Securing the Cloud with IBM Security Systems. IBM Security Systems. 2012 IBM Corporation. 2012 2012 IBM IBM Corporation Corporation



Similar documents
IBM Cloud Security Draft for Discussion September 12, IBM Corporation

Cloud Security. Peter Jopling IBM UK Ltd Software Group Hursley Labs. peterjopling IBM Corporation

RE Think. IT & Business. Invent. IBM SmartCloud Security. Dr. Khaled Negm, SMIEEE, ACM Fellow IBM SW Global Competency Center Leader GCC

Ragy Magdy Regional Channel Manager MEA IBM Security Systems

What is Security Intelligence?

Safeguarding the cloud with IBM Dynamic Cloud Security

Q1 Labs Corporate Overview

Securing the Cloud infrastructure with IBM Dynamic Cloud Security

The Cloud is Not Enough Why Hybrid Infrastructure is Shaping the Future of Cloud Computing

Cloud Computing and Standards

Glinda Cummings World Wide Tivoli Security Product Manager

Mobile, Cloud, Advanced Threats: A Unified Approach to Security

Cloud Courses Description

How To Protect Your Cloud From Attack

Cloud Courses Description

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP

The Benefits of an Integrated Approach to Security in the Cloud

How does IBM deliver cloud security? An IBM paper covering SmartCloud Services 1

Cloud Security Who do you trust?

Cloud Computing for SCADA

Security Officer s Checklist in a Sourcing Deal

Lecture 02b Cloud Computing II

Securing and protecting the organization s most sensitive data

IBM Security in the Cloud

Security of Cloud Computing for the Power Grid

IBM Security Strategy

Addressing Security for Hybrid Cloud

Microsoft Private Cloud

Strategies for assessing cloud security

Cloud computing White paper November IBM Point of View: Security and Cloud Computing

IBM Security Operations Center Poland! Wrocław! Daniel Donhefner SOC Manager!

Security & Cloud Services IAN KAYNE

Fundamental Concepts and Models

IBM EXAM QUESTIONS & ANSWERS

VMware vcloud Powered Services

Cloud and Data Center Security

How To Manage Cloud Management

How to Turn the Promise of the Cloud into an Operational Reality

A Strawman Model. NIST Cloud Computing Reference Architecture and Taxonomy Working Group. January 3, 2011

Public Clouds. Krishnan Subramanian Analyst & Researcher Krishworld.com. A whitepaper sponsored by Trend Micro Inc.

Trend Micro. Secure virtual, cloud, physical, and hybrid environments easily and effectively INTRODUCTION

Cloud Security Specialist Certification Self-Study Kit Bundle

SAP Enterprise Architecture in the Era of SAP HANA, Infrastructure, Platforms, Software and Everything-as-a-Service

IBM & Cloud Computing. Smarter Planet. John Easton UK & Ireland Cloud Computing Technical Leader

Security Issues in Cloud Computing

Learn How to Leverage System z in Your Cloud

Ironside Group Rational Solutions

SOLUTIONS. Secure Infrastructure as a Service for Production Workloads

IBM Security QRadar Vulnerability Manager

Cloud Computing; What is it, How long has it been here, and Where is it going?

PROTECTED CLOUDS: Symantec solutions for consuming, building, or extending into the cloud

Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services

The Current State of Cyber Security

Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work

journey to a hybrid cloud

Building Private & Hybrid Cloud Solutions

On Premise Vs Cloud: Selection Approach & Implementation Strategies

IBM PowerSC. Security and compliance solution designed to protect virtualized datacenters. Highlights. IBM Systems and Technology Data Sheet

Honeywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014

Netzwerkvirtualisierung? Aber mit Sicherheit!

Networking for cloud computing

Extending IBM WebSphere MQ and WebSphere Message Broker to the Clouds 5th February 2013 Session 12628

EARTHLINK BUSINESS. Simplify the Complex

Cloud Computing. Jean-Claude DISPENSA IBM Distinguished Engineer

ICT priorities in Canada

Service management White paper. Manage access control effectively across the enterprise with IBM solutions.

VMware vcloud Architecture Toolkit Public VMware vcloud Service Definition

Managing Cloud Computing Risk

Building High Growth Services on the Microsoft Cloud Platform. Rich Cannon Senior Director, US Partner Hosting and Cloud Services

Trust but Verify. Vincent Campitelli. VP IT Risk Management

IBM Connections Cloud Security

Security Intelligence

2010 State of Virtualization Security Survey

Cloud Computing. Bringing the Cloud into Focus

Securing the Service Desk in the Cloud

IBM Security QRadar SIEM & Fortinet FortiGate / FortiAnalyzer

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP

Applying IBM Security solutions to the NIST Cybersecurity Framework

Preemptive security solutions for healthcare

HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT

Covering my IaaS: Security and Extending the Datacenter. Brian Bourne Tadd Axon

WHAT S ON YOUR CLOUD? Workload Deployment Strategies for Private and Hybrid Clouds RESEARCH AND ANALYSIS PROVIDED BY TECHNOLOGY BUSINESS RESEARCH


Transcription:

Securing the Cloud with IBM Security Systems 1 2012 2012 IBM IBM Corporation Corporation

IBM Point of View: Cloud can be made secure for business As with most new technology paradigms, security concerns surrounding cloud computing have become the most widely talked about inhibitor of widespread usage. Traditional IT Security and Privacy Expectations In the Cloud To gain the trust of organizations, cloud services must deliver security and privacy expectations that meet or exceed what is available in traditional IT environments. The same way transformational technologies of the past overcame concerns PCs, outsourcing, the Internet. Trust 2

