The Internet of Things, big data and the cloud: implications for privacy and trust
|
|
- Grace Andrews
- 8 years ago
- Views:
Transcription
1 The Internet of Things, big data and the cloud: implications for privacy and trust Russell Craig National Technology Officer, Microsoft NZ
2 What are we going to talk about? What is the Internet of Things? What is big data? How do they relate to the cloud? Privacy Issues what should we care about/why should we care? Enabling trust the role of the industry
3 What is the Internet of Things? Connected world solutions combine sensors and technologies to enable objects and infrastructure to interact with monitoring, analytics and control systems over Internet-style networks. Things Data Connectivity Analytics Source: Forrester
4 Hardware is cheap Connectivity is pervasive Development is easy Huge benefits fuel demand New Innovative Scenarios
5 Moore s Law Metcalf s Law Koomey s Law Transistors 10,000,000,000 1,000,000, ,000,000 10,000,000 1,000, ,000 10,000 1, Computations per KWh 1.E+14 1.E+12 1.E+10 1.E+08 1.E+06 1.E+04 1.E+02 1.E+00 Over the history of computing hardware, the number of transistors in a dense integrated circuit has doubled approx. every two years. Value of a telecommunications network is proportional to the square of the number of connected users of the system (n2). The energy needed for a fixed computing load falls by a factor of 100 every decade.
6
7
8 will become ambient intelligence intelligence from machine learning
9 What Microsoft Says You have things that you get data from and store that you derive insights from that allows you to do Infrastructure Things Citizen Things Transportation Things Cloud Storage HDInsight Power BI Predictive Maintenance Command and Control 9
10 Make IoT real in your business Improve efficiency Decrease costs through asset monitoring Enable innovation Increase revenue through service improvement Transform your business Create additional revenue streams by monetizing new opportunities Remote monitoring and management Improve customer service and loyalty Reach new customers and markets 10
11 The connected cow: Using IoT to transform cattle production CHALLENGE SOLUTION BENEFITS Fujitsu is the world s fourth-largest IT services provider with approximately 162,000 employees in more than 100 countries and holds about 97,000 patents worldwide. Fujitsu wanted to help dairy farmers increase production, improve data insights and transform their business by optimizing the timing of artificial insemination (AI). It also wanted to decrease loss through early detection of health issues. Fujitsu learned from public research that a cow produces more estrus (goes into heat) 16 hours after the number of steps increases significantly. The company created an innovative solution which uses a rugged pedometer with a five-year battery to measure the number of footsteps a cow takes, then sends that data to the cloud for analysis to determine optimum AI timing and even affect calf gender. In addition, the patterns of steps can detect disease in cattle. Alerts are delivered to the farmer s cell phone. o o o o Improves calf production up to 31%, with an average of 12% Modernizes data access with mobile phone alerts, reducing labor costs for monitoring cows Transforms herd management by allowing farmers to increase chances of producing a male or female calf Reduces loss by detecting 8-10 different kinds of diseases in cattle Create the Internet of Your Things FUJITSU
12 The Internet of Things Healthcare PATIENT HOME HOSPITAL OUTPATIENT FACILITY Monitor patient conditions with in-home medical devices that alert care team staff when a health event occurs. Enable an interactive experience between patients and collaborative care teams, and reduce response times by providing remote access to the latest patient data. Connect patient data to contextual data, so the latest patient data automatically displays on care provider devices based on their location and role. Make authorized patient data accessible from a unified point, enabling a holistic view of the patient s journey so providers can optimize each care interaction. 35 Transform the vehicle into a smart environment that monitors health indicators. Combine data from various sources to uncover insights that enable an enhanced patient journey, improved operational efficiency, and better risk management. Make patient data visible and actionable in near real-time, enabling improved outcomes through datadriven decision making, better coordination and error reduction. HEALTHCARE ECOSYSTEM Integrate data from existing and nontraditional sources to drive Big Data analytics, enabling care process innovation and healthcare transformation. WEATHER PHARMACY GOVERNMENT INSURANCE COMPANIES RETAIL RESEARCH DEMOGRAPHICS
13
14 Microsoft Azure Cloud is fundamental enabler of IoT and big data Compute Data Storage Network Services App Services Global Physical Infrastructure Stores over 50 trillion objects Handles on average 127,000 requests/second Peak of 880,000 requests/second > 2 billion active directory transactions/day 14
15 Devices Device Connectivity Storage Analytics Presentation & Action Event Hubs SQL Database Machine Learning App Service Service Bus Table/Blob Storage Stream Analytics Power BI External Data Sources { } DocumentDB HDInsight Notification Hubs External Data Sources Data Factory Mobile Services BizTalk Services
16 Azure Intelligent Systems Service Automotive Retail Industrial Healthcare Security & Surveillance Energy Smart Home Smart Cities Microsoft Azure Intelligent Systems Service(s) Monitoring Remote Access Content Distribution Configuration Management Data collection and alerts Asset tracking & Geo-fencing Preventive maintenance Usage based billing Securely log into remote devices and products to diagnose issues Remote servicing - diagnose, and repair problems Automate software deployment to assets Distribute files to devices. Content includes asset-specific files, doc, ads Store and access asset configurations Compliance Management Telematics Windows I0 IoT NETWORK M2M Gateway Vehicle Tracking Device Cameras Power Meter Load Meter Smoke Fire Alarms Humidity Sensor Flow Meter Occupancy Sensor Temperature Sensor INTELLIGENT DEVICES Machine Controller Vehicle Tracking Smart Grid General Equipment Retail Kiosk Fire Detection Healthcare Smart Building Automation Digital Advertising Smart Home Automation
17 Switching focus: data and analytics Gartner identifies Big Data and extreme information processing and management, in-memory database management systems and quantum computing as transformational with adoption between 2 and 5 years This would also enable enterprises to leverage Predictive Analytics which has already seen greater mainstream adoption combined with cloud computing as transformational in broadening the options in developing and sourcing IT
18 Humans as data sources Per person per day (in golden billion ) s voice calls SMS and twits 0.1 blog posts 1-20 financial transactions 3-30 search requests articles, read on the Internet 10 audio records minutes of TV/Video appearances in video monitoring cameras geospatial notches RFID checks And at least 4.5 billion of people have at least phones (mostly wireless) From The Human Face of Big Data by Rick Smolan. EMC inspired.
