Securely Managing Cryptographic Keys used within a Cloud Environment
|
|
- Rodger O’Connor’
- 8 years ago
- Views:
Transcription
1 Securely Managing Cryptgraphic Keys used within a Clud Envirnment Dr. Sarbari Gupta sarbari@electrsft-inc.cm ext NIST Cryptgraphic Key Management Wrkshp September 10-11, 2012
2 Intrductin Federal gvernment mving cmputing/strage t Clud Vivek Kundra s Clud First Strategy OMB M FY 2012 Budget Guidance Clud Cmputing has unique security challenges Remte peratins, C-tenancy, Distributed Management Cryptgraphy essential t secure clud peratins Use f sund Key Management Practices is critical Yet, limited visibility int Clud Key Management FedRAMP streamlines Clud Authrizatins Des it prvide enugh visibility r assurance fr Clud Key Management? Page 2
3 Clud Service Prvider (CSP) - Mdels Clud Service Mdels Sftware as a Service (SaaS) - Access t applicatins and services hsted in clud Platfrm as a Service (PaaS) - Building blcks t rapidly develp/hst clud applicatins Infrastructure as a Service (Iaas) - Netwrked access t prcessing pwer, strage Clud Deplyment Mdels Public Clud Private Clud Cmmunity Clud Hybrid Clud Nt all Cluds are created equal! Page 3
4 Clud Based Systems Uncertainties Prcessr Where is my prcess running? Am I sharing the prcessr with ther users/rganizatins? Data Strage Where des my data reside? Is my data c-resident with ther users data? Cmmunicatin Hw des my CSP knw wh I am? Hw is my cnnectin t clud cmpnents prtected? Administratin Wh administers the Clud Infrastructure? Wh has access t my data? My activity histry? Key Management Where and hw are keys: Generated? Stred? Hw are keys: Distributed? Prtected? Hw are keys and data recvered if lst? When and hw are keys destryed? Page 4
5 Clud Systems Dependence n Brwser Brwser is integral t Clud Systems User Interface Presentatin Data input and utput frm Clud Cmmunicatin with Clud Cmpnents Brwsers have significant vulnerabilities Weak implementatin f security prtcls Man-in-the-middle (MITM) and ther attacks Brwser cntaminatin frm ther websites Brwser represents inherent weakness! Page 5
6 Cryptgraphy Integral t Clud Operatins Supprts strng authenticatin f remte Users, Administratrs Implements strng cmmunicatin prtcls between User (brwser) and clud Partitins User data in c-tenancy envirnments Prvides data cnfidentiality (even frm Administratrs) Supprts data integrity (tamperdetectin) Page 6
7 Cryptgraphic Key Management Basics (I) Cryptgraphic Keys - Cre Functins Cnfidentiality Integrity Surce Authenticatin Key Management - Scpe Key Generatin Key Strage Key Distributin Key Recvery Key Destructin Page 7
8 Cryptgraphic Key Management Basics (II) Key Management - Critical Dimensins Key Type, Algrithms, Strength, Crypt-perid, Metadata Key Generatin, Acquisitin Key Use, Users, Applicatins Key Establishment, Agreement, Distributin Key Material Prtectin (strage, transit) Key Access Cntrl Key Backup, Recvery Key Renewal, Revcatin, Destructin Page 8
9 Clud Cryptgraphy Visibility and Cntrl Remte Authenticatin; Secure Cmmunicatin with Clud Sme Visibility Use f Third Party Credential Prviders; Standard Cmmunicatin Prtcls (TLS/SSL) Sme Cntrl User may select wn Credential Prvider, Cnfigure Brwser settings Clud Data Prtectin (Cnfidentiality, Integrity) SaaS - n visibility; n cntrl CSP implements all crypt paque t Clud User PaaS limited visibility; limited cntrl CSP implements crypt in lwer layers paque t Clud User May prvide tlset (building blcks) fr applicatin develpment Iaas limited visibility; mre cntrl CSP implements infrastructure level crypt paque t Clud User Clud User cntrls key management fr virtualized IT cmpnents Page 9
10 FedRAMP Cntrl fr Key Management (based n SP R3) SC-12 CRYPTOGRAPHIC KEY ESTABLISHMENT AND MANAGEMENT Cntrl: The rganizatin establishes and manages cryptgraphic keys fr required cryptgraphy emplyed within the infrmatin system. Cntrl Enhancements fr MODERATE baseline: (2) The rganizatin prduces, cntrls, and distributes symmetric cryptgraphic keys using [NIST-apprved] key management technlgy and prcesses. (5) The rganizatin prduces, cntrls, and distributes asymmetric cryptgraphic keys using apprved PKI Class 3 r Class 4 certificates and hardware security tkens that prtect the user s private key. SC-13 USE OF CRYPTOGRAPHY Cntrl: The infrmatin system implements required cryptgraphic prtectins using cryptgraphic mdules that cmply with applicable federal laws, Executive Orders, directives, plicies, regulatins, standards, and guidance. Cntrl Enhancements fr MODERATE baseline: (1)The rganizatin emplys, at a minimum, FIPS-validated cryptgraphy t prtect unclassified infrmatin. Page 10
