Security and Cloud Computing

Similar documents
Cloud Security: The Grand Challenge

Security and Cloud Computing

Cloud Security Prof. Dr. Michael Waidner Fraunhofer SIT CASED. Fraunhofer SIT. Fraunhofer-Gesellschaft 2011

New Risks in the New World of Emerging Technologies

Cloud Security - Risiken und Chancen

IBM Security in the Cloud

Security and Privacy Aspects in Cloud Computing

Cloud Security - Risiken und Chancen Dr. Matthias Schunter, MBA IBM Research Zürich, schunter@acm.org

CLOUD SECURITY: THE GRAND CHALLENGE

Cloud Security Who do you trust?

Healthcare: La sicurezza nel Cloud October 18, IBM Corporation

Security and Privacy Aspects in Cloud Computing

Strategies for assessing cloud security

Cloud computing is a new consumption and delivery model. Yesterday Today

Security Issues in Cloud Computing

RE Think. IT & Business. Invent. IBM SmartCloud Security. Dr. Khaled Negm, SMIEEE, ACM Fellow IBM SW Global Competency Center Leader GCC

Cloud Security Who do you trust?

IBM & Cloud Computing. Smarter Planet. John Easton UK & Ireland Cloud Computing Technical Leader

Security as Architecture A fine grained multi-tiered containment strategy

IBM Cloud Security Draft for Discussion September 12, IBM Corporation

Cloud computing White paper November IBM Point of View: Security and Cloud Computing

How To Secure Cloud Infrastructure

HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT

How To Protect Your Cloud From Attack

Securing the Cloud with IBM Security Systems. IBM Security Systems IBM Corporation IBM IBM Corporation Corporation

Cloud Security Introduction and Overview

Cloud Security. DLT Solutions LLC June #DLTCloud

The New Economics of Cloud Computing

Safeguarding the cloud with IBM Dynamic Cloud Security

Safeguarding the cloud with IBM Security solutions

Cloud Courses Description

Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services

Security Considerations for Cloud Deployment

Cloud Computing Governance & Security. Security Risks in the Cloud

IT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including:

Mobile, Cloud, Advanced Threats: A Unified Approach to Security

Public Cloud Service Definition

Auditing Cloud Computing. A Security and Privacy Guide. Wiley Corporate F&A

NETWORK ACCESS CONTROL AND CLOUD SECURITY. Tran Song Dat Phuc SeoulTech 2015

Architecting Security for the Private Cloud. Todd Thiemann

How does IBM deliver cloud security? An IBM paper covering SmartCloud Services 1

Cloud Security. Peter Jopling IBM UK Ltd Software Group Hursley Labs. peterjopling IBM Corporation

Marco Mantegazza WebSphere Client Technical Professional Team IBM Software Group. Virtualization and Cloud

Cloud Essentials for Architects using OpenStack

Transform your Business with VMware

El costo oculto de las aplicaciones Vulnerables. Faustino Sanchez. WW Security Sales Enablement. IBM Canada

Security Officer s Checklist in a Sourcing Deal

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Securing Virtual Applications and Servers

Leveraging security from the cloud

Architecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud

How To Understand Cloud Computing

Cloud Courses Description

STREAM FRBC

T141 Computer Systems Technician MTCU Code Program Learning Outcomes

Why the Cloud must be Open

Virtualization Journey Stages


VMware vcloud Service Definition for a Public Cloud. Version 1.6

The Production Cloud

Data Security and Healthcare

Using Cloud to Deliver Innovation and Efficiency

Business Values of Network and Security Virtualization

Hybrid Cloud Computing

How To Protect Your Cloud Computing Resources From Attack

IBM EXAM QUESTIONS & ANSWERS

How to Achieve Operational Assurance in Your Private Cloud

A Guide to Hybrid Cloud An inside-out approach for extending your data center to the cloud

Ragy Magdy Regional Channel Manager MEA IBM Security Systems

Security Challenges of Cloud Providers ( Wie baue ich sichere Luftschlösser in den Wolken )

Securing The Cloud. Foundational Best Practices For Securing Cloud Computing. Scott Clark. Insert presenter logo here on slide master

Cloud Security: Critical Threats and Global Initiatives

Cloud computing: defined and demystified

CLOUD STORAGE SECURITY INTRODUCTION. Gordon Arnold, IBM

Revitalising your Data Centre by Injecting Cloud Computing Attributes. Ricardo Lamas, Cloud Computing Consulting Architect IBM Australia

