Deploying Cloud Security Standards The MTCS Experience
|
|
- Osborne Stewart
- 8 years ago
- Views:
Transcription
1 Deploying Cloud Security Standards The MTCS Experience Presented to ASEAN CSA Summit 2015 Tao Yao Sing Assistant Director, National Cloud Computing Office 12 June 2015
2 Background Cloud security is always topmost concern in adoption of cloud computing Quick survey in 2011 revealed that no applicable standards & guidelines can be directly adopted Completed development of MTCS standard in Nov 2013
3 MTCS Certification Framework Certification Scheme 3 different levels of certification & further qualified with types of services (IaaS/PaaS/SaaS) Certification will be valid for 3 years with a yearly surveillance audit to be conducted Qualified Assessors and CBs for MTCS Certification Audit skill and cloud computing security knowledge Relevant audit experience 7 Certification Bodies have been qualified to offer certification services Prerequisites All applicants must complete CSP self-disclosure
4 List of Participating Certification Bodies
5 Initial Deployment Early Adopters (1/2) Embarked on a Series of Awareness Activities CSPs and SaaS ISVs Industry & trade associations & users groups Professional bodies & associations Conferences & seminars Made Available Support Scheme for Certification Open to Singapore registered companies Co-payment funding support of Qualifying Costs capped at 50% Company must attain MTCS certification within a year of project commencement Must engage a participating Certification Body for auditing Scheme was later revised to support accredited certification
6 Initial Deployment Early Adopters (2/2) Cross-certification with other International standards Many CSPs have already been certified to some international standards (e.g. ISO27001) To enhance MTCS SS for recognition beyond Singapore by crosscertification/harmonizing with international frameworks (ISO27001 & CSA OCF/STAR) Minimize effort & reduce cost needed for CSPs to gain MTCS certification Benefit CSPs with regional business
7 Creating Demand Drivers push by major buyer Launched Public Cloud Services Bulk Tender in Apr 2014 Based on demand aggregation on WOG basis MTCS certification is a pre-condition for award Awarded in Nov 2014 to 8 CSPs PTC, NME, azaas, CrimsonLogic, Starhub, M1, Acclivis/Microsoft Azure, AsiaPac/AWS
8 List of MTCS Certified CSPs CSP Certification Level Services Amazon Web Services (SG) 3 IaaS, PaaS Clearmanage Pte Ltd 3 IaaS Microsoft Operations Pte Ltd 3, 2 IaaS, PaaS, SaaS Ribose Group, Inc. 3 SaaS Acclivis Technologies 1 IaaS Ascenix 1 IaaS Auctorizium 1 SaaS Inspire-Tech (EasiShare) 1 SaaS M1 Limited 1 IaaS, SaaS NewMedia Express Pte Ltd 1 IaaS ReadySpace 1 IaaS Starhub Limited 1 IaaS Telin Singapore 1 IaaS
9 Accrediting MTCS Standard Accreditation Scheme Established accreditation scheme with Singapore Accreditation Council in Oct 2014 Assurance of Quality of MTCS Certification Services Criteria for certification bodies (adherence to ISO/IEC & applicable IAF mandatory document) Criteria for MTCS auditors Streamlined estimation of audit duration
10 Next Steps Driving SaaS Certification A core group of MTCS certified IaaS service providers are available to host SaaS Partnership with these MTCS certified IaaS service providers to offer support SaaS ISVs Alignment of MTCS Standard with Specific Industry Sectors Joint Working Group formed to map MTCS to Healthcare IT Security Policies & Standards Alignment of MTCS to healthcare security requirements will open up public cloud services to healthcare sector Further Expansion of MTCS to Address other Related Concerns E.g. cloud outage and incident response
11 Thank You
12 MTCS Conceptual View Govt Finance MGF Domain Specific Standards More Specific Controls Healthcare Multi-tier Cloud Security Standards Cloud Related Controls ISO (ISMS) Base Standards Constr MTCS designed with ISO27001:2005 as base Other relevant standards, guidelines & reference documents are considered including TR30, TR31, CSA CCM, PCI DSS, ENISA, NIST 800 series & industry specific guidelines
Information Security ISO Standards. Feb 11, 2015. Glen Bruce Director, Enterprise Risk Security & Privacy
