Security Landscape of Cloud Computing

Similar documents
Estrategias para la Reducción de Riesgos y Ciber Ataques

Kenneth Hee Director, Business Development Security & Identity Management. Oracle Identity Management 11g R2 Securing The New Digital Experience

Cloud Data Security. Sol Cates

Oracle Privileged Account Manager 11gR2. Karsten Müller-Corbach

Identity & Access Management The Cloud Perspective. Andrea Themistou 08 October 2015

Privilege Gone Wild: The State of Privileged Account Management in 2015

Privilege Gone Wild: The State of Privileged Account Management in 2015

WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales

Cloud Security: Evaluating Risks within IAAS/PAAS/SAAS

2012 雲 端 資 安 報 告. 黃 建 榮 資 深 顧 問 - Verizon Taiwan. August 2012

VMware Building Many Bridges to the Cloud

Security Issues in Cloud Computing

Data-Centric Security vs. Database-Level Security

2010 Data Breach Investigations Report

Managing Cloud Computing Risk

On Premise Vs Cloud: Selection Approach & Implementation Strategies

Securing Privileges in the Cloud. A Clear View of Challenges, Solutions and Business Benefits

Oracle Cloud Computing Strategy

International Journal of Innovative Technology & Adaptive Management (IJITAM) ISSN: , Volume-1, Issue-5, February 2014

Overview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin

Cloud Security and Managing Use Risks

Virginia Government Finance Officers Association Spring Conference May 28, Cloud Security 101

Anatomy of a Cloud Computing Data Breach

10/25/2012 BY VORAPOJ LOOKMAIPUN CISSP, CISA, CISM, CRISC, CEH Agenda. Security Cases What is Cloud? Road Map Security Concerns

Cloud Security Keeping Data Safe in the Boundaryless World of Cloud Computing

Big Data, Cloud Computing, Spatial Databases Steven Hagan Vice President Server Technologies

SOLUTION BRIEF SEPTEMBER Healthcare Security Solutions: Protecting your Organization, Patients, and Information

Hayri Tarhan, Sr. Manager, Public Sector Security, Oracle Ron Carovano, Manager, Business Development, F5 Networks

<Insert Picture Here> Cloud Computing Strategy

Copyright 2014, Oracle and/or its affiliates. All rights reserved.

How To Protect Your Cloud Computing Resources From Attack

RSA Solution Brief RSA. Encryption and Key Management Suite. RSA Solution Brief

Addressing Security for Hybrid Cloud

Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) 2014: 245 incidents reported

Overview of Microsoft Enterprise Mobility Suite (EMS) Cloud University

Cloud for Credit Unions Leveraging New Solutions to Increase Efficiency & Reduce Costs Presented by: Hugh Smallwood, Chief Technology Officer

Web Application Hosting Cloud Solution Architecture.

The 7 Tenets of Successful Identity & Access Management

Security, Compliance & Risk Management for Cloud Relationships. Adnan Dakhwe, MS, CISA, CRISC, CRMA Safeway Inc. In-Depth Seminars D32

Securing the Cloud infrastructure with IBM Dynamic Cloud Security

Securing and Auditing Cloud Computing. Jason Alexander Chief Information Security Officer

An Oracle White Paper January Oracle Database Firewall

Cybersecurity: Protecting Your Business. March 11, 2015

Cloud Computing Flying High (or not) Ben Roper IT Director City of College Station

Securing The Cloud With Confidence. Opinion Piece

Cloud and Security (Cloud hacked via Cloud) Lukas Grunwald

A SURVEY OF CLOUD COMPUTING: NETWORK BASED ISSUES PERFORMANCE AND ANALYSIS

Cloud definitions you've been pretending to understand. Jack Daniel, Reluctant CISSP, MVP Community Development Manager, Astaro

Mobile Identity: Improved Cybersecurity, Easier to Use and Manage than Passwords. Mika Devonshire Associate Product Manager

Cloud Security Who do you trust?

Cloud Computing: What needs to Be Validated and Qualified. Ivan Soto

Solving the Security Puzzle

RETHINKING CYBER SECURITY Changing the Business Conversation

Requirements Checklist for Choosing a Cloud Backup and Recovery Service Provider

Cloud Computing Governance & Security. Security Risks in the Cloud

<Insert Picture Here> Enterprise Cloud Computing: What, Why and How

Leveraging the Cloud for Your Business

Cloud Security Through Threat Modeling. Robert M. Zigweid Director of Services for IOActive

Infor CloudSuite. Defense-in-depth. Table of Contents. Technical Paper Plain talk about Infor CloudSuite security

Mitigating Server Breaches with Secure Computation. Yehuda Lindell Bar-Ilan University and Dyadic Security