Supplier Security Assessment Questionnaire

Keith Luck, CISSP, CCSK Security & Compliance Specialist, VMware, Inc. kluck@vmware.com

Cloud Computing. Jean-Claude DISPENSA IBM Distinguished Engineer

Cloud Security: An Independent Assessent

Cloud Security considerations for business adoption. Ricci IEONG CSA-HK&M Chapter

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

Securing the Cloud through Comprehensive Identity Management Solution

VMware Hybrid Cloud. Accelerate Your Time to Value

CA Cloud Overview Benefits of the Hyper-V Cloud

Mitigating Information Security Risks of Virtualization Technologies

SECURITY IN THE HYBRID CLOUD:

How To Protect Your Virtual Infrastructure From Attack From A Cyber Threat

Virtualization with VMware and IBM: Enjoy the Ride, but Don t Forget to Buckle Up!

Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work

VMware vcloud Architecture Toolkit Public VMware vcloud Service Definition

Residual risk. 3 Compliance challenges (i.e. right to examine, exit clause, privacy acy etc.)

IBM Security QRadar Risk Manager

Cloud Computing Expanding IT flexibility and agility

FACING SECURITY CHALLENGES

Open Data Center Alliance Usage: Provider Assurance Rev. 1.1

Strengthen security with intelligent identity and access management

Intel IT Cloud 2013 and Beyond. Name Title Month, Day 2013

Cyber Security and Cloud Computing. Dr Daniel Prince Course Director MSc in Cyber Security

Becoming a Cloud Services Broker. Neelam Chakrabarty Sr. Product Marketing Manager, HP SW Cloud Products, HP April 17, 2013

Hybrid Cloud: Overview of Intercloud Fabric. Sutapa Bansal Sr. Product Manager Cloud and Virtualization Group

Transcription:

Martin Borrett, Lead Security Architect, Europe, IBM 9 th December 2010

Outline Brief Introduction to Cloud Computing Security: Grand Challenge for the Adoption of Cloud Computing IBM and Cloud Security 2 09/02/10

Brief Introduction to Cloud Computing 3 Security and 09/02/10 Cloud Computing

Cloud: Consumption & Delivery Models Optimized by Workload Cloud is a new consumption and delivery model inspired by consumer Internet services. Enabled by Ubiquitious network access Pooling and virtualization of resources Automation of service management Standardization of workloads Cloud enables: Self-service Location independence Sourcing options Flexible payment models Economies-of-scale Cloud Services Cloud represents: The industrialization of delivery for IT supported services 4 09/02/10

Spectrum of Deployment Options for Cloud Computing Private IT capabilities are provided as a service, over an intranet, within the enterprise and behind the firewall Public IT activities / functions are provided as a service, over the Internet Enterprise data center Enterprise data center Enterprise A Enterprise B A Users B Private cloud Managed private cloud Hosted private cloud Shared cloud services Public cloud services Third-party operated Third-party hosted and operated Hybrid Internal and external service delivery methods are integrated through hybrid cloud gateways 5 09/02/10

Workloads may be at Different Levels of Cloud Readiness Ready for Cloud Collaborative Care New workloads made possible by clouds... Analytics Information intensive Sensitive Data May not yet be ready for migration... Market bias: Private cloud Public cloud Isolated workloads Highly Customized Medical Imaging Infrastructure Storage Financial Risk Industry Applications Mature workloads Not yet virtualized 3 rd party SW Complex processes & transactions Regulation sensitive Collaboration Preproduction systems Workplace, Desktop & Devices Batch processing Energy Management Business Processes Disaster Recovery Development & Test Infrastructure Compute 6 09/02/10

7

Security Grand Challenge for the Adoption of Cloud Computing 8 Security and 09/02/10 Cloud Computing

Where is the Data? Moving from Private to Public Leads to a Real or Perceive Loss of Control We Have Control It s located at X. We have backups. Our admins control access. Our uptime is sufficient. The auditors are happy. Our security team is engaged. Who Has Control? Where is it located? Who backs it up? Who has access? How resilient is it? How do auditors observe? How does our security team engage? 33% Of respondents are concerned with cloud interfering with their ability to comply with regulations 80% Of enterprises consider security #1 inhibitor to cloud adoptions Of enterprises are concerned 48% about the reliability of clouds Source: Driving Profitable Growth Through Cloud Computing, IBM Study, 2008 (conducted by Oliver Wyman) 9 09/02/10