Information Security ISO Standards Feb 11, 2015 Glen Bruce Director, Enterprise Risk Security & Privacy Agenda 1. Introduction Information security risks and requirements 2. Information Security Management
More informationCloud Security Certification
Cloud Security Certification January 21, 2015 1 Agenda 1. What problem are we solving? 2. Definitions (Attestation vs Certification) 3. Cloud Security Responsibilities and Risk Exposure 4. Who is responsible
More informationThe Cloud Security Alliance
The Cloud Security Alliance Daniele Catteddu, Managing Director EMEA & OCF-STAR Program Director Cloud Security Alliance ABOUT THE CLOUD SECURITY ALLIANCE To promote the use of best practices for providing
More informationA Flexible and Comprehensive Approach to a Cloud Compliance Program
A Flexible and Comprehensive Approach to a Cloud Compliance Program Stuart Aston Microsoft UK Session ID: SPO-201 Session Classification: General Interest Compliance in the cloud Transparency Responsibility
More informationHow To Develop A Cloud Computing Ecosystem In Singapore
FACT SHEET (May 2013) A New Paradigm in Cloud Computing The Infocomm Development Authority of Singapore (IDA) notes that there is a paradigm shift in computing, where businesses and end-users will be accessing
More informationData Risk Management: ISM Ground to Cloud Summit. accelerate your ambition 1
Data Risk Management: ISM Ground to Cloud Summit accelerate your ambition 1 John Jones Branch Practice Manager Networking, Communications & Security Solutions John.Jones@dimensiondata.com Justin Evans
More informationINFOCOMM DEVELOPMENT AUTHORITY OF SINGAPORE
INFOCOMM DEVELOPMENT AUTHORITY OF SINGAPORE Multi-Tiered Cloud Security Standard for Singapore (MTCS SS) Audit Checklist Report For cross-certification from MTCS SS to Cloud Security Alliance (CSA) Security,
More informationHans Bos Microsoft Nederland. hans.bos@microsoft.com
Hans Bos Microsoft Nederland Email: Twitter: hans.bos@microsoft.com @hansbos Microsoft s Cloud Environment Consumer and Small Business Services Software as a Service (SaaS) Enterprise Services Third-party
More informationCloud Security Benchmark: Top 10 Cloud Service Providers Appendix A E January 5, 2015
Cloud Security Benchmark: Top 10 Cloud Service Providers Appendix A E January 5, 2015 2015 CloudeAssurance Page 1 Table of Contents Copyright and Disclaimer... 3 Appendix A: Introduction... 4 Appendix
More informationFAQs for ediscovery CFC briefing
FAQs for ediscovery CFC briefing Funding / Incentives Q1: What incentive schemes are available for law firms to participate in this ediscovery initiative? Ans: There are 2 types of incentives available
More informationPCI Compliance and the Cloud: What You Can and What You Can t Outsource Presented By:
PCI Compliance and the Cloud: What You Can and What You Can t Outsource Presented By: Peter Spier Managing Director PCI and Risk Assurance Fortrex Technologies Agenda Instructor Biography Background On
More informationOpen Certification Framework. Vision Statement
Open Certification Framework Vision Statement Jim Reavis and Daniele Catteddu August 2012 BACKGROUND The Cloud Security Alliance has identified gaps within the IT ecosystem that are inhibiting market adoption
More informationCLOUD SECURITY THROUGH COBIT, ISO 27001 ISMS CONTROLS, ASSURANCE AND COMPLIANCE
CLOUD SECURITY THROUGH COBIT, ISO 27001 ISMS CONTROLS, ASSURANCE AND COMPLIANCE Indranil Mukherjee Singapore ISC Pte Ltd Session ID: CLD T02 Session Classification: Intermediate Cloud Computing from a
More informationCloud Computing: Opportunities, Challenges, and Solutions. Jungwoo Ryoo, Ph.D., CISSP, CISA The Pennsylvania State University
Cloud Computing: Opportunities, Challenges, and Solutions Jungwoo Ryoo, Ph.D., CISSP, CISA The Pennsylvania State University What is cloud computing? What are some of the keywords? How many of you cannot
More informationCloud Architecture and Management. M.I. Deen General Manager (Enterprise Solutions) Sri Lanka Telecom
Cloud Architecture and Management M.I. Deen General Manager (Enterprise Solutions) Sri Lanka Telecom Cloud Computing Architecture Reference Architecture, Terminology and Definitions Akaza Cloud Architecture
More informationPrivacy Compliance and Security SLA: CSA addressing the challenges
