server Federation Protection Governance, Standards, ProtectionCompliance, Assurance Platform & Infrastructure Security Protecting BT s Cloud Platforms Protect BT s use of cloud infrastructure, platform and application services British Telecommunications plc Slide 14

15 One capability multiple cloud security service models Multi-cloud protection Cloud store Marketplace Cloud platform enhancement Cross-cloud application defined security policy One Security dashboard Security policy management interface Governance process Many Control points Cloud platforms Applications & servers Horizontal / reusable capability Fully integrated with cloud application deployment Automated policy derivation (security intelligence) Automated security patching per application Customisable selfmanagement interface Multi-cloud One click to buy Horizontal / reusable capability Configurable security options Fully integrated with cloud application deployment Automated policy derivation (security intelligence) Automated security patching per application One click to buy Inflight-provisioning Inventory sync Multi-cloud deployment Application defined virtual network overlay Application defined security policy group Fully managed Cloud-based On-premise Self-managed

16 BT Cloud Security Services Incubator - Enabling Open Innovation Idea generation Strategic collaboration Customer trials New products & propositions Ideas for new products and services Ideas for changing commercial models and value propositions Ideas to make things faster Define community, qualify and prioritise opportunities Research prototype to refine concept in partnership with community Validate candidate technologies/software Working with customers to trial new innovations Obtain early market feedback and test commercial attractiveness and commercial viability When concepts have been proven with customers then they will be down-streamed to product platforms Research Alpha Beta Platform British Telecommunications plc Alpha at Adastral Park run by R&T Supports ISV integration, hot houses, etc. Beta at London GS2 run by GS, tactical ops from IP Soft Targeting LatAm, US, Asia-Pac Slide 16

17 Thought-leadership: Innovation Demonstrators Cloud Broker & Federation Cloud Application Security Cloud System Security Secure Virtualisation Secure Cloud Service Broker Cloud community management Cloud Identity and Federation managemnt Intelligent Application Protection Accountable Entitlement Management Confidentiality/Compliance for Cloud SaaS GRC Assessor Secure data storage & sharing Intelligent System Protection Virtual Security Patching Hypervisor level Malware Detection Hypervisor level Intrusion Prevention Hypervisor level Data Leak Prevention British Telecommunications plc Slide 17

18 The BIG picture: Towards a Secure Cloud blueprint British Telecommunications plc Slide 18

19 BT thought-leadership: Overview of external collaborations Co-authors of ENISA expert advisory report on Cloud Security Risk Analysis Contributors to CSA security guidelines and lead of Virtualisation Security work stream Co-authors of the BT Cloud Security standard. Contributors to ENISA expert group on Government use of Cloud computing Leading Governmental Cloud Services Store & Clooud Security activities on STRATEGIC a 5 million innovation validation project Led Cloud Brokerage & Federation use case at OPTIMIS a 10.5 million collaborative R&D project Led BEinGRID (Chief scientist / technical director) the largest R&D investment ( 25 million) on next generation SOA in Europe Invited speakers at events: InfoSec, CloudSecurity, RSA, e-crime, Intellect, ISF, CSO Summit, etc. 3 books and several technical papers in Cloud & Next Generation SOA British Telecommunications plc Slide 19

20 Protection in the Cloud: BT Intelligent Protection Theo Dimitrakos

21 Intelligent Protection Service Security is secretly out of control Protection of Systems & Apps in the Cloud What is it? A cloud security service that has ben designed and developed to address customer demand for protecting virtual servers and hosted applications on cloud infrastructures. Supports multiple cloud service providers, including BT Cloud Compute, Amazon EC2, vcloud etc. Comprehensive security solution: Virtual firewall, Intrusion Prevention/Detection, Security Patch management, Anti-malware. Deploy security patching & intrusion prevention with no down time. Central Security Portal to manage protection in Multiple Cloud Platforms. Automatically Protect deployed applications / systems in Virtual Environment. Flexible delivery of protection: At Hypervisor / virtualisation management level. By self-installing agents on 3 rd party environments. Automatically integrate with Application Deployment via Service Store. Current status About to go live in the next release of BT Cloud Compute. Market place and intelligent protection service can be used to autoprovision on most popular cloud infrastructure / platform providers Benefits Reduction of complexity through integration with the cloud environment for automatic capability provisioning, life-cycle management and inventory synchronisation. Provides vulnerability protection. Eliminates the cost and risk of deployment, integration and management of complex security software or appliances. Next steps Inclusion in BT Compute product roadmap BT Wholesale Proposition DEMO at https://researchplatform.zion.bt.co.uk/demos/ipandsc

22 Important elements of cyber security strategy & innovation Protection life-cycle Adapt & Respond Remediation planning & Impact Analysis Continuous Assessment Intelligence Prevention & Protection Other important elements Think global Understand the societal, business & technology evolution Share intelligence with care Carefully attribute responsibility: think of the whole supply-chain Design for change & adaptation Understand the impact of change Learn from own and others mistakes Centralise visibility & control Distribute ability to enforce & selfadapt within policy & context

23 BT Intelligent Protection Core strengths & innovative features In flight intrusion prevention, no down time Comprehensive security solution: Virtual firewall, IPS, Security Patch management, Anti-malware 360 o Protection of customer applications Build for Cloud/VDC- hypervisor level security, more effective, easier to integrate into the cloud Intelligent Protection British Telecommunications plc Security Dashboard Cloud portal Slide 23

