How To Get A Cloud Security System To Work For You
|
|
- Whitney Dixon
- 3 years ago
- Views:
Transcription
1 Trust in the Cloud Ovidiu Pismac MCSE Security, CISSP, MCSE Private Cloud / Server & Desktop infrastructure, MCTS Forefront Microsoft Romania ovidiup@microsoft.com
2 Technology trends: driving cloud adoption BENEFITS Speed Scale Economics Cloud Trend: 70% 2 weeks to deliver new services vs months with traditional solution Scale from 30,000 to 250,000 site visitors instantly $25,000 in the cloud would cost $100,000 on premises of CIOs will embrace a cloud-first strategy in 2016 (IDC CIO Agenda webinar) 430B+ AD authentications 280% year-over-year database growth in 50% of Fortune 500 use AZURE ADOPTION
3 Cloud innovation OPPORTUNITY FOR SECURITY & COMPLIANCE BENEFITS Pre-adoption Benefits realized concern 94% 60% cited concerns around experienced security benefits data security they as didn t a barrier previously to adoptionhave on-premise 62% 45% concerned that the said privacy protection increased cloud would as a result in of a moving lack of data to the control cloud SECURTIY Design/Operation Infrastructure Network Identity/access Data PRIVACY COMPLIANCE
4 Trustworthy foundation BUILT ON MICROSOFT EXPERIENCE AND INNOVATION 1 st Microsoft Data Center Active Directory Trustworthy Computing Initiative Malware Protection Center SOC 1 UK G-Cloud Level 2 SOC 2 FedRAMP/ FISMA Operations Security Assurance 20+ Data Centers Microsoft Security Response Center Windows Update Global Data Center Services Security Development Lifecycle Digital Crimes Unit ISO/IEC 27001:2005 E.U. Data Protection Directive HIPAA/ HITECH CSA Cloud Controls Matrix PCI DSS Level 1
5 Trustworthy foundation BUILT ON MICROSOFT EXPERIENCE AND INNOVATION 1 st Microsoft Data Center Microsoft Windows Update Microsoft Security Response Center Trustworthy Computing Initiative 20+ Data Centers: FedRAMP/ Compliance Standards: Malware UK G-Cloud FISMA Protection Level 2 Active Investing Operating Center Microsoft Trustworthy Azure Security Computing Centers Directory heavily robust SOC 2 SOC 1 compliance processes, 11 data including centers Created around of the Excellence: the SDL which has ISO 27001, FedRAMP, world, and plus HIPAA 2 become in ChinaProtecting the industry Microsoft standard for developing customers secure by combatting software CSA Cloud Controls Matrix evolving threats Security Development Global Lifecycle Data Center Services Digital Crimes Unit E.U. Data Protection ISO/IEC Directive HIPAA/ 27001:2005 HITECH Operations Security Assurance 20+ Data Centers PCI DSS Level 1
6 UNIFIED PLATFORM FOR MODERN BUSINESS Automated Managed Resources Elastic Usage Based
7 Shared responsibility REDUCE SECURITY COSTS + MAINTAIN FLEXIBILITY, ACCESS, & CONTROL On-Premises IaaS PaaS SaaS Customer Microsoft
8 Market Endorsement Gartner Magic Quadrant for Enterprise Application Platform as a Service(PaaS) Gartner Magic Quadrant for Cloud Infrastructure as a Service(IaaS) Gartner Magic Quadrant for Public Cloud Storage Services Gartner Magic Quadrant for Virtualization
9 Transparency & independent verification AID CUSTOMERS IN MEETING SECURITY & COMPLIANCE OBLIGATIONS Third-party verification Access to audit reports Compliance packages Best practices and guidance Trust Center Cloud Security Alliance Security Response Center progress report Security intelligence report
10 Microsoft approach in action 10
11 Design & operations Software Development Lifecycle (SDL) Operational security controls Assume breach Incident response Security embedded in planning, design, devel opment, & deployment Rigorous controls to prevent, detect, contai n, & respond to threats Hardening cloud services through simulated real-world attacks Global, 24x7 incident response to mitigate effects of attacks
12 Security We chose Azure because all things being equal, it is the easiest cloud platform to work with. Security and patching is already taken care of, so it is less labour-intensive. 12
13 Infrastructure protection 24 hour monitored physical security Secure multi-tenant environment Firewalls Patch management System monitoring and logging Antivirus/antimalware protection Threat detection Forensics
14 Service security starts with physical data center Cameras 24X7 security staff Barriers Fencing Alarms Two-factor access control: Biometric readers & card readers Security operations center Seismic bracing Days of backup power Perimeter Building Computer room
15 Architected for secure multi-tenancy Customer Admin Portal SMAPI Fabric Controller Customer 1 Guest VM Customer 2 Guest VM Hypervisor Host OS End Users Guest VM Azure Storage SQL Database AZURE: Centrally manages the platform and helps isolate customer environments using the Fabric Controller Runs a configuration-hardened version of Windows Server as the Host OS Uses Hyper-V, a battle tested and enterprise proven hypervisor Runs Windows Server and Linux on Guest VMs for platform services CUSTOMER: Manages their environment through service management interfaces and subscriptions Chooses from the gallery or brings their own OS for their Virtual Machines
16
