Cloud security: A matter of trust? Dr Mark Ian Williams CEO, Muon Consulting
|
|
- Tabitha McGee
- 8 years ago
- Views:
Transcription
1 Cloud security: A matter of trust? Dr Mark Ian Williams CEO, Muon Consulting
2 I wandered lonely as a cloud... The academic, globe-trotting years: : Parallel software for PET scanner images in Geneva Hospital : Particle Physics PhD research at CERN for Lancaster University 1998: Senior Software Developer at SLAC, Stanford, USA : RA for QMUL and webmaster for BaBar experiment at SLAC The stepping stone: : Business idea development as RSE/PPARC Enterprise Fellow And down to business: : Web developer and accessibility consultant as CEO of Surfability : Managed Extrasys cloud computing business for NG Bailey 2009 Present: Cloud consultant, author and CEO of Muon Consulting
3 Benefits of cloud computing Pay-as-you-go IT, online and on-demand Operational versus capital expenditure Less time spent administering non-core commodity IT systems internally Faster development and deployment of business applications Data storage and compute resources scale seamlessly with your business Faster entry to new markets using cloud-based software delivery and content distribution services, and online application marketplaces Fewer hardware assets and software licenses to track Always use latest version of cloud-based software with no upgrade costs Mobile services, online collaboration and remote access out of the box
4 Cloud computing concerns Public clouds are multi-tenanted and therefore open to your competitors Common business concerns include: The inherent dependency upon internet access The potential for vendor lock-in Unexpected cloud service charges and internal costs Contractual liability for services if SLAs are missed But surveys consistently reveal that data security and data privacy in public clouds are the primary concerns for businesses And data protection and data privacy are your organisation s responsibility not your cloud provider s
5 Horror stories like this don t help... High profile cloud security breaches in 2011: Sony: over a dozen data breaches affecting 100 million user records Epsilon, a cloud-based provider: estimated 60 million customer s addresses breached EMC s RSA two-factor authentication system breached and SecurID data stolen, putting tens of thousands of their customers at risk Source : But internal (non-cloud) networks can be breached too: In a survey of USA-based SMBs 40% claim to have suffered a security breach due to unsafe web surfing Source:
6 Security attack techniques Public and/or private clouds create more targets for security attacks like this, and your employees hold the keys to your data: Physical theft of unencrypted laptops that may have copies of data or have browsers with saved passwords for accessing web applications Hacking servers to access unencrypted passwords (e.g. SONY) Spear-phishing targeted spoofing fraud (e.g. Epsilon and RSA) Social engineering attacks via social media and personal webmail to gain access to web-based systems Exploits of web browser vulnerabilities and apps on mobile devices Downloads of backdoor Trojans, keystroke loggers and other malware
7 Risk mitigation in and out of clouds Minimise internal security breaches through education, user account management processes and security technologies such as two-factor authentication and identity federation (e.g. single sign-on) Involve your IT and legal departments throughout your cloud adoption programme, and consult and engage other stakeholders too Institute a strict device management regime and/or educate your employees how to use their devices securely Avoid data protection litigation by storing only non-sensitive data in public clouds unless the cloud/s are a safer place for all your data Reduce the risk of cloud security breaches by ensuring your providers have adequate controls verified by a reputable third party
8 Questioning cloud providers Cartoon by Dave Blazek -
9 Questions on systems and processes Do the cloud provider s systems satisfy your internal requirements for governance and compliance? Do they follow any industry best practices for IT service management, such as the Information Technology Infrastructure Library (ITIL)? Do they have independently audited internal controls of IT systems and processes to ISAE 3402 (successor to SAS 70) specifications? Do they have ISO certification for their information security management system? Do they have favourable independent and verifiable online reviews and client endorsements?
10 Questions on data security Do your cloud providers support federated identity? How are your data stored, backed-up, encrypted and kept separate from other organisations data in the cloud? How and when are security tests performed, especially during service updates? How are the data centres secured physically? Who, including system administrators, has access to your data, and how are they vetted? How is data access controlled and logged? What happens to your data if a service agreement is terminated or if the provider s business fails?