24 Automatic Application Protection Cloud Service Provisioning During Application Provisioning, Customers / Tenants: Purchase intelligent protection License for the required Security Modules (Firewall, Anti-Malware, Intrusion Detection, Integrity Monitoring, Log Inspection) Select an Application from the Application Market Place. Automatic Protect deployed Application with selected Security Options. 24

25 Automatic Application Protection 25

26 Automatic Application Protection 26

27 Automatic Application Protection 27

28 Cloud Security Services protection of data in the cloud Security is secretly out of control Secure cloud data protection service What is it? Not just another cloud (i.e. network accessible) storage service A cloud security service enabling customers to manage data protection across many cloud infrastructures Virtual hard-disk volume encryption offered as a service Decryption only possible in safe environments following policy-based approval Protected data mobility across servers and across clouds Customer in control of compliance with dataprotection policies across many clouds and regions Faults & security breaches visible across clouds Seamless integration with Cloud Service stores and interoperability with most cloud platforms Current status About to go live on BT Cloud Compute. Market place and intelligent protection service can be used to auto-provision on most popular cloud IaaS/PaaS BT Intellectual Property (2 core and 9 related patents) Estimated impact of protecting revenue > 30M p.a. Selected for trial with Municipalities UK, Italy, Serbia) and Central Government services (Lithuania, Greece) How it works Customer is in control of connection, protection, access to secure virtual storage. Decryption only possible when data is used in a specific safe environment following policy-based approval. Policy-driven key management Uses identity and integrity based enforcement to ensure only authorised virtual machine receive keys and access to secure storage. Automates key release and virtual machine authorisation for rapid operation. Enables the use of policies to determine when and where keys were used. Advanced Encryption techniques Features FIPS certification and FIPS approved AES encryption. Encrypts and decrypts information in real time, so that data is always protected. Applies whole volume encryption to secure all data, metadata, and associated structures. Robust auditing, reporting, and Alerting Logs actions in the management console for audit purposes. Provides detailed reporting and alerting features with incident-based and interval-based notifications DEMO at https://researchplatform.zion.bt.co.uk/demos/ipandsc

29 Cloud-based Identity Management Service Future Challenge: Traditional enterprise in a changing world Social Media Silo expansion Identity shadowing Policy fragmentation Loss of control Cloud Apps & Web Services Cloud Platform & Infrastructure SaaS Internal Enterprise Cloud British Telecommunications plc Slide 29

30 Cloud-based Identity Management Service Future Challenge: Cloud-ready always connected enterprise Cloud/hosted service - Holistic identity life-cycle management - Privileged identity - Governance, audit - Federation and SSO - Fraud prevention for both on-premise and in-cloud services & applications Social Media Cloud Apps & Web Services Cloud Platform & Infrastructure SaaS Gateway/bridge to - Identity management - Enterprise governance - Access management - Information protection for enterprise resources Internal Enterprise Cloud British Telecommunications plc Future identity challenges case study: BT Cloud Compute Service Store Slide 30

31 British Telecommunications plc Slide 31

Intelligent Protection for Applications in the Cloud Industrial Case Studies Rob Rowlingson (robert.rowlingson@bt.com)

Intelligent Protection for Applications in the Cloud Industrial Case Studies Rob Rowlingson (robert.rowlingson@bt.com) Intelligent Protection for Applications in the Cloud Industrial Case Studies Rob Rowlingson (robert.rowlingson@bt.com) Theo Dimitrakos Chief Security Researcher, BT Research & Technology theo.dimitrakos@bt.com

More information

Effective End-to-End Cloud Security

Effective End-to-End Cloud Security Effective End-to-End Cloud Security Securing Your Journey to the Cloud Trend Micro SecureCloud A Trend Micro & VMware White Paper August 2011 I. EXECUTIVE SUMMARY This is the first paper of a series of

More information

Secure Cloud Computing

Secure Cloud Computing Secure Cloud Computing Agenda Current Security Threat Landscape Over View: Cloud Security Overall Objective of Cloud Security Cloud Security Challenges/Concerns Cloud Security Requirements Strategy for

More information

Trend Micro Cloud Protection

Trend Micro Cloud Protection A Trend Micro White Paper August 2015 Trend Micro Cloud Protection Security for Your Unique Cloud Infrastructure Contents Introduction...3 Private Cloud...4 VM-Level Security...4 Agentless Security to

More information

Cloud Security Introduction and Overview

Cloud Security Introduction and Overview Introduction and Overview Klaus Gribi Senior Security Consultant klaus.gribi@swisscom.com May 6, 2015 Agenda 2 1. Cloud Security Cloud Evolution, Service and Deployment models Overview and the Notorious

More information

The Education Fellowship Finance Centralisation IT Security Strategy

The Education Fellowship Finance Centralisation IT Security Strategy The Education Fellowship Finance Centralisation IT Security Strategy Introduction This strategy outlines the security systems in place to optimise, manage and protect The Education Fellowship data and

More information

Security Issues in Cloud Computing

Security Issues in Cloud Computing Security Issues in Computing CSCI 454/554 Computing w Definition based on NIST: A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources

More information

Security-as-a-Service in Multi-cloud and Federated Cloud Environments

Security-as-a-Service in Multi-cloud and Federated Cloud Environments Security-as-a-Service in Multi-cloud and Federated Cloud Environments Pramod S. Pawar 1, Ali Sajjad 1, Theo Dimitrakos 1,2, David W Chadwick 1 1 The University of Kent, Canterbury, Kent CT2 7NZ, United

More information

Service Oriented Networks Security. David Brossard, M.Eng, SCEA Senior Security Researcher, BT Innovate Globecom 2008

