The New Perimeter Information Isolate the data The road to securing Information without physical controls



Similar documents
SafeNet Data Encryption and Control. Securing data over its lifecycle, wherever it resides from the data center to endpoints and into the cloud

SafeNet Data Encryption and Control. Securing data over its lifecycle, wherever it resides from the data center to endpoints and into the cloud

Cloud Computing and the Federal Government: Maximizing Trust Supporting the Mission and Improving Assurance with Data-centric Information Security

Securing sensitive data at Rest ProtectFile, ProtectDb and ProtectV. Nadav Elkabets Presale Consultant

Cloud Computing: A Question of Trust Maintaining Control and Compliance with Data-centric Information Security

A Security Practitioner s Guide to the Cloud Maintain Trust and Control in Virtualized Environments with SafeNet s Trusted Cloud Fabric

Compliance for the Road Ahead

Cloud Courses Description

Securing Data in the Virtual Data Center and Cloud: Requirements for Effective Encryption

Security Issues in Cloud Computing

Identity & Access Management The Cloud Perspective. Andrea Themistou 08 October 2015

Cloud Courses Description

Take Control of Identities & Data Loss. Vipul Kumra

Cloud Security Case Study Amazon Web Services. Ugo Piazzalunga Technical Manager, IT Security

Secure Networks for Process Control

NETWORK ACCESS CONTROL AND CLOUD SECURITY. Tran Song Dat Phuc SeoulTech 2015

Data Protection: From PKI to Virtualization & Cloud

Cloud Database Storage Model by Using Key-as-a-Service (KaaS)

Dynamic Security for the Hybrid Cloud

Optimizing the Mobile Cloud Era Through Agility and Automation

SAFENET FOR SERVICE PROVIDERS. Deliver Data Protection Services that Boost Revenues and Margins

Confidence in the Cloud Five Ways to Capitalize with Symantec

SECURITY MODELS FOR CLOUD Kurtis E. Minder, CISSP

Adopting Cloud Computing with a RISK Mitigation Strategy

How To Achieve Pca Compliance With Redhat Enterprise Linux

How To Protect Your Data From Harm

SOLUTION BRIEF Citrix Cloud Solutions Citrix Cloud Solution for On-boarding

Comprehensive Agentless Cloud Backup and Recovery Software for the Enterprise

IT Networking and Security

Enterprise Data Protection

Larry Wilson Version 1.0 November, University Cyber-security Program Critical Asset Mapping

Enterprise Key Management: A Strategic Approach ENTERPRISE KEY MANAGEMENT A SRATEGIC APPROACH. White Paper February

University of California, Riverside Computing and Communications. IS3 Local Campus Overview Departmental Planning Template

TABLE OF CONTENTS. pg. 02 pg. 02 pg. 02 pg. 03 pg. 03 pg. 04 pg. 04 pg. 05 pg pg. 10. Feature-Benefit Summary How It Works. 1

identity as the new perimeter: securely embracing cloud, mobile and social media agility made possible

Information Security Services

Virginia Government Finance Officers Association Spring Conference May 28, Cloud Security 101

What Cloud computing means in real life

Identity Governance Evolution

CompTIA Cloud+ 9318; 5 Days, Instructor-led

Securing The Cloud. Foundational Best Practices For Securing Cloud Computing. Scott Clark. Insert presenter logo here on slide master

RE Think. IT & Business. Invent. IBM SmartCloud Security. Dr. Khaled Negm, SMIEEE, ACM Fellow IBM SW Global Competency Center Leader GCC

CompTIA Cloud+ Course Content. Length: 5 Days. Who Should Attend:

Network and Security Controls

ProtectV. Securing Sensitive Data in Virtual and Cloud Environments. Executive Summary

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

Are You Prepared for the Cloud? Nick Kael Principal Security Strategist Symantec

全 球 資 安 剖 析, 您 做 確 實 了 嗎? Albert Yung Barracuda Networks

Cloud Computing Security Considerations

Endpoint Management and Mobility Solutions from Symantec. Adapting traditional IT operations for new end-user environments