Cloud computing changes the way we think about security In a cloud environment, access expands, responsibilities change, control shifts, and the speed of provisioning IT resources increases - greatly affecting all aspects of security Private cloud On or off premises cloud infrastructure operated solely for an organization and managed by the organization or a third party Hybrid IT Traditional IT and clouds (public and/or private) that remain separate but are bound together by technology that enables data and application portability Public cloud Available to the general public or a large industry group and owned by an organization selling cloud services. Changes in Security and Privacy Customer responsibility for infrastructure More customization of security controls Good visibility into day-to-day operations Easy to access to logs and policies Applications and data remain inside the firewall Provider responsibility for infrastructure Less customization of security controls No visibility into day-to-day operations Difficult to access to logs and policies Applications and data are publically exposed 3 3

Minimizing the risks of cloud computing requires a strategic approach Define a cloud strategy with security in mind Identify the different workloads and how they need to interact. Which models are appropriate based on their security and trust requirements and the systems they need to interface to? Identify the security measures needed Using a methodology such as the IBM Security Framework allows teams to measure what is needed in areas such as governance, architecture, applications and assurance. Enabling security for the cloud Define the upfront set of assurance measures that must be taken. Assess that the applications, infrastructure and other elements meet the security requirements, as well as operational security measures. 4

Our approach to delivering cloud security aligns with each phase of a clients project or initiative Design Deploy Consume Establish a cloud strategy and implementation plan to get there. Build cloud services, in the enterprise and/or as a cloud services provider. Manage and optimize consumption of cloud services. IBM Cloud Security Approach Secure by Design Focus on building security into the fabric of the cloud. Workload Driven Secure cloud resources with innovative features and products. Service Enabled Govern the cloud through ongoing security operations and workflow. Example security capabilities Cloud security roadmap Secure development Network threat protection Server security Database security Application security Virtualization security Endpoint protection Configuration and patch management Identity and access management Secure cloud communications Managed security services 5

Adoption patterns are emerging for successfully beginning and progressing cloud initiatives Infrastructure as a Service (IaaS): Cut IT expense and complexity through cloud data centers Platform-as-a-Service (PaaS): Accelerate time to market with cloud platform services Innovate business models by becoming a cloud service provider Software as a Service (SaaS): Gain immediate access with business solutions on cloud 6 6

Each pattern has its own set of key security concerns Infrastructure as a Service (IaaS): Cut IT expense and complexity through cloud data centers Platform-as-a-Service (PaaS): Accelerate time to market with cloud platform services Innovate business models by becoming a cloud service provider Software as a Service (SaaS): Gain immediate access with business solutions on cloud Cloud Enabled Data Center Cloud Platform Services Cloud Service Provider Business Solutions on Cloud Integrated service management, automation, provisioning, self service Pre-built, pre-integrated IT infrastructures tuned to application-specific needs Advanced platform for creating, managing, and monetizing cloud services Capabilities provided to consumers for using a provider s applications Key security focus: Infrastructure and Identity Key security focus: Applications and Data Key security focus: Data and Compliance Key security focus: Compliance and Governance Manage datacenter identities Secure virtual machines Patch default images Monitor logs on all resources Network isolation Secure shared databases Encrypt private information Build secure applications Keep an audit trail Integrate existing security Isolate cloud tenants Policy and regulations Manage security operations Build compliant data centers Offer backup and resiliency Harden exposed applications Securely federate identity Deploy access controls Encrypt communications Manage application policies 7

IBM Cloud Security helps customers regain visibility and control End-to-end coverage for securing private, hybrid and public clouds. IBM is the only vendor with products, services and expertise to secure critical dimensions of cloud - spanning users, data, applications and virtualized infrastructure. Enterprise-class security across all cloud domains Visibility into the security of cloud environments Secure access to cloud applications Data protection for in motion and at rest. Threat and vulnerability management solutions for applications and infrastructure. Services specifically designed for securing the cloud Best Cloud Computing Security 8

IBM s breath of experience and security capabilities are being applied to all cloud adoption patterns IBM Cloud Security One Size Does Not Fit All Cloud Platform Services Cloud Service Provider Cloud Enabled Data Center Business Solutions on Cloud Different security controls are appropriate for different cloud needs - the challenge becomes one of integration, coexistence, and recognizing what solution is best for a given workload. 9

And we ve developed a set of cloud security controls to get started Cloud Security On Ramps Design Deploy Consume Security Intelligence Total visibility into virtual and cloud environments IBM QRadar Security Intelligence Platform (SIEM, Risk Manager) People Enable single sign on across multiple cloud services IBM Federated Identity Manager Business GW Data Protect and monitor access to shared databases IBM InfoSphere Guardium Applications Scan cloud deployed web applications IBM Rational AppScan Suite Defend users and apps from network attacks IBM Security Network Intrusion Prevention System Infrastructure Protect VMs and hypervisor from advanced threats IBM Virtual Server Protection for VMware Provide patch and config management of VMs IBM Tivoli Endpoint Manager for Security and Compliance Services Understand the concerns of your unique cloud initiative IBM Cloud Security Roadmap Service 10

IBM also offers unmatched global coverage and security research Security Operations Centers Security Research Centers Security Solution Development Centers Institute for Advanced Security Branches IBM Research World Wide Managed Security Services Coverage 20,000+ devices under contract 3,700+ MSS clients worldwide 13B+ events managed per day 1,000+ security patents 133 monitored countries (MSS) 11

IBM continues to research, test and document more focused approaches to cloud security IBM Research Special research concentration in cloud security IBM -Force Proactive counter intelligence and public education Customer Councils Real-world feedback from clients adopting cloud Standards Participation Client-focused open standards and interoperability IBM Institute for Advanced Security Collaboration between academia, industry, government, and the IBM technical community 12

IBM has a broad portfolio of products and services to help satisfy these key security concerns 13

14