Service Oriented Networks Security. David Brossard, M.Eng, SCEA Senior Security Researcher, BT Innovate Globecom 2008 Service Oriented Networks Security David Brossard, M.Eng, SCEA Senior Security Researcher, BT Innovate Globecom 2008 While empowering new business models, SON leads to a proliferation of application networks

More information

Lecture 02b Cloud Computing II

Lecture 02b Cloud Computing II Mobile Cloud Computing Lecture 02b Cloud Computing II 吳 秀 陽 Shiow-yang Wu T. Sridhar. Cloud Computing A Primer, Part 2: Infrastructure and Implementation Topics. The Internet Protocol Journal, Volume 12,

More information

IBM Cloud Security Draft for Discussion September 12, 2011. 2011 IBM Corporation

IBM Cloud Security Draft for Discussion September 12, 2011. 2011 IBM Corporation IBM Cloud Security Draft for Discussion September 12, 2011 IBM Point of View: Cloud can be made secure for business As with most new technology paradigms, security concerns surrounding cloud computing

More information

Assessing Risks in the Cloud

Assessing Risks in the Cloud Assessing Risks in the Cloud Jim Reavis Executive Director Cloud Security Alliance Agenda Definitions of Cloud & Cloud Usage Key Cloud Risks About CSA CSA Guidance approach to Addressing Risks Research

More information

Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services

Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services Udo Schneider Trend Micro Udo_Schneider@trendmicro.de 26.03.2013

More information

IBM 000-281 EXAM QUESTIONS & ANSWERS

IBM 000-281 EXAM QUESTIONS & ANSWERS IBM 000-281 EXAM QUESTIONS & ANSWERS Number: 000-281 Passing Score: 800 Time Limit: 120 min File Version: 58.8 http://www.gratisexam.com/ IBM 000-281 EXAM QUESTIONS & ANSWERS Exam Name: Foundations of

More information

Securing The Cloud. Foundational Best Practices For Securing Cloud Computing. Scott Clark. Insert presenter logo here on slide master

Securing The Cloud. Foundational Best Practices For Securing Cloud Computing. Scott Clark. Insert presenter logo here on slide master Securing The Cloud Foundational Best Practices For Securing Cloud Computing Scott Clark Agenda Introduction to Cloud Computing What is Different in the Cloud? CSA Guidance Additional Resources 2 What is

More information

PROTECTING DATA IN MULTI-TENANT CLOUDS

PROTECTING DATA IN MULTI-TENANT CLOUDS 1 Introduction Today's business environment requires organizations of all types to reduce costs and create flexible business processes to compete effectively in an ever-changing marketplace. The pace of

More information

Security, Compliance & Risk Management for Cloud Relationships. Adnan Dakhwe, MS, CISA, CRISC, CRMA Safeway Inc. In-Depth Seminars D32

Security, Compliance & Risk Management for Cloud Relationships. Adnan Dakhwe, MS, CISA, CRISC, CRMA Safeway Inc. In-Depth Seminars D32 Security, Compliance & Risk Management for Cloud Relationships Adnan Dakhwe, MS, CISA, CRISC, CRMA Safeway Inc. In-Depth Seminars D32 Introductions & Poll Organization is leveraging the Cloud? Organization

More information

Cloud and Data Center Security

Cloud and Data Center Security solution brief Trend Micro Cloud and Data Center Security Secure virtual, cloud, physical, and hybrid environments easily and effectively introduction As you take advantage of the operational and economic

More information

What Cloud computing means in real life

What Cloud computing means in real life ITU TRCSL Symposium on Cloud Computing Session 2: Cloud Computing Foundation and Requirements What Cloud computing means in real life Saman Perera Senior General Manager Information Systems Mobitel (Pvt)

More information

Trend Micro. Secure virtual, cloud, physical, and hybrid environments easily and effectively INTRODUCTION

Trend Micro. Secure virtual, cloud, physical, and hybrid environments easily and effectively INTRODUCTION SOLUTION BRIEF Trend Micro CLOUD AND DATA CENTER SECURITY Secure virtual, cloud, physical, and hybrid environments easily and effectively INTRODUCTION As you take advantage of the operational and economic

More information

Introduction to Cloud Computing. Srinath Beldona srinath_beldona@yahoo.com

Introduction to Cloud Computing. Srinath Beldona srinath_beldona@yahoo.com Introduction to Cloud Computing Srinath Beldona srinath_beldona@yahoo.com Agenda Pre-requisites Course objectives What you will learn in this tutorial? Brief history Is cloud computing new? Why cloud computing?

More information

Cloud computing: benefits, risks and recommendations for information security

Cloud computing: benefits, risks and recommendations for information security Cloud computing: benefits, risks and recommendations for information security Dr Giles Hogben Secure Services Programme Manager European Network and Information Security Agency (ENISA) Goals of my presentation

More information

Cloud Security. Peter Jopling joplingp@uk.ibm.com IBM UK Ltd Software Group Hursley Labs. peterjopling. 2011 IBM Corporation

Cloud Security. Peter Jopling joplingp@uk.ibm.com IBM UK Ltd Software Group Hursley Labs. peterjopling. 2011 IBM Corporation Cloud Security Peter Jopling joplingp@uk.ibm.com IBM UK Ltd Software Group Hursley Labs peterjopling 2011 IBM Corporation Cloud computing impacts the implementation of security in fundamentally new ways

More information

Proactively Secure Your Cloud Computing Platform

Proactively Secure Your Cloud Computing Platform Proactively Secure Your Cloud Computing Platform Dr. Krutartha Patel Security Engineer 2010 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals Agenda 1 Cloud

More information

Cloud-Security: Show-Stopper or Enabling Technology?