Privacy Compliance and Security SLA: CSA addressing the challenges Daniele Catteddu, Managing Director EMEA & OCF-STAR Program Director - Cloud Security Alliance Arthur van der Wees, Managing Director
More informationINFOCOMM DEVELOPMENT AUTHORITY OF SINGAPORE
INFOCOMM DEVELOPMENT AUTHORITY OF SINGAPORE Multi-Tiered Cloud Security Standard for Singapore (MTCS SS) Implementation Guideline Report For cross certification from MTCS SS to ISO/IEC December 2014 Revision
More informationCloud Security Panel: Real World GRC Experiences. ISACA Atlanta s 2013 Annual Geek Week
Cloud Security Panel: Real World GRC Experiences ISACA Atlanta s 2013 Annual Geek Week Agenda Introductions Recap: Overview of Cloud Computing and Why Auditors Should Care Reference Materials Panel/Questions
More informationCloud Computing Technology
Cloud Computing Technology The Architecture Overview Danairat T. Certified Java Programmer, TOGAF Silver danairat@gmail.com, +66-81-559-1446 1 Agenda What is Cloud Computing? Case Study Service Model Architectures
More informationRobert Brammer. Senior Advisor to the Internet2 CEO rfbtech@internet2.edu. Internet2 NET+ Security Assessment Forum. 8 April 2014
Robert Brammer Senior Advisor to the Internet2 CEO rfbtech@internet2.edu Internet2 NET+ Security Assessment Forum 8 April 2014 INTERNET2 NET+ Security Initiative Primary objective -- develop guidance to
More informationCONSIDERING CLOUD? LEARN ABOUT CURRENT TRENDS IN CLOUD COMPUTING
CONSIDERING CLOUD? LEARN ABOUT CURRENT TRENDS IN CLOUD COMPUTING Jeff Jones (jrjones@microsoft.com) Microsoft Trustworthy Computing Frank Simorjay (frasim@microsoft.com) Microsoft Trustworthy Computing
More informationA New Paradigm in Cloud Computing
FACT SHEET (March 2012) A New Paradigm in Cloud Computing The Infocomm Development Authority of Singapore (IDA) notes that there is a paradigm shift in computing, where businesses and end-users will be
More informationFAQs for ediscovery CFC * added on 6 Nov 2012 and 14 Nov 2012
FAQs for ediscovery CFC * added on 6 Nov 2012 and 14 Nov 2012 Funding / Incentives CFC Award Technical Solution General Requirements Marketing Proposal Submission Data Privacy Others Funding / Incentives
More informationSecurity, Compliance & Risk Management for Cloud Relationships. Adnan Dakhwe, MS, CISA, CRISC, CRMA Safeway Inc. In-Depth Seminars D32
Security, Compliance & Risk Management for Cloud Relationships Adnan Dakhwe, MS, CISA, CRISC, CRMA Safeway Inc. In-Depth Seminars D32 Introductions & Poll Organization is leveraging the Cloud? Organization
More informationCompliance, Audits and Fire Drills: In the Way of Real Security?
Compliance, Audits and Fire Drills: In the Way of Real Security? Mark Estberg and John Howie Microsoft Corporation Session ID: SP01-203 Session Classification: Intermediate Introduction Microsoft s Global
More informationFSSC 22000-Q. Certification module for food quality in compliance with ISO 9001:2008. Quality module REQUIREMENTS
FSSC 22000-Q Certification module for food quality in compliance with ISO 9001:2008 Quality module REQUIREMENTS Foundation for Food Safety Certification Gorinchem, The Netherlands: 2015 Version Control
More informationCloud Channel Summit 2015 @rhipecloud #RCCS15
Cloud Channel Summit 2015 @rhipecloud #RCCS15 About the Cloud Security Alliance Global, not-for-profit organisation 300 member driven organization with over 56,000 individual members in 65 chapters worldwide
More informationDot Net Solutions Limited
Dot Net Solutions Limited CLOUD READINESS ASSESSMENT SERVICE DESCRIPTION DOCUMENT HISTORY Version No. Date Summary Author 1.0 Final Dan Scarfe 1.1 28/01/2015 Amended Sean Morris CONTENTS INTRODUCTION 2
More information10 Considerations for a Cloud Procurement. Anthony Kelly Erick Trombley David DeBrandt Carina Veksler January 2015
10 Considerations for a Cloud Procurement Anthony Kelly Erick Trombley David DeBrandt Carina Veksler January 2015 www.lbmctech.com info@lbmctech.com Purpose: Cloud computing provides public sector organizations
More informationTOOLS and BEST PRACTICES
TOOLS and BEST PRACTICES Daniele Catteddu Managing Director EMEA, Cloud Security Alliance ABOUT THE CLOUD SECURITY ALLIANCE To promote the use of best practices for providing security assurance within
More informationAppendix D-1 to Aproove Saas Contract : Security and solution hosting provider specs.