19 World today
20 and tomorrow
21 What should we care about? Our vision: New Zealand is a world leader in the trusted, inclusive and protected use of shared data to deliver a prosperous society 1. Get the rules of the game right. 2. Create value by doing. 3. Establish the foundations: value, inclusion trust and control.
22 Why should we care?
23 Big = big opportunity For governments: Budget savings Transparency and responsibility Real insight into society Optimal decisions
24 Big data = big opportunity For people: Self organization Better experiences Intelligent environment Introspection
25 Big data = big opportunity For business: Converting products to services Expanded value chains New business models Educated targeting F r o m P r o d u c t t o S e r v i c e V = V 0 + A N + B N 2 Value for customer Socialization of Business Clients Employees Partners Imminent value Mobility & Connectivity Volume value On Premise Off Premise Big Data & BI Network value Value
26 Big data = big opportunity For IT industry Next chance to change the world Step towards internet of everything Completely new markets
27 Big challenge For people New lack of privacy Automated justice Need to understand Risks of: Re-identification Re-personalization Undesirable profiling False aggregation Incorrect inferences Unwanted targeting Etc. Joseph Goebbels
28 Why Netflix's Facebook app would be illegal By Julianne March 27 VPPA arose from strange circumstances surrounding the failed Supreme Court nomination of Robert Bork. While Bork's nomination hearings were taking place in 1987, a freelance writer for the Washington City Paper talked a video store clerk into giving him Bork's rental history. Target Predicts Pregnancy with Big Data Big challenge For business Hard to comply Easy to violate Unexpected backfire Need to defend sources Google facing legal threat from six European countries over privacy
29 html?mod=googlenews_wsj Big challenge For government It is hard to be transparent It is easy to overuse Hard to defend sources George Orwell, investigations/us-intelligencemining-data-from-nine-usinternet-companies-in-broadsecretprogram/2013/06/06/3a0c0da8- cebf-11e d970ccb04497_story.html
30 Big challenge For IT industry Needs new hardware and software architecture to address scale Needs to know how to protect customers Needs to address extremely complicated usage scenarios Risk of over-restrictive regulation
31 Pro Con People: collective knowledge Business: from disordered offerings to quality of life service Government: know and address real needs of citizens IT industry: change the world (again?) People: final lack of privacy Business: disruptive scenarios Government: chance to miss everything loss of trust IT industry: new approaches to hw and sw architecture, addressing new challenges
32 Long term Q: where do societies need to focus? A: computational ethics and Big Data
33 Why ethics? Benefiting from opportunities and mitigating risks assumes careful handling of digital assets of high business and personal value, both in known scenarios and in completely new situations To proceed successfully one should follow some sort of fundamental principles clear and consistent Ethics, also known as moral philosophy, is a branch of philosophy that involves systematizing, defending and recommending concepts of right and wrong conduct.
34 Big Data and traditional ethics Let s take concepts from traditional ethics and examine how they should apply to the digital world, and how they evolve under influence of Big Data capabilities Four elements of Big Data Ethics: Identity, Privacy, Ownership, Reputation Big Data is ethically neutral Personal data not some specific data, but any data generated in the course of a person s activities Privacy interests, not always ultimate rights Kord Davis; Ethics of Big Data - Balancing Risk and Innovation. O'Reilly Media, 2012 A responsible organization is an organization that is concerned both with handling data in a way that aligns with its values and with being perceived by others to handle data in such a manner.
35 Big-Data ethics: Privacy Privacy is the ability of an individual or group to seclude themselves or information about themselves and thereby reveal themselves selectively (wikipedia). In 1993, the New Yorker published a cartoon whose caption read: On the Internet, nobody knows you re a dog At the time, this was funny because it was true. Today, in the age of big data, it is not only possible to know that you re a dog, but also what breed you are, your favorite snacks, your lineage, and whether you ve ever won any awards at a dog show. There are two issues. First, does privacy mean the same thing in both online and offline in the real world? Second, should individuals have a legitimate ability to control data about themselves, and to what degree? Following Davis Kord. Ethics of Big Data.
36 Benefits of ethics inquiry Faster consumer adoption by reducing fear of the unknown (how are you using my data?) Reduction of friction from legislation from a more thorough understanding of constrains and requirements Increased pace of innovation and collaboration derived from a sense of purpose generated by explicitly shared values Reduced risk of unintended consequences from an overt consideration of long-term, far-reaching implications of the use of big-data technologies Partially following Kord Davis. Ethics of Big Data.