Cloud-Security: Show-Stopper or Enabling Technology? Cloud-Security: Show-Stopper or Enabling Technology? Fraunhofer Institute for Secure Information Technology (SIT) Technische Universität München Open Grid Forum, 16.3,. 2010, Munich Overview 1. Cloud Characteristics

More information

Trend Micro. Advanced Security Built for the Cloud

Trend Micro. Advanced Security Built for the Cloud datasheet Trend Micro deep security as a service Advanced Security Built for the Cloud Organizations are embracing the economic and operational benefits of cloud computing, turning to leading cloud providers

More information

Cloud Security considerations for business adoption. Ricci IEONG CSA-HK&M Chapter

Cloud Security considerations for business adoption. Ricci IEONG CSA-HK&M Chapter Cloud Security considerations for business adoption Ricci IEONG CSA-HK&M Chapter What is Cloud Computing? Slide 2 What is Cloud Computing? My Cloud @ Internet Pogoplug What is Cloud Computing? Compute

More information

VMware for your hosting services

VMware for your hosting services VMware for your hosting services Anindya Kishore Das 2009 VMware Inc. All rights reserved Everybody talks Cloud! You will eat your cloud and you will like it! Everybody talks Cloud - But what is it? VMware

More information

CloudLink - The On-Ramp to the Cloud Security, Management and Performance Optimization for Multi-Tenant Private and Public Clouds

CloudLink - The On-Ramp to the Cloud Security, Management and Performance Optimization for Multi-Tenant Private and Public Clouds - The On-Ramp to the Cloud Security, Management and Performance Optimization for Multi-Tenant Private and Public Clouds February 2011 1 Introduction Today's business environment requires organizations

More information

Cloud Computing: Risks and Auditing

Cloud Computing: Risks and Auditing IIA Chicago Chapter 53 rd Annual Seminar April 15, 2013, Donald E. Stephens Convention Center @IIAChicago #IIACHI Cloud Computing: Risks Auditing Phil Lageschulte/Partner/KPMG Sailesh Gadia/Director/KPMG

More information

NETWORK ACCESS CONTROL AND CLOUD SECURITY. Tran Song Dat Phuc SeoulTech 2015

NETWORK ACCESS CONTROL AND CLOUD SECURITY. Tran Song Dat Phuc SeoulTech 2015 NETWORK ACCESS CONTROL AND CLOUD SECURITY Tran Song Dat Phuc SeoulTech 2015 Table of Contents Network Access Control (NAC) Network Access Enforcement Methods Extensible Authentication Protocol IEEE 802.1X

More information

Security & Cloud Services IAN KAYNE

Security & Cloud Services IAN KAYNE Security & Cloud Services IAN KAYNE CloudComponents CLOUD SERVICES Dynamically scalable infrastructure, services and software based on broad network accessibility NETWORK ACCESS INTERNAL ESTATE CloudComponents

More information

RE Think. IT & Business. Invent. IBM SmartCloud Security. Dr. Khaled Negm, SMIEEE, ACM Fellow IBM SW Global Competency Center Leader GCC

RE Think. IT & Business. Invent. IBM SmartCloud Security. Dr. Khaled Negm, SMIEEE, ACM Fellow IBM SW Global Competency Center Leader GCC RE Think Invent IT & Business IBM SmartCloud Security Dr. Khaled Negm, SMIEEE, ACM Fellow IBM SW Global Competency Center Leader GCC 2014 IBM Corporation Some Business Questions Is Your Company is Secure

More information

Cloud-Based Services: Assure Performance, Availability, and Security

Cloud-Based Services: Assure Performance, Availability, and Security Cloud-Based Services: Assure Performance, Availability, and Security What You Will Learn Services available from the cloud offer cost and efficiency benefits to businesses, but until now many customers

More information

Virginia Government Finance Officers Association Spring Conference May 28, 2014. Cloud Security 101

Virginia Government Finance Officers Association Spring Conference May 28, 2014. Cloud Security 101 Virginia Government Finance Officers Association Spring Conference May 28, 2014 Cloud Security 101 Presenters: John Montoro, RealTime Accounting Solutions Ted Brown, Network Alliance Presenters John Montoro

More information

PCI DSS 3.0 Compliance

PCI DSS 3.0 Compliance A Trend Micro White Paper April 2014 PCI DSS 3.0 Compliance How Trend Micro Cloud and Data Center Security Solutions Can Help INTRODUCTION Merchants and service providers that process credit card payments

More information

Journey to the Private Cloud. Key Enabling Technologies

Journey to the Private Cloud. Key Enabling Technologies Journey to the Private Cloud Key Enabling Technologies Jeffrey Nick Chief Technology Officer Senior Vice President EMC Corporation June 2010 1 The current I/T state: Infrastructure sprawl Information explosion

More information

Cloud Computing Governance & Security. Security Risks in the Cloud

Cloud Computing Governance & Security. Security Risks in the Cloud Cloud Computing Governance & Security The top ten questions you have to ask Mike Small CEng, FBCS, CITP Fellow Analyst, KuppingerCole This Webinar is supported by Agenda What is the Problem? Ten Cloud

More information

Cloud Computing Business, Technology & Security. Subra Kumaraswamy Director, Security Architecture, ebay

Cloud Computing Business, Technology & Security. Subra Kumaraswamy Director, Security Architecture, ebay Cloud Computing Business, Technology & Security Subra Kumaraswamy Director, Security Architecture, ebay COT2010 29 June 2010 Cloud Computing: Evolution not a Revolution 2 What s Driving Interest in Clouds

More information

The Cloud is Not Enough Why Hybrid Infrastructure is Shaping the Future of Cloud Computing

The Cloud is Not Enough Why Hybrid Infrastructure is Shaping the Future of Cloud Computing Your Platform of Choice The Cloud is Not Enough Why Hybrid Infrastructure is Shaping the Future of Cloud Computing Mark Cravotta EVP Sales and Service SingleHop LLC Talk About Confusing? Where do I start?