11 FedRAMP Weaknesses fr Key Management N minimum requirements fr key parameters N explicit requirement fr Key Management Plicy (KMP) N explicit requirement fr Key Management Practices Statement (KMPS) N requirement fr key recvery Result Clud User has: Little visibility int clud key management Limited assurance f sundness f key management plicies, practices and peratins Page 11
12 Way Frward Establish Federal Prfile fr Clud Key Management Based n SP (being develped) Mre stringent requirements due t Clud Envirnment FedRAMP require that CSPs Fllw Federal Prfile fr Clud Key Management Develp Key Management Plan (KMP) and Key Management Practices Statements (KMPS) NIST SP Part 2: Best Practices fr Key Management Organizatin Have Mandatry 3 rd Party Auditing against KMP/KMPS Page 12
13 Wrap-Up and Cntact Infrmatin Dr. Sarbari Gupta Electrsft Phne: ext 12 LinkedIn: Page 13
Cloud Services Frequently Asked Questions FAQ
Clud Services Frequently Asked Questins FAQ Revisin 1.0 6/05/2015 List f Questins Intrductin What is the Caradigm Intelligence Platfrm (CIP) clud? What experience des Caradigm have hsting prducts like
More informationState of Wisconsin. File Server Service Service Offering Definition
State f Wiscnsin File Server Service Service Offering Definitin Dcument Revisin Histry Date Versin Creatr Ntes 2/16/2008 1.0 JD Urfer First pass 2/16/2008 2.0 Tm Runge Editing changes 2/19/2009 2.1 Tm
More informationVersion Date Comments / Changes 1.0 January 2015 Initial Policy Released
Page 1 f 6 Vice President, Infrmatics and Transfrmatin Supprt APPROVED (S) REVISED / REVIEWED SUMMARY Versin Date Cmments / Changes 1.0 Initial Plicy Released INTENT / PURPOSE The Infrmatin and Data Gvernance
More informationCLOUD COMPUTING: SECURITY THREATS AND MECHANISM
CLOUD COMPUTING: SECURITY THREATS AND MECHANISM Vaishali Jshi 1, Lakshmi 2, Vivek Gupta 3 1,2,3 Department f Cmputer Science Engineering, Acrplis Technical Campus, Indre ABSTRACT Clud cmputing is a mdel
More informationHave some knowledge of how queries execute. Must be able to read a query execution plan and understand what is happening.
Curse 2786B: Designing a Micrsft SQL Server 2005 Infrastructure Abut this Curse This tw-day instructr-led curse prvides database administratrs wrking in enterprise envirnments with the knwledge and skills
More informationHIPAA HITECH ACT Compliance, Review and Training Services
Cmpliance, Review and Training Services Risk Assessment and Risk Mitigatin: The first and mst imprtant step is t undertake a hlistic risk assessment that examines the risks and cntrls related t fur critical
More informationVersion: Modified By: Date: Approved By: Date: 1.0 Michael Hawkins October 29, 2013 Dan Bowden November 2013
Versin: Mdified By: Date: Apprved By: Date: 1.0 Michael Hawkins Octber 29, 2013 Dan Bwden Nvember 2013 Rule 4-004J Payment Card Industry (PCI) Patch Management (prpsed) 01.1 Purpse The purpse f the Patch
More informationIMT Standards. Standard number A000014. GoA IMT Standards. Effective Date: 2010-09-30 Scheduled Review: 2011-03-30 Last Reviewed: Type: Technical
IMT Standards IMT Standards Oversight Cmmittee Gvernment f Alberta Effective Date: 2010-09-30 Scheduled Review: 2011-03-30 Last Reviewed: Type: Technical Standard number A000014 Electrnic Signature Metadata
More informationGUIDANCE FOR BUSINESS ASSOCIATES
GUIDANCE FOR BUSINESS ASSOCIATES This Guidance fr Business Assciates dcument is intended t verview UPMCs expectatins, as well as t prvide additinal resurces and infrmatin, t UPMC s HIPAA business assciates.
More informationHow Does Cloud Computing Work?
Hw Des Clud Cmputing Wrk? Carl Mazzanti, CEO, emazzanti Technlgies IT Supprt and Clud Cmputing Services fr Small Business Hbken, NJ and NYC, 201-360- 4400 Owner [Pick the date] Hw des Clud Cmputing Wrk?