17 Microsoft and Interoperability Microsoft commitment to support Linux Red Hat, SUSE, CentOS, OpenSuse, Ubuntu, Oracle Linux, new FreeBSD 10 on Hyper-V DHMC runs both Windows Server as guest operating systems under Hyper-V, as well as Linux. To date, DHMC has virtualized Web servers, sites on Microsoft Office SharePoint Server, reporting servers, medical applications, domain controllers, file and print servers, Citrix servers, and more. CentOS Dartmouth Hitchcock Medical Center Case Study System Center Configuration Manager 2012 SP1 supports administering non-windows platforms: Linux, Unix (monitored by SCOM) and Mac OS X systems System Center Operations Manager 2012 SP1 supports monitoring of non-windows, including Linux Red Hat, SUSE, CentOS; Unix HP UX, Sun Solaris and IBM AIX; from January 2013 new Linux distributions supported: Debian Linux, Oracle Linux, Ubuntu Linux Server System Center Virtual Machine Manager 2012 manages VMware ESX servers and Citrix XEN Servers
18 Product Operations Manager Configuration Manager Endpoint Protection Virtual Machine Manager Linux UNIX Red Hat SUSE CentOS Ubuntu Debian Oracle AIX HP-UX Solaris Hyper-V No Plans Azure IaaS Future Debian 7.0 has Linux Integration Services
19 Network protection Network isolation Virtual Networks Cloud to on-premises connections Segregates network access between customers, management systems & the internet Connects cloud services using private IP addresses, subnets Site to site, point to site, and ExpressRoute help enable secure connect to Azure 19
20 Identity & access Microsoft employee access management Monitor & protect access to cloud apps Enterprise cloud identity Azure AD Multi-Factor Authentication
21 Data protection Data encryption options: Bitlocker, Azure RMS, AES 256 /512 Data segregation Data location and redundancy Data destruction
22 Data location and redundancy AZURE: Creates three copies of data in each datacenter Offers geo-replication in a datacenter 400+ miles away Does not transfer Customer Data outside of a geo (ex: from US to Europe or from Asia to US) CUSTOMER: Chooses where data resides Configures data replication options Note: data centers, Australia Q2 FY15
23 Data destruction Data Deletion Index immediately removed from primary location Geo-replicated copy of the data (index) removed asynchronously Customers can only read from disk space they have written to Disk Handling Wiping is NIST compliant Defective disks are destroyed at the datacenter
24 Privacy by design Privacy by Design Restricted data access & use Contractual commitments Privacy controls are built into Azure design and operations Customer data is only used to provide the service and is never used for advertising Data Processing Agreements, EU Model Clauses, HIPAA BAA
25 Contractual commitments EU Data Privacy Approval Microsoft meets high bar for protecting privacy of EU customer data Microsoft offers customers EU Model Clauses for transfer of personal data across international borders Microsoft s approach was approved by the Article 29 committee of EU data protection authorities the first company & cloud vendor to obtain this Broad contractual scope Microsoft makes strong contractual commitments to safeguard customer data covered by HIPAA BAA, Data Processing Agreement, & E.U. Model Clauses Enterprise cloud-service specific privacy protections benefit every industry & region
26 Privacy Our vision is to be the national leader in patient-centered e-healthcare. Using Windows Azure as our delivery system provides us with a level of trust and reliability that makes this possible.
27 Simplified compliance Information security standards Effective controls Government & industry certifications ISO SOC 1 Type 2 SOC 2 Type 2 FedRAMP/FISMA PCI DSS Level 1 UK G-Cloud
28 Certifications & programs Program ISO/IEC SOC 1 SSAE 16/ISAE 3402 SOC 2 FedRAMP/FISMA PCI DSS Level 1 UK G-Cloud IL2 HIPAA BAA Description The ISO/IEC 27001:2005 certificate validates that Azure has implemented the internationally recognized information security controls defined in this standard. Azure has also been audited against the Service Organization Control (SOC) reporting framework for SOC 1 Type 2 (formerly SAS 70), attesting to the design and operating effectiveness of its controls. Azure has been audited for SOC 2 Type 2, which includes a further examination of Azure controls related to security, availability, and confidentiality Azure has received Provisional Authorization to Operate from the Federal Risk and Authorization Management Program (FedRAMP) Joint Authorization Board (JAB), having undergone the assessments necessary to verify that it meets FedRAMP security standards. Azure has been validated for PCI-DSS Level 1 compliance by an independent Qualified Security Assessor (QSA). In the United Kingdom, Azure has been awarded Impact Level 2 (IL2) accreditation, further enhancing Microsoft and its partner offerings on the current G-Cloud procurement Framework and CloudStore. To help customers comply with HIPAA and HITECH Act security and privacy provisions, Microsoft offers a HIPAA Business Associate Agreement (BAA) to healthcare entities with access to Protected Health Information (PHI).
