Data Risk Management: ISM Ground to Cloud Summit. accelerate your ambition 1

Similar documents

Dimension Data Ground to Cloud Summit. accelerate your ambition 1

Hybrid Cloud for SAP Ground to Cloud Summit. accelerate your ambition 1

A Secure Cloud Platform For egaming

Data, Data, Who Has The Data?

Dimension Data Public Compute-as-a-Service Regional Rate Plan Pricing Options

Cloud Security Certification

Enterprise Cloud Services from Dimension Data. KB Rajendran Head IDC & Cloud Services

A Flexible and Comprehensive Approach to a Cloud Compliance Program

Cloud Security Panel: Real World GRC Experiences. ISACA Atlanta s 2013 Annual Geek Week

Trend Micro Cloud Security for Citrix CloudPlatform

Security, Compliance & Risk Management for Cloud Relationships. Adnan Dakhwe, MS, CISA, CRISC, CRMA Safeway Inc. In-Depth Seminars D32

GRC Stack Research Sponsorship

Molnet öppnar nya möjligheter för kostnadseffektiv IT

Orchestrating the New Paradigm Cloud Assurance

Logically Securing a Public Cloud Service

Securing The Cloud. Foundational Best Practices For Securing Cloud Computing. Scott Clark. Insert presenter logo here on slide master

Deploying Cloud Security Standards The MTCS Experience

Working Group on. First Working Group Meeting

Hans Bos Microsoft Nederland.

Cloud Security Introduction and Overview

The Cloud Security Alliance

IBM Cloud :Infrastructure-as-a-Service

How To Protect Your Cloud From Attack

With Eversync s cloud data tiering, the customer can tier data protection as follows:

Infrastructure, application services, and managed services - all in a single, integrated platform CENTURYLINK S END-TO-END MANAGEMENT SOLUTIONS:

Cloud and Regulations: A match made in heaven, or the worst blind date ever?

PCI Compliance and the Cloud: What You Can and What You Can t Outsource Presented By:

How To Use An Ibm Cloud Server For Business

Cloud Services for Connected Government (CSfM) Ground to Cloud Summit

Cloud models and compliance requirements which is right for you?

Cloud Provider Solutions

Security in the Cloud

Mohamed Sayed SGI Cloud Executive Middle East & Africa. IBM ITIDA MoU WUP12370-USEN IBM Corporation

How To Write A Cloud Computing Plan

Robert Brammer. Senior Advisor to the Internet2 CEO Internet2 NET+ Security Assessment Forum. 8 April 2014

Build and Manage Private and Hybrid Cloud. Urban Järund, Sr Regional Services Manager Nordics, Red Hat

2014 HIMSS Analytics Cloud Survey

Information Security ISO Standards. Feb 11, Glen Bruce Director, Enterprise Risk Security & Privacy

Cloud Security Alliance and Standards. Jim Reavis Executive Director March 2012

IT Cloud / Data Security Vendor Risk Management Associated with Data Security. September 9, 2014

Cloud Architecture and Management. M.I. Deen General Manager (Enterprise Solutions) Sri Lanka Telecom

Addressing Enterprise Needs with a Software Defined Network Platform

Dell Cloud Services. Services

Realising possibilities in the cloud: The need for a trusted broker

TOOLS and BEST PRACTICES

Financial services perspectives on the role and real impact of cloud

IBM SoftLayer Cloud - fleksibel infrastruktur i skyen - perfekt til hybrid cloud

How To Build Trust In The Cloud

Cloud Security considerations for business adoption. Ricci IEONG CSA-HK&M Chapter

Global Efforts to Secure Cloud Computing

Cloud Security. DLT Solutions LLC June #DLTCloud

Compliance and the Cloud: What You Can and What You Can t Outsource

Building an Effective

Virtualization and IaaS management

Microsoft s Datacenter Best Practices. Darryl Chantry Datacenter Solutions Architect Worldwide Datacenter Center of Excellence

A Comparison of IT Governance & Control Frameworks in Cloud Computing. Jack D. Becker ITDS Department, UNT & Elana Bailey

We keep internet traffic flowing Frank Ip VP of Marketing and Business Development