37 Shorter term: focus on enabling trust Where do we start? - understand the domain & who is responsible for what. What should we expect of the cloud industry? - industry is an enabler - all clouds are not equal - public should expect a lot
38 Microsoft s approach to trust: building security, privacy, transparency and compliance into the cloud
39 Cloud is becoming integral to business transformation The secure pathway to innovation Start with a trusted & resilient foundation Leverage economies of scale and expertise Use the cloud to drive business strategy Reshape how you engage with customers Enable more productive work Drive new and more rapid sources of innovation 39
40 Cybersecurity concerns persist Global attacks are increasing and costs are rising Cybercrime extracts between 15% and 20% of the value created by the Internet. 1 In the UK, 81% of large corporations and 60% of small businesses reported a cyberbreach in the past year. 2 Total financial losses attributed to security compromises increased 34% in Impact of cyber attacks could be as much as $3 trillion in lost productivity and growth. 4 40
41 But cloud momentum continues to accelerate If you re resisting the cloud because of security concerns, you re running out of excuses. The question is no longer: How do I move to the cloud? Instead, it s Now that I m in the cloud, how do I make sure I ve optimized my investment and risk exposure? By 2020 clouds will stop being referred to as public and private. It will simply be the way business is done and IT is provisioned. 41
42 The Microsoft Trusted Cloud 200+ cloud services, 1+ million servers, $15B+ infrastructure investment 57% of Fortune ,000 new subscribers per week million active users 4 Online 5.5+ billion worldwide queries each month million users per month 5 1 billion customers, 20 million businesses, 90 countries worldwide billion worldwide users 2 48 million members in 57 countries million unique users each month 6 42
43 Microsoft cloud a trusted foundation Privacy and Security Transparency Compliance Control 43 43
44 Azure Security Microsoft delivers enterprise cloud services customers can trust Industry-leading best practices in the design and management of online services Enhanced security, operational management, and threat mitigation practices Trustworthy enterprise cloud services Centers of excellence 44
45 Infrastructure protection Azure infrastructure includes hardware, software, networks, administrative and operations staff, policies and procedures, and the physical data centers that house it all 24 hour monitored PHYSICAL SECURITY Centralized MONITORING AND ALERTS Update MANAGEMENT Anti-Virus/Anti-Malware PROTECTION Red Teaming PENETRATION TESTING FIREWALLS 45
46 Network protection Azure networking provides the infrastructure necessary to securely connect VMs to one another and to connect on-premises data centers with Azure VMs. Network isolation: Blocks unauthorized users from the network using a distributed virtual firewall Virtual networks: Customers can connect one or more cloud services using private IP addresses. VPN and ExpressRoute: Site-to-site and point-to-site VPNs help enable secure connections. Encrypted communications: Encryption within and between deployments, and from Azure to on-premises datacenters with TLS and Perfect Forward Secrecy. 46
47 Identity & access control Azure enables customers to better control access in a multi-tenant environment Enterprise cloud directory Azure Active Directory (AD) offers enterprise identity and access management in the cloud. Multi-Factor Authentication (MFA) Strong authentication adds an extra layer of security for user logins. Access monitoring and logging Security reports monitor access patterns that help identify potential threats. Single sign-on Users get a single sign-on option across multiple applications and services. Integration with customer applications Developers can integrate their app with Azure AD for single sign-on functionality for their users. 47
48 Azure Privacy Privacy & Control Microsoft makes our commitment to the privacy of our customers a priority with independently audited policies and practices that include restricting the mining of Customer Data for advertising or similar commercial purposes. 48
49 Trustworthy Privacy foundation Privacy by Design Microsoft privacy principles are designed to facilitate the responsible use of customer data, be transparent about practices, and offer meaningful privacy choices. Microsoft Privacy Standard Guidelines that help ensure privacy is applied in the development and deployment of products and services. Data segregation Azure uses logical isolation to segregate each customer s data from that of others. 49
50 ISO/IEC Microsoft is the first major cloud provider to adopt the first international code of practice for governing the processing of personal information by cloud service providers. Prohibits use of customer data for advertising and marketing purposes without customer s express consent. Prevents use of customer data for purposes unrelated to providing the cloud service. 50
51 Contractual commitments Adopt ISO/IEC code of practice Microsoft was the first major cloud service provider to Offer customers E.U. Standard Contractual Clauses that provide specific contractual guarantees around transfers of personal data for in-scope services. Have European data privacy authorities validate that its enterprise agreement meets EU requirements on international data transfers Abide by US-EU Safe Harbor Framework and the US-Swiss Safe Harbor Program. 51
52 Restricted data access Customer data is only accessed when necessary to support customer s use of Azure (e.g. troubleshooting or feature improvement), or when required by law. When granted, access is controlled and logged. Strong authentication, including MFA, helps limit access to authorized personnel only. Access is revoked as soon as it s no longer needed. Access controls are verified by independent audit and certifications. 52
53 Law enforcement requests Microsoft does not disclose Customer Data to law enforcement unless as directed by customer or required by law, and will notify customers when compelled to disclose, unless prohibited by law. The Law Enforcement Request Report discloses details of requests every 6 months. Microsoft doesn t provide any government with direct or unfettered access to Customer Data. Microsoft only releases specific data mandated by the relevant legal demand. If a government wants customer data it needs to follow the applicable legal process. Microsoft only responds to requests for specific accounts and identifiers. 53
54 Customer Data When a customer utilizes Azure, they retain exclusive ownership of their data. Control over data location Customers choose data location and replication options. Role based access control Tools support authorization based on a user s role, simplifying access control across defined groups of users. Encryption key management Customers have the flexibility to generate and manage their own encryption keys. Control over data destruction Deletion of data on customer request and on contract termination. 54