11 Related data questions Who owns the data you store on the provider s servers? Where are your data and backups stored geographically? Where is the provider based? Do they have controlled facilities for making automated and authorised backups to other clouds, including private clouds? Do they have flexible data retention facilities for regulatory purposes? What are their standard procedures for responding to government inquiries and legal investigations of their customers data, and the costs to be incurred by individual customers being investigated? What assurances that your data will not be compromised or seized if another customer of theirs is being investigated? What is the provider s disaster recovery plan?
12 Cloud control
13 Top tips for cloud control Classify your data in terms of sensitivity and business criticality and define roles and responsibilities for data protection Document your security and privacy requirements with clouds in mind before entering public clouds Extend your governance practices to cloud environments Configure your cloud systems to meet your requirements Consider compensating controls to work around any cloud security defects Revisit security and privacy issues throughout the system lifecycle Formulate an identity management system
14 More top tips for cloud control Choose cloud providers with transparent and adequate security processes and request evidence that they have effectively provisioned your systems in line with your controls Continually monitor and maintain your information systems, test their security and document your findings Review your existing security measures to take into account the client side of cloud services e.g. web browser vulnerabilities and applications on mobile devices
15 The future of cloud security Further development and wider adoption of cloud security standards More use of hybrid clouds, which combine public and private clouds More use of virtual private clouds for sensitive data Independent and standardised security audits so similar providers can be compared like for like
16 Who do you trust? Renowned cloud providers? The clouds of Amazon, Google, Microsoft and others have been hardened through surviving continual hacking attempts Attract and employ the best security people Have the best and most up-todate security hardware and software Your inhouse IT? Is your internal network a secure hosting environment for a private cloud exposed to multiple devices etc? Do your people have the necessary competencies? Is your hardware and software fit for purpose?
17 Further information Online resources: NIST: Guidelines on Security and Privacy in Public Cloud Computing Cloud Security Alliance guidance document ICAEW IT faculty guides: Cloud computing: A guide for business managers, by Barnaby Page Making the move to cloud computing, by yours truly
18 Conclusion Cloud computing is a matter of trust But trust can be earned by cloud providers and you can manage and mitigate internal and external security risks Many public cloud providers know what they are doing and some will have the right answers to your questions There is a balance between the potential cost and productivity benefits of using public clouds versus the data security and privacy risks Could your business create a more trustworthy private cloud? Plan carefully with security in mind, and be vigilant, but don t let the clouds pass by your window without taking a good look
19 Any questions? Cartoon by Dave Blazek - Contact me at miw@muon.co.uk
How To Protect Your Data From Being Hacked
Data Security and the Cloud TABLE OF CONTENTS DATA SECURITY AND THE CLOUD EXECUTIVE SUMMARY PAGE 3 CHAPTER 1 CHAPTER 2 CHAPTER 3 CHAPTER 4 CHAPTER 5 PAGE 4 PAGE 5 PAGE 6 PAGE 8 PAGE 9 DATA SECURITY: HOW
More informationCloud Computing Toolkit
DEPARTMENT OF INFORMATION STUDIES, ABERYSTWYTH UNIVERSITY Cloud Computing Toolkit Guidance for outsourcing information storage to the cloud Nicole Convery 26/08/2010 Toolkit to guide information professionals
More informationAchieve the Five Holy Grails of Business with the Cloud
Achieve the Five Holy Grails of Business with the oip technology represents a radical shift in the traditional IT model, but like most game-changing developments, it s a simple idea that makes so much
More informationCyber Essentials Scheme
Cyber Essentials Scheme Requirements for basic technical protection from cyber attacks June 2014 December 2013 Contents Contents... 2 Introduction... 3 Who should use this document?... 3 What can these
More informationApplication Security in the Software Development Lifecycle
Application Security in the Software Development Lifecycle Issues, Challenges and Solutions www.quotium.com 1/15 Table of Contents EXECUTIVE SUMMARY... 3 INTRODUCTION... 4 IMPACT OF SECURITY BREACHES TO
More informationAssuring Application Security: Deploying Code that Keeps Data Safe
Assuring Application Security: Deploying Code that Keeps Data Safe Assuring Application Security: Deploying Code that Keeps Data Safe 2 Introduction There s an app for that has become the mantra of users,
More informationNine Steps to Smart Security for Small Businesses
Nine Steps to Smart Security for Small Businesses by David Lacey Co-Founder, Jericho Forum Courtesy of TABLE OF CONTENTS INTRODUCTION... 1 WHY SHOULD I BOTHER?... 1 AREN T FIREWALLS AND ANTI-VIRUS ENOUGH?...