Appendix D-1 to Aproove Saas Contract : Security and solution hosting provider specs. The hosting company retained by Aproove is Microsoft Corporation, One Microsoft Way, Redmond, Washington 98052 USA.
More informationNational Accreditation Board for Certification Bodies. Accreditation Criteria
Accreditation Criteria for Medical devices - Quality management systems - for regulatory purposes Certification BCB 135 October 2012 Contents 0.0 Foreword 2 1.0 Scope 2 2.0 Criteria 2 3.0 Guidance on the
More informationDigital Healthcare: Author. A HIPAA compliant cloud strategy. Choosing a Cloud Service Provider. Alex Ginzburg
: A HIPAA compliant cloud strategy. Choosing a Cloud Service Provider Author Alex Ginzburg VP of Technology, Intervention Insights, Inc. Kanda Software 200 Wells Ave, Newton, MA 02459 617-340-3850 Over
More informationCERTIFICATE PROGRAMME ON CLOUD SPECIALISTS DEVELOPMENT
CERTIFICATE PROGRAMME ON CLOUD SPECIALISTS DEVELOPMENT Present awareness and demands of cloud computing calls for increasing needs of cloud specialists development noticeably worldwide. VMware's Singapore
More informationCloud Computing. Chapter 1 Introducing Cloud Computing
Cloud Computing Chapter 1 Introducing Cloud Computing Learning Objectives Understand the abstract nature of cloud computing. Describe evolutionary factors of computing that led to the cloud. Describe virtualization
More informationCompliance and the Cloud: What You Can and What You Can t Outsource
Compliance and the Cloud: What You Can and What You Can t Outsource Presented By: Kate Donofrio Security Assessor Fortrex Technologies Instructor Biography Background On Fortrex What s In A Cloud? Pick
More informationCloud certification guidelines and recommendations
Cloud certification guidelines and recommendations www.cloudwatchhub.eu info@cloudwatchhub.eu Security and privacy certifications and attestations have been identified as one of most effective and efficient
More informationLogically Securing a Public Cloud Service
SESSION ID: CIN-W07 Logically Securing a Public Cloud Service Tim Mather CISO Cadence Design Systems @mather_tim Disclaimer: AWS (Amazon Web Services) is referenced in this presentation extensively, only
More informationPharma CloudAdoption. and Qualification Trends
Pharma CloudAdoption and Qualification Trends OurCloudExperience Numerous implementations of EDMS systems with external hosting for smaller life science clients Development of qualification strategy for
More informationISO 27001:2005 & ISO 9001:2008
ISO 27001:2005 & ISO 9001:2008 September 2011 1 Main Topics SFA ISO Certificates ISO 27000 Series used in the organization ISO 27001:2005 - Benefits for the organization ISO 9001:2008 - Benefits for the
More informationRequest for Proposal (RFP) for Selection of Agency for Cloud Management Office (CMO)
Request for Proposal (RFP) for Selection of Agency for Cloud Management Office (CMO) Department of Information Technology Electronics Niketan, 6, CGO Complex New Delhi-110 003 XXXX September 2015 Page
More informationIntroduction to Business Continuity Planning
Introduction to Business Continuity Planning Business Continuity and Disaster Resilience Forum May 10, 2012 Rizal Ballroom A, Makati Shangri-la Manila, Philippines Dr Goh Moh Heng President BCM Institute
More informationGRC Stack Research Sponsorship
GRC Stack Research Sponsorship Overview Achieving Governance, Risk Management and Compliance (GRC) goals requires appropriate assessment criteria, relevant control objectives and timely access to necessary
More informationCloud Computing Flying High (or not) Ben Roper IT Director City of College Station
Cloud Computing Flying High (or not) Ben Roper IT Director City of College Station What is Cloud Computing? http://www.agent-x.com.au/ Wikipedia - the use of computing resources (hardware and software)
More informationSecurity in the Cloud