More informationCourse Outline (70-413)
Curse Outline (70-413) Mdule 1: Planning Server Upgrade and Migratin This mdule explains hw t plan a server upgrade and migratin strategy. Upgrade and Migratin Cnsideratins Creating a Server Upgrade and
More informationConfiguring, Monitoring and Deploying a Private Cloud with System Center 2012 Boot Camp
Cnfiguring, Mnitring and Deplying a Private Clud with System Center 2012 Bt Camp Length: 5 Days Technlgy: Micrsft System Center 2012 Delivery Methd: Instructr-led Hands-n Audience Prfile This curse is
More informationHIPAA Compliance 101. Important Terms. Pittsburgh Computer Solutions 724-942-1337
HIPAA Cmpliance 101 Imprtant Terms Cvered Entities (CAs) The HIPAA Privacy Rule refers t three specific grups as cvered entities, including health plans, healthcare clearinghuses, and health care prviders
More informationCNS-205: Citrix NetScaler 11 Essentials and Networking
CNS-205: Citrix NetScaler 11 Essentials and Netwrking Overview The bjective f the Citrix NetScaler 11 Essentials and Netwrking curse is t prvide the fundatinal cncepts and skills necessary t implement,
More informationCOPIES-F.Y.I., INC. Policies and Procedures Data Security Policy
COPIES-F.Y.I., INC. Plicies and Prcedures Data Security Plicy Page 2 f 7 Preamble Mst f Cpies FYI, Incrprated financial, administrative, research, and clinical systems are accessible thrugh the campus
More informationRestricted Document. Pulsant Technical Specification
Pulsant Technical Specificatin Title Pulsant Dedicated Server Department Prduct Develpment Cntributrs RR Classificatin Restricted Versin 1.0 Overview Pulsant ffer a Dedicated Server service t underpin
More informationSession 9 : Information Security and Risk
INFORMATION STRATEGY Sessin 9 : Infrmatin Security and Risk Tharaka Tennekn B.Sc (Hns) Cmputing, MBA (PIM - USJ) POST GRADUATE DIPLOMA IN BUSINESS AND FINANCE 2014 Infrmatin Management Framewrk 2 Infrmatin
More informationBYOD and Cloud Computing
BYOD and Clud Cmputing AIIM First Canadian Chapter May 22, 2014 Susan Nickle, Lndn Health Sciences Centre Chuck Rthman, Wrtzmans Sheila Taylr, Erg Infrmatin Management Cnsulting Clud cmputing Agenda What
More informationTrustED Briefing Series:
TrustED Briefing Series: Since 2001, TrustCC has prvided IT audits and security assessments t hundreds f financial institutins thrugh ut the United States. Our TrustED Briefing Series are white papers
More informationSkills for Employment Investment Project (SEIP)
Skills fr Emplyment Investment Prject (SEIP) Standards/ Curriculum Frmat Fr Server Administratin & Clud Management Curse Duratin: Tw Mnths 1 Curse Structure and Requirements Curse Title: Server Administratin
More informationGUIDELINES FOR SECURING SOCIAL MEDIA ACCOUNTS. Version 1.0
GUIDELINES FOR SECURING SOCIAL MEDIA ACCOUNTS Versin 1.0 Published Octber 2015 Dcument Cntrl Versin: 1.0 Authr: Cyber Security Divisin - ictqatar Classificatin: Public Date f Issue: Octber 2015 2 Page
More informationNetwork Defense Specialist. Course Title: Network Defense Specialist: Security and Vulnerability Assessment
Curse Title: Netwrk Defense Specialist: Security and Vulnerability Assessment Page 1 f 11 Curse Descriptin The Netwrk Defense Series frm EC-Cuncil Press is cmprised f 5 bks designed t educate learners
More informationData classification for cloud readiness
Data classificatin fr clud readiness Micrsft Trustwrthy Cmputing Trustwrthy Cmputing Data classificatin fr clud readiness Legal disclaimer This dcument is fr infrmatinal purpses nly. MICROSOFT MAKES NO
More informationGateway Agent - First Amendment to the High Level Design Document
Gateway Agent - First Amendment t the High Level Design Dcument Scpe The Gateway Agent HLD thrugh update 1 assumes that nly the Cntrl App, while cnnected t the prximal netwrk, can initiate new clud services.
More informationName. Description. Rationale
Cmplliiance Cmpnentt Descriptin Ratinale Benefits List the Dmain List the Discipline List the Technlgy Area List Prduct Cmpnent Dcument the Cmpliance Cmpnent Type Cmpnent Sub-type DEEFFI INITION Hst-Based
More informationBetter Practice Guide Financial Considerations for Government use of Cloud Computing
Better Practice Guide Financial Cnsideratins fr Gvernment use f Clud Cmputing Nvember 2011 Intrductin Many Australian Gvernment agencies are in the prcess f cnsidering the adptin f clud-based slutins.