More informationGETTING THE MOST FROM THE CLOUD. A White Paper presented by
GETTING THE MOST FROM THE CLOUD A White Paper presented by Why Move to the Cloud? CLOUD COMPUTING the latest evolution of IT services delivery is a scenario under which common business applications are
More informationPassword Management Evaluation Guide for Businesses
Password Management Evaluation Guide for Businesses White Paper 2016 Executive Summary Passwords and the need for effective password management are at the heart of the rise in costly data breaches. Various
More informationMAXIMUM PROTECTION, MINIMUM DOWNTIME
MANAGED SERVICES MAXIMUM PROTECTION, MINIMUM DOWNTIME Get peace of mind with proactive IT support Designed to protect your business, save you money and give you peace of mind, Talon Managed Services is
More informationCloud Computing Phillip Hampton LogicForce Consulting, LLC
Phillip Hampton LogicForce Consulting, LLC New IT Paradigm What is? Benefits of Risks of 5 What the Future Holds 7 Defined...model for enabling ubiquitous, it convenient, ondemand network access to a shared
More informationEnsuring Enterprise Data Security with Secure Mobile File Sharing.
A c c e l l i o n S e c u r i t y O v e r v i e w Ensuring Enterprise Data Security with Secure Mobile File Sharing. Accellion, Inc. Tel +1 650 485-4300 1804 Embarcadero Road Fax +1 650 485-4308 Suite
More informationHow To Manage Security Risks When Using Cloud Computing
CYBER SECURITY OPERATIONS CENTRE 6/2011 INITIAL GUIDANCE 12 April 2011 Cloud Computing Security Considerations INTRODUCTION 1. Cloud computing offers potential benefits including cost savings and improved
More informationAddressing Cloud Computing Security Considerations
Addressing Cloud Computing Security Considerations with Microsoft Office 365 Protect more Contents 2 Introduction 3 Key Security Considerations 4 Office 365 Service Stack 5 ISO Certifications for the Microsoft
More informationCloud Computing Policy 1.0 INTRODUCTION 2.0 PURPOSE. Effective Date: July 28, 2015
Cloud Computing Policy Effective Date: July 28, 2015 1.0 INTRODUCTION Cloud computing services are application and infrastructure resources that users access via the Internet. These services, contractually
More informationWhy can you trust Google?
Why can you trust Google? Przemek Sienkiewicz Head of Enterprise CEE, Russia & CIS Why is Security So Tough? Data Problem: Users want to access their data anytime, from anywhere 60% 1-out-of-10 66% of
More informationBring Your Own Device
Bring Your Own Device Save costs, deliver flexible working and manage the risks Gary Shipsey Managing Director 25 September 2014 Agenda Bring Your Own Device (BYOD) and your charity and how to avoid the
More informationHow To Protect Your Cloud Computing Resources From Attack
Security Considerations for Cloud Computing Steve Ouzman Security Engineer AGENDA Introduction Brief Cloud Overview Security Considerations ServiceNow Security Overview Summary Cloud Computing Overview
More informationCLOUD ATTACHED STORAGE. Protect your data, protect your business
CLOUD ATTACHED STORAGE Protect your data, protect your business CONTENTS Introduction 3 Data The Life Blood of a Business 3 Sharing, Synchronising and Securing Data 4 Cloud-Based Solutions 5 The Role of
More informationWhite paper. How cloud computing can transform the fortunes of small and mid-sized businesses
White paper How cloud computing can transform the fortunes of small and mid-sized businesses Small and mid-sized businesses are increasingly looking for new and innovative ways to cut costs while sharpening
More informationCLOUD COMPUTING GUIDELINES FOR LAWYERS
INTRODUCTION Legal practices are increasingly using cloud storage and software systems as an alternative to in-house data storage and IT programmes. The cloud has a number of advantages particularly flexibility
More informationCLOUD COMPUTING SECURITY CONCERNS
CLOUD COMPUTING SECURITY CONCERNS ABSTRACT ASMA GULAM MOHAMED Saveetha School of Engineering Cloud computing is set of resources including data storage, programs and hardware offered through the Internet.