More information

APAC OF POSSIBILITIES: TIPS FOR INCREASING CLOUD SECURITY AND ADOPTION

APAC OF POSSIBILITIES: TIPS FOR INCREASING CLOUD SECURITY AND ADOPTION APAC OF POSSIBILITIES: TIPS FOR INCREASING CLOUD SECURITY AND ADOPTION Ken Low Director of Enterprise Security, Asia Pacific, Trend Micro Chairman, Asia Pacific Executive Council, Cloud Security Alliance

More information

Security & Trust in the Cloud

Security & Trust in the Cloud Security & Trust in the Cloud Ray Trygstad Director of Information Technology, IIT School of Applied Technology Associate Director, Information Technology & Management Degree Programs Cloud Computing Primer

More information

Netzwerkvirtualisierung? Aber mit Sicherheit!

Netzwerkvirtualisierung? Aber mit Sicherheit! Netzwerkvirtualisierung? Aber mit Sicherheit! Markus Schönberger Advisory Technology Consultant Trend Micro Stephan Bohnengel Sr. Network Virtualization SE VMware Agenda Background and Basic Introduction

More information

Study concluded that success rate for penetration from outside threats higher in corporate data centers

Study concluded that success rate for penetration from outside threats higher in corporate data centers Auditing in the cloud Ownership of data Historically, with the company Company responsible to secure data Firewall, infrastructure hardening, database security Auditing Performed on site by inspecting

More information

Total Cloud Protection

Total Cloud Protection Total Cloud Protection Data Center and Cloud Security Security for Your Unique Cloud Infrastructure A Trend Micro White Paper August 2011 I. INTRODUCTION Many businesses are looking to the cloud for increased

More information

THE BLUENOSE SECURITY FRAMEWORK

THE BLUENOSE SECURITY FRAMEWORK THE BLUENOSE SECURITY FRAMEWORK Bluenose Analytics, Inc. All rights reserved TABLE OF CONTENTS Bluenose Analytics, Inc. Security Whitepaper ISO 27001/27002 / 1 The Four Pillars of Our Security Program

More information

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown Cyber Resilience Implementing the Right Strategy Grant Brown specialist, CISSP @TheGrantBrown 1 2 Network + Technology + Customers = $$ 3 Perfect Storm? 1) Increase in Bandwidth (extended reach) 2) Available

More information

Clouds on the Horizon Cloud Security in Today s DoD Environment. Bill Musson Security Analyst

Clouds on the Horizon Cloud Security in Today s DoD Environment. Bill Musson Security Analyst Clouds on the Horizon Cloud Security in Today s DoD Environment Bill Musson Security Analyst Agenda O Overview of Cloud architectures O Essential characteristics O Cloud service models O Cloud deployment

More information

How to survive in a world of Virtualization and Cloud Computing, where you even can t trust your own environment anymore. Raimund Genes, CTO

How to survive in a world of Virtualization and Cloud Computing, where you even can t trust your own environment anymore. Raimund Genes, CTO How to survive in a world of Virtualization and Cloud Computing, where you even can t trust your own environment anymore. Raimund Genes, CTO Data everywhere but protection? Unprotected Data Needing Protection

More information

Cloud Courses Description

Cloud Courses Description Courses Description 101: Fundamental Computing and Architecture Computing Concepts and Models. Data center architecture. Fundamental Architecture. Virtualization Basics. platforms: IaaS, PaaS, SaaS. deployment

More information

Lecture 02a Cloud Computing I

Lecture 02a Cloud Computing I Mobile Cloud Computing Lecture 02a Cloud Computing I 吳 秀 陽 Shiow-yang Wu What is Cloud Computing? Computing with cloud? Mobile Cloud Computing Cloud Computing I 2 Note 1 What is Cloud Computing? Walking

More information

Securing Cloud Infrastructures with Elastic Security

Securing Cloud Infrastructures with Elastic Security Securing Cloud Infrastructures with Elastic Security White Paper September 2012 SecludIT 1047 route des dolines, 06560 Sophia Antipolis, France T +33 489 866 919 info@secludit.com http://secludit.com Core

More information

Unified Security, ATP and more

Unified Security, ATP and more SYMANTEC Unified Security, ATP and more TAKE THE NEXT STEP Martin Werner PreSales Consultant, Symantec Switzerland AG MEET SWISS INFOSEC! 27.01.2016 Unified Security 2 Symantec Enterprise Security Users

More information

Cloud Security Case Study Amazon Web Services. Ugo Piazzalunga Technical Manager, IT Security ugo.piazzalunga@safenet-inc.com

Cloud Security Case Study Amazon Web Services. Ugo Piazzalunga Technical Manager, IT Security ugo.piazzalunga@safenet-inc.com Cloud Security Case Study Amazon Web Services Ugo Piazzalunga Technical Manager, IT Security ugo.piazzalunga@safenet-inc.com Agenda 1. Amazon Web Services challenge 2. Virtual Instances and Virtual Storage