More informationPersonal Data Security Breach Management Policy
Persnal Data Security Breach Management Plicy 1.0 Purpse The Data Prtectin Acts 1988 and 2003 impse bligatins n data cntrllers in Western Care Assciatin t prcess persnal data entrusted t them in a manner
More informationUnified Communications
Office f Infrmatin Technlgy Services Service Level Agreement Unified Cmmunicatins Nvember 7, 2013 v2.2 Service Descriptin Unified Cmmunicatins Service Descriptin ITS Unified Cmmunicatins ffers a number
More informationServ-U Distributed Architecture Guide
Serv-U Distributed Architecture Guide Hrizntal Scaling and Applicatin Tiering fr High Availability, Security, and Perfrmance Serv-U Distributed Architecture Guide v14.0.1.0 Page 1 f 16 Intrductin Serv-U
More informationService Level Agreement Distributed Hosting and Distributed Database Hosting
Office f Infrmatin Technlgy Services Service Level Agreement Distributed Hsting and Distributed Database Hsting Nvember 12, 2013 Service Descriptin Distributed Hsting and Distributed Database Hsting Service
More informationA96 CALA Policy on the use of Computers in Accredited Laboratories Revision 1.5 August 4, 2015
A96 CALA Plicy n the use f Cmputers in Accredited Labratries Revisin 1.5 August 4, 2015 A96 CALA Plicy n the use f Cmputers in Accredited Labratries TABLE OF CONTENTS TABLE OF CONTENTS... 1 CALA POLICY
More informationIn-House Counsel Day Priorities for 2012. Cloud Computing the benefits, potential risks and security for the future
In-Huse Cunsel Day Pririties fr 2012 Clud Cmputing the benefits, ptential risks and security fr the future Presented by David Richardsn Thursday 1 March 2012 WIN: What in-huse lawyers need Knwledge, supprt
More informationProcess of Setting up a New Merchant Account
Prcess f Setting up a New Merchant Accunt Table f Cntents PCI DSS... 3 Wh t cntact?... 3 Bakcgrund n PCI... 3 Why cmply?... 3 Hw t cmply?... 3 PCI DSS Scpe... 4 Des PCI DSS Apply t Me?... 4 What if I am
More information1)What hardware is available for installing/configuring MOSS 2010?
1)What hardware is available fr installing/cnfiguring MOSS 2010? 2 Web Frnt End Servers HP Prliant DL 380 G7 2 quad cre Intel Xen Prcessr E5620, 2.4 Ghz, Memry 12 GB, 2 HP 146 GB drives RAID 5 2 Applicatin
More informationLearn More Cloud Extender Requirements Cheat Sheet
MaaS360.cm > Learn Mre Learn Mre Clud Extender Requirements Cheat Sheet OVERVIEW This dcument defines all requirements t ensure a successfully installatin f the Clud Extender t enable use f ActiveSync
More informationPresentation: The Demise of SAS 70 - What s Next?
Presentatin: The Demise f SAS 70 - What s Next? September 15, 2011 1 Presenters: Jeffrey Ziplw - Partner BlumShapir Jennifer Gerasimv Senir Manager Delitte. SAS 70 Backgrund and Overview Purpse f a SAS
More informationservice description Colocation of Equipment Infrastructure as a Service
easy t adpt, easy t use, easy t leave service descriptin Infrastructure as a Service versin 4.0 Cntents Overview... 3 Example use cases... 3 Pricing... 4 Trial service... 4 Infrmatin assurance... 4 Prduct
More informationUnderstand Business Continuity
Understand Business Cntinuity Lessn Overview In this lessn, yu will learn abut: Business cntinuity Data redundancy Data availability Disaster recvery Anticipatry Set What methds can be emplyed by a system
More informationAgenda. PKI Defined Terminology Key Technical Concepts Key Infrastructure Concepts Practical Uses. o o o o o. Important Considerations of Being a CA
PKI Overview Agenda PKI Defined Terminlgy Key Technical Cncepts Key Infrastructure Cncepts Practical Uses What Wh Why Imprtant Cnsideratins f Being a CA PKI Public Key Infrastructure The sum ttal f the
More informationAppendix H. Annual Risk Assessment and Audit Plan 2013/14
Annual Risk Assessment and Audit Plan 2013/14 Internal Audit Department September 25, 2013 Table f Cntents Intrductin.. 3 Risk Assessment Prcess... 4 Page 2 Intrductin Each year, the Internal Audit Department
More informationIntroduction to FedRAMP Abel Sussman. June, 2015
Intrductin t FedRAMP Abel Sussman June, 2015 1 Agenda FedRAMP Overview and Backgrund FedRAMP Final Package Authrizatin Types and Timeline Cmmn Challenges and Keys t Success Fr mre infrmatin. 2 Backgrund
More informationServ-U Distributed Architecture Guide
Serv-U Distributed Architecture Guide Hrizntal Scaling and Applicatin Tiering fr High Availability, Security, and Perfrmance Serv-U Distributed Architecture Guide v15.1.2.0 Page 1 f 20 Intrductin Serv-U