29 Compliance Windows Azure was attractive because it has built-in capabilities for compliance with a wide range of regulations and privacy mandates.
30 Microsoft commitment Unified platform for modern business
31 Trusted by leading companies
32 Talk to a Microsoft security expert Explore additional resources: Trustworthy Computing Cloud Services: Microsoft Trust Center for : Microsoft Security Intelligence Report
33
Microsoft Azure. Microsoft Azure Security, Privacy, & Compliance
Security, Privacy, & Compliance Technology trends: driving cloud adoption BENEFITS Speed Scale Economics Cloud Trend: 70% 2 weeks to deliver new services vs. 6-12 months with traditional solution Scale
More informationMicrosoft Azure. White Paper Security, Privacy, and Compliance in
White Paper Security, Privacy, and Compliance in Security, Privacy, and Compliance in Executive Summary The adoption of cloud services worldwide continues to accelerate, yet many organizations are wary
More informationCloud Computing: Safe, Efficient and Easy
Microsoft Azure Cloud Computing: Safe, Efficient and Easy Linas Pečiūra Your title goes here Ref: The NIST Definition of Cloud Computing http://csrc.nist.gov/publications/nistpubs/800-145/sp800-145.pdf
More informationAppendix D-1 to Aproove Saas Contract : Security and solution hosting provider specs.
Appendix D-1 to Aproove Saas Contract : Security and solution hosting provider specs. The hosting company retained by Aproove is Microsoft Corporation, One Microsoft Way, Redmond, Washington 98052 USA.
More informationThe Education Fellowship Finance Centralisation IT Security Strategy
The Education Fellowship Finance Centralisation IT Security Strategy Introduction This strategy outlines the security systems in place to optimise, manage and protect The Education Fellowship data and
More informationWhite Paper How Noah Mobile uses Microsoft Azure Core Services
NoahMobile Documentation White Paper How Noah Mobile uses Microsoft Azure Core Services The Noah Mobile Cloud service is built for the Microsoft Azure platform. The solutions that are part of the Noah
More informationTRUSTED CLOUD. Our commitment to provide a cloud you can trust. Fernando Machado Píriz September 2014
TRUSTED CLOUD Our commitment to provide a cloud you can trust Fernando Machado Píriz September 2014 Technology Trends Driving cloud adoption 71% of strategic buyers cite scalability, cost and business
More informationSecuring the Microsoft Cloud Infrastructure. Reto Häni Chief Security Officer Microsoft Western Europe MEET SWISS INFOSEC! 24.06.
Securing the Microsoft Cloud Infrastructure Reto Häni Chief Security Officer Microsoft Western Europe MEET SWISS INFOSEC! 24.06.2015 1 Certification & Security Reliance Microsoft s cloud environment Application
More informationDatacenters of the Past. Datacenter of the (New) Present Datacenter without boundaries. Devices
Start Justin President Convergent Computing http://www.cco.com randm@cco.com Devices Things Apps Big data Cloud 52% of information workers across 17 countries report using 3+ devices for work 212 Billion
More informationCloud Services Overview
Cloud Services Overview John Hankins Global Offering Executive Ricoh Production Print Solutions May 23, 2012 Cloud Services Agenda Definitions Types of Clouds The Role of Virtualization Cloud Architecture
More informationProtecting Data and Privacy in the Cloud
Protecting Data and Privacy in the Cloud Contents 1 3 6 9 12 13 Protecting Data and Privacy in the Cloud an Introduction Building Services to Protect Data Protecting Data in Service Operations Empowering
More informationSecuring the Microsoft Cloud
Securing the Microsoft Cloud Page 1 Securing the Microsoft Cloud Microsoft recognizes that trust is necessary for organizations and customers to fully embrace and benefit from cloud services. We are committed
More informationSikkerhet i skytjenester; hva bør en tenke på? Ole Tom Seierstad National Security Officer Microsoft Norway oles@microsoft.com
Sikkerhet i skytjenester; hva bør en tenke på? Ole Tom Seierstad National Security Officer Microsoft Norway oles@microsoft.com Cloud is becoming integral to business transformation The secure pathway to
More informationA Flexible and Comprehensive Approach to a Cloud Compliance Program
A Flexible and Comprehensive Approach to a Cloud Compliance Program Stuart Aston Microsoft UK Session ID: SPO-201 Session Classification: General Interest Compliance in the cloud Transparency Responsibility
More informationMicrosoft Azure. The cloud platform built for business. Tarmo Tikerpäe DC SSP Microsoft
Microsoft Azure The cloud platform built for business Tarmo Tikerpäe DC SSP Microsoft The next strategic opportunity is here Cloud Mobile Social How do you use technology innovation Big data? to architect
More informationHans Bos Microsoft Nederland. hans.bos@microsoft.com
Hans Bos Microsoft Nederland Email: Twitter: hans.bos@microsoft.com @hansbos Microsoft s Cloud Environment Consumer and Small Business Services Software as a Service (SaaS) Enterprise Services Third-party
More informationIBM Cloud Security Draft for Discussion September 12, 2011. 2011 IBM Corporation
IBM Cloud Security Draft for Discussion September 12, 2011 IBM Point of View: Cloud can be made secure for business As with most new technology paradigms, security concerns surrounding cloud computing
More informationTransform the datacenter. Ovidiu Pismac MCSE Security, CISSP, MCITP Virtualization, MCTS Forefront Microsoft Romania ovidiup@microsoft.