Securing the Cloud with IBM Security Systems. IBM Security Systems IBM Corporation IBM IBM Corporation Corporation

Hybrid and Multi Cloud Deployments Via Cloud Exchange

Microsoft Azure. The cloud platform built for business. Tarmo Tikerpäe DC SSP Microsoft

CHAPTER 8 CLOUD COMPUTING

SAS CLOUD ANALYTICS MAY 2015

BUILDING A SUCCESSFUL ROADMAP TO THE CLOUD

Building the Business Case for Cloud: Real Ways Private Cloud Can Benefit Your Organization

Selecting a Cloud Service Provider (CSP)

WHITE PAPER. Five Steps to Better Application Monitoring and Troubleshooting

Cloud Computing and Standards

Cloud vision and capabilities

OWASP Chapter Meeting June Presented by: Brayton Rider, SecureState Chief Architect

IBM Cloud Security Draft for Discussion September 12, IBM Corporation

A view from the Cloud Security Alliance peephole

Dimension Data Cloud Services

Cloud Procurement Discussion Paper. For Comment

IDENTITY & ACCESS MANAGEMENT IN THE CLOUD

Cloud Channel Summit #RCCS15

Cloud Security and Managing Use Risks

SUPPLY CHAIN ASSURANCE FRAMEWORK: THE SUPPLY CHAIN STANDARDS TRANSLATOR

Accelerating Cloud adoption with Security Level Agreements automation, monitoring and industry standards compliance

Global Efforts to Secure Cloud Computing. Jason Witty President, Cloud Security Alliance Chicago

How To Protect Your Cloud From Attack

10 Considerations for a Cloud Procurement. Anthony Kelly Erick Trombley David DeBrandt Carina Veksler January 2015

PARTNER PROGRAMME GUIDE

Cloud Computing demystified! ISACA-IIA Joint Meeting Dec 9, 2014 By: Juman Doleh-Alomary Office of Internal Audit

Journey to the Cloud and Application Release Automation Shane Pearson VP, Portfolio & Product Management

Datamation. Find the Right Cloud Computing Solution. Executive Brief. In This Paper

PRODUCTS & SERVICES EQUINIX CLOUD EXCHANGE

The Need for Service Catalog Design in Cloud Services Development

Top 10 reasons to move to the cloud

SoftLayer: Introduction

Four steps to improving cloud security and compliance

Financial Institutions and the cloud: moving from BAU to business transformation

Security Considerations for the Cloud

CLOUD IN HEALTHCARE EXECUTIVE SUMMARY 1/21/15

Cloud Security Benchmark: Top 10 Cloud Service Providers Appendix A E January 5, 2015

Cloud Security. Nantawan Wongkachonkitti Electronic Government Agency, Thailand Cloud Security Alliance, Thailand Chapter October 2014

Softlayer. Team-Enablement. An IBM company. 5th September IBM Corporation

CONTROLLING CLOUDS: BEYOND SAFETY

Online Backup Service Definition

INTRODUCING CLOUD POWER

VIRTUALIZING BUSINESS-CRITICAL APPS. Maximizing Business Value: Strategies for Virtualizing Business-Critical Applications

Transcription:

Data Risk Management: ISM Ground to Cloud Summit accelerate your ambition 1

John Jones Branch Practice Manager Networking, Communications & Security Solutions John.Jones@dimensiondata.com Justin Evans Solution Architect Justin.Evans@dimensiondata.com accelerate your ambition 2

Topics Cloud model security considerations Dimension Data Government Cloud Cloud Computing Risks and management Security & our Global Cloud Platform Government Community Cloud

Cloud Computing Risks & Management

The Notorious Nine Risk Matrix The Notorious Nine Risk Profile Source: https://cloudsecurityalliance.org/download/the-notorious-nine-cloud-computing-top-threats-in-2013/ accelerate your ambition 5

ASD Cloud Computing Security Considerations Source: http://asd.gov.au/publications/protect/cloud-security-tenants.htm accelerate your ambition 6

Just a thought. Can you categorically state that you have full visibility of cloud consumption in your organisation - TODAY?

