Addressing Security for Hybrid Cloud



Similar documents
Securing the Cloud infrastructure with IBM Dynamic Cloud Security

IBM QRadar Security Intelligence April 2013

Security Intelligence

Mobile, Cloud, Advanced Threats: A Unified Approach to Security

Security of Cloud Computing for the Power Grid

The Current State of Cyber Security

and Security in the Era of Cloud

El costo oculto de las aplicaciones Vulnerables. Faustino Sanchez. WW Security Sales Enablement. IBM Canada

Data Security: Fight Insider Threats & Protect Your Sensitive Data

Application Security from IBM Karl Snider, Market Segment Manager March 2012

Let s talk about assets in QRadar

Safeguarding the cloud with IBM Dynamic Cloud Security

IBM Security Intelligence Strategy

Mobile Security. Luther Knight Mobility Management Technical Specialist, Europe IOT IBM Security April 28, 2015.

Take the Red Pill: Becoming One with Your Computing Environment using Security Intelligence

IBM SECURITY QRADAR INCIDENT FORENSICS

IBM Cloud Security Draft for Discussion September 12, IBM Corporation

Lunch and Learn: BlueMix to Mainframe making development accessible in the

Protecting against cyber threats and security breaches

Strengthen security with intelligent identity and access management

The webinar will begin shortly

Powering Security and Easy Authentication in a Multi-Channel World

Beyond passwords: Protect the mobile enterprise with smarter security solutions

IBM Security QRadar Risk Manager

Developing in the Cloud Environment. Rosalind Radcliffe IBM Distinguished Engineer, IBM Academy of Technology

IBM Security QRadar Risk Manager

Rational Asset Manager 7.2 Editions and Licensing

Under the Hood of the IBM Threat Protection System

IBM Security Systems Support

Introducing IBM s Advanced Threat Protection Platform

How to Choose the Right Security Information and Event Management (SIEM) Solution

Web application security Executive brief Managing a growing threat: an executive s guide to Web application security.

Cloud Security Who do you trust?

Security for a Smarter Planet IBM Corporation All Rights Reserved.

IBM Security Privileged Identity Manager helps prevent insider threats

Security strategies to stay off the Børsen front page

Introduction to PCI DSS

Cloud Security. Peter Jopling IBM UK Ltd Software Group Hursley Labs. peterjopling IBM Corporation

Securing the Cloud with IBM Security Systems. IBM Security Systems IBM Corporation IBM IBM Corporation Corporation

IBM Tivoli Federated Identity Manager

Cloud Security Who do you trust?

QRadar SIEM 7.2 Windows Event Collection Overview

IBM Security Intrusion Prevention Solutions

identity as the new perimeter: securely embracing cloud, mobile and social media agility made possible

Simplify security management in the cloud

journey to a hybrid cloud

How Safe are you in your Cloud?

IBM Security. Managed Security Services. SOC Poland / GSOC. Damian Staroscic Security Operations Center (SOC) Manager.

AMPLIFYING SECURITY INTELLIGENCE

C05 Discovery of Enterprise zsystems Assets for API Management

Securing the mobile enterprise with IBM Security solutions

IBM Security QRadar Vulnerability Manager

IBM Security X-Force Threat Intelligence

IBM Innovate AppScan: Introducin g Security, a first. Bobby Walters Consultant, ATSC bwalters@atsc.com Application Security & Compliance

IBM Advanced Threat Protection Solution

Authentication Strategy: Balancing Security and Convenience

IBM Security IBM Corporation IBM Corporation

Requirements Management im Kontext von DevOps

Cloud Security. Vaughan Harper IBM Security Architect

Business Process Management and Cloud Computing

Implementing Software- Defined Security with CloudPassage Halo

IBM Software Cloud service delivery and management

Cloud, where are we? Mark Potts, HP Fellow, CTO Cloud November 2014

Single Sign-on (SSO) technologies for the Domino Web Server

Unmasking Virtualization Security. Eric A. Hibbard, CISSP, CISA Hitachi Data Systems

defending against advanced persistent threats: strategies for a new era of attacks agility made possible

IBM QRadar Security Intelligence Platform appliances

How To Protect Your Cloud Computing Resources From Attack

Plan for Success with a Hybrid Cloud! Thanks to IBM Power Systems OpenStack SoftLayer and UrbanCode

IBM Security. Alle Risiken im Blick und bessere Compliance Kumulierte und intelligente Security Alerts mit QRadar Security Intelligence

L evoluzione del Security Operation Center tra Threat Detection e Incident Response & Management

Technology and Trends for Smarter Business Analytics

SOLUTION BRIEF SEPTEMBER Healthcare Security Solutions: Protecting your Organization, Patients, and Information

Harnessing the power of software-driven innovation. Martin Nally IBM Rational CTO IBM Fellow and VP

Cloud-Security: Show-Stopper or Enabling Technology?