Transform the datacenter Ovidiu Pismac MCSE Security, CISSP, MCITP Virtualization, MCTS Forefront Microsoft Romania ovidiup@microsoft.com Cloud OS Vision Microsoft s vision of the unified platform for
More informationTrusted Cloud: Microsoft Azure Security, Privacy, and Compliance. April 2015
Trusted Cloud: Microsoft Azure Security, Privacy, and Compliance April 2015 Trusted Cloud: Microsoft Azure Security, Privacy, and Compliance April, 2015 Contents Introduction...4 What customers want from
More informationAddressing Cloud Computing Security Considerations
Addressing Cloud Computing Security Considerations with Microsoft Office 365 Protect more Contents 2 Introduction 3 Key Security Considerations 4 Office 365 Service Stack 5 ISO Certifications for the Microsoft
More informationIntro to QualysGuard IT Compliance SaaS Services. Marek Skalicky, CISM, CRISC Regional Account Manager for Central & Adriatic Eastern Europe
Intro to QualysGuard IT Compliance SaaS Services Marek Skalicky, CISM, CRISC Regional Account Manager for Central & Adriatic Eastern Europe QualysGuard ICT Security Management Integrated Suite of ICT Security
More informationShipping Products Chart. Contents
Shipping Products Chart Currently shipping EVault Software products and supported platforms Contents Director (Vault) and Related Products Director (Vault) 8.00b ()... 2 Director Management Console (console
More informationCloud Computing Governance & Security. Security Risks in the Cloud
Cloud Computing Governance & Security The top ten questions you have to ask Mike Small CEng, FBCS, CITP Fellow Analyst, KuppingerCole This Webinar is supported by Agenda What is the Problem? Ten Cloud
More informationShipping Products Chart. Contents
Shipping Products Chart Currently shipping EVault Software products and supported platforms Contents Director (Vault) and Related Products Director (Vault) 7.11d ()... 2 Director Management Console (console
More informationSecuring the Microsoft Cloud
Securing the Microsoft Cloud Securing the Microsoft Cloud Page 1 Securing the Microsoft Cloud Microsoft recognizes that trust is necessary for organizations and consumers to fully embrace and benefit from
More informationSMS. Cloud Computing. Systems Management Specialists. Grupo SMS www.grupo-sms.com 949.223.9240 option 3 for sales
SMS Systems Management Specialists Cloud Computing Grupo SMS www.grupo-sms.com 949.223.9240 option 3 for sales Cloud Computing The SMS Model: Cloud computing is a model for enabling ubiquitous, convenient,
More informationCloud Security. DLT Solutions LLC June 2011. #DLTCloud
Cloud Security DLT Solutions LLC June 2011 Contact Information DLT Cloud Advisory Group 1-855-CLOUD01 (256-8301) cloud@dlt.com www.dlt.com/cloud Your Hosts Van Ristau Chief Technology Officer, DLT Solutions
More informationShipping Products Chart. Contents
Shipping Products Chart Currently shipping EVault Software products and supported platforms Contents Director (Vault) and Related Products Director (Vault) 7.11e ()... 2 Director Management Console (console
More informationShipping Products Chart. Contents
Shipping Products Chart Currently shipping EVault Software products and supported platforms Contents Director (Vault) and Related Products Director (Vault) 7.11c ()... 2 Director Management Console (console
More informationCloud Security. Peter Jopling joplingp@uk.ibm.com IBM UK Ltd Software Group Hursley Labs. peterjopling. 2011 IBM Corporation
Cloud Security Peter Jopling joplingp@uk.ibm.com IBM UK Ltd Software Group Hursley Labs peterjopling 2011 IBM Corporation Cloud computing impacts the implementation of security in fundamentally new ways
More informationEnsuring Enterprise Data Security with Secure Mobile File Sharing.
A c c e l l i o n S e c u r i t y O v e r v i e w Ensuring Enterprise Data Security with Secure Mobile File Sharing. Accellion, Inc. Tel +1 650 485-4300 1804 Embarcadero Road Fax +1 650 485-4308 Suite
More informationIn the Cloud We Trust!