55 Data protection Azure provides customers with strong data protections both by default and as customer options Data isolation Logical isolation segregates each customer s data from that of others is enabled by default. At-rest data protection Customers can implement a range of encryption options for virtual machines and storage. In-transit data protection Encryption Industry-standard protocols encrypt data in transit to/from outside components, as well as data in transit internally by default. Data encryption in storage or in transit can be deployed by the customer to align with best practices for ensuring confidentiality and integrity of data. Data redundancy Customers have multiple options for replicating data, including number of copies and number and location of replication data centers. Data destruction Strict standards for overwriting storage resources before reuse and the physical destruction of decommissioned hardware are by default. 55
56 Cloud Transparency Microsoft helps enable customer control over Customer Data by providing transparency into where it is stored, who can access it, and how Microsoft helps secure it, with accessible tools and straightforward language. 56
57 Data storage and use Customers control where Customer Data is stored Customers know where and how their data is stored and used Microsoft doesn t use Customer Data for advertising Microsoft doesn t share Customer Data with our advertiser-supported services or mine it for marketing Microsoft uses Customer Data only to provide the services, including purposes compatible with providing the services. Customers may delete Customer Data or leave the service at any time 57
58 Security practices Build security into software code (SDL) Customer knows how we help secure their data Ensure Azure infrastructure is resilient to attack Safeguard user access to Azure environment Keep customer data secure through encrypted communications 58
59 Microsoft and compliance Microsoft invests heavily in the development of innovative compliance technology, processes and integration in Azure. The Microsoft compliance framework for online services maps controls to multiple regulatory standards, which helps drive the design and building of services that meet today s high level of security and privacy needs. 59
60 Azure Compliance Azure meets a broad set of international, regional, and industry-specific compliance and regulatory standards. Microsoft s security compliance program includes rigorous testing, the implementation of best practices, and many other functions to achieve certificates and attestations. 60
61 Compliance framework Compliance certifications Continual evaluation, benchmarking, adoption, test & audit Independent verification Access to audit reports Best practices Microsoft maintains a team of experts focused on ensuring that Azure meets its own compliance obligations, which helps customers meet their own compliance requirements. Compliance strategy helps customers address business objectives and industry standards & regulations, including ongoing evaluation and adoption of emerging standards and practices. Ongoing verification by third party audit firms. Microsoft shares audit report findings and compliance packages with customers. Prescriptive guidance on securing data, apps, and infrastructure in Azure makes it easier for customers to achieve compliance. 61
62 Extensive experience and credentials CSA Cloud Controls Matrix SOC 1 SOC 2 HIPAA/ HITECH UK G-Cloud OFFICIAL AU IRAP Accreditation Singapore MCTS CJIS CDSA ISO/IEC 27001:2005 FISMA ATO Operations Security Assurance FedRAMP P-ATO EU Data Protection Directive PCI DSS Level 1 ISO/IEC
63 Partnering with industry leaders Promoting a standardsbased approach to cloud compliance Extensive experience in security compliance assessments for both U.S. and global government customers Proposing clear principles for reform of government surveillance 63
64
How Microsoft is taking Privacy by Design to Work. Alan Chan National Technology Officer Microsoft Hong Kong 7 May 2015
How Microsoft is taking Privacy by Design to Work Alan Chan National Technology Officer Microsoft Hong Kong 7 May 2015 Agenda Introducing the New Microsoft Microsoft privacy principle Protecting privacy
More informationSikkerhet i skytjenester; hva bør en tenke på? Ole Tom Seierstad National Security Officer Microsoft Norway oles@microsoft.com
Sikkerhet i skytjenester; hva bør en tenke på? Ole Tom Seierstad National Security Officer Microsoft Norway oles@microsoft.com Cloud is becoming integral to business transformation The secure pathway to
More informationEnabling Manufacturing Transformation in a Connected World. John Shewchuk Technical Fellow DX
Enabling Manufacturing Transformation in a Connected World John Shewchuk Technical Fellow DX Internet of Things What is the Internet of Things? The network of physical objects that contain embedded technology
More informationMicrosoft Azure. White Paper Security, Privacy, and Compliance in
White Paper Security, Privacy, and Compliance in Security, Privacy, and Compliance in Executive Summary The adoption of cloud services worldwide continues to accelerate, yet many organizations are wary
More informationThe Education Fellowship Finance Centralisation IT Security Strategy
The Education Fellowship Finance Centralisation IT Security Strategy Introduction This strategy outlines the security systems in place to optimise, manage and protect The Education Fellowship data and
More informationWhite Paper How Noah Mobile uses Microsoft Azure Core Services
NoahMobile Documentation White Paper How Noah Mobile uses Microsoft Azure Core Services The Noah Mobile Cloud service is built for the Microsoft Azure platform. The solutions that are part of the Noah
More informationTrusted Cloud: Microsoft Azure Security, Privacy, and Compliance. April 2015
Trusted Cloud: Microsoft Azure Security, Privacy, and Compliance April 2015 Trusted Cloud: Microsoft Azure Security, Privacy, and Compliance April, 2015 Contents Introduction...4 What customers want from
More informationTRUSTED CLOUD. Our commitment to provide a cloud you can trust. Fernando Machado Píriz September 2014
TRUSTED CLOUD Our commitment to provide a cloud you can trust Fernando Machado Píriz September 2014 Technology Trends Driving cloud adoption 71% of strategic buyers cite scalability, cost and business
More informationMicrosoft Azure. Microsoft Azure Security, Privacy, & Compliance
Security, Privacy, & Compliance Technology trends: driving cloud adoption BENEFITS Speed Scale Economics Cloud Trend: 70% 2 weeks to deliver new services vs. 6-12 months with traditional solution Scale
More informationSecuring the Microsoft Cloud Infrastructure. Reto Häni Chief Security Officer Microsoft Western Europe MEET SWISS INFOSEC! 24.06.
Securing the Microsoft Cloud Infrastructure Reto Häni Chief Security Officer Microsoft Western Europe MEET SWISS INFOSEC! 24.06.2015 1 Certification & Security Reliance Microsoft s cloud environment Application
More informationAppendix D-1 to Aproove Saas Contract : Security and solution hosting provider specs.
Appendix D-1 to Aproove Saas Contract : Security and solution hosting provider specs. The hosting company retained by Aproove is Microsoft Corporation, One Microsoft Way, Redmond, Washington 98052 USA.