More informationInformation Services Hosting Arrangements
Infrmatin Services Hsting Arrangements Purpse The purpse f this service is t prvide secure, supprted, and reasnably accessible cmputing envirnments fr departments at DePaul that are in need f server-based
More informationThe ADVANTAGE of Cloud Based Computing:
The ADVANTAGE f Clud Based Cmputing: A Web Based Slutin fr: Business wners and managers that perate equipment rental, sales and/r service based rganizatins. R M I Crpratin Business Reprt RMI Crpratin has
More informationAMERITAS INFORMATION TECHNOLOGY DISASTER RECOVERY AND DATA CENTER STRATEGY
AMERITAS INFORMATION TECHNOLOGY DISASTER RECOVERY AND DATA CENTER STRATEGY O VERVIEW There are currently 3 primary Data Center lcatins (Lincln, Cincinnati, and Calvert) and 2 secndary (Fallbrk and Philadelphia).
More informationGUIDELINE INFORMATION MANAGEMENT (IM) PROGRAM PLAN
Gvernment f Newfundland and Labradr Office f the Chief Infrmatin Officer Infrmatin Management Branch GUIDELINE INFORMATION MANAGEMENT (IM) PROGRAM PLAN Guideline (Definitin): OCIO Guidelines derive frm
More informationCPIT Aoraki ICT Asset and Media Security Standard
CPIT Araki Crprate Services Divisin: ICT This security standard refers t CPIT, which is the current legal name fr the new rganisatin established 1 January 2016 bringing tgether CPIT and Araki Plytechnic.
More informationCloud Application Risks You Can t Manage What You Can t See
The Unique Alternative t the Big Fur Clud Applicatin Risks Yu Can t Manage What Yu Can t See Managing Unapprved and Apprved Emplyee Clud Adptin March 18, 2015 Agenda Shadw IT trends that are creating visibility
More informationUniversity of Texas at Dallas Policy for Accepting Credit Card and Electronic Payments
University f Texas at Dallas Plicy fr Accepting Credit Card and Electrnic Payments Cntents: Purpse Applicability Plicy Statement Respnsibilities f a Merchant Department Prcess t Becme a Merchant Department
More informationAgenda. o Purpose of IT Assessment o Scope of IT Assessment o Deloitte Recommendations o IBM Discussions o Research Data Center o Open Season
Agenda Purpse f IT Assessment Scpe f IT Assessment Delitte Recmmendatins IBM Discussins Research Data Center Open Seasn Purpse f IT Assessment Determine if IT resurces are being utilized efficiently and
More informationSystem Business Continuity Classification
System Business Cntinuity Classificatin Business Cntinuity Prcedures Infrmatin System Cntingency Plan (ISCP) Business Impact Analysis (BIA) System Recvery Prcedures (SRP) Cre Infrastructure Criticality
More informationBLUE RIDGE COMMUNITY AND TECHNICAL COLLEGE BOARD OF GOVERNORS
BLUE RIDGE COMMUNITY AND TECHNICAL COLLEGE BOARD OF GOVERNORS SERIES: 1 General Rules RULE: 17.1 Recrd Retentin Scpe: The purpse f this rule is t establish the systematic review, retentin and destructin
More informationPrivacy Policy. The Central Equity Group understands how highly people value the protection of their privacy.
Privacy Plicy The Central Equity Grup understands hw highly peple value the prtectin f their privacy. Fr that reasn, the Central Equity Grup takes particular care in dealing with any persnal and sensitive
More informationPROTIVITI FLASH REPORT
PROTIVITI FLASH REPORT The PCI Security Standards Cuncil Releases PCI DSS Versin 3.2 May 9, 2016 On April 28, 2016, the PCI Security Standards Cuncil (PCI SSC) released PCI Data Security Standard (PCI
More informationCSC 421 COURSE COMPACT
CSC 421 COURSE COMPACT Curse Cde: CSC 421 Curse Title: Cmputer Security Status: Cmpulsry Curse Unit: 2 Cntact Details Lecturer s Data Lecture perid: Tw hurs lectures per week fr 15 weeks (30 hurs) Name:
More informationBasic concept of Cloud computing
Basic cncept f Clud cmputing Abstract:- Mnica R Kabra (Vivekanand Arts Sardar Dalipsingh Cmmerce and science cllege Aurangabad) Clud cmputing is becming a pwerful netwrk architecture t perfrm large-scale
More informationCASSOWARY COAST REGIONAL COUNCIL POLICY ENTERPRISE RISK MANAGEMENT
CASSOWARY COAST REGIONAL COUNCIL POLICY ENTERPRISE RISK MANAGEMENT Plicy Number: 2.20 1. Authrity Lcal Gvernment Act 2009 Lcal Gvernment Regulatin 2012 AS/NZS ISO 31000-2009 Risk Management Principles
More informationService Level Agreement
Template SDSU-TPL-11085 v1.3 18/1/11 IT Services Service Level Agreement Enterprise CRM (ECRM) Versin: 0.1 01/11/2010 Cntents 1 INTRODUCTION... 4 1.1 Scpe f the Agreement... 4 1.2 Duratin f the Agreement...
