SlideShare ist ein Scribd-Unternehmen logo

AWS Summit 2011: Cloud Compliance 101: No PhD required - SafeNet

Amazon Web Services
Amazon Web Services
TechnologieBusiness
1 von 24
Downloaden Sie, um offline zu lesen
Cloud Compliance 101: No PhD Required Cloud Computing forces the Data Governance Issue Mike Smart Insert Your Name Solutions Marketing Director Insert Your Title Mike.Smart@safenet-inc.com Insert Date - twitter @rmsmart007 June 2011
Agenda Cloud What the The Bringing Questions Adoption – Regulations Solving the Compliance Predictive and on the Say (or Problem Problem Focus Answers move… Don’t) 2
Cloud delivery models – all at once! Traditional Virtualizated Data Center Enterprise Private Cloud Public Cloud Community & Hybrid Clouds
Global Cloud Adoption – Moving fast… * Gartner July 2010 – Cloud Hype Cycle 4
Market Growth in Cloud Computing Over 60% of enterprises plan to evaluate or pilot Server revenue in the public some type of cloud-enabled offerings within the cloud category will grow next 18 months. However, enterprises continue to from $582 million in 2009 to delay cloud adoption due to concerns surrounding data security, privacy and compliance $718 million in 2014; Server (Gartner Hype Cycle for Cloud Computing, 2010, David revenue for the private cloud Mitchell Smith, July 27, 2010) market will grow from $7.3 billion to $11.8 billion (IDC, May 2010) SMB spending on cloud computing will approach $100 billion by 2014 (AMI Partners, August 2010)
EMEA & Cloud – Growth Starting 2011… Source: 451Group Source: 451Group USA EMEA Americas Europe APAC
UK’s Cloud Guidance & Governance Government ICT Strategy - March 2011 http://www.cabinetoffice.gov.uk/content/government-ict-strategy 2. The government Cloud (g-Cloud) - Rationalizing the government ICT estate, using cloud computing to increase capability and security, reduce costs and accelerate deployment speeds. Cloud 3. The Data Centre Strategy - Rationalizing data centers to reduce costs while Direction increasing resilience and capability. Set… 4. The government applications Store (g-aS) - Enabling faster procurement, greater innovation, higher speed to deliver outcomes and reduced costs. 5. Shared services, moving systems to the government Cloud - Continually moving to shared services delivered through the government Cloud for common activities. Cloud Computing Security – December 2010 It is good practice to encrypt the data prior to it being transferred to the online services company. This should render the data useless to any hackers and snoopers without the key, regardless of the jurisdiction it is in or who is processing it. Modern techniques increasingly allow processing operations to be carried out whilst maintaining the security and integrity of the data. 7
Trust is THE issue! IT Security is stopping projects. Compliance/Audit has tons of questions. Cloud growth IS being limited. All the birds are dead. IT Security Group: The cloud isn’t secure. I don’t trust Providers. I don’t know how to secure that thing! Compliance Audit Group: Show me your security. Prove compliance in Clouds. Convince me! 8
Cloud Security Challenges User ID and Access: Secure Authentication, Authorization, Logging  Fundamental Trust & Liability Issues Data Co-Mingling: Multi-tenant data mixing, leakage, ownership • Data exposure in multi-tenant environments Application Vulnerabilities: Exposed vulnerabilities and response • Separation of duties from cloud Insecure Application APIs: Application injection and tampering provider insiders Data Leakage: Isolating data • Transfer of liability by cloud Platform Vulnerabilities: Exposed vulnerabilities and response providers to data owners Insecure Platform APIs: Instance manipulation and tampering  Fundamental New Cloud Risks Data Location/ Residency: Geographic regulatory requirements • New hypervisor technologies Hypervisor Vulnerabilities: Virtualization vulnerabilities and architectures Data Retention: Secure deletion of data • Redefine trust and attestation Application & Service Hijacking: Malicious application usage in cloud environments  Privileged Users: Super-user abuse Regulatory Uncertainty in the Cloud Service Outage: Availability • Regulations likely to require Malicious Insider: Reconnaissance, manipulation, tampering strong controls in the cloud Logging & Forensics: Incident response, liability limitation Perimeter/ Network Security: Secure isolation and access Physical Security: Direct tampering and theft
Trust & Hypervisors Challenge Us to Do Better And encryption hits trust and isolation head-on Pen-test, Web scanning, etc. Scan & Report MFA, IAM integration, entitlement management Authentication/Authorization Code review/scan, newlists, Vulnerability Management developer ed., QA, etc. App/DB/File Encryption, G App/DB/File Data Protection DAM/FAM, Process, etc. CSA Controls A Matrix/ Patch process, newslists, patch Patch Management management P Assessment Questions Telemetry & Reporting New Technology Ground CloudAudit • Centered around Hypervisors Instance Authentication/ Authorization • Or the associated trust boundary Etc. • Encryption the single greatest way to address isolation/ trust Instance Isolation • Will also include building controls into CSP/Hypervisor tools Hypervisor Vulnerability Management VLANs, Firewalls, IPS, NAC, SAS 70 Network Security etc. ISO 27001 Physical Security
Regulations Will Impact Cloud  Many regulations  That often overlap 11
The Truth- You Are On Your Own for Now  Bad News: Confusing Regulatory Landscape • Shared responsibility model- but demarcation is gray • SAS 70 inadequate for common use in evaluating cloud providers • Formal transfer of liability highly likely written into your cloud contract • You will have to have a detailed architecture and API conversation to assess your responsibility  Good News: Everyone Trying to Solve the Problem • XaaS know this, working hard to alleviate • Cloud Security Alliance has Mapping Document
So where do we go from here???  Focus on First Principles • Spirit and intent of regulations • Thoughtful data handling  Sprinkled with the “New” Cloud Issues • These are where regulations will focus • Will be around the new area we discussed before: • Trust and Ownership • Hypervisors • Disclosure and Visibility 13
First Principles and Cloud Challenges Disclosure/Visibility Trust/Ownership Hypervisor Principle Issues Limit use of <sensitive data> Big issue in SaaS, in your control for the most X part in IaaS and PaaS Use secure development practices X Issue in SaaS and PaaS Control access to <sensitive data> Issues in all cases. Issues of user identification, X X X authorization rights, privileged cloud user Encrypt <sensitive data> in transit X Most likely already addressed, but customer to X cloud, intracloud communication can be an issue Optional <sensitive data> encrypt at rest Huge issue in data sitting in the cloud, across all X X platforms. Keep <sensitive data> confidential Main issue is guaranteeing the “trust” in data X X X when you don’t “trust” the cloud. Keep the integrity of <sensitive data> Main issue is guaranteeing the “trust” in data X X X when you don’t “trust” the cloud. Enforce separation of duties of Fundemenal issue of cloud employee and cloud administrator access. Extends to both physical <sensitive data> access and X X X and logical security. Invokes separation of duties administration issues around all controls. Report and audit your controls for X Can you prove it to your auditor. 14