More informationCloud Security Trust Cisco to Protect Your Data
Trust Cisco to Protect Your Data As cloud adoption accelerates, organizations are increasingly placing their trust in third-party cloud service providers (CSPs). But can you fully trust your most sensitive
More informationHow to Build an End-to-End Secured Hybrid Cloud for Your Enterprise. Ekkarat Klinbubpa Henky Alimin Sanguan Thammarojsakul
How to Build an End-to-End Secured Hybrid Cloud for Your Enterprise Ekkarat Klinbubpa Henky Alimin Sanguan Thammarojsakul CLOUD MOMENTUM CONTINUES TO ACCELERATE If you re resisting the cloud because of
More informationHow To Get A Cloud Security System To Work For You
Trust in the Cloud Ovidiu Pismac MCSE Security, CISSP, MCSE Private Cloud / Server & Desktop infrastructure, MCTS Forefront Microsoft Romania ovidiup@microsoft.com Technology trends: driving cloud adoption
More informationMicrosoft s cybersecurity commitment
Microsoft s cybersecurity commitment Published January 2015 At Microsoft, we take the security and privacy of our customers data seriously. This focus has been core to our culture for more than a decade
More informationSecuring the Microsoft Cloud
Securing the Microsoft Cloud Page 1 Securing the Microsoft Cloud Microsoft recognizes that trust is necessary for organizations and customers to fully embrace and benefit from cloud services. We are committed
More informationThe Platform is the Planet
The Platform is the Planet IoT Solutions in a Heterogeneous World Kevin Miller (kevin.miller@microsoft.com) Principal Program Manager, Azure IoT IoT Solutions Until Now Most earlier successful IoT deployments
More informationFWD. What the Internet of Things will mean for business
Article 6: September 2014 Internet of Things This year the focus of business has shifted to the Internet of Things (IoT), the connection and sharing of information between objects, machines, people and
More informationAssignment # 1 (Cloud Computing Security)
Assignment # 1 (Cloud Computing Security) Group Members: Abdullah Abid Zeeshan Qaiser M. Umar Hayat Table of Contents Windows Azure Introduction... 4 Windows Azure Services... 4 1. Compute... 4 a) Virtual
More informationProtecting Data and Privacy in the Cloud
Protecting Data and Privacy in the Cloud Contents 1 3 6 9 12 13 Protecting Data and Privacy in the Cloud an Introduction Building Services to Protect Data Protecting Data in Service Operations Empowering
More informationCloud security architecture
ericsson White paper Uen 284 23-3244 January 2015 Cloud security architecture from process to deployment The Trust Engine concept and logical cloud security architecture presented in this paper provide
More informationCloud Computing: Safe, Efficient and Easy
Microsoft Azure Cloud Computing: Safe, Efficient and Easy Linas Pečiūra Your title goes here Ref: The NIST Definition of Cloud Computing http://csrc.nist.gov/publications/nistpubs/800-145/sp800-145.pdf
More informationSecurity Controls for the Autodesk 360 Managed Services
Autodesk Trust Center Security Controls for the Autodesk 360 Managed Services Autodesk strives to apply the operational best practices of leading cloud-computing providers around the world. Sound practices
More informationIn the Cloud We Trust!
In the Cloud We Trust! Dejan Cvetkovic CTO, Microsoft CEE ISACA, Athens, Greece, November 24 th, 2015 Agenda Compliance for Financial Services The Microsoft Approach to Compliance Risk Management and Threat
More informationMicrosoft s Compliance Framework for Online Services
Microsoft s Compliance Framework for Online Services Online Services Security and Compliance Executive summary Contents Executive summary 1 The changing landscape for online services compliance 4 How Microsoft
More informationSecurity Whitepaper: ivvy Products
Security Whitepaper: ivvy Products Security Whitepaper ivvy Products Table of Contents Introduction Overview Security Policies Internal Protocol and Employee Education Physical and Environmental Security
More informationHow To Achieve Pca Compliance With Redhat Enterprise Linux
Achieving PCI Compliance with Red Hat Enterprise Linux June 2009 CONTENTS EXECUTIVE SUMMARY...2 OVERVIEW OF PCI...3 1.1. What is PCI DSS?... 3 1.2. Who is impacted by PCI?... 3 1.3. Requirements for achieving
More informationHow can Cloud help your Security. Christophe Van Mollekot Solution Advisor Microsoft
How can Cloud help your Security Christophe Van Mollekot Solution Advisor Microsoft Global datacenter footprint 100+ Datacenters in over 40 countries Integral to business transformation 71% of strategic
More informationDean Bank Primary and Nursery School. Secure Storage of Data and Cloud Storage
Dean Bank Primary and Nursery School Secure Storage of Data and Cloud Storage January 2015 All school e-mail is disclosable under Freedom of Information and Data Protection legislation. Be aware that anything
More informationClickTale Security Standards and Practices: Delivering Peace of Mind in Digital Optimization
Delivering Peace of Mind in Digital Optimization TABLE OF CONTENTS INTRODUCTION 2 PRIVACY AND ANONYMITY 3 ISO 27001 COMPLIANCE 5 APPLICATION-LEVEL SECURITY 6 PENETRATION TESTING AND SECURITY AUDITS 7 GENERAL
More informationCloud Computing: Contracting and Compliance Issues for In-House Counsel
International In-house Counsel Journal Vol. 6, No. 23, Spring 2013, 1 Cloud Computing: Contracting and Compliance Issues for In-House Counsel SHAHAB AHMED Director Legal and Corporate Affairs, Microsoft,
More informationBMC s Security Strategy for ITSM in the SaaS Environment
BMC s Security Strategy for ITSM in the SaaS Environment TABLE OF CONTENTS Introduction... 3 Data Security... 4 Secure Backup... 6 Administrative Access... 6 Patching Processes... 6 Security Certifications...