Security in the Cloud Visibility & Control of your Cloud Service Provider Murray Goldschmidt, Pierre Tagle, Ph.D. April 2012 Compliance, Protection & Business Confidence Sense of Security Pty Ltd Sydney
More informationCloud Security considerations for business adoption. Ricci IEONG CSA-HK&M Chapter
Cloud Security considerations for business adoption Ricci IEONG CSA-HK&M Chapter What is Cloud Computing? Slide 2 What is Cloud Computing? My Cloud @ Internet Pogoplug What is Cloud Computing? Compute
More informationCloud Security Alliance and Standards. Jim Reavis Executive Director March 2012
Cloud Security Alliance and Standards Jim Reavis Executive Director March 2012 About the CSA Global, not for profit, 501(c)6 organization Over 32,000 individual members, 120 corporate members, 60 chapters
More informationIAF Informative Document for the Transition of Food Safety Management System Accreditation to ISO/TS 22003:2013 from ISO/TS 22003:2007
IAF Informative Document IAF Informative Document for the Transition of Food Safety Management System Accreditation to ISO/TS 22003:2013 from ISO/TS 22003:2007 (IAF ID 8:2014) Page 2 of 6 The (IAF) details
More informationCloud Security. Peter Jopling joplingp@uk.ibm.com IBM UK Ltd Software Group Hursley Labs. peterjopling. 2011 IBM Corporation
Cloud Security Peter Jopling joplingp@uk.ibm.com IBM UK Ltd Software Group Hursley Labs peterjopling 2011 IBM Corporation Cloud computing impacts the implementation of security in fundamentally new ways
More informationIT Cloud / Data Security Vendor Risk Management Associated with Data Security. September 9, 2014
IT Cloud / Data Security Vendor Risk Management Associated with Data Security September 9, 2014 Speakers Brian Thomas, CISA, CISSP In charge of Weaver s IT Advisory Services, broad focus on IT risk, security
More informationIAF Mandatory Document
IAF-MD 11:2013 IAF Mandatory Document IAF MANDATORY DOCUMENT FOR THE APPLICATION OF ISO/IEC 17021 FOR AUDITS OF INTEGRATED MANAGEMENT SYSTEMS (IAF MD 11: 2013) 2013 Page 2 of 12 The (IAF) details criteria
More informationCloud Computing. Chapter 1 Introducing Cloud Computing
Cloud Computing Chapter 1 Introducing Cloud Computing Learning Objectives Understand the abstract nature of cloud computing. Describe evolutionary factors of computing that led to the cloud. Describe virtualization
More informationMicrosoft s Compliance Framework for Online Services
Microsoft s Compliance Framework for Online Services Online Services Security and Compliance Executive summary Contents Executive summary 1 The changing landscape for online services compliance 4 How Microsoft
More informationNCTA Cloud Architecture
NCTA Cloud Architecture Course Specifications Course Number: 093019 Course Length: 5 days Course Description Target Student: This course is designed for system administrators who wish to plan, design,
More informationCloud Security. DLT Solutions LLC June 2011. #DLTCloud
Cloud Security DLT Solutions LLC June 2011 Contact Information DLT Cloud Advisory Group 1-855-CLOUD01 (256-8301) cloud@dlt.com www.dlt.com/cloud Your Hosts Van Ristau Chief Technology Officer, DLT Solutions
More informationUKAS Guidance for bodies operating certification of Trust Service Providers seeking approval under tscheme
CIS 3 EDITION 2 February 2014 UKAS Guidance for bodies operating certification of Trust Service Providers seeking approval under tscheme CONTENTS SECTION PAGE 1 Introduction 2 2 Requirements for Certification
More informationLeveraging Technology New Horizons Computer Learning Center of Memphis
New Horizons Computer Learning Center of Memphis Presents Leveraging Technology Presenter: Charles B. Watkins, Sr. Technical Instructor New Horizons Computer Learning Center of Memphis About Me: Agenda:
More informationCOMMUNICATIONS ALLIANCE LTD
COMMUNICATIONS ALLIANCE LTD Communications Alliance Response to ACS Discussion Paper on a Potential Cloud Computing Consumer Protocol - 1 - TABLE OF CONTENTS INTRODUCTION 2 SECTION 1 OVERVIEW OF RESPONSE
More informationCisco Cloud Assessments. Justin Tang