Symantec Client Management Suite 8.0

Cloud Computing Security Issues and Access Control Solutions

Secure Cloud Computing

Whitepaper : Cloud Based Backup for Mobile Users and Remote Sites

Comprehensive Agentless Cloud Backup and Recovery Software for the Enterprise

Windows 7. Qing Liu Michael Stevens

Cloud Security. Peter Jopling IBM UK Ltd Software Group Hursley Labs. peterjopling IBM Corporation

WHITE PAPER: STRATEGIC IMPACT PILLARS FOR EFFICIENT MIGRATION TO CLOUD COMPUTING IN GOVERNMENT

Lecture 02b Cloud Computing II

How to survive in a world of Virtualization and Cloud Computing, where you even can t trust your own environment anymore. Raimund Genes, CTO

Secure Multi Tenancy In the Cloud. Boris Strongin VP Engineering and Co-founder, Hytrust Inc.

Mitigating Information Security Risks of Virtualization Technologies

Best Practices for Secure Mobile Access

Secure & Unified Identity

Blending Embedded Hardware OTP, SSO, and Out of Band Auth for Secure Cloud Access

An Introduction to the Technical Considerations of Social Business Version 1.0

Dell Software. Jiří Svatuška

SECURITY PLATFORM FOR HEALTHCARE PROVIDERS

Limiting the Spread of Threats: A Data Center for Every User

NCTA Cloud Architecture

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design

Emerging Approaches in a Cloud-Connected Enterprise: Containers and Microservices

Appendix C Pricing Index DIR Contract Number DIR-TSO-2724

nwstor Storage Security Solution 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4.

Cloud and Regulations: A match made in heaven, or the worst blind date ever?

Klickstart Business Solutions & Services

Industrial Security for Process Automation

IBM Software Information Management Creating an Integrated, Optimized, and Secure Enterprise Data Platform:

From Edge to the Core. Sicurezza dati nelle infrastrutture condivise, virtualizzate e cloud.

Sentinet for Windows Azure SENTINET

Centralized Secure Vault with Serena Dimensions CM

Secure Shell User Keys and Access Control in PCI-DSS Compliance Environments

Auditing Cloud Computing. A Security and Privacy Guide. Wiley Corporate F&A

Advancing Security with Software Defined Datacenter. Karen Law Senior Systems Consultant VMware Hong Kong Ltd

i-pcgrid Workshop 2015 Cyber Security for Substation Automation The Jagged Line between Utility and Vendors

CLOUD SECURITY SECURITY ASPECTS IN GEOSPATIAL CLOUD. Guided by Prof. S. K. Ghosh Presented by - Soumadip Biswas

1 The intersection of IAM and the cloud

Consumption IT. Michael Shepherd Business Development Manager. Cisco Public Sector May 1 st 2014

Cloud Computing: Issues Related with Cloud Service Providers

Requirements Checklist for Choosing a Cloud Backup and Recovery Service Provider

Enterprise IT is complex. Today, IT infrastructure spans the physical, the virtual and applications, and crosses public, private and hybrid clouds.

Vs Encryption Suites

ProjectManager.com Security White Paper

System Security Plan University of Texas Health Science Center School of Public Health

East African Information Conference th August, 2013, Kampala, Uganda. Security and Privacy: Can we trust the cloud?

ADVANCED PERSISTENT THREATS & ZERO DAY ATTACKS

Cisco Security Optimization Service

Transcription:

The New Perimeter Information Isolate the data The road to securing Information without physical controls Russell Dietz, VP & CTO SafeNet, Inc.