More information

Managing Cloud Computing Risk

Managing Cloud Computing Risk Managing Cloud Computing Risk Presented By: Dan Desko; Manager, Internal IT Audit & Risk Advisory Services Schneider Downs & Co. Inc. ddesko@schneiderdowns.com Learning Objectives Understand how to identify

More information

DISTRIBUTED SYSTEMS [COMP9243] Lecture 9a: Cloud Computing WHAT IS CLOUD COMPUTING? 2

DISTRIBUTED SYSTEMS [COMP9243] Lecture 9a: Cloud Computing WHAT IS CLOUD COMPUTING? 2 DISTRIBUTED SYSTEMS [COMP9243] Lecture 9a: Cloud Computing Slide 1 Slide 3 A style of computing in which dynamically scalable and often virtualized resources are provided as a service over the Internet.

More information

Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work

Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work Security concerns and dangers come both from internal means as well as external. In order to enhance your security posture

More information

Identity & Access Management The Cloud Perspective. Andrea Themistou 08 October 2015

Identity & Access Management The Cloud Perspective. Andrea Themistou 08 October 2015 Identity & Management The Cloud Perspective Andrea Themistou 08 October 2015 Agenda Cloud Adoption Benefits & Risks Security Evolution for Cloud Adoption Securing Cloud Applications with IAM Securing Cloud

More information

Security Considerations for Cloud Computing. Steve Ouzman Security Engineer

Security Considerations for Cloud Computing. Steve Ouzman Security Engineer Security Considerations for Cloud Computing Steve Ouzman Security Engineer AGENDA Introduction Brief Cloud Overview Security Considerations ServiceNow Security Overview Summary Cloud Computing Overview

More information

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP solution brief PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP AWS AND PCI DSS COMPLIANCE To ensure an end-to-end secure computing environment, Amazon Web Services (AWS) employs a shared security responsibility

More information

VMware vcloud Air Security TECHNICAL WHITE PAPER

VMware vcloud Air Security TECHNICAL WHITE PAPER TECHNICAL WHITE PAPER The Shared Security Model for vcloud Air The end-to-end security of VMware vcloud Air (the Service ) is shared between VMware and the customer. VMware provides security for the aspects

More information

Securing the Cloud with IBM Security Systems. IBM Security Systems. 2012 IBM Corporation. 2012 2012 IBM IBM Corporation Corporation

Securing the Cloud with IBM Security Systems. IBM Security Systems. 2012 IBM Corporation. 2012 2012 IBM IBM Corporation Corporation Securing the Cloud with IBM Security Systems 1 2012 2012 IBM IBM Corporation Corporation IBM Point of View: Cloud can be made secure for business As with most new technology paradigms, security concerns

More information

Adding value as a Cloud Broker. Nick Hyner Director Cloud Services EMEA Twitter - @nickhyner. Dell.com/Cloud

Adding value as a Cloud Broker. Nick Hyner Director Cloud Services EMEA Twitter - @nickhyner. Dell.com/Cloud Adding value as a Cloud Broker Nick Hyner Director Cloud Services EMEA Twitter - @nickhyner Dell.com/Cloud Overview A. Added Value Brokers in all industries in Digital Era B. Experience of Cloud Marketplace

More information

Data Protection: From PKI to Virtualization & Cloud

Data Protection: From PKI to Virtualization & Cloud Data Protection: From PKI to Virtualization & Cloud Raymond Yeung CISSP, CISA Senior Regional Director, HK/TW, ASEAN & A/NZ SafeNet Inc. Agenda What is PKI? And Value? Traditional PKI Usage Cloud Security

More information

Architecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud

Architecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud Architecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud Rob Randell, CISSP Principal Systems Engineer Security Specialist Agenda What is the Cloud? Virtualization Basics

More information

TECHNOLOGY TRANSFER PRESENTS MAX DOLGICER IT S ALL ABOUT CLOUD CONCEPTS, STRATEGIES, ARCHITECTURES, PLAYERS, AND TECHNOLOGIES

TECHNOLOGY TRANSFER PRESENTS MAX DOLGICER IT S ALL ABOUT CLOUD CONCEPTS, STRATEGIES, ARCHITECTURES, PLAYERS, AND TECHNOLOGIES TECHNOLOGY TRANSFER PRESENTS MAX DOLGICER IT S ALL ABOUT CLOUD CONCEPTS, STRATEGIES, ARCHITECTURES, PLAYERS, AND TECHNOLOGIES APRIL 2-4, 2014 RESIDENZA DI RIPETTA - VIA DI RIPETTA, 231 ROME (ITALY) info@technologytransfer.it

More information

Agenda. What is cloud? Cloud based services The Good bad and Ugly.. Anatomy of a cloud Guidelines for you

Agenda. What is cloud? Cloud based services The Good bad and Ugly.. Anatomy of a cloud Guidelines for you Agenda What is cloud? Cloud based services The Good bad and Ugly.. Anatomy of a cloud Guidelines for you What is Cloud Computing? Compute as a utility: third major era of computing Cloud enabled by Moore

More information

Data Protection Act 1998. Guidance on the use of cloud computing

Data Protection Act 1998. Guidance on the use of cloud computing Data Protection Act 1998 Guidance on the use of cloud computing Contents Overview... 2 Introduction... 2 What is cloud computing?... 3 Definitions... 3 Deployment models... 4 Service models... 5 Layered

More information

The Benefits of an Integrated Approach to Security in the Cloud

The Benefits of an Integrated Approach to Security in the Cloud The Benefits of an Integrated Approach to Security in the Cloud Judith Hurwitz President and CEO Marcia Kaufman COO and Principal Analyst Daniel Kirsch Senior Analyst Sponsored by IBM Introduction The

More information

Intro to NSX. Network Virtualization. 2014 VMware Inc. All rights reserved.