More informationPreemptive security solutions for healthcare
Helping to secure critical healthcare infrastructure from internal and external IT threats, ensuring business continuity and supporting compliance requirements. Preemptive security solutions for healthcare
More informationMicrosoft Azure. The cloud platform built for business. Tarmo Tikerpäe DC SSP Microsoft
Microsoft Azure The cloud platform built for business Tarmo Tikerpäe DC SSP Microsoft The next strategic opportunity is here Cloud Mobile Social How do you use technology innovation Big data? to architect
More informationSecurity Considerations
Concord Fax Security Considerations For over 15 years, Concord s enterprise fax solutions have helped many banks, healthcare professionals, pharmaceutical companies, and legal professionals securely deliver
More informationData Security and Privacy Principles for IBM SaaS How IBM Software as a Service is protected by IBM s security-driven culture
Data Security and Privacy Principles for IBM SaaS How IBM Software as a Service is protected by IBM s security-driven culture 2 Data Security and Privacy Principles for IBM SaaS Contents 2 Introduction
More informationLeveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs
IBM Global Technology Services Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs Achieving a secure government
More informationEnabling the SmartGrid through Cloud Computing
Enabling the SmartGrid through Cloud Computing April 2012 Creating Value, Delivering Results 2012 eglobaltech Incorporated. Tech, Inc. All rights reserved. 1 Overall Objective To deliver electricity from
More informationPROTECTING YOUR VOICE SYSTEM IN THE CLOUD
PROTECTING YOUR VOICE SYSTEM IN THE CLOUD Every enterprise deserves to know what its vendors are doing to protect the data and systems entrusted to them. Leading IVR vendors in the cloud, like Angel, consider
More informationFamly ApS: Overview of Security Processes
Famly ApS: Overview of Security Processes October 2015 Please consult http://famly.co for the latest version of this paper Page 1 of 10 Table of Contents 1. INTRODUCTION TO SECURITY AT FAMLY... 3 2. PHYSICAL
More informationCONTENTS. Security Policy
CONTENTS PHYSICAL SECURITY (UK) PHYSICAL SECURITY (CHICAGO) PHYSICAL SECURITY (PHOENIX) PHYSICAL SECURITY (SINGAPORE) SYSTEM SECURITY INFRASTRUCTURE Vendor software updates Security first policy CUSTOMER
More informationMANAGED MICROSOFT AZURE SERVICES
MANAGED MICROSOFT AZURE SERVICES Moving Your Applications to the Microsoft Azure Cloud? Let Connectria Help. No other provider hosts as many technologies in the Cloud as Connectria. If you re interested
More informationCONECTIVIDAD EN LA ERA DEL IOT THE INTERNET OF THINGS
CONECTIVIDAD EN LA ERA DEL IOT THE INTERNET OF THINGS Didier Mora System Engineer Cisco Mayo, 2015 Converging Digital Disruptions The Nexus of Forces The 3rd Platform The Industrial Internet IoT = $1.9
More informationSecuring the Cloud Infrastructure
EXECUTIVE STRATEGY BRIEF Microsoft recognizes that security and privacy protections are essential to building the necessary customer trust for cloud computing to reach its full potential. This strategy
More informationPCI Compliance for Cloud Applications
What Is It? The Payment Card Industry Data Security Standard (PCIDSS), in particular v3.0, aims to reduce credit card fraud by minimizing the risks associated with the transmission, processing, and storage
More informationAIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE
AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE THE CHALLENGE: SECURE THE OPEN AIR Wirelesss communication lets you take your business wherever your customers,
More informationIn the pursuit of becoming smart
WHITE PAPER In the pursuit of becoming smart The business insight into Comarch IoT Platform Introduction Businesses around the world are seeking the direction for the future, trying to find the right solution
More informationAIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE
AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE THE CHALLENGE: SECURE THE OPEN AIR Wirelesss communication lets you take your business wherever your customers,
More informationHow To Understand The Power Of The Internet Of Things
Next Internet Evolution: Getting Big Data insights from the Internet of Things Internet of things are fast becoming broadly accepted in the world of computing and they should be. Advances in Cloud computing,
More informationThe Anti-Corruption Compliance Platform
The Anti-Corruption Compliance Platform DATA COLLECTION RISK IDENTIFICATION SCREENING INTEGRITY DUE DILIGENCE CERTIFICATIONS GIFTS, TRAVEL AND ENTERTAINMENT TRACKING SECURITY AND DATA PROTECTION The ComplianceDesktop
More informationBringing Continuous Security to the Global Enterprise
Bringing Continuous to the Global Enterprise Asset Discovery Network Web App Compliance Monitoring Threat Protection The Most Advanced Platform 3+ Billion IP Scans/Audits a Year 1+ Trillion Events The
More informationHIPAA and Cloud IT: What You Need to Know
HIPAA and Cloud IT: What You Need to Know A Guide for Healthcare Providers and Their Business Associates GDS WHITE PAPER HIPAA and Cloud IT: What You Need to Know As a health care provider or business
More informationIBM Cloud Security Draft for Discussion September 12, 2011. 2011 IBM Corporation
IBM Cloud Security Draft for Discussion September 12, 2011 IBM Point of View: Cloud can be made secure for business As with most new technology paradigms, security concerns surrounding cloud computing
More informationSecurely Yours LLC IT Hot Topics. Sajay Rai, CPA, CISSP, CISM sajayrai@securelyyoursllc.com
Securely Yours LLC IT Hot Topics Sajay Rai, CPA, CISSP, CISM sajayrai@securelyyoursllc.com Contents Background Top Security Topics What auditors must know? What auditors must do? Next Steps [Image Info]
More informationPayment Card Industry Data Security Standard
Symantec Managed Security Services support for IT compliance Solution Overview: Symantec Managed Services Overviewview The (PCI DSS) was developed to facilitate the broad adoption of consistent data security
More informationSRG Security Services Technology Report Cloud Computing and Drop Box April 2013
SRG Security Services Technology Report Cloud Computing and Drop Box April 2013 1 Cloud Computing In the Industry Introduction to Cloud Computing The term cloud computing is simply the use of computing
More informationSANS Top 20 Critical Controls for Effective Cyber Defense
WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a
More informationIBM Cognos TM1 on Cloud Solution scalability with rapid time to value
IBM Solution scalability with rapid time to value Cloud-based deployment for full performance management functionality Highlights Reduced IT overhead and increased utilization rates with less hardware.
