MEDIA & ENTERTAINMENT. Visual Effects Company Outsources Rendering Farm with Unitas Global



Similar documents
WHITEPAPERS HOW TO SLEEP SOUNDLY WHILE UTILIZING THE CLOUD

How To Protect Your Cloud From Attack

PCI DSS 3.0 Compliance

The Hillstone and Trend Micro Joint Solution

HIPAA Compliant Infrastructure Services. Real Security Outcomes. Delivered.

A Decision Maker s Guide to Securing an IT Infrastructure

Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services

Mobile, Cloud, Advanced Threats: A Unified Approach to Security

Reducing Application Vulnerabilities by Security Engineering

McAfee Server Security

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

Penetration Testing Service. By Comsec Information Security Consulting

Imperva Cloud WAF. How to Protect Your Website from Hackers. Hackers. *Bots. Legitimate. Your Websites. Scrapers. Comment Spammers

End-to-End Application Security from the Cloud

Five Steps For Securing The Data Center: Why Traditional Security May Not Work

SECURE DATA CENTER DESIGN. Piotr Wojciechowski (CCIE #25543)

How To Protect A Virtual Desktop From Attack

Secure Virtualization in the Federal Government

$74,894/ month CLIENT S RESOURCE UTILIZATION EFFICIENCY. MONTHLY COSTS WITH AWS MULTI-TENANT PUBLIC CLOUD SOLUTION: $150,000/ month*

The Challenges of Securing Hosting Hyper-V Multi-Tenant Environments

Content Security: Protect Your Network with Five Must-Haves

Where every interaction matters.

Company Overview. Enterprise Cloud Solutions

Vladimir Yordanov Director of Technology F5 Networks, Asia Pacific Developments in Web Application and Cloud Security

Devising a Server Protection Strategy with Trend Micro

Devising a Server Protection Strategy with Trend Micro

Enterprise-Grade Security from the Cloud

Adobe ColdFusion. Secure Profile Web Application Penetration Test. July 31, Neohapsis 217 North Jefferson Street, Suite 200 Chicago, IL 60661

GoodData Corporation Security White Paper

Web Application Security. Radovan Gibala Senior Field Systems Engineer F5 Networks

What Do You Mean My Cloud Data Isn t Secure?

Mingyu Web Application Firewall (DAS- WAF) All transparent deployment for Web application gateway

Meeting the Challenges of Virtualization Security

Application and Database Security with F5 BIG-IP ASM and IBM InfoSphere Guardium

COORDINATED THREAT CONTROL

Web Application Security 101

Discover and Manage Your Network Perimeter

Securing SharePoint 101. Rob Rachwald Imperva

Larry Wilson Version 1.0 November, University Cyber-security Program Critical Asset Mapping

Table of Contents. Application Vulnerability Trends Report Introduction. 99% of Tested Applications Have Vulnerabilities

Doyourwebsitebot defensesaddressthe changingthreat landscape?

Protect the data that drives our customers business. Data Security. Imperva s mission is simple:

Unit 3 Research Project. Eddie S. Jackson. Kaplan University. IT540: Management of Information Security. Kenneth L. Flick, Ph.D.

From the Bottom to the Top: The Evolution of Application Monitoring

Network Virtualization Solutions - A Practical Solution

SAM Benefits Overview SAM SOFTWARE ASSET MANAGEMENT

Introduction: 1. Daily 360 Website Scanning for Malware

Secure and control how your business shares files using Hightail

IBM Connections Cloud Security

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES.

WEB APPLICATION FIREWALLS: DO WE NEED THEM?

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

ENTERPRISE PRIVATE CLOUD & YOUR BUSINESS

Guidelines for Web applications protection with dedicated Web Application Firewall

Endpoint protection for physical and virtual desktops

The Incremental Advantage:

IBM QRadar Security Intelligence April 2013

Why a Network-based Security Solution is Better than Using Point Solutions Architectures

Securing the Journey to the Private Cloud. Dominique Dessy RSA, the Security Division of EMC

Website Security. End-to-End Application Security from the Cloud. Cloud-Based, Big Data Security Approach. Datasheet: What You Get. Why Incapsula?