Emergence of Encryption as a Unifying Cloud Security Control  Encryption is a fundamental technology for realizing cloud security • Isolate data in multi-tenant environments • Recognized universally by analysts and experts and underlying control for cloud data • Sets a high-water mark for demonstrating regulatory compliance adherence for data  Moves from Data Center tactic to Cloud strategic solution • Physical controls, underlying trust in processes, and isolation mitigated some use of encryption • Mitigating trust factors that don’t exist in the cloud.
How Encryption Solves Main Pain Points Disclosure/Visibility Trust/Ownership Hypervisor Principle Issues Limit use of <sensitive data> Big issue in SaaS, in your control for the most X part in IaaS and PaaS Use secure development practices X Issue in SaaS and PaaS Control access to <sensitive data> Encryption enables authentication and authorizationuser identification, X X X Issues in all cases. Issues of layer. authorization rights, privileged cloud user Encrypt <sensitive data> in transit X Most likely already addressed, but customer to cloud, intracloud communication can be an issue Optional <sensitive data> encrypt at rest Encryption directly addresses manyin data sitting in the cloud, across all Huge issue regulator requirements. Shows X standard of care. platforms. high X Keep <sensitive data> confidential Main issue is guaranteeing the “trust” in data Encryption fundamentally isolates your data from other tenants in a X cloud environment, shields from unauthorized data breach. share X X when you don’t “trust” the cloud. Keep the integrity of <sensitive data> Encryption inherently provides for integrity controls. “trust” in data X X X Main issue is guaranteeing the when you don’t “trust” the cloud. Enforce separation of duties of Encryption can add additional authentication cloudauthorization layer Fundemenal issue of and employee and cloud administrator access. Extends to both physical for users and administrators. Customer owned encryption definitively <sensitive data> access and X X X and logical security. Invokes separation of duties administration shows separation from cloud. issues around all controls. Encryption Key ownership is tangible proofyour auditor. Can you prove it to to data ownership. Report and audit your controls for X Encrypt/Decrypt actions become easy log and audit proofs. 16
Encryption- Additional Upside “Lawful Order” to Cloud Provider for Data Issue: Cloud provider may turn over your data when another member of the cloud is under criminal investigation. Your data is now viewable to law enforcement. Resolution: Encrypted data unviewable by law enforcement. Law enforcement would have to work through legal channels, under which you have guaranteed rights, to get you to turn over decryption keys. Destruction of Cloud Data Issue: Is data in the cloud ever destroyed? Are you sure? Resolution: Encryption makes data unusable in the cloud. “Key shredding” virtually makes encrypted cloud data unrecoverable Physical Location Issues of Cloud Data Issue: Is cloud data now in new physical locations requiring new regulatory insight, or violates existing regulatory law? Resolution: Encrypted data can be moved anywhere in the cloud, but controlled decryption with proper key release policy can define what localities may use data. 17
SafeNet Trusted Cloud Fabric Maintaining Trust and Control in Virtualized Environments
SafeNet Offering – on AWS SafeNet ProtectV™ and Data Secure, server- and storage-based encryption, and application/database encryption, customers can now protect compliance- impacted data stored and used in cloud environments. ProtectV™Instance enables organizations to encrypt and secure the entire contents of virtual servers, protecting these assets from theft or exposure. ProtectV™Volume enables enterprises to secure entire virtual volumes in the cloud containing their data such as files or folders. Data Secure with ProtectApp and ProtectDB enables enterprises to encrypt and prove control over data in applications hosted in the cloud. Delivers: • Data Isolation • Cloud Compliance • Separation of Duties • Pre-Launch Authentication • Multi-tenant Protection 19
SafeNet ProtectV in Amazon AWS Protected Customer AMI SafeNet ProtectV: • Encrypted Volume • Pre-Launch Authentication • Policy + Key Management Amazon • Protected EBS Volumes Amazon EBS EC2 20
SafeNet ProtectV in Amazon AWS! #1 Select SafeNet AMIs • EC2 and VPC • 4 Public Images • Windows 2003/2008, 32/64 bit • Linux April/May • (enable SSL Port 443 access) #2 Set Encryption Options • RDP Local Management Console • Encrypt Local Instance • Encrypt Attached Storage Volumes • Set Encryption Level (AES 256) • Set Secure Pre-Launch Authentication Amazon Amazon EBS EC2 (& VPC) #3 Pre-Launch Authentication • Standard SSL Web Browser Session • Secures at Pre-Boot Level • Authenticate Instance for Launch 21
ProtectV and Scaling in Large Environments ProtectV and ProtectV Manager Cloud APIs Centralized • Authentication Automation Management • Activation/ Snapshot SafeNet ProtectV Manager • Provides centralized management • Supports either customer premise or cloud deployments • Manages and coordinates ProtectV Security • Fully meshed encrypted volumes (enables transparent access) •Open APIs to cloud management, customer provisioning, reporting SafeNet KeySecure (on Premise) •Centralizes key management for persistence and flexibility • Secure key creation and storage • Key discovery • Snapshot re-keying • Key archiving and shredding
Additional Resources  Cloud Security Alliance Excellent Vendor Neutral “Penn said that encryption is one of the best ways to secure corporate data in the cloud,  SafeNet Website but “it has to be encryption that the company controls.” www.safenet-inc.com/cloudsecurity “One of the vendors that offers encryption-based cloud security products to companies and government organizations is Maryland-based SafeNet.” “One of the biggest issues our customers are running across is around the Videos concept of trust in the cloud”, said Dean Ocampo, solutions strategy director at SafeNet. “There isn’t a lot of insight among customers in understanding what cloud providers are doing from a security perspective”, he told Infosecurity. White Papers SafeNet Makes Formal Foray into Cloud Security Market with Launch Additional Resources of Trusted Cloud Fabric.” “SafeNet, which has been around since 1993, formally made the jump today from on-premise security to cloud security with the introduction of a new framework designed to extend their established offerings into the cloud. Additionally, they have extended and refined some of their existing services to fit into the public cloud realm via Amazon Web Services.” 23
Questions? Cloud Compliance 101: No PhD Required Mike Smart Insert Your Name Solutions Marketing Director Insert Your Title Mike.Smart@safenet-inc.com Insert Date - twitter @rmsmart007 June 2011