More informationSystem Business Continuity Classification
Business Cntinuity Prcedures Business Impact Analysis (BIA) System Recvery Prcedures (SRP) System Business Cntinuity Classificatin Cre Infrastructure Criticality Levels Critical High Medium Lw Required
More informationGIS Service Provider. GIS Service Management
GIS Service Prvider GIS Service Management Overview What is ITIL? Brief Ottawa GIS Backgrund Prject Request The basis f ur existence in GIS, a need fr GIS service. Where d they cme frm? Service Strategy
More informationComtrex Systems Corporation. CISP/PCI Implementation Guidance for Odyssey Suite
CISP/PCI Implementatin Guidance fr Odyssey Suite Applicable Applicatin Versin This dcument supprts the fllwing applicatin versin: Odyssey Suite Versin 2.0 Intrductin Systems which prcess payment transactins
More informationIdentify Storage Technologies and Understand RAID
98-365 Windws Server Administratin Fundamentals Identify Strage Technlgies and Understand RAID 98-365 Windws Server Administratin Fundamentals Lessn Overview In this lessn, yu will learn: Lcal strage ptins
More informationThe Secret Life of Data: Protecting Sensitive Information, Mobile to Cloud
SESSION ID: CDS-R02 The Secret Life f Data: Prtecting Sensitive Infrmatin, Mbile t Clud Dan Griffin President JW Secure, Inc. @JWSdan WWNSAD? Intelligence agencies have been public abut: Inevitability
More informationHospital Information Management System Pro 2.1
Hspital Infrmatin Management System Pr 2.1 A cmplete management sftware fr hspital / clinic Advanced, pwerful, flexible cmplete management sftware fr hspital, clinic and medical institutes. Integrates
More informationData Protection Policy & Procedure
Data Prtectin Plicy & Prcedure Page 1 Prcnnect Marketing Data Prtectin Plicy V1.2 Data prtectin plicy Cntext and verview Key details Plicy prepared by: Adam Haycck Apprved by bard / management n: 01/01/2015
More informationMicrosoft Certified Database Administrator (MCDBA)
Micrsft Certified Database Administratr (MCDBA) 460 hurs Curse Overview/Descriptin The MCDBA prgram and credential is designed fr individuals wh want t demnstrate that they have the necessary skills t
More informationSecurity Standard for General Information Systems
Ohi University Security Standard fr General Infrmatin Systems A Standard fr the Cnfiguratin and Operatin f Infrmatin Systems at Ohi University System Security Wrking Grup 10/24/2008 Security Standard fr
More informationWhite Paper. SharePoint and the Consumerization of IT: Considerations for BYOD Success. Authors: Aseem Pandit and Prateek Bhargava
White Paper SharePint and the Cnsumerizatin f IT: Cnsideratins fr BYOD Success Authrs: Aseem Pandit and Prateek Bhargava The Evlutin f IT Cnsumerizatin & BYOD BYOD refers t the plicy f permitting emplyees
More informationFUJITSU RUNMYPROCESS SECURITY WHITE PAPER. www.runmyprocess.com
FUJITSU RUNMYPROCESS SECURITY WHITE PAPER www.runmyprcess.cm TABLE OF CONTENTS 1. INTRODUCTION 4 2. BUSINESS GOVERNANCE 5 2.1. Data Prtectin 5 2.2. Intellectual Prperty Prtectin 5 3. ORGANIZATIONAL GOVERNANCE
More informationState of Wisconsin Division of Enterprise Technology (DET) Distributed Database Hosting Service Offering Definition (SOD)
State f Wiscnsin Divisin f Enterprise Technlgy (DET) Distributed Database Hsting Service Offering Definitin (SOD) Distributed Database Hsting SOD Page 1 12/9/2010 Dcument Revisin Histry (Majr Pst Publishing
More informationITIL V3 Planning, Protection and Optimization (PPO) Certification Program - 5 Days
ITIL V3 Planning, Prtectin and Optimizatin (PPO) Certificatin Prgram - 5 Days Prgram Overview The ITIL Intermediate Qualificatin: Planning, Prtectin and Optimizatin (PPO) Certificate is a free-standing
More informationRUTGERS POLICY. Responsible Executive: Vice President for Information Technology and Chief Information Officer
RUTGERS POLICY Sectin: 70.1.1 Sectin Title: Infrmatin Technlgy Plicy Name: Acceptable Use Plicy fr Infrmatin Technlgy Resurces Frmerly Bk: N/A Apprval Authrity: Senir Vice President fr Administratin Respnsible