In the Cloud We Trust! Dejan Cvetkovic CTO, Microsoft CEE ISACA, Athens, Greece, November 24 th, 2015 Agenda Compliance for Financial Services The Microsoft Approach to Compliance Risk Management and Threat
More informationSECURE CLOUD COMPUTING
Outline SECURE CLOUD COMPUTING Introduction (of many buzz words) References What is Cloud Computing Cloud Computing Infrastructure Security Cloud Storage and Data Security Identity Management in the Cloud
More informationCloud Security. Are you on the train or the tracks? ISSA CISO Executive Forum April 18, 2015. Brian Grayek CISSP, CCSK, ITILv3
Cloud Security Are you on the train or the tracks? ISSA CISO Executive Forum April 18, 2015 Brian Grayek CISSP, CCSK, ITILv3 1 Agenda: Facts Opinions (based on experience) A little humor Some gold nuggets
More informationANDREW HERTENSTEIN Manager Microsoft Modern Datacenter and Azure Solutions En Pointe Technologies Phone 317-362-1213
ANDREW HERTENSTEIN Manager Microsoft Modern Datacenter and Azure Solutions En Pointe Technologies Phone 317-362-1213 Application Compatibility Many organizations have business critical or internally
More informationSecurity and Billing for Azure Pack. Presented by 5nine Software and Cloud Cruiser
Security and Billing for Azure Pack Presented by 5nine Software and Cloud Cruiser Meet our Speakers Symon Perriman VP of Business Development 5nine Software symon@5nine.com @SymonPerriman Paul Zinn Senior
More informationShipping Products Chart. Contents
Shipping Products Chart Currently shipping EVault Software products and supported platforms Contents Director (Vault) and Related Products Director (Vault) 7.02b ()... 2 Director Console (console only)
More informationStrategic Compliance & Securing the Cloud. Annalea Sharack-Ilg, CISSP, AMBCI Technical Director of Information Security
Strategic Compliance & Securing the Cloud Annalea Sharack-Ilg, CISSP, AMBCI Technical Director of Information Security Complexity and Challenges 2 Complexity and Challenges Compliance Regulatory entities
More informationRealizing the Benefits of Hybrid Cloud. Anand MS Cloud Solutions Architect Microsoft Asia Pacific
Realizing the Benefits of Hybrid Cloud Anand MS Cloud Solutions Architect Microsoft Asia Pacific Agenda Key drivers for Hybrid Cloud Unified Cloud Strategy Example Use Cases How to get there Hybrid Cloud:
More informationTHE BLUENOSE SECURITY FRAMEWORK
THE BLUENOSE SECURITY FRAMEWORK Bluenose Analytics, Inc. All rights reserved TABLE OF CONTENTS Bluenose Analytics, Inc. Security Whitepaper ISO 27001/27002 / 1 The Four Pillars of Our Security Program
More informationSecurity Overview Enterprise-Class Secure Mobile File Sharing
Security Overview Enterprise-Class Secure Mobile File Sharing Accellion, Inc. 1 Overview 3 End to End Security 4 File Sharing Security Features 5 Storage 7 Encryption 8 Audit Trail 9 Accellion Public Cloud
More informationSecuring the Cloud Infrastructure
EXECUTIVE STRATEGY BRIEF Microsoft recognizes that security and privacy protections are essential to building the necessary customer trust for cloud computing to reach its full potential. This strategy
More informationAsigra Cloud Backup V13 Delivers Enhanced Protection for Your Critical Enterprise Data
Datasheet Asigra Cloud Backup V13 Delivers Enhanced Protection for Your Critical Enterprise Data Ensure the critical data you need to run your operations, serve customers, gain competitive advantage, and
More informationTable of Contents. FME Cloud Architecture Overview. Secure Operations. Application Security. Shared Responsibility.
FME Cloud Security Table of Contents FME Cloud Architecture Overview Secure Operations I. Backup II. Data Governance and Privacy III. Destruction of Data IV. Incident Reporting V. Development VI. Customer
More informationMicrosoft Azure. Rich Lilly Project Leadership Associates
Microsoft Azure Rich Lilly Project Leadership Associates http://www.linkedin.com/in/rich04 rlilly@projectleadership.net b-richl@microsoft.com 8.5 trillion stored objects 900K request/sec on average (2.3+
More informationCloud Assurance: Ensuring Security and Compliance for your IT Environment
Cloud Assurance: Ensuring Security and Compliance for your IT Environment A large global enterprise has to deal with all sorts of potential threats: advanced persistent threats (APTs), phishing, malware
More informationCloud Courses Description
Courses Description 101: Fundamental Computing and Architecture Computing Concepts and Models. Data center architecture. Fundamental Architecture. Virtualization Basics. platforms: IaaS, PaaS, SaaS. deployment
More informationHow does IBM deliver cloud security? An IBM paper covering SmartCloud Services 1
How does IBM deliver cloud security? An IBM paper covering SmartCloud Services 1 2 How does IBM deliver cloud security? Contents 2 Introduction 3 Cloud governance 3 Security governance, risk management
More informationMicrosoft is either a registered trademark or trademark of Microsoft Corporation in the United States and/or other countries.
Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names,
More informationBMC s Security Strategy for ITSM in the SaaS Environment
BMC s Security Strategy for ITSM in the SaaS Environment TABLE OF CONTENTS Introduction... 3 Data Security... 4 Secure Backup... 6 Administrative Access... 6 Patching Processes... 6 Security Certifications...