Empfohlen

CCSK, cloud security framework, Indonesia
CCSK, cloud security framework, IndonesiaCCSK, cloud security framework, Indonesia
CCSK, cloud security framework, IndonesiaWise Pacific Venture
 
10 security concerns cloud computing
10 security concerns cloud computing10 security concerns cloud computing
10 security concerns cloud computingHossam Zein
 
Smart, Data-Centric Security for the Post-PC Era
Smart, Data-Centric Security for the Post-PC EraSmart, Data-Centric Security for the Post-PC Era
Smart, Data-Centric Security for the Post-PC EraTrend Micro (EMEA) Limited
 
The Vigilant Enterprise
The Vigilant EnterpriseThe Vigilant Enterprise
The Vigilant EnterpriseBooz Allen Hamilton
 
Cloud Security for U.S. Military Agencies
Cloud Security for U.S. Military AgenciesCloud Security for U.S. Military Agencies
Cloud Security for U.S. Military AgenciesNJVC, LLC
 
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...HyTrust
 
Cloud Computing Security: Government Acquisition Considerations for the Cloud...
Cloud Computing Security: Government Acquisition Considerations for the Cloud...Cloud Computing Security: Government Acquisition Considerations for the Cloud...
Cloud Computing Security: Government Acquisition Considerations for the Cloud...Booz Allen Hamilton
 
Peering Through the Cloud Forrester EMEA 2010
Peering Through the Cloud Forrester EMEA 2010Peering Through the Cloud Forrester EMEA 2010
Peering Through the Cloud Forrester EMEA 2010graywilliams
 

Empfohlen

CCSK, cloud security framework, Indonesia
CCSK, cloud security framework, IndonesiaCCSK, cloud security framework, Indonesia
CCSK, cloud security framework, IndonesiaWise Pacific Venture
 
10 security concerns cloud computing
10 security concerns cloud computing10 security concerns cloud computing
10 security concerns cloud computingHossam Zein
 
Smart, Data-Centric Security for the Post-PC Era
Smart, Data-Centric Security for the Post-PC EraSmart, Data-Centric Security for the Post-PC Era
Smart, Data-Centric Security for the Post-PC EraTrend Micro (EMEA) Limited
 
The Vigilant Enterprise
The Vigilant EnterpriseThe Vigilant Enterprise
The Vigilant EnterpriseBooz Allen Hamilton
 