More information:: managing your agency :: Stay Competitive with
DORIS EPIC :: managing your agency :: Stay Competitive with Applied DORIs 2 / / :: managing your agency :: Drive success with Applied DORIS To create success in an increasingly competitive market, agencies
More informationWhite Paper: Introduction to Cloud Computing
White Paper: Introduction to Cloud Computing The boom in cloud computing over the past few years has led to a situation that is common to many innovations and new technologies: many have heard of it, but
More informationSecurity Overview Enterprise-Class Secure Mobile File Sharing
Security Overview Enterprise-Class Secure Mobile File Sharing Accellion, Inc. 1 Overview 3 End to End Security 4 File Sharing Security Features 5 Storage 7 Encryption 8 Audit Trail 9 Accellion Public Cloud
More informationInformation Security It s Everyone s Responsibility
Information Security It s Everyone s Responsibility The University of Texas at Dallas Information Security Office (ISO) Purpose of Training Information generated, used, and/or owned by UTD has value. Because
More informationNOS for IT User and Application Specialist. IT Security (ESKITU04) November 2014 V1.0
NOS for IT User and Application Specialist IT Security (ESKITU04) November 2014 V1.0 NOS Reference ESKITU040 ESKITU041 ESKITU042 Level 3 not defined Use digital systems NOS Title Set up and use security
More informationSecurity Issues in Cloud Computing
Security Issues in Computing CSCI 454/554 Computing w Definition based on NIST: A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources
More informationInformation Security It s Everyone s Responsibility
Information Security It s Everyone s Responsibility Developed By The University of Texas at Dallas (ISO) Purpose of Training As an employee, you are often the first line of defense protecting valuable
More informationIdentity & Access Management The Cloud Perspective. Andrea Themistou 08 October 2015
Identity & Management The Cloud Perspective Andrea Themistou 08 October 2015 Agenda Cloud Adoption Benefits & Risks Security Evolution for Cloud Adoption Securing Cloud Applications with IAM Securing Cloud
More informationTop 10 Cloud Risks That Will Keep You Awake at Night
Top 10 Cloud Risks That Will Keep You Awake at Night Shankar Babu Chebrolu Ph.D., Vinay Bansal, Pankaj Telang Photo Source flickr.com .. Amazon EC2 (Cloud) to host Eng. Lab testing. We want to use SalesForce.com
More informationSecuring and Auditing Cloud Computing. Jason Alexander Chief Information Security Officer
Securing and Auditing Cloud Computing Jason Alexander Chief Information Security Officer What is Cloud Computing A model for enabling convenient, on-demand network access to a shared pool of configurable
More informationBMC s Security Strategy for ITSM in the SaaS Environment
BMC s Security Strategy for ITSM in the SaaS Environment TABLE OF CONTENTS Introduction... 3 Data Security... 4 Secure Backup... 6 Administrative Access... 6 Patching Processes... 6 Security Certifications...
More informationClinical Trials in the Cloud: A New Paradigm?