What s top of mind IA Today Identity & Access Management Data Protection Data Loss Reduction Share Information! Controls vs. Security Web 2.0 & SOA Virtualization & Cloud Computing Multi-agency Single Data Center 2

Technology Evolution Security Impact Converged Network Infrastructure Cloud Computing (SaaS, S+S, etc.) Server & Storage Virtualization Service Oriented Architecture (SOA) Next Generation IT Services Client & Desktop Virtualization 3

Information Assets at risk Web 2.0 Application Shared Folders Groupware Database Offline Folders E-Mail Docs Laptop SaaS Cloud Mobile Internet WAN Extranet Branch Office Data Center Media Flashdrive Threats Mounting Sensitive data on the rise External Cyber Attacks Unauthorized User Access Disaster Recovery Sites No Physical Controls Traditional Perimeter GONE! SaaS, Cloud & Web 2.0 Apps Work-collaboration Partners Growing Mobile Devices Remote Replication 4

The Last 25 Years Security evolution missing EVOLVING THREAT EVOLVING ASSURANCE COST COMPLEXITY RISK EVOLVING TECHNOLOGY EVOLVING BUDGETS EVOLVING MISSIONS 5

Evolution - Reduce Attack Surfaces New Perimeter Lock Down Identity Standards Proofing, Credentials Privileged User Identity Authorization Multi-layer & Cross-domain - Isolation Attack remediation - Automation 6

Active Static Active Static Evolution - Information really lives Web 2.0 Application Solve Static FIRST! Active Laptop SaaS Cloud Advances required to contain Active Active Static Active Internet Static Mobile Active Static WAN Extranet Data Center Branch Office Active Static Media Flashdrive Static Static - Contained Active - Open Placed in storage devices Encapsulated in networks Encoded in Databases Exchange points to protect Evaluated & Changed in CPUs Waiting in Memories Presented in Displays Difficult to isolate & protect Remote Replication 7

Evolution - Focus on Information Protection Web 2.0 Application Encapsulate data in a protective cryptographic shell. Laptop SaaS Cloud Mobile Internet WAN Extranet Branch Office Data Center Media Flashdrive Information Approach Identities Weak Link Trusted containers Interoperable Standards Federation & Management Simplifies Security Scales across all areas of use Central, Individual & Hybrids Granular access controls Assured user authentication Remote Replication 8

Information Protection Lifecycle Identity Decision point for Information access High-value target front-door attacks Increasing end-user complexity Simplified 2 nd factor required Transaction Secure area contained & controlled Validation & Confirmation Creation on trusted material Full integrity throughout the process Data Focal point core value to protect Manage the new perimeter Encoding policy & information Files, Objects, Elements, Fields, etc. 9

Protected Lifecycle Static Information nnn n Protected Identity Validate ID w/ Challenge Release Protected Data Check Integrity Acquire Rights Open/Close Shell 1 5b 2 3 Protected Transaction Utilize ID & Rights Process 5a Track the Lifecycle 4 Every part is protected, End to end from the identity to the transaction to the data 10

Information-centric Protection Total Trust Web 2.0 Application Laptop Authentication Physical to Virtual Authorization Files & Objects Access Control DBs and Applications SaaS Cloud Internet Branch Office WAN Mobile Extranet Data Center Media Flashdrive Forever Protection Ubiquitous Controls Cryptographic Perimeter Each data-use is tracked Application & DB Data Granular access controls File-based Endpoints Assured user authentication Removable Media contained Mobile data LOCKED! Remote Replication 11

Centralized Information-centric Protection Identity Protection - Authentication ProtectApp Data & Transaction Protection DataSecure ProtectFile Server HSM ProtectFile Endpoint etokens ProtectFile Mobile MobilePass ProtectFile Server ProtectFile Server ProtectDB ProtectFile Portable Only Single Solution Centralized Protection Structured Apps & DBs Server & Endpoint Files Mobile devices & platforms Sharable Media & Storage Common Policy & Controls Single architecture All Data Transparent to Users & Apps Assured User Authentication 12

Data Protection Evolution SafeNet Solutions Inbound /outbound Perimeter data Protection esafe Authentication and access management Secure, Centralized Key Management Data-centric Policy Management Identity & Access Management Visibility via Logging, Auditing, Reporting Infrastructure Protection Identity Management Data Centric Security 13

Thank you! Russell.Dietz@safenet-inc.com SafeNet, Inc. http://www.safenet-inc.com

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information