More informationSolution Brief for ISO 27002: 2013 Audit Standard ISO 27002. Publication Date: Feb 6, 2015. EventTracker 8815 Centre Park Drive, Columbia MD 21045
Solution Brief for ISO 27002: 2013 Audit Standard Publication Date: Feb 6, 2015 8815 Centre Park Drive, Columbia MD 21045 ISO 27002 About delivers business critical software and services that transform
More informationSolutions for Health Insurance Portability and Accountability Act (HIPAA) Compliance
White Paper Solutions for Health Insurance Portability and Accountability Act (HIPAA) Compliance Troy Herrera Sr. Field Solutions Manager Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale, CA
More informationA Forrester Consulting Thought Leadership Paper Commissioned By Zebra Technologies. November 2014
A Forrester Consulting Thought Leadership Paper Commissioned By Zebra Technologies November 2014 Internet-Of-Things Solution Deployment Gains Momentum Among Firms Globally Improved Customer Experience
More informationUsing AWS in the context of Australian Privacy Considerations October 2015
Using AWS in the context of Australian Privacy Considerations October 2015 (Please consult https://aws.amazon.com/compliance/aws-whitepapers/for the latest version of this paper) Page 1 of 13 Overview
More informationCONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL
CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL WHAT IS CDM? The continuous stream of high profile cybersecurity breaches demonstrates the need to move beyond purely periodic, compliance-based approaches to
More informationMANAGED FILE TRANSFER: 10 STEPS TO HIPAA/HITECH COMPLIANCE
WHITE PAPER MANAGED FILE TRANSFER: 10 STEPS TO HIPAA/HITECH COMPLIANCE 1. OVERVIEW Do you want to design a file transfer process that is secure? Or one that is compliant? Of course, the answer is both.
More informationInfor CloudSuite. Defense-in-depth. Table of Contents. Technical Paper Plain talk about Infor CloudSuite security
Technical Paper Plain talk about security When it comes to Cloud deployment, security is top of mind for all concerned. The Infor CloudSuite team uses best-practice protocols and a thorough, continuous
More informationSecurity & privacy in the cloud; an easy road?
Security & privacy in the cloud; an easy road? A journey to the trusted cloud Martin Vliem CISSP, CISA National Security Officer Microsoft The Netherlands mvliem@microsoft.com THE SHIFT O L D W O R L D
More informationCloud Security Implications for Financial Institutions By Scott Galyk Director of Software Development FIMAC Solutions, LLC
Cloud Security Implications for Financial Institutions By Scott Galyk Director of Software Development FIMAC Solutions, LLC www.fmsinc.org 1 2015 Financial Managers Society, Inc. Cloud Security Implications
More informationSecurity Issues in Cloud Computing
Security Issues in Computing CSCI 454/554 Computing w Definition based on NIST: A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources
More informationmanaging SSO with shared credentials
managing SSO with shared credentials Introduction to Single Sign On (SSO) All organizations, small and big alike, today have a bunch of applications that must be accessed by different employees throughout
More informationsecurity changes with Orange focus on your business, we focus on your security
security changes with Orange focus on your business, we focus on your security the only constant in security is change New uses and new technologies, proliferation of platforms and new workspaces in a
More informationSECURITY AND REGULATORY COMPLIANCE OVERVIEW
Powering Cloud IT SECURITY AND REGULATORY COMPLIANCE OVERVIEW BetterCloud for Office 365 Executive Summary BetterCloud provides critical insights, automated management, and intelligent data security for
More informationPCI DSS Reporting WHITEPAPER
WHITEPAPER PCI DSS Reporting CONTENTS Executive Summary 2 Latest Patches not Installed 3 Vulnerability Dashboard 4 Web Application Protection 5 Users Logging into Sensitive Servers 6 Failed Login Attempts
More informationOnline Lead Generation: Data Security Best Practices
Online Lead Generation: Data Security Best Practices Released September 2009 The IAB Online Lead Generation Committee has developed these Best Practices. About the IAB Online Lead Generation Committee:
More informationMicrosoft SharePoint Architectural Models
Microsoft SharePoint This topic is 1 of 5 in a series Introduction to Fundamental SharePoint This series is intended to raise awareness of the different fundamental architectural models through which SharePoint
More informationTransform the datacenter. Ovidiu Pismac MCSE Security, CISSP, MCITP Virtualization, MCTS Forefront Microsoft Romania ovidiup@microsoft.
Transform the datacenter Ovidiu Pismac MCSE Security, CISSP, MCITP Virtualization, MCTS Forefront Microsoft Romania ovidiup@microsoft.com Cloud OS Vision Microsoft s vision of the unified platform for
More informationidentity as the new perimeter: securely embracing cloud, mobile and social media agility made possible
identity as the new perimeter: securely embracing cloud, mobile and social media agility made possible IT transformation and evolving identities A number of technology trends, including cloud, mobility,
More informationCLOUD SECURITY: THE GRAND CHALLENGE
Government Ware: GovWare Singapore September 29, 2010 CLOUD SECURITY: THE GRAND CHALLENGE Glen Gooding Asia Pacific Security Leader IBM Corporation ggooding@au1.ibm.com Rest safe: Google saves the day
More informationData safety at UXprobe. White Paper Copyright 2015 UXprobe bvba
Data safety at UXprobe White Paper Copyright 2015 UXprobe bvba Table of contents Executive summary.... 3 1. Google App Engine... 4 2. Security at Google... 4 2.1. Data Access and identity... 4 2.2. Storage...