Cloud Computing in a Government Context

Deploying a Geospatial Cloud

Blending Embedded Hardware OTP, SSO, and Out of Band Auth for Secure Cloud Access

IBM QRadar Security Intelligence April 2013

Cloud Computing Technology

Information Security and Risk Management

Fundamental Concepts and Models

Security strategies to stay off the Børsen front page

identity as the new perimeter: securely embracing cloud, mobile and social media agility made possible

An New Approach to Security. Chris Ellis McAfee Senior System Engineer

Amit Sheth & Ajith Ranabahu, Presented by Mohammad Hossein Danesh

Mobile, Cloud, Advanced Threats: A Unified Approach to Security

FIDO Modern Authentication Rolf Lindemann, Nok Nok Labs

PCI Compliance for Cloud Applications

John Essner, CISO Office of Information Technology State of New Jersey

Vormetric Addendum to VMware Solution Guide for Payment Card Industry Data Security Standard

Security Officer s Checklist in a Sourcing Deal

Transcription:

Security Landscape of Cloud Computing Amrith Nawoor Sales Consulting Team Leader East Africa & SADC 1

This document is for informational purposes. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described in this document remains at the sole discretion of Oracle. This document in any form, software or printed matter, contains proprietary information that is the exclusive property of Oracle. This document and information contained herein may not be disclosed, copied, reproduced or distributed to anyone outside Oracle without prior written consent of Oracle. This document is not part of your license agreement nor can it be incorporated into any contractual agreement with Oracle or its subsidiaries or affiliates. 2

Program Agenda Cloud Computing, Challenges An Inside Out Approach Securing The Cloud Security at Every Layer 3

Customers have multiple options with Cloud Deployment Model Service Model Operating Model Private Applications (SaaS) Customer Owns Customer Operates Public Hybrid Platform (PaaS) Infrastructure (IaaS) Customer Owns Provider Operates Provider Owns Provider Operates 4

Concerns & Challenges Integrating existing applications Interoperability & Portability 5

SECURITY 6

$7B FRAUD 6M LinkedIn Passwords STOLEN Credit Cards 12M STOLEN Sony Société Générale 7

$7B FRAUD 6M Passwords STOLEN Credit Cards 12M STOLEN Sony Société Générale LinkedIn Total Loss from CYBERCRIME 8

1. Brand Decline 2. Regulatory Fines 3. Financial Loss 9

Directive 95/46/EC FERC FIPS SEC KASB 40 % Security Budget Spent on SOX CJIS CA 541 NERC ISO27001 10

on Security response has been reactive, shifted attention away from apps and data 2007 2010 11

$400 $ 500 Endpoint Security Vulnerability Management Network Security Email Security Average Cost of Security Other Security breached Gartner 2010 hacking breached privilege from records against records db web\app servers misuse stolen credentials servers server 12

Hacking Involved Stolen Credentials APPLICATIONS MIDDLEWARE DATABASE OPERATING SYSTEM Breached Records from Web/App Servers Breached Records from Db Servers From Privilege Misuse Verizon Data Breach 2012 SERVERS STORAGE Attacks Against Servers Breaches Against Offline Data Breaches Against File Servers 13

LinkedIn Sony VULNERABILITIES were on the Société Générale 14

MANAGE THE RISKS SECURITY PREVENT THE THREATS INSIDE OUT UNLOCK THE OPPORTUNITIES 15 Insert Information Protection Policy Classification from Slide 11

SECURITY AT EACH LAYER SECURITY BETWEEN LAYERS SECURITY BETWEEN SYSTEMS S E C U R I T Y S E C U R I T Y S E C U R I T Y S E C U R I T Y S E C U R I T Y S E C U R I T Y S E C U R I T Y 16

SECURE THE 17

CONTROL 18

TOP 5 CONCERNS CSO Online Survey 2011 Data access from & Ongoing concerns Co-mingling of Security & 19

Identity Management & Compliance Mobile data access, sign-on and compliance reporting Scalable Repository Complete Access Identity Governance 20

Reduce Risks of Co-mingling Data Secure databases in the cloud Shared database pool Managed in the cloud Consistent & efficient Eliminates data silo complexity Better security & lower cost 21

HARDWARE SECURITY WITHOUT COMPROMISE SOFTWARE 22

DEFENSE IN-DEPTH 23 SECURITY INSIDE OUT SECURE WHAT S STRATEGIC

MANAGE 24

PREVENT 25

UNLOCK 26

27

SECURE YOUR FUTURE 28

Data Security Fraud Detection Compliance Reporting 29

DATA STORAGE APPLICATION & authorization at the database level 30

FRAUD DETECTION 31 Insert Information Protection Policy Classification from Slide 13

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information