More informationSecuring The Cloud. Foundational Best Practices For Securing Cloud Computing. Scott Clark. Insert presenter logo here on slide master
Securing The Cloud Foundational Best Practices For Securing Cloud Computing Scott Clark Agenda Introduction to Cloud Computing What is Different in the Cloud? CSA Guidance Additional Resources 2 What is
More informationMANAGED MICROSOFT AZURE SERVICES
MANAGED MICROSOFT AZURE SERVICES Moving Your Applications to the Microsoft Azure Cloud? Let Connectria Help. No other provider hosts as many technologies in the Cloud as Connectria. If you re interested
More informationLeveraging Technology New Horizons Computer Learning Center of Memphis
New Horizons Computer Learning Center of Memphis Presents Leveraging Technology Presenter: Charles B. Watkins, Sr. Technical Instructor New Horizons Computer Learning Center of Memphis About Me: Agenda:
More informationFrequently Asked Questions
Frequently Asked Questions Page 1 Instsanda FAQs v1.2 Instanda FAQs Contents Hosting, Security, Monitoring and Management... 3 Where is Instanda hosted?... 3 What is the hosting datacentre compliance?...
More informationBuilding Secure Cloud Applications. On the Microsoft Windows Azure platform
Building Secure Cloud Applications On the Microsoft Windows Azure platform Contents 1 Security and the cloud 3 1.1 General considerations 3 1.2 Questions to ask 3 2 The Windows Azure platform 4 2.1 Inside
More informationStandards and Open Source: Trends Affecting Microsoft and You. October 9, 2014 8:00 am 8:50 am
Standards and Open Source: Trends Affecting Microsoft and You October 9, 2014 8:00 am 8:50 am Moderator David Ezell Principal Software Architect VeriFone Inc. Speaker Brian Benz Senior Technical Evangelist
More informationEXECUTIVE STRATEGY BRIEF. Securing the Cloud Infrastructure. Cloud. Resources
EXECUTIVE STRATEGY BRIEF Securing the Cloud Infrastructure Cloud Resources 01 Securing the Cloud Infrastructure / Executive Strategy Brief Securing the Cloud Infrastructure Microsoft recognizes that trust
More informationHow to Build an End-to-End Secured Hybrid Cloud for Your Enterprise. Ekkarat Klinbubpa Henky Alimin Sanguan Thammarojsakul
How to Build an End-to-End Secured Hybrid Cloud for Your Enterprise Ekkarat Klinbubpa Henky Alimin Sanguan Thammarojsakul CLOUD MOMENTUM CONTINUES TO ACCELERATE If you re resisting the cloud because of
More informationTransparency. Privacy. Compliance. Security. What does privacy at Microsoft mean? Are you using my data to build advertising products?
Privacy Transparency What does privacy at Microsoft mean? Are you using my data to build advertising products? Where is my data? Who has access to my data? Compliance What certifications and capabilities
More informationCloud Security and Managing Use Risks
Carl F. Allen, CISM, CRISC, MBA Director, Information Systems Security Intermountain Healthcare Regulatory Compliance External Audit Legal and ediscovery Information Security Architecture Models Access
More informationWith Eversync s cloud data tiering, the customer can tier data protection as follows:
APPLICATION NOTE: CLOUD DATA TIERING Eversync has developed a hybrid model for cloud-based data protection in which all of the elements of data protection are tiered between an on-premise appliance (software
More informationSecuring the Cloud with IBM Security Systems. IBM Security Systems. 2012 IBM Corporation. 2012 2012 IBM IBM Corporation Corporation
Securing the Cloud with IBM Security Systems 1 2012 2012 IBM IBM Corporation Corporation IBM Point of View: Cloud can be made secure for business As with most new technology paradigms, security concerns
More informationIT Cloud / Data Security Vendor Risk Management Associated with Data Security. September 9, 2014
IT Cloud / Data Security Vendor Risk Management Associated with Data Security September 9, 2014 Speakers Brian Thomas, CISA, CISSP In charge of Weaver s IT Advisory Services, broad focus on IT risk, security
More informationCONTENT OUTLINE. Background... 3 Cloud Security... 3. Instance Isolation:... 4. SecureGRC Application Security... 5
Page 2 Disclaimer THIS DOCUMENT AND THE SOFTWARE DESCRIBED IN THIS DOCUMENT ARE FURNISHED UNDER AND ARE SUBJECT TO THE TERMS OF THE LICENSE AGREEMENT OR NON-DISCLOSURE AGREEMENT. EXCEPT AS EXPRESSLY SET
More informationCloud Security Introduction and Overview
Introduction and Overview Klaus Gribi Senior Security Consultant klaus.gribi@swisscom.com May 6, 2015 Agenda 2 1. Cloud Security Cloud Evolution, Service and Deployment models Overview and the Notorious
More informationMicrosoft s Compliance Framework for Online Services
Microsoft s Compliance Framework for Online Services Online Services Security and Compliance Executive summary Contents Executive summary 1 The changing landscape for online services compliance 4 How Microsoft
More informationCourse 20533: Implementing Microsoft Azure Infrastructure Solutions
Course 20533: Implementing Microsoft Azure Infrastructure Solutions Overview About this course This course is aimed at experienced IT Professionals who currently administer their on-premises infrastructure.