Cybersecurity Health Check At A Glance

SourceFireNext-Generation IPS

Virtualization Essentials

WHITE PAPER SPLUNK SOFTWARE AS A SIEM

BOLDCHAT ARCHITECTURE & APPLICATION CONTROL

RSA Solution Brief. The RSA Solution for Cloud Security and Compliance

Total Cloud Protection

Healthcare Security and HIPAA Compliance with A10

How does IBM deliver cloud security? An IBM paper covering SmartCloud Services 1

Total Defense Endpoint Premium r12

Passing PCI Compliance How to Address the Application Security Mandates

The RSA Solution for. infrastructure security and compliance. A GRC foundation for VMware. Solution Brief

Complete Protection against Evolving DDoS Threats

Understanding Sage CRM Cloud

Cloud Security:Threats & Mitgations

21/12/2015 CLOUD ADOPTION TRENDS. Agenda. Cloud Adoption. Cloud Deployment Model. Public Cloud Usage

BEST PRACTICES FOR COMMERCIAL COMPLIANCE

Keyword: Cloud computing, service model, deployment model, network layer security.

IBM Cloud Security Draft for Discussion September 12, IBM Corporation

Security and Data Center Overview

The Key to Secure Online Financial Transactions

Performance Evaluation of Intrusion Detection Systems

A BETTER SOLUTION FOR MAINTAINING HEALTHCARE DATA SECURITY IN THE CLOUD

Sophistication of attacks will keep improving, especially APT and zero-day exploits

Hayri Tarhan, Sr. Manager, Public Sector Security, Oracle Ron Carovano, Manager, Business Development, F5 Networks

Contact Center Security: Moving to the Cloud

Symantec Protection Suite Enterprise Edition for Servers Complete and high performance protection where you need it

NSFOCUS Web Application Firewall White Paper

IBM Security IBM Corporation IBM Corporation

WHITE PAPER AUTOMATED, REAL-TIME RISK ANALYSIS AND REMEDIATION

ETHICAL HACKING APPLICATIO WIRELESS110 00NETWORK APPLICATION MOBILE MOBILE0001

Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work

Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense

Top Five Ways to Protect Your Network. A MainNerve Whitepaper

Managed Intrusion, Detection, & Prevention Services (MIDPS) Why Sorting Solutions? Why ProtectPoint?

Application Security in the Cloud with BIG-IP ASM

Production Security and the SDLC. Mark Kraynak Sr. Dir. Strategic Marketing Imperva

The New PCI Requirement: Application Firewall vs. Code Review

HOW TO PROTECT YOUR VIRTUAL DESKTOPS AND SERVERS? Security for Virtual and Cloud Environments

A8.1 Asset Management Responsibility for assets: To identify organisational assets and define appropriate protection responsibilities.

Transcription:

MEDIA & ENTERTAINMENT Visual Effects Company Outsources Rendering Farm with Unitas Global

MEDIA & ENTERTAINMENT OFF-SITE RENDERING FARM STREAMLINED BILLING PROCESS BETWEEN CORPORATE AND SUBSIDIARY IAAS MONTHLY SERVICE FEE < POWER BILL BOTH ANIMATED PROJECTS COMPLETED ON SCHEDULE

MEDIA & ENTERTAINMENT GIVE IT TO ME STRAIGHT 55% SAID SERVICE PROVIDERS WHO SPECIALIZE IN PRIVATE CLOUD OFFERINGS WOULD BE THE BEST CHOICE... HAVE NO FEAR The cloud can be a dangerous place for data, but so can a swimming pool for a toddler who doesn t know how to swim. Yet, slipping well tested water-wings on the little tike s arms along with a rubber nostril pincher for his nose, and that once skittish land-lover will become an amphibian in no time. The same holds true for jumping into the EPC - enterprise private cloud. That is, with the proper readiness, coupled with professionals who know how to secure and monitor your applications, the IT leap will safely and effectively reduce costly overhead, saving both time and money. YOU RE NOT ALONE PwC recently released a series of articles entitled, The Future of IT Outsourcing and Cloud Computing, showing that several surveyed companies saw IaaS as the future of IT outsourcing. Of the surveyed CIOs and senior executives, 55% said service providers who specialize in private cloud offerings would be the best choice in three years. But even though these business leaders see the EPC as the future, they are still hesitant to move forward. Another survey conducted by Intel found a resounding 69% of global enterprise leaders were either 1) very or 2) moderately concerned with EPC security. So how can CIOs alleviate anxiety and move forward? Simple. Businesses need to embrace the proven security and monitoring solutions within the EPC. Empowered with this knowledge, companies can capitalize on the cost saving EPC experience.