Intro to NSX. Network Virtualization. 2014 VMware Inc. All rights reserved. Intro to NSX Network Virtualization 2014 VMware Inc. All rights reserved. Agenda Introduction NSX Overview Details: Microsegmentation NSX Operations More Information SDDC/Network Virtualization Security

More information

The Cloud, Virtualization, and Security

The Cloud, Virtualization, and Security A Cloud: Large groups of remote servers that are networked to allow centralized, shared data storage and online access to computer services or resources A Cloud: Large groups of remote servers that are

More information

Cloud Courses Description

Cloud Courses Description Cloud Courses Description Cloud 101: Fundamental Cloud Computing and Architecture Cloud Computing Concepts and Models. Fundamental Cloud Architecture. Virtualization Basics. Cloud platforms: IaaS, PaaS,

More information

SECURITY MODELS FOR CLOUD 2012. Kurtis E. Minder, CISSP

SECURITY MODELS FOR CLOUD 2012. Kurtis E. Minder, CISSP SECURITY MODELS FOR CLOUD 2012 Kurtis E. Minder, CISSP INTRODUCTION Kurtis E. Minder, Technical Sales Professional Companies: Roles: Security Design Engineer Systems Engineer Sales Engineer Salesperson

More information

Becoming a Cloud Services Broker. Neelam Chakrabarty Sr. Product Marketing Manager, HP SW Cloud Products, HP April 17, 2013

Becoming a Cloud Services Broker. Neelam Chakrabarty Sr. Product Marketing Manager, HP SW Cloud Products, HP April 17, 2013 Becoming a Cloud Services Broker Neelam Chakrabarty Sr. Product Marketing Manager, HP SW Cloud Products, HP April 17, 2013 Hybrid delivery for the future Traditional IT Evolving current state Future Information

More information

It s All About Cloud Key Concepts, Players, Platforms And Technologies

It s All About Cloud Key Concepts, Players, Platforms And Technologies It s All About Cloud Key Concepts, Players, Platforms And Technologies 3-day seminar Description Cloud computing has gained a lot of attention in recent years. It has mostly been used for non business

More information

Vormetric Data Security Securing and Controlling Data in the Cloud

Vormetric Data Security Securing and Controlling Data in the Cloud Vormetric Data Security Securing and Controlling Data in the Cloud Vormetric, Inc. Tel: 888.267.3732 Email: sales@vormetric.com www.vormetric.com Table of Contents Executive Summary.........................................................3

More information

Cloud Security and Data Protection

Cloud Security and Data Protection Cloud Security and Data Protection Cloud Strategy Partners, LLC Sponsored by: IEEE Educational Activities and IEEE Cloud Computing Course Presenter s Biography This IEEE Cloud Computing tutorial has been

More information

Security Management of Cloud-Native Applications. Presented By: Rohit Sharma MSc in Dependable Software Systems (DESEM)

Security Management of Cloud-Native Applications. Presented By: Rohit Sharma MSc in Dependable Software Systems (DESEM) Security Management of Cloud-Native Applications Presented By: Rohit Sharma MSc in Dependable Software Systems (DESEM) 1 Outline Context State-of-the-Art Design Patterns Threats to cloud systems Security

More information

I D C T E C H N O L O G Y S P O T L I G H T. S e r ve r S e c u rity: N o t W h a t It U s e d t o Be!

I D C T E C H N O L O G Y S P O T L I G H T. S e r ve r S e c u rity: N o t W h a t It U s e d t o Be! I D C T E C H N O L O G Y S P O T L I G H T S e r ve r S e c u rity: N o t W h a t It U s e d t o Be! December 2014 Adapted from Worldwide Endpoint Security 2013 2017 Forecast and 2012 Vendor Shares by

More information

Healthcare: La sicurezza nel Cloud October 18, 2011. 2011 IBM Corporation

Healthcare: La sicurezza nel Cloud October 18, 2011. 2011 IBM Corporation Healthcare: La sicurezza nel Cloud October 18, 2011 Cloud Computing Tests The Limits Of Security Operations And Infrastructure Security and Privacy Domains People and Identity Data and Information Application

More information

Cloud and Security (Cloud hacked via Cloud) Lukas Grunwald

Cloud and Security (Cloud hacked via Cloud) Lukas Grunwald Cloud and Security (Cloud hacked via Cloud) Lukas Grunwald About DN-Systems Global Consulting and Technology Services Planning Evaluation Auditing Operates own Security Lab Project Management Integral

More information

OWASP Chapter Meeting June 2010. Presented by: Brayton Rider, SecureState Chief Architect

OWASP Chapter Meeting June 2010. Presented by: Brayton Rider, SecureState Chief Architect OWASP Chapter Meeting June 2010 Presented by: Brayton Rider, SecureState Chief Architect Agenda What is Cloud Computing? Cloud Service Models Cloud Deployment Models Cloud Computing Security Security Cloud

More information

VMware Software Defined Network. Dejan Grubić VMware Systems Engineer for Adriatic

VMware Software Defined Network. Dejan Grubić VMware Systems Engineer for Adriatic VMware Software Defined Network Dejan Grubić VMware Systems Engineer for Adriatic The Transformation of Infrastructure Infrastructure Servers Clouds Be more responsive to business, change economics of