10

One-size does not fit-all: Different cloud workloads have different risk profiles High Need for Security Assurance Analysis & simulation with public data Mission-critical workloads, personal information Tomorrow s high value / high risk workloads need: Quality of protection adapted to risk Direct visibility and control Significant level of assurance Low Training, testing with non-sensitive data Low-risk Mid-risk High-risk Business Risk Today s clouds are primarily here: Lower risk workloads One-size-fits-all approach to data protection No significant assurance Price is key 11 09/02/10

12

What is Cloud Security? Confidentiality, integrity, availability of business-critical IT assets Stored or processed on a cloud computing platform Cloud Computing Software as a Service Utility Computing Grid Computing There is nothing new under the sun but there are lots of old things we don't know. Ambrose Bierce, The Devil's Dictionary 13 09/02/10

Cloud Security = SOA Security + Secure Virtualized Runtime Service-oriented Architecture SOA Security model and protocols apply Technical challenges: multi-tenancy, across trust domain, REST-based, new protocols (e.g., OpenID) Definitional challenges: profiles and security SLAs for cloud Virtualized Runtime Top Threats and Risks in Cloud Computing Process/VM Isolation, data segregation, multi-tenancy Malicious insiders (co-tenants, cloud provider) Management (incl. self-service) interface compromise Insecure interfaces and APIs Uncertainty over data location Data protection and security Data recovery, resiliency Insecure or incomplete data deletion Account or service hijacking Abuse of cloud services (extrusion) Compliance risks Source: CSA (2010), ENISA (2009), Gartner (2008), IBM X-Force (2010) 14 09/02/10

IBM and Cloud Security 15 Security and 09/02/10 Cloud Computing

IBM's Strategy for Cloud Security IBM Security Framework: Risk management-based approach to security Provider of Security Products for Clouds Provider of Cloud-based Security Services Provider of Secure Clouds 16 09/02/10

Example for Securing the Virtualized Runtime: IBM Security Virtual Server Protection for VMware vsphere 4 VMsafe Integration Firewall and Intrusion Prevention Rootkit Detection / Prevention Inter-VM Traffic Analysis This is an example where virtualization enables an approach to security that would not be possible in a non-virtualized infrastructure! Automated Protection for Mobile VMs (VMotion) Virtual Network Segment Protection Virtual Network-Level Protection Virtual Infrastructure Auditing (Privileged User) Virtual Network Access Control 17 09/02/10

Cloud Security Services: Smart Business Security Services delivered from the IBM Cloud Hosted Security Event and Log Management Hosted Vulnerability Management Hosted Email and Web Security Hosted X-Force Threat Analysis Service Subscription service Cloud based Monitoring and management 1 2 3 4 Offsite management of logs and events from IPS s, Firewalls and OSs Proactive discovery and remediation of vulnerabilities Protection against spam, worms, viruses, spyware, adware, and offensive content Customized security intelligence based on threat information from X-Force research and development team To the Customer Offloading Security Tasks on the Ground 18 09/02/10

IBM's Approach to Providing Secure Clouds Client Services (Customized by Client) Base Services (Offered by IBM) Client's responsibility IBM does not touch client resources IBM provides guidance for customization and management of client services IBM's responsibility IBM provides tested base services IBM Cloud Computing Platform IBM Global Cloud Data Centers Hardened management interfaces and cloud service management State-of-the-art data center service management Cloud subscriber management based on IBM Web Identity State-of-the-art data-center security (physical, organizational, system, network) Strict policies and extensive monitoring to control privileged users IBM's responsibility Base operated and managed according to IBM's internal technical and organizational security standards Extensive regular internal legal, geo-specific, data privacy, technical reviews Regular ethical hacking/security testing Based on IBM's strategic outsourcing practices and the IBM Common Cloud Reference Architecture 19 09/02/10

IBM Cloud Security in Action IBM LotusLive Security through the entire lifecycle and stack 20 09/02/10

Thank you! ibm.com/cloud Ibm.com/security Or send me an email: borretm@uk.ibm.com 21 09/02/10

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information