Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
The Benefits of Classifying Data and Understanding Cloud Options
1. The Benefits of the Clouds
or
Avoiding The Cloud Trap!
Adrius42
Recording some of the Jericho
Forum thinking as it is Thunk!
2. F I R S T C L A S S I F Y Y O U R D A T A !!!
Determine what rules MUST apply to it.
Must it only exist in specific trust levels?
Then decide to which type of
For example can it leave Europe?
Does it have to stay in Safemove
Cloud you want to Harbours?
Must it stay in Europe?
We need a universal data classification model that is simple (cf G8 TLP)
We need a recognised trust level standard for all aspects of computing
We need standardised meta data that signals to “cloud security” the data’s security needs
7. For all Clouds are not equal...
<<<< Same old Traditional Approach
Massively Scalable
Manual
System Recovery
Fully automated
Tapes sent by Truck System Redundancy
Data Backup and
Fully automated
Recovery variable risk
Data Backup and
Self owned Disk Storage Recovery
Data Redundancy ...sometimes
Fully automated
Data Redundancy
Warmish Back up Data Centre
For Disaster Recovery
Fully automated
Significant switching impact
Disaster Recovery
And testing costs
Full on Clouds this way >>>>>
9. Cloud Layers
Outcome / Value
Security and IdAM
Ab s tr a c t Io n o cc u r s h er e!
Last!
Orchestration
Process
3rd
Software
2nd
Platform
1st
Infrastructure
16. Cloud Forms
External
Deperimeterised
Internal
Perimeterised
Proprietary Open
We need inter cloud “IPI” standards... especially those that enable Collaboration.
IPI=“Information Programming Interface” There has to be a better name!!!
17. Cloud Patterns
External
Deperimeterised
Internal
Perimeterised
Proprietary Open
Recognise some pathways between Clouds will be easier to enable than others!
19. ...and ”then” ensure the
controls you require are
available in the Clouds...
...Oops!!!
You mean
“Cloud Security Central”
doesn’t exist?
20. Cloud Layers
Outcome / Value
Security and IdAM
Ab s tr a c t Io n o cc u r s h er e!
Last!
Orchestration
Process
3rd
Software
2nd
Platform
1st
Infrastructure
Cloud Maturity Scale
21. We haven’t even identified all
the needs yet.
Bread Crumb Detector
Bread Crumb Hoover
Cloud Identity Services
and their Providers
What about Trust Levels?
22. Proposed Individual Trust Levels
Trust Intent Impact Trust Level Authentication Physical
Level Label Activity World equiv
T0 Stay None Anonymous None -
Unidentified
T1 Self Insignificant Self Asserted None Pseudonym
Assertion*
T2 Proof Minor Document Verified Authenticated: Proof of Abode
of Identity Name, Address, Age Electricity Bill
T3 T2+ Ability Major Legally/ Financially Authenticate Credit Credit Card
to Commit Verified Worthiness and
/ Pay Payment Method
1Pay* Ability to Pay Varied Single use Authenticate Credit
a single Financially Worthiness and Single Cash
transaction Verified Use Payment Method
T4 T2+ Material Government Government Passport
Gov Id Verified
T5 Protect Catastrophic Military Grade Positive Vetting Security
Lives Clearance
*1Pay: Can be appended to any Trust Level