Cisco Cloud Assessments Justin Tang Cisco Landscape Evolution of Cloud Assessments Performing Cloud Assessments Challenges 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 2 Definition:
More informationCloud Panel Service Evaluation Scenarios
Cloud Panel Service Evaluation Scenarios August 2014 Service Evaluation Scenarios The scenarios below are provided as a sample of how Finance may approach the evaluation of a particular service offered
More informationCloud Security and Managing Use Risks
Carl F. Allen, CISM, CRISC, MBA Director, Information Systems Security Intermountain Healthcare Regulatory Compliance External Audit Legal and ediscovery Information Security Architecture Models Access
More informationA Comparison of IT Governance & Control Frameworks in Cloud Computing. Jack D. Becker ITDS Department, UNT & Elana Bailey
A Comparison of IT Governance & Control Frameworks in Cloud Computing Jack D. Becker ITDS Department, UNT & Elana Bailey ITDS Department, UNT MS in IS AMCIS 2014 August, 2014 Savannah, GA Presentation
More informationCLOUD COMPUTING SECURITY IN BUSINESS INFORMATION SYSTEMS
CLOUD COMPUTING SECURITY IN BUSINESS INFORMATION SYSTEMS Sasko Ristov, Marjan Gusev and Magdalena Kostoska Faculty of Information Sciences and Computer Engineering, Ss. Cyril and Methodius University,
More informationGuidance for accreditation of EN 15224:2012 Health care services Quality management systems Requirements based on EN ISO 9001:2008
Guidance for accreditation of EN 15224:2012 Health care services Quality management systems Requirements based on EN ISO 9001:2008 This document is mandatory for the consistent application of ISO/IEC 17021.
More informationKey Speculations & Problems faced by Cloud service user s in Today s time. Wipro Recommendation: GRC Framework for Cloud Computing
Contents Introduction Why GRC Assessment Benefits of Cloud computing and Problem Statement Key Speculations & Problems faced by Cloud service user s in Today s time Threats, Vulnerabilities and related
More informationTRUSTED CLOUD. Our commitment to provide a cloud you can trust. Fernando Machado Píriz September 2014
TRUSTED CLOUD Our commitment to provide a cloud you can trust Fernando Machado Píriz September 2014 Technology Trends Driving cloud adoption 71% of strategic buyers cite scalability, cost and business
More informationIn the Cloud We Trust!
In the Cloud We Trust! Dejan Cvetkovic CTO, Microsoft CEE ISACA, Athens, Greece, November 24 th, 2015 Agenda Compliance for Financial Services The Microsoft Approach to Compliance Risk Management and Threat
More informationEuroCloud Deutschland_eco e.v. Cloud Computing is the future! For sure! But secure!
Cloud Computing is the future! For sure! But secure! ISO/IEC JTC1 national day 2011 The EuroCloud Network EuroCloud Europe was founded on Jan., 22 nd 2010 in Paris Today EuroCloud is present in 27 European
More informationLifting the Fog Around Cloud Computing. Eric A. Hibbard, CISSP-ISSAP, ISSEP, ISSMP, CISA CTO Security & Privacy Hitachi Data systems
Lifting the Fog Around Cloud Computing Eric A. Hibbard, CISSP-ISSAP, ISSEP, ISSMP, CISA CTO Security & Privacy Hitachi Data systems 1 Straw Poll Cloud Awareness A. To truly understand clouds one should
More informationCourse Design Document: IS429: Cloud Computing and SaaS Solutions. Version 1.0
Course Design Document: IS429: Cloud Computing and SaaS Solutions Version 1.0 08 October 2010 Table of Content Versions History... 4 Overview of the Cloud Computing and SaaS Solutions Course... 5 Synopsis...5
More informationWhitepaper. Canopy Security. Simplicity, Agility, Transparency. An Atos company. Powered by EMC 2 and VMware
Whitepaper Canopy Security Simplicity, Agility, Transparency 2 Whitepaper Summary Introduction While business is turning to the cloud to save costs and improve agility, for many enterprises security is
More informationIDEAL INSTITITE OF MANAGEMENT AND TECHNOLOGY In association with IIT MADRAS Presents SAARANG 2015 National Level CLOUD COMPUTING Championship