More informationEnterprise Security Management CIS 259
Enterprise Security Management CIS 259 Prerequisites CIS 175 Descriptin This curse is designed t cver the managerial aspects f cmputer security and risk management fr enterprises. The student will attain
More informationBest Practices for Optimizing Performance and Availability in Virtual Infrastructures
Best Practices fr Optimizing Perfrmance and Availability in Virtual Infrastructures www.nimsft.cm Best Practices fr Optimizing Perfrmance and Availability in Virtual Infrastructures PAGE 2 Table f Cntents
More informationHelp Desk Level Competencies
Help Desk Level Cmpetencies Level 1 Take user calls and manage truble tickets Ability t staff and manage the rganizatins helpdesk and effectively respnd t rutine custmer calls Ability t use prper grammar
More informationImproved Data Center Power Consumption and Streamlining Management in Windows Server 2008 R2 with SP1
Imprved Data Center Pwer Cnsumptin and Streamlining Management in Windws Server 2008 R2 with SP1 Disclaimer The infrmatin cntained in this dcument represents the current view f Micrsft Crpratin n the issues
More informationLogMeIn Rescue Web SSO via SAML 2.0 Configuration Guide
LgMeIn Rescue Web SSO via SAML 2.0 LgMeIn Rescue Web SSO via SAML 2.0 Cnfiguratin Guide 02-19-2014 Cpyright 2015 LgMeIn, Inc. 1 LgMeIn Rescue Web SSO via SAML 2.0 Cntents 1 Intrductin... 3 1.1 Dcument
More informationCNS-205 Citrix NetScaler 10.5 Essentials and Networking
CNS-205 Citrix NetScaler 10.5 Essentials and Netwrking Descriptin: The bjective f the Citrix NetScaler 10.5 Essentials and Netwrking curse is t prvide the fundatinal cncepts and advanced skills necessary
More informationState of Wisconsin DET Agency Managed Virtual Services Service Offering Definition
State f Wiscnsin DET Agency Managed Virtual Services Service Offering Definitin Dcument Revisin Histry Date Versin Creatr Ntes 6/03/08 1.0 James Sylla Initial draft 9/21/11 1.7 Amy Dustin Annual review
More informationZimbra Professional Services Portfolio, Purchasing Guide & Price List
In- Tuitin Netwrks Ltd Zimbra Prfessinal Services Prtfli, Purchasing Guide & Price List This dcument prvides an verview f In- Tuitin Netwrks Limited s range f Zimbra Prfessinal Services available n the
More informationPlus500CY Ltd. Statement on Privacy and Cookie Policy
Plus500CY Ltd. Statement n Privacy and Ckie Plicy Statement n Privacy and Ckie Plicy This website is perated by Plus500CY Ltd. ("we, us r ur"). It is ur plicy t respect the cnfidentiality f infrmatin and
More informationInstallation Guide Marshal Reporting Console
INSTALLATION GUIDE Marshal Reprting Cnsle Installatin Guide Marshal Reprting Cnsle March, 2009 Cntents Intrductin 2 Supprted Installatin Types 2 Hardware Prerequisites 3 Sftware Prerequisites 3 Installatin
More informationCLOUD ENABLED CLOUD ENABLED
Asia s st 1 and Only Cmpany t Offer Bradest Prtfli f Clud trainings. Clud Architect: Duratin 5 Days Abut Us: Clud Enabled is Asia's First and nly Cmpany t ffer the Bradest prtfli f clud trainings. Clud
More informationNERC-CIP Cyber Security Standards Compliance Documentation
Cmpliance Dcumentatin Briv OnAir 8/3/20154 Page 2 Overview This dcument is intended t be the primary surce f infrmatin fr Briv s cmpliance with the Nrth America Electric Reliability Crpratin (NERC) reliability
More informationNational Information Assurance Partnership. Common Criteria Evaluation and Validation Scheme. Validation Report
Natinal Infrmatin Assurance Partnership Cmmn Criteria Evaluatin and Validatin Scheme Validatin Reprt Micrsft Windws 8, Micrsft Windws RT, Micrsft Windws Server 2012 IPsec VPN Client TM Reprt Number: CCEVS-VR-VID10529-2013
More informationOCR LEVEL 2 CAMBRIDGE TECHNICAL
Cambridge TECHNICALS OCR LEVEL 2 CAMBRIDGE TECHNICAL CERTIFICATE/DIPLOMA IN IT SETTING UP AN IT NETWORK M/601/3274 LEVEL 2 UNIT 6 GUIDED LEARNING HOURS: 60 UNIT CREDIT VALUE: 10 SETTING UP AN IT NETWORK
More informationVendor Management. Federal Deposit Insurance Corporation Division of Risk Management Supervision Atlanta Regional Office.