More informationImplementing Microsoft Azure Infrastructure Solutions
Course Code: M20533 Vendor: Microsoft Course Overview Duration: 5 RRP: 2,025 Implementing Microsoft Azure Infrastructure Solutions Overview This course is aimed at experienced IT Professionals who currently
More informationISSUE BRIEF. Cloud Security for Federal Agencies. Achieving greater efficiency and better security through federally certified cloud services
ISSUE BRIEF Cloud Security for Federal Agencies Achieving greater efficiency and better security through federally certified cloud services This paper is intended to help federal agency executives to better
More informationCloud Security Trust Cisco to Protect Your Data
Trust Cisco to Protect Your Data As cloud adoption accelerates, organizations are increasingly placing their trust in third-party cloud service providers (CSPs). But can you fully trust your most sensitive
More informationSecuring Oracle E-Business Suite in the Cloud
Securing Oracle E-Business Suite in the Cloud November 18, 2015 Stephen Kost Chief Technology Officer Integrigy Corporation Phil Reimann Director of Business Development Integrigy Corporation Agenda The
More informationCloud Security Panel: Real World GRC Experiences. ISACA Atlanta s 2013 Annual Geek Week
Cloud Security Panel: Real World GRC Experiences ISACA Atlanta s 2013 Annual Geek Week Agenda Introductions Recap: Overview of Cloud Computing and Why Auditors Should Care Reference Materials Panel/Questions
More informationSimone Brunozzi, AWS Technology Evangelist, APAC. Fortress in the Cloud
Simone Brunozzi, AWS Technology Evangelist, APAC Fortress in the Cloud AWS Cloud Security Model Overview Certifications & Accreditations Sarbanes-Oxley (SOX) compliance ISO 27001 Certification PCI DSS
More informationSeeing Though the Clouds
Seeing Though the Clouds A PM Primer on Cloud Computing and Security NIH Project Management Community Meeting Mark L Silverman Are You Smarter Than a 5 Year Old? 1 Cloud First Policy Cloud First When evaluating
More informationCloud Courses Description
Cloud Courses Description Cloud 101: Fundamental Cloud Computing and Architecture Cloud Computing Concepts and Models. Fundamental Cloud Architecture. Virtualization Basics. Cloud platforms: IaaS, PaaS,
More informationCloud Computing In a Post Snowden World. Guy Wiggins, Kelley Drye & Warren LLP Alicia Lowery Rosenbaum, Microsoft Legal and Corporate Affairs
Cloud Computing In a Post Snowden World Guy Wiggins, Kelley Drye & Warren LLP Alicia Lowery Rosenbaum, Microsoft Legal and Corporate Affairs Guy Wiggins Director of Practice Management Kelley Drye & Warren
More informationCloud Computing: The Next Big Thing?
May 28 th, 2014 Athens, Greece Cloud Computing: The Next Big Thing? Where we are. What lies ahead. About Performance For more than 15 years, we architect, implement and deliver state of the art solutions
More informationFeliciano Intini Responsabile dei programmi di Sicurezza e Privacy Microsoft Italia
Feliciano Intini Responsabile dei programmi di Sicurezza e Privacy Microsoft Italia NonSoloSecurity Blog: http://blogs.technet.com/feliciano_intini Twitter: @felicianointini Trustworthy Computing Cloud:
More informationCimTrak Technical Summary. DETECT All changes across your IT environment. NOTIFY Receive instant notification that a change has occurred
DETECT All changes across your IT environment With coverage for your servers, network devices, critical workstations, point of sale systems, and more, CimTrak has your infrastructure covered. CimTrak provides
More informationVEMBU VS VEEAM. Why Vembu is Better VEMBU TECHNOLOGIES TRUSTED BY OVER 25,000 BUSINESSES. www.vembu.com
VS Why Vembu is Better TECHNOLOGIES www.vembu.com Copyright Information Information in this document is subject to change without notice. The entire risk of the use or the results of the use of this document
More informationCloud Service Providers Overcoming security and compliance barriers
Cloud Service Providers Overcoming security and compliance barriers Dr Theodoros Stergiou, CEng, CPMM Security Solutions Product Manager & Cloud Security Officer Agenda A brief introduction Security barriers
More informationAWS Security. Security is Job Zero! CJ Moses Deputy Chief Information Security Officer. AWS Gov Cloud Summit II
AWS Security CJ Moses Deputy Chief Information Security Officer Security is Job Zero! Overview Security Resources Certifications Physical Security Network security Geo-diversity and Fault Tolerance GovCloud
More informationHow Microsoft is taking Privacy by Design to Work. Alan Chan National Technology Officer Microsoft Hong Kong 7 May 2015
How Microsoft is taking Privacy by Design to Work Alan Chan National Technology Officer Microsoft Hong Kong 7 May 2015 Agenda Introducing the New Microsoft Microsoft privacy principle Protecting privacy
More informationWindows Least Privilege Management and Beyond