IDEAL INSTITITE OF MANAGEMENT AND TECHNOLOGY In association with IIT MADRAS Presents SAARANG 2015 National Level CLOUD COMPUTING Championship Event Details Stage 1 :- (WORKSHOP ROUND to be held at college):
More informationIAF Informative Document. IAF Informative Document for the Transition of Management System Accreditation to ISO/IEC 17021:2011 from ISO/IEC 17021:2006
IAF ID 2:2011 International Accreditation Forum, Inc. IAF Informative Document IAF Informative Document for the of Management System Accreditation to ISO/IEC 17021:2011 from (IAF ID 2:2011) The International
More informationCloud Risk Management: How to Consolidate your CSP and Corporate Risk Profile
Cloud Risk Management: How to Consolidate your CSP and Corporate Risk Profile Jerry Wertelecky, CPA, Fellow HKIoD & Managing Director INTRODUCTION Jerry Wertelecky Country of Birth: United States Current
More informationIAF Mandatory Document
IAF MD15:2014. IAF Mandatory Document IAF MANDATORY DOCUMENT FOR THE COLLECTION OF DATA TO PROVIDE INDICATORS OF MANAGEMENT SYSTEM CERTIFICATION BODIES PERFORMANCE (IAF MD15:2014) Issued: 14 July 2014
More informationFood Safety. Management Systems. Scope of Accreditation
Publication Reference EA-3/11 M: 2009 Food Safety Management Systems Scope of Accreditation PURPOSE This document outlines the EA policy for accreditation bodies when processing accreditation to certification
More informationBerlin, 15 th November 2013. Mark Dunne SaaSAssurance
Berlin, 15 th November 2013 Mark Dunne SaaSAssurance SaaSAssurance guidance to Irish Government on Cloud Adoption Who are SaaSAssurance? Diverse multilingual European team Focus on the here and now Digital
More informationICSA Labs Risk and Privacy Cloud Computing Series Part I : Balancing Risks and Benefits of Public Cloud Services for SMBs
ICSA Labs Risk and Privacy Cloud Computing Series Part I : Balancing Risks and Benefits of Public Cloud Services for SMBs The security challenges cloud computing presents are formidable, including those
More informationINFOCOMM DEVELOPMENT AUTHORITY OF SINGAPORE
INFOCOMM DEVELOPMENT AUTHORITY OF SINGAPORE Multi-Tiered Cloud Security Standard for Singapore () Audit Checklist Report For cross-certification from Cloud Security Alliance (CSA) Security, Trust & Assurance
More informationIAF Informative Document. Transition Planning Guidance for ISO 9001:2015. Issue 1 (IAF ID 9:2015)
IAF Informative Document Transition Planning Guidance for ISO 9001:2015 Issue 1 (IAF ID 9:2015) Issue 1 Transition Planning Guidance for ISO 9001:2015 Page 2 of 10 The (IAF) facilitates trade and supports
More informationThis document is a preview generated by EVS
TECHNICAL REPORT ISO/IEC TR 20000-9 First edition 2015-02-15 Information technology Service management Part 9: Guidance on the application of ISO/IEC 20000-1 to cloud services Technologies de l information
More informationCloud Security Standards. Aziza Al Rashdi Director, Cyber Security Professional Services Oman National CERT Information Technology Authority
Cloud Security Standards Aziza Al Rashdi Director, Cyber Security Professional Services Oman National CERT Information Technology Authority Introduction Sign Off December 2012 Information Technology Authority
More informationISO 27001 Information Security Management Services (Lot 4)
ISO 27001 Information Security Management Services (Lot 4) CONTENTS 1. WHY LEICESTERSHIRE HEALTH INFORMATICS SERVICE?... 3 2. LHIS TECHNICAL ASSURANCE SERVICES... 3 3. SERVICE OVERVIEW... 4 4. EXPERIENCE...
More informationCPNI VIEWPOINT 01/2010 CLOUD COMPUTING
CPNI VIEWPOINT 01/2010 CLOUD COMPUTING MARCH 2010 Acknowledgements This viewpoint is based upon a research document compiled on behalf of CPNI by Deloitte. The findings presented here have been subjected
More informationHence to overcome these challenges, it has become imperative to learn these topics and create awareness amongst the employees.