Cloud Security Alliance Cloud Controls Matrix Guiding security principles to assess risk Delineates control guidance between providers and consumers Controls framework across 16 domains Differentiated controls based on cloud models Controls cross-referenced to other best practice standards and frameworks Source: https://cloudsecurityalliance.org/research/ccm/

Cross-reference Controls to best practice Governance Frameworks Some examples: ISO27001:2013 ENISA Information Assurance HIPAA / HITECH NIST COBIT PCI DSS Source: https://cloudsecurityalliance.org/research/ccm/ accelerate your ambition 9

CSA Control Framework Domains Source: https://cloudsecurityalliance.org/research/ccm/ accelerate your ambition 10

Controls Cloud Model - Governance accelerate your ambition 11

ASD Security Controls Framework Source: http://asd.gov.au/infosec/ism/index.htm accelerate your ambition 12

Governance Protection Dimension Data s Framework for Cloud Security Cloud Infrastructure Cloud Services Enhanced Security Controls Data Protection and Reporting Service Level, Certification and Policies Discovery, Assessment and Governance

Governance Protection Dimension Data s Framework for Cloud Security Cloud Infrastructure Cloud Services Enhanced Security Controls Data Protection and Reporting ASD ISM, Cloud Security Considerations CSA Cloud Control Matrix Service Level, Certification and Policies Discovery, Assessment and Governance

Governance Protection Dimension Data s Framework for Cloud Security Cloud Infrastructure Cloud Services Enhanced Security Controls ASD ISM, Cloud Security Considerations CSA Cloud Control Matrix Data Protection and Reporting ASD ISM & irap CSA Cloud Control Matrix & STAR Other Governance Frameworks Service Level, Certification and Policies Discovery, Assessment and Governance

Risk Control & Management Summary CSA CCM DD CSF ASD ISM accelerate your ambition 16

Cloud Security Considerations Deployment and Delivery Models

Definition of Cloud Source: www.cloudsecurityalliance.org accelerate your ambition 18

Shared Responsibility Source:www.cloudsecurityalliance.org accelerate your ambition 19

Risk Matrix for Canberra Clients Delivery & Deployment Models SaaS Highest Risk Highest Risk Medium Risk Lowest Risk Delivery PaaS Highest Risk Highest Risk Medium Risk Lowest Risk IaaS Highest Risk Medium Risk Lowest Risk Lowest Risk Public Hybrid Community Private Deployment accelerate your ambition 20

Security & Dimension Data s Global Managed Cloud Platforms

Dimension Data s Managed Cloud Platform TM (MCP) Global Footprint Toronto London Amsterdam Santa Clara Ashburn (x3) Germany Hong Kong Tokyo Sao Paulo Singapore Canberra Sydney Johannesburg Primary Cloud Control Locations Child Sites Managed Cloud Platform Melbourne Auckland

Government Community Cloud Geo Design Santa Clara MCP London MCP Tokyo MCP Sydney MCP Canberra MCP Cloud Control Public Geo s Government Geo accelerate your ambition 23

Dimension Data Government Community Cloud & Security

Government Community Cloud Outcomes Evaluate, migrate, integrate and operate mission-critical workloads Improve Agility Reduce Cost Manage Risk Time to market Flexibility Auto-scaling Faster innovation Self-service Lower upfront costs Usage pricing Automation Less downtime Virtualization Security Compliance Standardization Business Continuity Readiness Integration and migration accelerate your ambition 25

Government Community Cloud Security by Design Santa Clara MCP London MCP Tokyo MCP Sydney MCP Canberra MCP SOC 1 - SSAE 16 Type 2 PCI DSS ROC ISO27001:2013 (November) CSA STAR for IaaS, PaaS (Pending) irap ISM (Pending) accelerate your ambition 26

Dimension Data Secure Network Options Cloud Private Network Connection (CPNC) External Internet Client SIG or Dimension Data SIG Client Secure Network CPNC accelerate your ambition 27

Government Community Cloud Summary Secure by design Dedicated platform for Government ONLY Industry & Government security best practice Leverages global security frameworks Direct connections to platform via secure dedicated links Local presence in Canberra in a secure facility ISM irap progressing Available for use NOW use ISM control 1396 in interim accelerate your ambition 28

Feedback Please fill out your evaluation forms Question accelerate your ambition 29

Thank You Ground to Cloud Summit accelerate your ambition 30