Marc Desgrousilliers CTO at Clinovo Clinical Trials in the Cloud: A New Paradigm? Marc Desgrousilliers CTO at Clinovo What is a Cloud? (1 of 3) "Cloud computing is a model for enabling convenient, on-demand
More informationSecurity Considerations for Public Mobile Cloud Computing
Security Considerations for Public Mobile Cloud Computing Ronnie D. Caytiles 1 and Sunguk Lee 2* 1 Society of Science and Engineering Research Support, Korea rdcaytiles@gmail.com 2 Research Institute of
More informationHost/Platform Security. Module 11
Host/Platform Security Module 11 Why is Host/Platform Security Necessary? Firewalls are not enough All access paths to host may not be firewall protected Permitted traffic may be malicious Outbound traffic
More informationCloud Computing Security Considerations
Cloud Computing Security Considerations Roger Halbheer, Chief Security Advisor, Public Sector, EMEA Doug Cavit, Principal Security Strategist Lead, Trustworthy Computing, USA January 2010 1 Introduction
More informationSecuring The Cloud With Confidence. Opinion Piece
Securing The Cloud With Confidence Opinion Piece 1 Securing the cloud with confidence Contents Introduction 03 Don t outsource what you don t understand 03 Steps towards control 04 Due diligence 04 F-discovery
More informationSecurity. CLOUD VIDEO CONFERENCING AND CALLING Whitepaper. October 2015. Page 1 of 9
Security CLOUD VIDEO CONFERENCING AND CALLING Whitepaper October 2015 Page 1 of 9 Contents Introduction...3 Security risks when endpoints are placed outside of firewalls...3 StarLeaf removes the risk with
More informationTop 10 Risks in the Cloud
A COALFIRE PERSPECTIVE Top 10 Risks in the Cloud by Balaji Palanisamy, VCP, QSA, Coalfire March 2012 DALLAS DENVER LOS ANGELES NEW YORK SEATTLE Introduction Business leaders today face a complex risk question
More informationHow to ensure control and security when moving to SaaS/cloud applications
How to ensure control and security when moving to SaaS/cloud applications Stéphane Hurtaud Partner Information & Technology Risk Deloitte Laurent de la Vaissière Directeur Information & Technology Risk
More informationIT OUTSOURCING SECURITY
IT OUTSOURCING SECURITY February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without
More informationThe Education Fellowship Finance Centralisation IT Security Strategy
The Education Fellowship Finance Centralisation IT Security Strategy Introduction This strategy outlines the security systems in place to optimise, manage and protect The Education Fellowship data and
More informationSecuring the Service Desk in the Cloud
TECHNICAL WHITE PAPER Securing the Service Desk in the Cloud BMC s Security Strategy for ITSM in the SaaS Environment Introduction Faced with a growing number of regulatory, corporate, and industry requirements,
More informationMAXIMUM DATA SECURITY with ideals TM Virtual Data Room
MAXIMUM DATA SECURITY with ideals TM Virtual Data Room WWW.IDEALSCORP.COM ISO 27001 Certified Account Settings and Controls Administrators control users settings and can easily configure privileges for
More informationThe benefits of Cloud Computing
WHITE PAPER The benefits of Cloud Computing by Richard Ferriman, CEO (UK) of appichar Ltd The boom in Cloud computing over the past few years has led to a situation that is common to many innovations and
More informationTechnology Risk Management
1 Monetary Authority of Singapore Technology Risk Guidelines & Notices New Requirements for Financial Services Industry Mark Ames Director, Seminar Program ISACA Singapore 2 MAS Supervisory Framework Impact
More informationThe SMB Cyber Security Survival Guide
The SMB Cyber Security Survival Guide Stephen Cobb, CISSP Security Evangelist The challenge A data security breach can put a business out of business or create serious unbudgeted costs To survive in today
More informationCLOUD-BASED BIM AND SMART ASSET MANAGEMENT: ADOPTING A SECURITY-MINDED APPROACH
CLOUD-BASED BIM AND SMART ASSET MANAGEMENT: ADOPTING A SECURITY-MINDED APPROACH March 2016 Disclaimer Reference to any specific commercial product, process or service by trade name, trademark, manufacturer,
More informationManaging internet security
Managing internet security GOOD PRACTICE GUIDE Contents About internet security 2 What are the key components of an internet system? 3 Assessing internet security 4 Internet security check list 5 Further
More informationWhat Every User Needs To Know Before Moving To The Cloud. LawyerDoneDeal Corp.
