Data Risk Management: ISM Ground to Cloud Summit accelerate your ambition 1
John Jones Branch Practice Manager Networking, Communications & Security Solutions John.Jones@dimensiondata.com Justin Evans Solution Architect Justin.Evans@dimensiondata.com accelerate your ambition 2
Topics Cloud model security considerations Dimension Data Government Cloud Cloud Computing Risks and management Security & our Global Cloud Platform Government Community Cloud
Cloud Computing Risks & Management
The Notorious Nine Risk Matrix The Notorious Nine Risk Profile Source: https://cloudsecurityalliance.org/download/the-notorious-nine-cloud-computing-top-threats-in-2013/ accelerate your ambition 5
ASD Cloud Computing Security Considerations Source: http://asd.gov.au/publications/protect/cloud-security-tenants.htm accelerate your ambition 6
Just a thought. Can you categorically state that you have full visibility of cloud consumption in your organisation - TODAY?
Cloud Security Alliance Cloud Controls Matrix Guiding security principles to assess risk Delineates control guidance between providers and consumers Controls framework across 16 domains Differentiated controls based on cloud models Controls cross-referenced to other best practice standards and frameworks Source: https://cloudsecurityalliance.org/research/ccm/
Cross-reference Controls to best practice Governance Frameworks Some examples: ISO27001:2013 ENISA Information Assurance HIPAA / HITECH NIST COBIT PCI DSS Source: https://cloudsecurityalliance.org/research/ccm/ accelerate your ambition 9
CSA Control Framework Domains Source: https://cloudsecurityalliance.org/research/ccm/ accelerate your ambition 10
Controls Cloud Model - Governance accelerate your ambition 11
ASD Security Controls Framework Source: http://asd.gov.au/infosec/ism/index.htm accelerate your ambition 12
Governance Protection Dimension Data s Framework for Cloud Security Cloud Infrastructure Cloud Services Enhanced Security Controls Data Protection and Reporting Service Level, Certification and Policies Discovery, Assessment and Governance
Governance Protection Dimension Data s Framework for Cloud Security Cloud Infrastructure Cloud Services Enhanced Security Controls Data Protection and Reporting ASD ISM, Cloud Security Considerations CSA Cloud Control Matrix Service Level, Certification and Policies Discovery, Assessment and Governance
Governance Protection Dimension Data s Framework for Cloud Security Cloud Infrastructure Cloud Services Enhanced Security Controls ASD ISM, Cloud Security Considerations CSA Cloud Control Matrix Data Protection and Reporting ASD ISM & irap CSA Cloud Control Matrix & STAR Other Governance Frameworks Service Level, Certification and Policies Discovery, Assessment and Governance
Risk Control & Management Summary CSA CCM DD CSF ASD ISM accelerate your ambition 16
Cloud Security Considerations Deployment and Delivery Models
Definition of Cloud Source: www.cloudsecurityalliance.org accelerate your ambition 18
Shared Responsibility Source:www.cloudsecurityalliance.org accelerate your ambition 19
Risk Matrix for Canberra Clients Delivery & Deployment Models SaaS Highest Risk Highest Risk Medium Risk Lowest Risk Delivery PaaS Highest Risk Highest Risk Medium Risk Lowest Risk IaaS Highest Risk Medium Risk Lowest Risk Lowest Risk Public Hybrid Community Private Deployment accelerate your ambition 20
Security & Dimension Data s Global Managed Cloud Platforms
Dimension Data s Managed Cloud Platform TM (MCP) Global Footprint Toronto London Amsterdam Santa Clara Ashburn (x3) Germany Hong Kong Tokyo Sao Paulo Singapore Canberra Sydney Johannesburg Primary Cloud Control Locations Child Sites Managed Cloud Platform Melbourne Auckland
Government Community Cloud Geo Design Santa Clara MCP London MCP Tokyo MCP Sydney MCP Canberra MCP Cloud Control Public Geo s Government Geo accelerate your ambition 23
Dimension Data Government Community Cloud & Security
Government Community Cloud Outcomes Evaluate, migrate, integrate and operate mission-critical workloads Improve Agility Reduce Cost Manage Risk Time to market Flexibility Auto-scaling Faster innovation Self-service Lower upfront costs Usage pricing Automation Less downtime Virtualization Security Compliance Standardization Business Continuity Readiness Integration and migration accelerate your ambition 25
Government Community Cloud Security by Design Santa Clara MCP London MCP Tokyo MCP Sydney MCP Canberra MCP SOC 1 - SSAE 16 Type 2 PCI DSS ROC ISO27001:2013 (November) CSA STAR for IaaS, PaaS (Pending) irap ISM (Pending) accelerate your ambition 26
Dimension Data Secure Network Options Cloud Private Network Connection (CPNC) External Internet Client SIG or Dimension Data SIG Client Secure Network CPNC accelerate your ambition 27
Government Community Cloud Summary Secure by design Dedicated platform for Government ONLY Industry & Government security best practice Leverages global security frameworks Direct connections to platform via secure dedicated links Local presence in Canberra in a secure facility ISM irap progressing Available for use NOW use ISM control 1396 in interim accelerate your ambition 28
Feedback Please fill out your evaluation forms Question accelerate your ambition 29
Thank You Ground to Cloud Summit accelerate your ambition 30