More information

Keith Luck, CISSP, CCSK Security & Compliance Specialist, VMware, Inc. kluck@vmware.com

Keith Luck, CISSP, CCSK Security & Compliance Specialist, VMware, Inc. kluck@vmware.com 1 Keith Luck, CISSP, CCSK Security & Compliance Specialist, VMware, Inc. kluck@vmware.com Agenda Cloud Computing VMware and Security Network Security Use Case Securing View Deployments Questions 2 IT consumption

More information

Nominee: Barracuda Networks

Nominee: Barracuda Networks Nominee: Barracuda Networks Nomination title: Barracuda Next Generation Firewall The Barracuda NG (Next Generation) Firewall is much more than a traditional firewall. It is designed to protect network

More information

ENISA Cloud Computing Security Strategy

ENISA Cloud Computing Security Strategy ENISA Cloud Computing Security Strategy Dr Giles Hogben European Network and Information Security Agency (ENISA) What is Cloud Computing? Isn t it just old hat? What is cloud computing ENISA s understanding

More information

Safeguarding the cloud with IBM Dynamic Cloud Security

Safeguarding the cloud with IBM Dynamic Cloud Security Safeguarding the cloud with IBM Dynamic Cloud Security Maintain visibility and control with proven security solutions for public, private and hybrid clouds Highlights Extend enterprise-class security from

More information

FACING SECURITY CHALLENGES

FACING SECURITY CHALLENGES 24 July 2013 TimeTec Cloud Security FACING SECURITY CHALLENGES HEAD-ON - by Mr. Daryl Choo, Chief Information Officer, FingerTec HQ Cloud usage and trend Cloud Computing is getting more common nowadays

More information

Security Issues in Cloud Computing

Security Issues in Cloud Computing Security Issues in Cloud Computing Dr. A. Askarunisa Professor and Head Vickram College of Engineering, Madurai, Tamilnadu, India N.Ganesh Sr.Lecturer Vickram College of Engineering, Madurai, Tamilnadu,

More information

CLOUD STORAGE SECURITY INTRODUCTION. Gordon Arnold, IBM

CLOUD STORAGE SECURITY INTRODUCTION. Gordon Arnold, IBM CLOUD STORAGE SECURITY INTRODUCTION Gordon Arnold, IBM SNIA Legal Notice The material contained in this tutorial is copyrighted by the SNIA. Member companies and individual members may use this material

More information

Future of Cloud Computing. Irena Bojanova, Ph.D. UMUC, NIST

Future of Cloud Computing. Irena Bojanova, Ph.D. UMUC, NIST Future of Cloud Computing Irena Bojanova, Ph.D. UMUC, NIST No Longer On The Horizon Essential Characteristics On-demand Self-Service Broad Network Access Resource Pooling Rapid Elasticity Measured Service

More information

Intel IT Cloud 2013 and Beyond. Name Title Month, Day 2013

Intel IT Cloud 2013 and Beyond. Name Title Month, Day 2013 Intel IT Cloud 2013 and Beyond Name Title Month, Day 2013 Legal Notices This presentation is for informational purposes only. INTEL MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY. Intel and the

More information

Empowering Your Business in the Cloud Without Compromising Security

Empowering Your Business in the Cloud Without Compromising Security Empowering Your Business in the Cloud Without Compromising Security Cloud Security Fabric CloudLock offers the cloud security fabric for the enterprise that helps organizations protect their sensitive

More information

Cloud Security: Critical Threats and Global Initiatives

Cloud Security: Critical Threats and Global Initiatives Cloud Security: Critical Threats and Global Initiatives Richard Zhao, Founder and Board Member of CSA-GCC Chief Strategy Officer, NSFOCUS Sept. 2010 What is Cloud Computing? Compute as a utility: third

More information

How to Grow and Transform your Security Program into the Cloud

How to Grow and Transform your Security Program into the Cloud How to Grow and Transform your Security Program into the Cloud Wolfgang Kandek Qualys, Inc. Session ID: SPO-207 Session Classification: Intermediate Agenda Introduction Fundamentals of Vulnerability Management

More information

Safeguarding the cloud with IBM Security solutions

Safeguarding the cloud with IBM Security solutions Safeguarding the cloud with IBM Security solutions Maintain visibility and control with proven solutions for public, private and hybrid clouds Highlights Address cloud concerns with enterprise-class solutions

More information

SMS. Cloud Computing. Systems Management Specialists. Grupo SMS www.grupo-sms.com 949.223.9240 option 3 for sales

SMS. Cloud Computing. Systems Management Specialists. Grupo SMS www.grupo-sms.com 949.223.9240 option 3 for sales SMS Systems Management Specialists Cloud Computing Grupo SMS www.grupo-sms.com 949.223.9240 option 3 for sales Cloud Computing The SMS Model: Cloud computing is a model for enabling ubiquitous, convenient,

More information

CIT 668: System Architecture

CIT 668: System Architecture CIT 668: System Architecture Cloud Security Topics 1. The Same Old Security Problems 2. Virtualization Security 3. New Security Issues and Threat Model 4. Data Security 5. Amazon Cloud Security Data Loss

More information

Addressing Data Security Challenges in the Cloud

Addressing Data Security Challenges in the Cloud Addressing Data Security Challenges in the Cloud Coordinate Security. The Need for Cloud Computing Security A Trend Micro White Paper July 2010 I. INTRODUCTION Enterprises increasingly recognize cloud

More information