Cloud Security for U.S. Military Agencies
Cloud Security for U.S. Military AgenciesCloud Security for U.S. Military Agencies
Cloud Security for U.S. Military AgenciesNJVC, LLC
 
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...HyTrust
 
Cloud Computing Security: Government Acquisition Considerations for the Cloud...
Cloud Computing Security: Government Acquisition Considerations for the Cloud...Cloud Computing Security: Government Acquisition Considerations for the Cloud...
Cloud Computing Security: Government Acquisition Considerations for the Cloud...Booz Allen Hamilton
 
Peering Through the Cloud Forrester EMEA 2010
Peering Through the Cloud Forrester EMEA 2010Peering Through the Cloud Forrester EMEA 2010
Peering Through the Cloud Forrester EMEA 2010graywilliams
 
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...Amazon Web Services
 
Bi cloud saa_s
Bi cloud saa_sBi cloud saa_s
Bi cloud saa_sYustinus Malawau
 
Security as a Service Model for Cloud Environment
Security as a Service Model for Cloud EnvironmentSecurity as a Service Model for Cloud Environment
Security as a Service Model for Cloud EnvironmentKaashivInfoTech Company
 
Protecting Data in the Cloud
Protecting Data in the CloudProtecting Data in the Cloud
Protecting Data in the CloudNeil Readshaw
 
Cloud Computing Risk Management (IIA Webinar)
Cloud Computing Risk Management (IIA Webinar)Cloud Computing Risk Management (IIA Webinar)
Cloud Computing Risk Management (IIA Webinar)Brian K. Dickard
 
Cloud security ely kahn
Cloud security ely kahnCloud security ely kahn
Cloud security ely kahnEly Kahn
 
Trend Micro - is your cloud secure
Trend Micro - is your cloud secureTrend Micro - is your cloud secure
Trend Micro - is your cloud secureKappa Data
 
Risk Factory: PCI Compliance in the Cloud
Risk Factory: PCI Compliance in the CloudRisk Factory: PCI Compliance in the Cloud
Risk Factory: PCI Compliance in the CloudRisk Crew
 
Are you ready for the private cloud? [WHITEPAPER]
Are you ready for the private cloud? [WHITEPAPER]Are you ready for the private cloud? [WHITEPAPER]
Are you ready for the private cloud? [WHITEPAPER]KVH Co. Ltd.
 
Cloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter PresentationCloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter PresentationVenkateswar Reddy Melachervu
 
Presd1 10
Presd1 10Presd1 10
Presd1 10Niels Groeneveld
 
Emc keynote 0945 1030
Emc keynote 0945 1030Emc keynote 0945 1030
Emc keynote 0945 1030Chiou-Nan Chen
 
OpenNASA v2.0 Slideshare Large File
OpenNASA v2.0 Slideshare Large FileOpenNASA v2.0 Slideshare Large File
OpenNASA v2.0 Slideshare Large FileMegan Eskey
 
Unleash Business Innovation with the Next Generation of Cloud Computing
Unleash Business Innovation with the Next Generation of Cloud ComputingUnleash Business Innovation with the Next Generation of Cloud Computing
Unleash Business Innovation with the Next Generation of Cloud ComputingSam Garforth
 
Infrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy HiremathInfrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy HiremathClubHack
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityNithin Raj
 
Sukhbir jasuja digital_trends_11
Sukhbir jasuja digital_trends_11Sukhbir jasuja digital_trends_11
Sukhbir jasuja digital_trends_11Hellenic Professionals Informatics Society
 
Demystifying Cloud Contracts And SLAs- ConfidentNOW Webinar Series
Demystifying Cloud Contracts And SLAs- ConfidentNOW Webinar SeriesDemystifying Cloud Contracts And SLAs- ConfidentNOW Webinar Series
Demystifying Cloud Contracts And SLAs- ConfidentNOW Webinar SeriesBhavesh Bhagat, CGEIT, CISM (LION)
 
Asset 1 security-in-the-cloud
Asset 1 security-in-the-cloudAsset 1 security-in-the-cloud
Asset 1 security-in-the-clouddrewz lin
 
Brave new world of encryption v1
Brave new world of encryption v1Brave new world of encryption v1
Brave new world of encryption v1Khazret Sapenov
 
AWS webinar what is cloud computing 13 09 11
AWS webinar what is cloud computing 13 09 11AWS webinar what is cloud computing 13 09 11
AWS webinar what is cloud computing 13 09 11Amazon Web Services
 
AWS Customer Presentation: exfm - How exfm uses AWS and Amazon CloudSearch- A...
AWS Customer Presentation: exfm - How exfm uses AWS and Amazon CloudSearch- A...AWS Customer Presentation: exfm - How exfm uses AWS and Amazon CloudSearch- A...
AWS Customer Presentation: exfm - How exfm uses AWS and Amazon CloudSearch- A...Amazon Web Services
 

Weitere ähnliche Inhalte

Was ist angesagt?

AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...Amazon Web Services
 
Security as a Service Model for Cloud Environment
Security as a Service Model for Cloud EnvironmentSecurity as a Service Model for Cloud Environment
Security as a Service Model for Cloud EnvironmentKaashivInfoTech Company
 
Protecting Data in the Cloud
Protecting Data in the CloudProtecting Data in the Cloud
Protecting Data in the CloudNeil Readshaw
 
Cloud Computing Risk Management (IIA Webinar)
Cloud Computing Risk Management (IIA Webinar)Cloud Computing Risk Management (IIA Webinar)
Cloud Computing Risk Management (IIA Webinar)Brian K. Dickard
 
Cloud security ely kahn
Cloud security ely kahnCloud security ely kahn
Cloud security ely kahnEly Kahn
 
Trend Micro - is your cloud secure
Trend Micro - is your cloud secureTrend Micro - is your cloud secure
Trend Micro - is your cloud secureKappa Data
 
Risk Factory: PCI Compliance in the Cloud
Risk Factory: PCI Compliance in the CloudRisk Factory: PCI Compliance in the Cloud
Risk Factory: PCI Compliance in the CloudRisk Crew
 
Are you ready for the private cloud? [WHITEPAPER]
Are you ready for the private cloud? [WHITEPAPER]Are you ready for the private cloud? [WHITEPAPER]
Are you ready for the private cloud? [WHITEPAPER]KVH Co. Ltd.
 
Cloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter PresentationCloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter PresentationVenkateswar Reddy Melachervu
 
OpenNASA v2.0 Slideshare Large File
OpenNASA v2.0 Slideshare Large FileOpenNASA v2.0 Slideshare Large File
OpenNASA v2.0 Slideshare Large FileMegan Eskey
 
Unleash Business Innovation with the Next Generation of Cloud Computing
Unleash Business Innovation with the Next Generation of Cloud ComputingUnleash Business Innovation with the Next Generation of Cloud Computing
Unleash Business Innovation with the Next Generation of Cloud ComputingSam Garforth
 
Infrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy HiremathInfrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy HiremathClubHack
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityNithin Raj
 
Demystifying Cloud Contracts And SLAs- ConfidentNOW Webinar Series
Demystifying Cloud Contracts And SLAs- ConfidentNOW Webinar SeriesDemystifying Cloud Contracts And SLAs- ConfidentNOW Webinar Series
Demystifying Cloud Contracts And SLAs- ConfidentNOW Webinar SeriesBhavesh Bhagat, CGEIT, CISM (LION)
 
Asset 1 security-in-the-cloud
Asset 1 security-in-the-cloudAsset 1 security-in-the-cloud
Asset 1 security-in-the-clouddrewz lin
 
Brave new world of encryption v1
Brave new world of encryption v1Brave new world of encryption v1
Brave new world of encryption v1Khazret Sapenov
 

Was ist angesagt? (20)

AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
 
Bi cloud saa_s
Bi cloud saa_sBi cloud saa_s
Bi cloud saa_s
 
Security as a Service Model for Cloud Environment
Security as a Service Model for Cloud EnvironmentSecurity as a Service Model for Cloud Environment
Security as a Service Model for Cloud Environment
 
Protecting Data in the Cloud
Protecting Data in the CloudProtecting Data in the Cloud
Protecting Data in the Cloud
 
Cloud Computing Risk Management (IIA Webinar)
Cloud Computing Risk Management (IIA Webinar)Cloud Computing Risk Management (IIA Webinar)
Cloud Computing Risk Management (IIA Webinar)
 
Cloud security ely kahn
Cloud security ely kahnCloud security ely kahn
Cloud security ely kahn
 
Trend Micro - is your cloud secure
Trend Micro - is your cloud secureTrend Micro - is your cloud secure
Trend Micro - is your cloud secure
 
Risk Factory: PCI Compliance in the Cloud
Risk Factory: PCI Compliance in the CloudRisk Factory: PCI Compliance in the Cloud
Risk Factory: PCI Compliance in the Cloud
 
Are you ready for the private cloud? [WHITEPAPER]
Are you ready for the private cloud? [WHITEPAPER]Are you ready for the private cloud? [WHITEPAPER]
Are you ready for the private cloud? [WHITEPAPER]
 
Cloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter PresentationCloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter Presentation
 
Presd1 10
Presd1 10Presd1 10
Presd1 10
 
Emc keynote 0945 1030
Emc keynote 0945 1030Emc keynote 0945 1030
Emc keynote 0945 1030
 
OpenNASA v2.0 Slideshare Large File
OpenNASA v2.0 Slideshare Large FileOpenNASA v2.0 Slideshare Large File
OpenNASA v2.0 Slideshare Large File
 
Unleash Business Innovation with the Next Generation of Cloud Computing
Unleash Business Innovation with the Next Generation of Cloud ComputingUnleash Business Innovation with the Next Generation of Cloud Computing
Unleash Business Innovation with the Next Generation of Cloud Computing
 
Infrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy HiremathInfrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy Hiremath
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Security
 
Sukhbir jasuja digital_trends_11
Sukhbir jasuja digital_trends_11Sukhbir jasuja digital_trends_11
Sukhbir jasuja digital_trends_11
 
Demystifying Cloud Contracts And SLAs- ConfidentNOW Webinar Series
Demystifying Cloud Contracts And SLAs- ConfidentNOW Webinar SeriesDemystifying Cloud Contracts And SLAs- ConfidentNOW Webinar Series
Demystifying Cloud Contracts And SLAs- ConfidentNOW Webinar Series
 