What Every User Needs To Know Before Moving To The Cloud LawyerDoneDeal Corp. What Every User Needs To Know Before Moving To The Cloud 1 What is meant by Cloud Computing, or Going To The Cloud? A model
More informationBest Practices for Protecting Laptop Data
Laptop Backup, Recovery, and Data Security: Protecting the Modern Mobile Workforce Today s fast-growing highly mobile workforce is placing new demands on IT. As data growth increases, and that data increasingly
More informationAddressing Data Security Challenges in the Cloud
Addressing Data Security Challenges in the Cloud Coordinate Security. The Need for Cloud Computing Security A Trend Micro White Paper July 2010 I. INTRODUCTION Enterprises increasingly recognize cloud
More informationIdentity & Access Management in the Cloud: Fewer passwords, more productivity
WHITE PAPER Strategic Marketing Services Identity & Access Management in the Cloud: Fewer passwords, more productivity Cloud services are a natural for small and midsize businesses, with their ability
More informationITL BULLETIN FOR MARCH 2012 GUIDELINES FOR IMPROVING SECURITY AND PRIVACY IN PUBLIC CLOUD COMPUTING
ITL BULLETIN FOR MARCH 2012 GUIDELINES FOR IMPROVING SECURITY AND PRIVACY IN PUBLIC CLOUD COMPUTING Shirley Radack, Editor Computer Security Division Information Technology Laboratory National Institute
More informationSage ERP The top five reasons to deploy your ERP Solution in the cloud
Sage ERP The top five reasons to deploy your ERP Solution in the cloud 1 Table of contents Executive summary 3 Are you outgrowing your business solution? 3 SMBs want ERP 3 Budget and IT resource constraints
More informationA Decision Maker s Guide to Securing an IT Infrastructure
A Decision Maker s Guide to Securing an IT Infrastructure A Rackspace White Paper Spring 2010 Summary With so many malicious attacks taking place now, securing an IT infrastructure is vital. The purpose
More informationDaren Kinser Auditor, UCSD Jennifer McDonald Auditor, UCSD
Daren Kinser Auditor, UCSD Jennifer McDonald Auditor, UCSD Agenda Cloud Computing Technical Overview Cloud Related Applications Identified Risks Assessment Criteria Cloud Computing What Is It? National
More informationHow To Deal With A Converged Threat From A Cloud And Mobile Device To A Business Or A Customer'S Computer Or Network To A Cloud Device
Ten Tips for Managing Risks on Convergent Networks The Risk Management Group April 2012 Sponsored by: Lavastorm Analytics is a global business performance analytics company that enables companies to analyze,
More informationPublic Clouds. Krishnan Subramanian Analyst & Researcher Krishworld.com. A whitepaper sponsored by Trend Micro Inc.
Public Clouds Krishnan Subramanian Analyst & Researcher Krishworld.com A whitepaper sponsored by Trend Micro Inc. Introduction Public clouds are the latest evolution of computing, offering tremendous value
More informationEnsuring security the last barrier to Cloud adoption
Ensuring security the last barrier to Cloud adoption Publication date: March 2011 Ensuring security the last barrier to Cloud adoption Cloud computing has powerful attractions for the organisation. It
More informationTOP SECRETS OF CLOUD SECURITY
TOP SECRETS OF CLOUD SECURITY Protect Your Organization s Valuable Content Table of Contents Does the Cloud Pose Special Security Challenges?...2 Client Authentication...3 User Security Management...3
More information7 Myths of Healthcare Cloud Security Debunked
BUSINESS WHITE PAPER 7 Myths of Healthcare Cloud Security Debunked Don t let these common myths stall your healthcare cloud initiative 7 Myths of Cloud Security Debunked Table of Contents 2 The Cloud is
More informationWhat Do You Mean My Cloud Data Isn t Secure?