MEDIA & ENTERTAINMENT SECURING THE INFRASTRUCTURE BY ITS MERE NATURE, THE INFRASTRUCTURE IS A MULTI-LAYERED SYSTEM, WITH EACH LAYER REQUIRING ITS OWN PLAN OF DEFENSE. THE FIRST STEP TOWARDS SECURING THE INFRASTRUCTURE IS TO HAVE A BASIC UNDERSTANDING OF EACH LAYER AND ITS CORRELATING SECURITY SOLUTION. PHYSICAL DATACENTER The first layer of defense is relatively simple in concept- Secure the actual physical datacenter. The datacenter location is crucial; avoid floodzones, earthquake fault lines, and heavy traffic areas. Next, protect the facility s grounds with barrier walls, vegetation, and guarded/ gated entrances. Limit access to the actual facility with guards, biometric hand readers, keycards, man traps, exit-only fire doors, and separate bathrooms for visitors. Also, eliminate single points of failure by utilizing concurrently maintainable utilities to ensure reliable power and water supplies. Continuous CCTV monitoring of the facility multiplies the effectiveness of your guards and increases employee accountability. Properly securing the physical datacenter keeps your background-checked employees safe and is the first step towards information assurance. NETWORK The network serves as the virtual highway in and out of your EPC. Basic defense tools in this layer consist of network firewalls (i.e. F5s BIG-IP Local Traffic Manager), Intrusion Detection Systems (i.e. Cisco s Catalyst 6500 Series), and Intrusion Prevention Systems (i.e. Cisco s IPS 4500 Series). These virtual plug-and-play solutions offer comprehensive protection on the network level, but can never replace real time monitoring. Network monitoring on a 24/7 basis adds a human level of defense, prevention, and protection. Sufficiently staffed Network Operations Centers (NOCs) can effectively provide this necessary real-time, and in-depth monitoring. Lastly, Network Access Control devices (i.e. Forescout s CounterACT), placed in front of your virtual machines, provide comprehensive visibility and control of your network.

MEDIA & ENTERTAINMENT SECURING THE INFRASTRUCTURE UNDERSTANDING THE FUNCTIONALITY BEHIND THIS LAYERED DEFENSE APPROACH PUSHES COMPANIES TO THE FOREFRONT OF EPC SECURITY. VIRTUAL MACHINE MANAGEMENT Hypervisors, like VMware s ESXi, make up the majority of this next layer. By managing and instructing the virtual machines, hypervisors not only play an extremely important role within your epc, but also serve as a vulnerable point of attack. Hardening the machine that hosts your hypervisor can protect against intruders from gaining access and control to this critical component of your EPC. To see an example of hardening guides, check out VMware s Vsphere hardening guides. In addition to hardening the machine, severely limiting and meticulously managing internal access to this critical layer mitigates insider threats. APPLICATIONS & DATA Easily the most penetrated and attacked level within your EPC, applications are first made secure during development, not during deployment. A more in-depth security solution for the application level is available in the next section of this white paper. However, in regards to your servers, always remember to clean them after application installations. For example, after an application s installation there are usually a large amount of sample files, scripts, code, and directories - delete them - hackers can and will hide malware in them. OPERATING SYSTEMS & GUEST HOSTS This layer consists of the different guest hosts running different operating systems under the management of the hypervisor. For this reason, host-level security is required: Anti-virus, anti-malware, and file integrity monitors (i.e. Tripwire). In addition to installing security software, it is imperative to configure the operating systems according to the guides created by the National Security Agency. A list of these guides can be found here.

MEDIA & ENTERTAINMENT SECURING APPLICATIONS & DATA THE GARTNER GROUP FOUND THAT 75% OF ATTACKS ARE AT THE APPLICATION LEVEL. SINCE THIS IS THE MOST PENETRATED LEVEL, IT MUST ALSO BE THE BEST PROTECTED AND IT S EASY TO SEE THAT, AGAIN, A LAYERED SOLUTION IS THE BEST APPROACH. A THREE STEP APPROACH TOWARDS LAYERED APPLICATION SECURITY IS OUTLINED BELOW. STEP 1 Run a web application vulnerability scanner (i.e. Qualys QualysGUARD). Developers scan applications that pinpoint vulnerabilities, mitigate the found vulnerabilities, then rescan to confirm the vulnerabilities were mitigated. Placing your applications in the cloud without first securing them is like sending that toddler into the pool without his water wings. STEP 2 Apply a file integrity monitor (FIM) to the application (i.e. Tripwire). This will verify the current file state with that of the good, baseline file state (i.e. original) and notify if the file s integrity has been compromised (i.e. the occurrence of unauthorized changes). The FIM can also be configured to automatically return to the last known good state, thereby preserving integrity. STEP 3 Front-end the applications with a Web Application Firewall (i.e. ModSecurity- an open source WAF). While traditional firewalls are still necessary for the overall network, the more precise WAF conducts deep packet inspections specifically looking for scripts that launch XSS (cross-site scripting), SQL injections and other OWASP (Open Web Application Security Project) identified vulnerabilities. WAF s can also guard against unknown attacks by thoroughly screening inquiries, detecting anomalies, even if the attack is that of an unknown variety.