Asset 1 security-in-the-cloud
Asset 1 security-in-the-cloudAsset 1 security-in-the-cloud
Asset 1 security-in-the-cloud
 
Brave new world of encryption v1
Brave new world of encryption v1Brave new world of encryption v1
Brave new world of encryption v1
 

Andere mochten auch

AWS webinar what is cloud computing 13 09 11
AWS webinar what is cloud computing 13 09 11AWS webinar what is cloud computing 13 09 11
AWS webinar what is cloud computing 13 09 11Amazon Web Services
 
AWS Customer Presentation: exfm - How exfm uses AWS and Amazon CloudSearch- A...
AWS Customer Presentation: exfm - How exfm uses AWS and Amazon CloudSearch- A...AWS Customer Presentation: exfm - How exfm uses AWS and Amazon CloudSearch- A...
AWS Customer Presentation: exfm - How exfm uses AWS and Amazon CloudSearch- A...Amazon Web Services
 
AWS Summit 2011: Customer Presentation - Advanced Innovations
AWS Summit 2011: Customer Presentation - Advanced InnovationsAWS Summit 2011: Customer Presentation - Advanced Innovations
AWS Summit 2011: Customer Presentation - Advanced InnovationsAmazon Web Services
 
High Performance Cloud Computing
High Performance Cloud ComputingHigh Performance Cloud Computing
High Performance Cloud ComputingAmazon Web Services
 
Finding Out More with Data Analytics and AWS
Finding Out More with Data Analytics and AWSFinding Out More with Data Analytics and AWS
Finding Out More with Data Analytics and AWSAmazon Web Services
 
AWS Customer Presentation: Earth Networks - How Earth Networks uses AWS - AWS...
AWS Customer Presentation: Earth Networks - How Earth Networks uses AWS - AWS...AWS Customer Presentation: Earth Networks - How Earth Networks uses AWS - AWS...
AWS Customer Presentation: Earth Networks - How Earth Networks uses AWS - AWS...Amazon Web Services
 
How Enterprises are using the AWS Cloud, Dan Powers, VP, AWS
How Enterprises are using the AWS Cloud, Dan Powers, VP, AWS How Enterprises are using the AWS Cloud, Dan Powers, VP, AWS
How Enterprises are using the AWS Cloud, Dan Powers, VP, AWS Amazon Web Services
 
Cloud Computing for the Enterprise, Dr Werner Vogels, CTO Amazon.com
Cloud Computing for the Enterprise, Dr Werner Vogels, CTO Amazon.comCloud Computing for the Enterprise, Dr Werner Vogels, CTO Amazon.com
Cloud Computing for the Enterprise, Dr Werner Vogels, CTO Amazon.comAmazon Web Services
 
Aws webinar may 2013 designing for failure
Aws webinar may 2013 designing for failureAws webinar may 2013 designing for failure
Aws webinar may 2013 designing for failureAmazon Web Services
 
AWS Customer Presentation - Tell Apart
AWS Customer Presentation - Tell ApartAWS Customer Presentation - Tell Apart
AWS Customer Presentation - Tell ApartAmazon Web Services
 
AWS Webcast - AWS 101 - Journey to the AWS Cloud: Introduction to AWS
AWS Webcast - AWS 101 - Journey to the AWS Cloud: Introduction to AWSAWS Webcast - AWS 101 - Journey to the AWS Cloud: Introduction to AWS
AWS Webcast - AWS 101 - Journey to the AWS Cloud: Introduction to AWSAmazon Web Services
 
Consistent High IO Performance with Amazon Elastic Block Store
Consistent High IO Performance with Amazon Elastic Block StoreConsistent High IO Performance with Amazon Elastic Block Store
Consistent High IO Performance with Amazon Elastic Block StoreAmazon Web Services
 
Cloud by Example for Interactive Agencies
Cloud by Example for Interactive AgenciesCloud by Example for Interactive Agencies
Cloud by Example for Interactive AgenciesAmazon Web Services
 
Webinar | Introduction to Amazon DynamoDB
Webinar | Introduction to Amazon DynamoDBWebinar | Introduction to Amazon DynamoDB
Webinar | Introduction to Amazon DynamoDBAmazon Web Services
 
AWS Cloud School | London - Part 1
AWS Cloud School | London - Part 1AWS Cloud School | London - Part 1
AWS Cloud School | London - Part 1Amazon Web Services
 

Andere mochten auch (20)

AWS webinar what is cloud computing 13 09 11
AWS webinar what is cloud computing 13 09 11AWS webinar what is cloud computing 13 09 11
AWS webinar what is cloud computing 13 09 11
 
AWS Customer Presentation: exfm - How exfm uses AWS and Amazon CloudSearch- A...
AWS Customer Presentation: exfm - How exfm uses AWS and Amazon CloudSearch- A...AWS Customer Presentation: exfm - How exfm uses AWS and Amazon CloudSearch- A...
AWS Customer Presentation: exfm - How exfm uses AWS and Amazon CloudSearch- A...
 