Kaseya White Paper What Do You Mean My Cloud Data Isn t Secure? Understanding Your Level of Data Protection www.kaseya.com As today s businesses transition more critical applications to the cloud, there
More informationLEGAL ISSUES IN CLOUD COMPUTING
LEGAL ISSUES IN CLOUD COMPUTING RITAMBHARA AGRAWAL INTELLIGERE 1 CLOUD COMPUTING Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing
More informationCloud Assurance: Ensuring Security and Compliance for your IT Environment
Cloud Assurance: Ensuring Security and Compliance for your IT Environment A large global enterprise has to deal with all sorts of potential threats: advanced persistent threats (APTs), phishing, malware
More informationAuditing Software as a Service (SaaS): Balancing Security with Performance
Auditing Software as a Service (SaaS): Balancing Security with Performance Goals for Today Defining SaaS (Software as a Service) and its importance Identify your company's process for managing SaaS solutions
More informationVALUE PROPOSITION FOR SERVICE PROVIDERS. Helping Service Providers accelerate adoption of the cloud
VALUE PROPOSITION FOR SERVICE PROVIDERS Helping Service Providers accelerate adoption of the cloud Partnership with Service Providers Enabling Your Cloud Services in Complex Environments Today s challenge
More informationSecurity & Trust in the Cloud
Security & Trust in the Cloud Ray Trygstad Director of Information Technology, IIT School of Applied Technology Associate Director, Information Technology & Management Degree Programs Cloud Computing Primer
More informationSeminar on Unfair Competition Enforcement in the United States and Supply Chain Cybersecurity Issues. Palace Hotel Saigon, HCMC, November 19 th 2014
Seminar on Unfair Competition Enforcement in the United States and Supply Chain Cybersecurity Issues Palace Hotel Saigon, HCMC, November 19 th 2014 Cyber Security and Supply Chain Integrity as Risk Factors
More informationEmerging threats for the healthcare industry: The BYOD. By Luca Sambucci www.deepsecurity.us
Emerging threats for the healthcare industry: The BYOD Revolution By Luca Sambucci www.deepsecurity.us Copyright 2013 Emerging threats for the healthcare industry: The BYOD REVOLUTION Copyright 2013 Luca
More informationAnatomy of a Cloud Computing Data Breach
Anatomy of a Cloud Computing Data Breach Sheryl Falk Mike Olive ACC Houston Chapter ITPEC Practice Group September 18, 2014 1 Agenda Ø Cloud 101 Welcome to Cloud Computing Ø Cloud Agreement Considerations
More informationNETWORK ACCESS CONTROL AND CLOUD SECURITY. Tran Song Dat Phuc SeoulTech 2015
NETWORK ACCESS CONTROL AND CLOUD SECURITY Tran Song Dat Phuc SeoulTech 2015 Table of Contents Network Access Control (NAC) Network Access Enforcement Methods Extensible Authentication Protocol IEEE 802.1X
More informationData Protection Act 1998. Guidance on the use of cloud computing
Data Protection Act 1998 Guidance on the use of cloud computing Contents Overview... 2 Introduction... 2 What is cloud computing?... 3 Definitions... 3 Deployment models... 4 Service models... 5 Layered
More informationCloud Computing. What is Cloud Computing?
Cloud Computing What is Cloud Computing? Cloud computing is where the organization outsources data processing to computers owned by the vendor. Primarily the vendor hosts the equipment while the audited
More informationitg CloudBase is a suite of fully managed Hybrid & Private Cloud Services ready to support your business onwards and upwards into the future.
Web Filtering Email Filtering Mail Archiving Cloud Backup Disaster Recovery Virtual Machines Private Cloud itg CloudBase is a suite of fully managed Hybrid & Private Cloud Services ready to support your
More informationCloud Computing: A Question of Trust Maintaining Control and Compliance with Data-centric Information Security
Russ Dietz Vice President & Chief Technology Officer Cloud Computing: A Question of Trust Maintaining Control and Compliance with Data-centric Information Security By Russ Dietz Vice President & Chief
More informationCloud Computing; What is it, How long has it been here, and Where is it going?
Cloud Computing; What is it, How long has it been here, and Where is it going? David Losacco, CPA, CIA, CISA Principal January 10, 2013 Agenda The Cloud WHAT IS THE CLOUD? How long has it been here? Where
More informationInformation security controls. Briefing for clients on Experian information security controls
Information security controls Briefing for clients on Experian information security controls Introduction Security sits at the core of Experian s operations. The vast majority of modern organisations face
More informationFinding a Cure for Medical Identity Theft
Finding a Cure for Medical Identity Theft A look at the rise of medical identity theft and what small healthcare organizations are doing to address threats October 2014 www.csid.com TABLE OF CONTENTS SUMMARY
More informationCloud Computing: Legal Risks and Best Practices
Cloud Computing: Legal Risks and Best Practices A Bennett Jones Presentation Toronto, Ontario Lisa Abe-Oldenburg, Partner Bennett Jones LLP November 7, 2012 Introduction Security and Data Privacy Recent
More informationCloud Computing and Records Management
GPO Box 2343 Adelaide SA 5001 Tel (+61 8) 8204 8773 Fax (+61 8) 8204 8777 DX:336 srsarecordsmanagement@sa.gov.au www.archives.sa.gov.au Cloud Computing and Records Management June 2015 Version 1 Version
More informationWith Eversync s cloud data tiering, the customer can tier data protection as follows:
APPLICATION NOTE: CLOUD DATA TIERING Eversync has developed a hybrid model for cloud-based data protection in which all of the elements of data protection are tiered between an on-premise appliance (software
More informationWhy Consider Cloud-Based Applications?