MEDIA & ENTERTAINMENT DATA PROTECTION ARMOR YOUR DATA. DATA-MASKING TECHNIQUES, SUCH AS ENCRYPTION, PROTECTS YOUR SENSITIVE DATA AND MAKES IT INDECIPHERABLE TO UNAUTHORIZED ENVIRONMENTS. The previously mentioned security measures prevent unauthorized access to the data housed within your infrastructure and applications, but knights still wear armor, even behind castle walls. Armor your data. Data-masking techniques, such as encryption, protects your sensitive data and makes it indecipherable to unauthorized environments. Encryption is a popular data masking approach in which algorithms shuffle and scramble the data into calculated nonsense. However, only when the keys to these encryptions are properly secured and managed, does this data masking technique actually become effective. Combining data-masking techniques, thus creating a hybrid armored approach, significantly increases the strength of your data protection solution. NETWORK MONITORING (NOC) Preparing and protecting your data is always the necessary first step, but it would be naïve to think that placing armored apps into a properly secured EPC is enough. The array of problems that can occur (i.e. overloaded/crashed servers) when using any type of storage system, not just the cloud, proves the need for continuous monitoring. This unwavering commitment to detail is the final step towards proper EPC deployment and implementation. A Network Operations Center (NOC) provides a constant, 24/7 monitoring approach guaranteeing the viability of your network, your EPC, and inevitably, your business.

MEDIA & ENTERTAINMENT STILL HAVE CONCERNS? WHAT KIND OF VISIBILITY CAN PRIVATE CLOUDS OFFER IN REGARDS TO ABSTRACTED RESOURCES? How do I make my cloud compliant? How do you control data visibility on an internal level? These are common questions asked by cloud-skeptic CIOs and rightfully so. There are still challenges, threats, and risks outside of hackers and network malfunctions. The simple answer is customization. These problems are all remedied when EPCs are built on an individual customer basis. An outof-the-box or pay-per-click cloud approach may seem financially enticing, but it will always cost more time and money at the enterprise level, mainly due to the fact that these solutions lack customization capabilities. An EPC designed and built to your company s necessary requirements and specifications proves the private cloud s synonymy with business agility: Agile IT means agile business. The EPC provides a simple path towards agility, however true agility is realized only when efficient deployment and effective implementation occurs. (Both the required and the addressable). Then the proper EPC solutions to successfully implement these specifications can be outlined (A handful of which were already outlined in this white paper). It is through a customized plan of action that a cloud provider can deploy and implement a HIPAA compliant private cloud. REALISTIC SOLUTIONS Companies are given the option of taking on the financiallydraining and time-consuming task of launching a private cloud infrastructure or they can outsource this large complex project to a group of experts that can coordinate all aspects, from construction to deployment and monitoring, all as one simple service. When choosing that expert, companies must be vigilant in selecting a private cloud provider that puts securing your data first, and when that is done, then you can truly sleep soundly while your data lives in the cloud. Take the issue of compliance as an example. For some industries, EPC may seem like an unattainable solution, due to its perceived non-compliance, but this perception is nothing more than an ill-informed thought. Experienced EPC providers have the ability to create entirely compliant environments. For instance, with recent government incentives to convert medical records into Electronic Medical Records (EMRs), healthcare companies can now benefit from the enterprise private cloud more than ever, but jeopardizing HIPAA compliance has deterred many CIOs from adopting a cloud solution. Nonetheless, when given the chance, a seasoned EPC provider can explain to even the most skeptic CIO, step by step, the HIPAA Security Rule Standards as well as each Standard s correlating implementation specifications

WWW.UNITASGLOBAL.COM 453 S Spring Street 2nd Floor Los Angeles, CA 90013 +1 855.586.4827 inquiries@unitasglobal.com

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information