CENTRIFY WHITE PAPER Windows Least Privilege Management and Beyond Abstract Devising an enterprise-wide privilege access scheme for Windows systems is complex (for example, each Window system object has
More informationAPS Connect Denver, CO
New Generation Data Protection Powered by the Acronis AnyData Engine APS Connect Denver, CO Jon Farmer February 26, 2015 2015 Acronis Industry Leader in Data Protection Market Leading Solutions & Technology
More informationGoodData Corporation Security White Paper
GoodData Corporation Security White Paper May 2016 Executive Overview The GoodData Analytics Distribution Platform is designed to help Enterprises and Independent Software Vendors (ISVs) securely share
More informationPCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP
SOLUTION BRIEF PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP The benefits of cloud computing are clear and compelling: no upfront investment, low ongoing costs, flexible capacity and fast application
More informationHC3 Draft Cloud Security Assessment
HC3 Draft Cloud Security Assessment Respondent Contact Information First Name: Grant Company: Ostendio Email: gelliott@ostendio.com Last Name: Elliott Company Address: Ostendio Date: 01/27/2015 Information
More informationIBM G-Cloud Microsoft Windows Active Directory as a Service
IBM G-Cloud Microsoft Windows Active Directory as a Service Service Definition IBM G-Cloud Windows AD as a Service 1 1. Summary 1.1 Service Description This offering is provided by IBM Global Business
More informationClouds on the Horizon Cloud Security in Today s DoD Environment. Bill Musson Security Analyst
Clouds on the Horizon Cloud Security in Today s DoD Environment Bill Musson Security Analyst Agenda O Overview of Cloud architectures O Essential characteristics O Cloud service models O Cloud deployment
More informationGovernance and Control in the Cloud. Infrastructure as a Service
1 Governance and Control in the Cloud Infrastructure as a Service Cows 2 The Triumph of the Utility 3 Our Discussion 4 How we ll talk about Governance and Controls today Not an IT-assurance methodology
More informationCloud Data Security. Sol Cates CSO @solcates scates@vormetric.com
Cloud Data Security Sol Cates CSO @solcates scates@vormetric.com Agenda The Cloud Securing your data, in someone else s house Explore IT s Dirty Little Secret Why is Data so Vulnerable? A bit about Vormetric
More informationSean Horne CTO EMC UKI. The leakage of Intellectual Property.. .and the risk of Privacy, Trustworthiness, Governance and Data Breaches
Sean Horne CTO EMC UKI The leakage of Intellectual Property...and the risk of Privacy, Trustworthiness, Governance and Data Breaches 1 The business of Insurance is guided by Trust Insurance is a promise
More informationSecure Your Business with EVault Cloud-Connected Solutions
Secure Your Business with EVault Cloud-Connected Solutions Winfried Posthumus Channel Sales Manager NL Winfried.Posthumus@evault.com 11/22/2012 2012 EVault, Inc. All Rights Reserved 1 Agenda Who is EVault
More informationHealthcare: La sicurezza nel Cloud October 18, 2011. 2011 IBM Corporation
Healthcare: La sicurezza nel Cloud October 18, 2011 Cloud Computing Tests The Limits Of Security Operations And Infrastructure Security and Privacy Domains People and Identity Data and Information Application
More informationIntroduction to QualysGuard IT Compliance SaaS Services. Marek Skalicky, CISM, CRISC Regional Account Manager for Central & Adriatic Eastern Europe
Introduction to QualysGuard IT Compliance SaaS Services Marek Skalicky, CISM, CRISC Regional Account Manager for Central & Adriatic Eastern Europe A Unified and Continuous View of ICT Security, Risks and
More informationPCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP
solution brief PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP AWS AND PCI DSS COMPLIANCE To ensure an end-to-end secure computing environment, Amazon Web Services (AWS) employs a shared security responsibility
More informationOptimizing IT costs with Cloud. Tarmo Tikerpäe Datacenter SSP Microsoft Corporation
Optimizing IT costs with Cloud Tarmo Tikerpäe Datacenter SSP Microsoft Corporation BENEFITS Speed Scale Economics Cloud Trend: 70% 2 weeks to deliver new services vs. 6-12 months with traditional solution
More informationJohn Essner, CISO Office of Information Technology State of New Jersey
John Essner, CISO Office of Information Technology State of New Jersey http://csrc.nist.gov/publications/nistpubs/800-144/sp800-144.pdf Governance Compliance Trust Architecture Identity and Access Management
More informationPCI Compliance for Cloud Applications
What Is It? The Payment Card Industry Data Security Standard (PCIDSS), in particular v3.0, aims to reduce credit card fraud by minimizing the risks associated with the transmission, processing, and storage
More information