IT Service Management Trainings for Bank Konark Solutions and Services (KS&S) is an organization with Industry expert trainers and consultants. KS&S provides a wide range of Industry specific trainings
More informationThe role of certification and standards for trusted Cloud solutions
The role of certification and standards for trusted Cloud solutions A CloudWATCH webinar 2014 Cloud Security Alliance - All Rights Reserved. Agenda 15:00 Welcome and Introduction 10 15:10 The role of
More informationMicrosoft Azure. Die "Hyper-Scale" Cloudplattform. Gerwald Oberleitner 22. September 2015
Microsoft Azure Die "Hyper-Scale" Cloudplattform Gerwald Oberleitner 22. September 2015 Wie sich Microsoft Hyper-scale Azure differenziert Enterprise Grade Hybrid Azure footprint Azure footprint Datacenter
More information2014 HIMSS Analytics Cloud Survey
2014 HIMSS Analytics Cloud Survey June 2014 2 Introduction Cloud services have been touted as a viable approach to reduce operating expenses for healthcare organizations. Yet, engage in any conversation
More informationIAF Informative Document for the Transition of Food Safety Management System Accreditation to ISO/TS 22003:201X from ISO/TS 22003:2007
IAF Informative Document IAF Informative Document for the Transition of Food Safety Management System Accreditation to ISO/TS 22003:201X from ISO/TS 22003:2007 (IAF ID X:201X) Page 2 of 6 The (IAF) details
More informationHKCAS Supplementary Criteria No. 8
Page 1 of 12 HKCAS Supplementary Criteria No. 8 Accreditation Programme for Information Security Management System (ISMS) Certification 1 INTRODUCTION 1.1 HKAS accreditation for information security management
More informationCloud Security Introduction and Overview
Introduction and Overview Klaus Gribi Senior Security Consultant klaus.gribi@swisscom.com May 6, 2015 Agenda 2 1. Cloud Security Cloud Evolution, Service and Deployment models Overview and the Notorious
More informationEnabling Compliance Requirements using ISMS Framework (ISO27001)
Enabling Compliance Requirements using ISMS Framework (ISO27001) Shankar Subramaniyan Manager (GRC) Wipro Consulting Services Shankar.subramaniyan@wipro.com 10/21/09 1 Key Objectives Overview on ISO27001
More informationCONTROLLING CLOUDS: BEYOND SAFETY
CONTROLLING CLOUDS: BEYOND SAFETY GORDON HAFF (@ghaff) CLOUD EVANGELIST 22 OCTOBER 2013 ABOUT ME Red Hat Cloud Evangelist Twitter: @ghaff Google+: Gordon Haff Email: ghaff@redhat.com Blog: http://bitmason.blogspot.com
More informationHow a Cloud Service Provider Can Offer Adequate Security to its Customers
royal holloway s, How a Cloud Service Provider Can Offer Adequate Security to its Customers What security assurances can cloud service providers give their customers? This article examines whether current
More information(Draft) Transition Planning Guidance for ISO 9001:2015
ISO/TC 176/SC2 Document N1223, July 2014 (Draft) Transition Planning Guidance for ISO 9001:2015 ISO 9001 Quality management systems Requirements is currently being revised. The revision work has reached
More informationTypical Security Measures Of Cloud Computing
Typical Security Measures Of Cloud Computing Mohamed Ashik M. 1, Sankara Nayanan A. 2, Nithyananda Kumari.K 3 1&2 Faculty in Department of Information Technology & Salalah College of Technology, Sultanate
More informationBECOME A SMARTER CLOUD CONSUMER
Kurt Hagerman Chief Information Security Officer BECOME A SMARTER CLOUD CONSUMER Ripping through the Rhetoric to Find Your Cloud & Control Your Risk 05/18/2015 ABOUT KURT HAGERMAN Kurt Hagerman Chief Information
More informationUnderstanding ISO 27018 and Preparing for the Modern Era of Cloud Security
Understanding ISO 27018 and Preparing for the Modern Era of Cloud Security Presented by Microsoft and Foley Hoag LLP s Privacy and Data Security Practice Group May 14, 2015 Proposal or event name (optional)
More informationCloud Computing in a GxP Environment: The Promise, the Reality and the Path to Clarity
Reprinted from PHARMACEUTICAL ENGINEERING THE OFFICIAL TECHNICAL MAGAZINE OF ISPE JANUARY/FEBRUARY 2014, VOL 34, NO 1 Copyright ISPE 2014 www.pharmaceuticalengineering.org information systems in a GxP
More informationHIPAA and HITRUST - FAQ
A COALFIRE WHITE PAPER HIPAA and HITRUST - FAQ by Andrew Hicks, MBA, CISA, CCM, CRISC, HITRUST CSF Practitioner Director, Healthcare Practice Lead Coalfire February 2013 Introduction Organizations are
More information