More informationRemote Management Services Portfolio Overview
Enterprise environments today have various technologies and concerns in their network environment; from telephony, Internet, video, compute, and infrastructure, to regulatory and security management. On
More informationThe Internet of Things (IoT) Opportunities and Risks
Session No. 744 The Internet of Things (IoT) Opportunities and Risks David Loomis, CSP Risk Specialist Chubb Group of Insurance Companies Brian Wohnsiedler, CSP Risk Specialist Chubb Group of Insurance
More informationThe evolution of the internet Welcome to the internet of things. enterprise.bcs.org
The evolution of the internet Welcome to the internet of things enterprise.bcs.org 02 The evolution of the internet Welcome to the internet of things Introduction As technology developments continue to
More informationTransparency. Privacy. Compliance. Security. What does privacy at Microsoft mean? Are you using my data to build advertising products?
Privacy Transparency What does privacy at Microsoft mean? Are you using my data to build advertising products? Where is my data? Who has access to my data? Compliance What certifications and capabilities
More informationKeyLock Solutions Security and Privacy Protection Practices
KeyLock Solutions Overview KeyLock Solutions hosts its infrastructure at Heroku. Heroku is a cloud application platform used by organizations of all sizes to deploy and operate applications throughout
More informationFive keys to a more secure data environment
Five keys to a more secure data environment A holistic approach to data infrastructure security Compliance professionals know better than anyone how compromised data can lead to financial and reputational
More informationMicrosoft Azure. Die "Hyper-Scale" Cloudplattform. Gerwald Oberleitner 22. September 2015
Microsoft Azure Die "Hyper-Scale" Cloudplattform Gerwald Oberleitner 22. September 2015 Wie sich Microsoft Hyper-scale Azure differenziert Enterprise Grade Hybrid Azure footprint Azure footprint Datacenter
More informationThe Panoptix Building Efficiency Solution: Ensuring a Secure Delivery of Building Efficiency
logo The Panoptix Building Efficiency Solution: Ensuring a Secure Delivery of Building Efficiency Understanding the Multiple Levels of Security Built Into the Panoptix Solution Published: October 2011
More informationHow To Manage A Privileged Account Management
Four Best Practices for Passing Privileged Account Audits October 2014 1 Table of Contents... 4 1. Discover All Privileged Accounts in Your Environment... 4 2. Remove Privileged Access / Implement Least
More informationHow To Buy Nitro Security
McAfee Acquires NitroSecurity McAfee announced that it has closed the acquisition of privately owned NitroSecurity. 1. Who is NitroSecurity? What do they do? NitroSecurity develops high-performance security
More informationMaximum Global Business Online Privacy Statement
Maximum Global Business Online Privacy Statement Last Updated: June 24, 2008. Maximum Global Business is committed to protecting your privacy. Please read the Maximum Global Business Online Privacy Statement
More informationAmazon Web Services: Risk and Compliance May 2011
Amazon Web Services: Risk and Compliance May 2011 (Please consult http://aws.amazon.com/security for the latest version of this paper) 1 This document intends to provide information to assist AWS customers
More informationOverview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin
Overview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin Best Practices for Security in the Cloud John Essner, Director
More informationAddressing Cloud Computing Security Considerations
Addressing Cloud Computing Security Considerations with Microsoft Office 365 Protect more Contents 2 Introduction 3 Key Security Considerations 4 Office 365 Service Stack 5 ISO Certifications for the Microsoft
More informationHow to ensure control and security when moving to SaaS/cloud applications
How to ensure control and security when moving to SaaS/cloud applications Stéphane Hurtaud Partner Information & Technology Risk Deloitte Laurent de la Vaissière Directeur Information & Technology Risk
More informationSolution Brief for HIPAA HIPAA. Publication Date: Jan 27, 2015. EventTracker 8815 Centre Park Drive, Columbia MD 21045
Publication Date: Jan 27, 2015 8815 Centre Park Drive, Columbia MD 21045 HIPAA About delivers business critical software and services that transform high-volume cryptic log data into actionable, prioritized
More informationNetop Environment Security. Unified security to all Netop products while leveraging the benefits of cloud computing
Netop Environment Security Unified security to all Netop products while leveraging the benefits of cloud computing Contents Introduction... 2 AWS Infrastructure Security... 3 Standards - Compliancy...
More informationGoogle Identity Services for work
INTRODUCING Google Identity Services for work One account. All of Google Enter your email Next Online safety made easy We all care about keeping our data safe and private. Google Identity brings a new
More information3Si Managed Authentication Services Service Description
3Si Managed Authentication Services Service Description [Pick the date] 3Si Managed Authentication Services Service Description [Type the document subtitle] JT www.3sicloud.com www.3sicloud.com enquiry@3sicloud.com
More informationBirst Security and Reliability
Birst Security and Reliability Birst is Dedicated to Safeguarding Your Information 2 Birst is Dedicated to Safeguarding Your Information To protect the privacy of its customers and the safety of their
More informationGOVERNANCE AND SECURITY BEST PRACTICES FOR PAYMENT PROCESSORS
GOVERNANCE AND SECURITY BEST PRACTICES FOR PAYMENT PROCESSORS A White Paper by i2c, Inc. 1300 Island Drive Suite 105 Redwood City, CA 94065 USA +1 650-593-5400 sales@i2cinc.com www.i2cinc.com Table of
More informationIntelligent Systems for Health Solutions
Bringing People, Systems, and Information Together Today s health organizations are increasingly challenged to accomplish what we call the triple aim of effective healthcare: deliver higher quality care
More information