Abstract Achieving success for today s compliance professional is both tougher and easier than ever. On one hand, there are more regulations and standards at almost every level, on the other, there are
More informationDomain 5 Information Security Governance and Risk Management
Domain 5 Information Security Governance and Risk Management Security Frameworks CobiT (Control Objectives for Information and related Technology), developed by Information Systems Audit and Control Association
More informationCloud computing is a way of delivering IT services to users without the need to buy, install or manage any infrastructure.
hosted services dynamic Increased flexibility and cost saving The benefits employees can access information wherever they are, rather than having to remain at their desks. Reduced costs our hosted services
More informationThe Cloud at Crawford. Evaluating the pros and cons of cloud computing and its use in claims management
The Cloud at Crawford Evaluating the pros and cons of cloud computing and its use in claims management The Cloud at Crawford Wikipedia defines cloud computing as Internet-based computing, whereby shared
More informationHow To Create A Cloud Backup Service
Cloud Backup Recovery and Restore Requirements Ashar Baig, Asigra Chairman, SNIA Cloud Backup Recovery and Restore (BURR) Special Interest Group (SIG) SNIA Legal Notice The material contained in this tutorial
More informationBrainloop Cloud Security
Whitepaper Brainloop Cloud Security Guide to secure collaboration in the cloud www.brainloop.com Sharing information over the internet The internet is the ideal platform for sharing data globally and communicating
More informationCLOUD SECURITY BASICS: A GUIDE TO ENSURING YOUR SECURITY IN THE CLOUD. White Paper
CLOUD SECURITY BASICS: A GUIDE TO ENSURING YOUR SECURITY IN THE CLOUD White Paper Executive summary Everyone s talking about cloud computing these days. However, there is a significant security risk that
More informationCloud Security considerations for business adoption. Ricci IEONG CSA-HK&M Chapter
Cloud Security considerations for business adoption Ricci IEONG CSA-HK&M Chapter What is Cloud Computing? Slide 2 What is Cloud Computing? My Cloud @ Internet Pogoplug What is Cloud Computing? Compute
More informationSecuring the Cloud Infrastructure
EXECUTIVE STRATEGY BRIEF Microsoft recognizes that security and privacy protections are essential to building the necessary customer trust for cloud computing to reach its full potential. This strategy
More informationA practical guide to IT security
Data protection A practical guide to IT security Ideal for the small business The Data Protection Act states that appropriate technical and organisational measures shall be taken against unauthorised or
More informationCloud Services and Business Process Outsourcing
Cloud Services and Business Process Outsourcing What security concerns surround Cloud Services and Outsourcing? Prepared for the Western NY ISACA Conference April 28 2015 Presenter Kevin Wilkins, CISSP
More informationPaxata Security Overview
Paxata Security Overview Ensuring your most trusted data remains secure Nenshad Bardoliwalla Co-Founder and Vice President of Products nenshad@paxata.com Table of Contents: Introduction...3 Secure Data
More informationA White Paper for Business Decision Makers
A White Paper for Business Decision Makers Cost-Effective Document Management Solutions for Business-Critical Processes Part III Guidelines for Choosing an Online Workspace Provider for Critical Information
More informationCyber Security. An Executive Imperative for Business Owners. 77 Westport Plaza, St. Louis, MO 63416 p 314.439.4700 f 314.439.4799
Cyber Security An Executive Imperative for Business Owners SSE Network Services www.ssenetwork.com 77 Westport Plaza, St. Louis, MO 63416 p 314.439.4700 f 314.439.4799 Pretecht SM by SSE predicts and remedies
More informationHow to reduce the cost and complexity of two factor authentication
WHITEPAPER How to reduce the cost and complexity of two factor authentication Published September 2012 48% of small and medium sized businesses consistently cite technical complexity and cost of ownership
More information