How To Protect Your Cloud From Attack

Security Intelligence Solutions

Realizing business flexibility through integrated SOA policy management.

How to Grow and Transform your Security Program into the Cloud

Tivoli Automation for Proactive Integrated Service Management

Proactively Secure Your Cloud Computing Platform

What new with Informix Software as a Service and Bluemix? Brian Hughes IBM

Cloud Customer Architecture for Web Application Hosting, Version 2.0

IBM Security QRadar Vulnerability Manager Version User Guide

IBM Security QRadar SIEM Product Overview

Transcription:

Addressing Security for Hybrid Cloud Sreekanth Iyer Executive IT Architect IBM Cloud (CTO Office) Email : sreek.iyer@in.ibm.com Twitter: @sreek Blog: http://ibm.co/sreek July 18, 2015

Cloud is rapidly transforming the enterprise Data archive HR, CRM, SCM 100+ 100+ IBM IBM Offerings Offerings Online website IaaS Infrastructure services PaaS Development services SaaS Business applications App development Traditional Enterprise IT External Stakeholders Private Cloud Public Cloud

Clients security objectives reflect their Cloud adoption Securely connect and consume Cloud business applications (SaaS) Services Organization Security Responsibilities and Objectives Software as a Service (SaaS) CxOs (CIO, CMO, CHRO,...) Complete visibility to enterprise SaaS usage and risk profiling Governance of user access to SaaS and identity federation Securely migrate workloads and applications to Cloud (IaaS, PaaS) Platform as a Service (PaaS) Infrastructure as a Service (IaaS) Application teams, LOBs CIO, IT teams Enable developers to compose secure cloud applications and APIs, with enhanced user experience Visibility and protection against fraud and applications threats Protect the cloud infrastructure to securely deploy workloads and meet compliance objectives Have full operational visibility across hybrid cloud deployments, and govern usage

Traditional perimeter based security controls Trusted Intranet DMZ Untrusted Internet Online Banking Application Employee Application 4

are changing to security centered around applications and data Cloud Local (IaaS/PaaS) Trusted Intranet DMZ Untrusted Internet Investment API Services Consume Apps and Services (SaaS) Online Banking Application Build and Deliver Apps, Services (PaaS) Apps, APIs Services Employee Application Leverage Public Clouds (IaaS) 5

Cloud presents the opportunity to radically transform security practices Traditional Security Manual, static, and reactive Dynamic Cloud Security Standardized, automated, agile, and elastic Cloud security is not only achievable, it is an opportunity to drive the business, improve defenses and reduce risk

Clients focus on three imperatives for improving security How can I understand who is accessing the cloud from anywhere, at anytime? How can I fix vulnerabilities and defend against attacks before they re exploited? How can I obtain a comprehensive view of cloud and traditional environments? Govern the usage of cloud Protect workloads and data in the cloud Detect threats with visibility across clouds Going to the cloud gives me a single choke point for all user access it provides much more control. Cloud gives me security APIs and preconfigured policies to help protect my data and workloads I can take advantage of centralized cloud logging and auditing interfaces to hunt for attacks.

We see three key cloud scenarios to help our customers Cloud Security Capabilities Client Consumption Models SaaS: Secure usage of business applications Bluemix PaaS: Secure service composition and apps Manage Access Manage identities and govern user access Protect Data Protect infrastructure, applications, and data from threats Gain Visibility Auditable intelligence on cloud access, activity, cost and compliance Security SaaS APIs Virtual Appliances Managed Security Services Professional Security Services IaaS: Securing infrastructure and workloads

Examples - Enterprise hybrid cloud adoption requires integrated security solutions Manage Access Protect Data Gain Visibility Software as a service (SaaS) Enable employees to connect securely to SaaS SaaS access governance Identity federation Secure connectivity and data movement to SaaS Data tokenization Secure proxy to SaaS Application control Monitoring and risk profiling of enterprise SaaS usage Monitor SaaS usage Risk profiling of SaaS apps Compliance reporting Integrate identity and access into services and applications Build and deploy secure services and applications Log, audit at service and application level Platform as a Service (PaaS) DevOps access management Authentication and authorization APIs Database encryption App security scanning Threat and Fraud protection Monitor application, services and platform Service vulnerabilities Compliance reporting Manage cloud administration and workload access Protect the cloud infrastructure to securely deploy workloads Security monitoring and intelligence Infrastructure as a Service (IaaS) Privileged admin management Access management of web workloads Storage encryption Network protection firewalls, IPS Host security, vulnerability scanning Monitor hybrid cloud infrastructure Monitor workloads Log, audit, analysis and compliance reporting Note: Listed capabilities in the above table are examples of capabilities, and not a comprehensive list

Structured Approach to Cloud Security IaaS PaaS SaaS IBM Cloud Security Manage Access Protect Data Gain Visibility Optimize Security Operations

Securing Cloud JKE Scenario 11

Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY. www.ibm.com/security Copyright IBM Corporation 2015. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information