Vendr Management Federal Depsit Insurance Crpratin Divisin f Risk Management Supervisin Atlanta Reginal Office June 18, 2014 1 Agenda Intrductin Vendr Management Overview Regulatry Expectatins Bard and
More informationPCI DSS Cloud Computing Guidelines
Standard: PCI Data Security Standard (PCI DSS) Versin: 2.0 Date: February 2013 Authr: Clud Special Interest Grup PCI Security Standards Cuncil Infrmatin Supplement: PCI DSS Clud Cmputing Guidelines Table
More informationITIL Release Control & Validation (RCV) Certification Program - 5 Days
ITIL Release Cntrl & Validatin (RCV) Certificatin Prgram - 5 Days Prgram Overview ITIL is a set f best practices guidance that has becme a wrldwide-adpted framewrk fr Infrmatin Technlgy Services Management
More informationIntroduction to Mindjet MindManager Server
Intrductin t Mindjet MindManager Server Mindjet Crpratin Tll Free: 877-Mindjet 1160 Battery Street East San Francisc CA 94111 USA Phne: 415-229-4200 Fax: 415-229-4201 mindjet.cm 2013 Mindjet. All Rights
More informationMaaS360 Cloud Extender
MaaS360 Clud Extender Installatin Guide Cpyright 2012 Fiberlink Cmmunicatins Crpratin. All rights reserved. Infrmatin in this dcument is subject t change withut ntice. The sftware described in this dcument
More informationIntegrating With incontact dbprovider & Screen Pops
Integrating With incntact dbprvider & Screen Pps incntact has tw primary pints f integratin. The first pint is between the incntact IVR (script) platfrm and the custmer s crprate database. The secnd pint
More informationSTANDARDISATION IN E-ARCHIVING
STANDARDISATION IN E-ARCHIVING R E Q U I R E M E N T S A N D C O N T R O L S F O R D I G I T I S AT I O N A N D E - A R C H I V I N G S E R V I C E P R O V I D E R S Alain Wahl 1 Requirements and cntrls
More informationCisco Backup as a Service with Commvault Simpana Business Decision Maker Presentation
Cisc Backup as a Service with Cmmvault Simpana Business Decisin Maker Presentatin Agenda BaaS An Overview BaaS pwered by Cisc UCS & CmmVault Use Cases BaaS ffering Cnsideratins fr CSPs Effective psitining
More informationG-CLOUD FRAMEWORK SERVICE DEFINITION. Solution Architecture for Cloud Service. Copyright: 2014 6point6 Ltd
G-CLOUD FRAMEWORK SERVICE DEFINITION Slutin Architecture fr Clud Service Cpyright: 2014 6pint6 Ltd G-Clud Service Definitin Slutin Architecture fr Clud Service 1. SERVICE OVERVIEW 6pint6 is an innvative
More informationInstallation Guide Marshal Reporting Console
Installatin Guide Installatin Guide Marshal Reprting Cnsle Cntents Intrductin 2 Supprted Installatin Types 2 Hardware Prerequisites 2 Sftware Prerequisites 3 Installatin Prcedures 3 Appendix: Enabling
More informationOracle Cloud Enterprise Hosting and Delivery Policies
Oracle Clud Enterprise Hsting and Delivery Plicies Statement f Changes Versin 1.5, 6/01/2015 This dcument utlines changes made t the Oracle Clud Enterprise Hsting and Delivery Plicies dated December 1,
More informationIn addition to assisting with the disaster planning process, it is hoped this document will also::
First Step f a Disaster Recver Analysis: Knwing What Yu Have and Hw t Get t it Ntes abut using this dcument: This free tl is ffered as a guide and starting pint. It is des nt cver all pssible business
More informationCorporate Profile, 2014
Cpyright 2014 IT-Serve.cm All rights reserved. IT-Serve.cm Crprate Prfile, 2014 Internatinal experience, Reginal reach, Lcal understanding Dubai Abu Dhabi Sharjah Oman Qatar Saudi Arabia IT-Serve.cm PO
More information