Running a Campaign in the Cloud
Running a Campaign in the CloudRunning a Campaign in the Cloud
Running a Campaign in the Cloud
 
AWS Summit 2011: Customer Presentation - Advanced Innovations
AWS Summit 2011: Customer Presentation - Advanced InnovationsAWS Summit 2011: Customer Presentation - Advanced Innovations
AWS Summit 2011: Customer Presentation - Advanced Innovations
 
High Performance Cloud Computing
High Performance Cloud ComputingHigh Performance Cloud Computing
High Performance Cloud Computing
 
AWS Office Hours: Dev and Test
AWS Office Hours: Dev and TestAWS Office Hours: Dev and Test
AWS Office Hours: Dev and Test
 
Yipit - AWS Start-Up Customer
Yipit - AWS Start-Up Customer Yipit - AWS Start-Up Customer
Yipit - AWS Start-Up Customer
 
Finding Out More with Data Analytics and AWS
Finding Out More with Data Analytics and AWSFinding Out More with Data Analytics and AWS
Finding Out More with Data Analytics and AWS
 
AWS Customer Presentation: Earth Networks - How Earth Networks uses AWS - AWS...
AWS Customer Presentation: Earth Networks - How Earth Networks uses AWS - AWS...AWS Customer Presentation: Earth Networks - How Earth Networks uses AWS - AWS...
AWS Customer Presentation: Earth Networks - How Earth Networks uses AWS - AWS...
 
How Enterprises are using the AWS Cloud, Dan Powers, VP, AWS
How Enterprises are using the AWS Cloud, Dan Powers, VP, AWS How Enterprises are using the AWS Cloud, Dan Powers, VP, AWS
How Enterprises are using the AWS Cloud, Dan Powers, VP, AWS
 
Cloud Computing for the Enterprise, Dr Werner Vogels, CTO Amazon.com
Cloud Computing for the Enterprise, Dr Werner Vogels, CTO Amazon.comCloud Computing for the Enterprise, Dr Werner Vogels, CTO Amazon.com
Cloud Computing for the Enterprise, Dr Werner Vogels, CTO Amazon.com
 
Aws webinar may 2013 designing for failure
Aws webinar may 2013 designing for failureAws webinar may 2013 designing for failure
Aws webinar may 2013 designing for failure
 
AWS Customer Presentation - Tell Apart
AWS Customer Presentation - Tell ApartAWS Customer Presentation - Tell Apart
AWS Customer Presentation - Tell Apart
 
AWS Webcast - AWS 101 - Journey to the AWS Cloud: Introduction to AWS
AWS Webcast - AWS 101 - Journey to the AWS Cloud: Introduction to AWSAWS Webcast - AWS 101 - Journey to the AWS Cloud: Introduction to AWS
AWS Webcast - AWS 101 - Journey to the AWS Cloud: Introduction to AWS
 
Consistent High IO Performance with Amazon Elastic Block Store
Consistent High IO Performance with Amazon Elastic Block StoreConsistent High IO Performance with Amazon Elastic Block Store
Consistent High IO Performance with Amazon Elastic Block Store
 
Cloud by Example for Interactive Agencies
Cloud by Example for Interactive AgenciesCloud by Example for Interactive Agencies
Cloud by Example for Interactive Agencies
 
Introduction to Gaming on AWS
Introduction to Gaming on AWSIntroduction to Gaming on AWS
Introduction to Gaming on AWS
 
Webinar | Introduction to Amazon DynamoDB
Webinar | Introduction to Amazon DynamoDBWebinar | Introduction to Amazon DynamoDB
Webinar | Introduction to Amazon DynamoDB
 
AWS Cloud School | London - Part 1
AWS Cloud School | London - Part 1AWS Cloud School | London - Part 1
AWS Cloud School | London - Part 1
 
Route 53 Latency Based Routing
Route 53 Latency Based RoutingRoute 53 Latency Based Routing
Route 53 Latency Based Routing
 

Ähnlich wie AWS Summit 2011: Cloud Compliance 101: No PhD required - SafeNet

2012-01 How to Secure a Cloud Identity Roadmap
2012-01 How to Secure a Cloud Identity Roadmap2012-01 How to Secure a Cloud Identity Roadmap
2012-01 How to Secure a Cloud Identity RoadmapRaleigh ISSA
 
Ciphercloud Solutions Overview hsa oct2011
Ciphercloud Solutions Overview hsa oct2011Ciphercloud Solutions Overview hsa oct2011
Ciphercloud Solutions Overview hsa oct2011Ramy Houssaini
 
Lss implementing cyber security in the cloud, and from the cloud-feb14
Lss implementing cyber security in the cloud, and from the cloud-feb14Lss implementing cyber security in the cloud, and from the cloud-feb14
Lss implementing cyber security in the cloud, and from the cloud-feb14L S Subramanian
 
Building a Secure Cloud with Identity Management
Building a Secure Cloud with Identity ManagementBuilding a Secure Cloud with Identity Management
Building a Secure Cloud with Identity ManagementOracleIDM
 
Extending security in the cloud network box - v4
Extending security in the cloud network box - v4Extending security in the cloud network box - v4
Extending security in the cloud network box - v4Valencell, Inc.
 
Cloud Security - Made simple
Cloud Security - Made simpleCloud Security - Made simple
Cloud Security - Made simpleSameer Paradia
 
Symantec Enterprise Mobility - Mobile World Congress February 2012
Symantec Enterprise Mobility - Mobile World Congress February 2012Symantec Enterprise Mobility - Mobile World Congress February 2012
Symantec Enterprise Mobility - Mobile World Congress February 2012Symantec
 
Enterprise Security in Cloud
Enterprise Security in CloudEnterprise Security in Cloud
Enterprise Security in CloudLenin Aboagye
 
Data security in cloud
Data security in cloudData security in cloud
Data security in cloudInterop
 
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performanceDeepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performanceUNIT4 IT Solutions
 
Authentication in cloud computing
Authentication in cloud computingAuthentication in cloud computing
Authentication in cloud computingvidhya dharmarajan
 
Identity Management for the Cloud
Identity Management for the CloudIdentity Management for the Cloud
Identity Management for the CloudHorst Walther
 
Securing Salesforce Mobile SDK Apps with Good Dynamics
Securing Salesforce Mobile SDK Apps with Good DynamicsSecuring Salesforce Mobile SDK Apps with Good Dynamics
Securing Salesforce Mobile SDK Apps with Good DynamicsHerve Danzelaud
 
Integrated Cloud Framework: Security, Governance, Compliance, Content Applica...
Integrated Cloud Framework: Security, Governance, Compliance, Content Applica...Integrated Cloud Framework: Security, Governance, Compliance, Content Applica...
Integrated Cloud Framework: Security, Governance, Compliance, Content Applica...Chad Lawler
 
Cloud Security: Perception VS Reality
Cloud Security: Perception VS RealityCloud Security: Perception VS Reality
Cloud Security: Perception VS RealityKVH Co. Ltd.
 
Becoming the safe choice for the cloud by addressing cloud fraud & security t...
Becoming the safe choice for the cloud by addressing cloud fraud & security t...Becoming the safe choice for the cloud by addressing cloud fraud & security t...
Becoming the safe choice for the cloud by addressing cloud fraud & security t...cVidya Networks
 

Ähnlich wie AWS Summit 2011: Cloud Compliance 101: No PhD required - SafeNet (20)

2012-01 How to Secure a Cloud Identity Roadmap
2012-01 How to Secure a Cloud Identity Roadmap2012-01 How to Secure a Cloud Identity Roadmap
2012-01 How to Secure a Cloud Identity Roadmap
 
Ciphercloud Solutions Overview hsa oct2011
Ciphercloud Solutions Overview hsa oct2011Ciphercloud Solutions Overview hsa oct2011
Ciphercloud Solutions Overview hsa oct2011
 
Practical Security for the Cloud
Practical Security for the CloudPractical Security for the Cloud
Practical Security for the Cloud
 
Lss implementing cyber security in the cloud, and from the cloud-feb14
Lss implementing cyber security in the cloud, and from the cloud-feb14Lss implementing cyber security in the cloud, and from the cloud-feb14
Lss implementing cyber security in the cloud, and from the cloud-feb14
 
Building a Secure Cloud with Identity Management
Building a Secure Cloud with Identity ManagementBuilding a Secure Cloud with Identity Management
Building a Secure Cloud with Identity Management
 
Extending security in the cloud network box - v4
Extending security in the cloud network box - v4Extending security in the cloud network box - v4
Extending security in the cloud network box - v4
 
null Bangalore meet - Cloud Computing and Security
null Bangalore meet - Cloud Computing and Securitynull Bangalore meet - Cloud Computing and Security
null Bangalore meet - Cloud Computing and Security
 
Cloud Security - Made simple
Cloud Security - Made simpleCloud Security - Made simple
Cloud Security - Made simple
 
Symantec Enterprise Mobility - Mobile World Congress February 2012
Symantec Enterprise Mobility - Mobile World Congress February 2012Symantec Enterprise Mobility - Mobile World Congress February 2012
Symantec Enterprise Mobility - Mobile World Congress February 2012
 
Enterprise Security in Cloud
Enterprise Security in CloudEnterprise Security in Cloud
Enterprise Security in Cloud
 
Enterprise Security in Hybrid Cloud ISACA-SV 2012
Enterprise Security in Hybrid Cloud ISACA-SV 2012Enterprise Security in Hybrid Cloud ISACA-SV 2012
Enterprise Security in Hybrid Cloud ISACA-SV 2012
 
Data security in cloud
Data security in cloudData security in cloud
Data security in cloud
 
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performanceDeepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
 
Authentication in cloud computing
Authentication in cloud computingAuthentication in cloud computing
Authentication in cloud computing
 
Authentication cloud
Authentication cloudAuthentication cloud
Authentication cloud
 
Identity Management for the Cloud
Identity Management for the CloudIdentity Management for the Cloud
Identity Management for the Cloud
 
Securing Salesforce Mobile SDK Apps with Good Dynamics
Securing Salesforce Mobile SDK Apps with Good DynamicsSecuring Salesforce Mobile SDK Apps with Good Dynamics
Securing Salesforce Mobile SDK Apps with Good Dynamics
 
Integrated Cloud Framework: Security, Governance, Compliance, Content Applica...
Integrated Cloud Framework: Security, Governance, Compliance, Content Applica...Integrated Cloud Framework: Security, Governance, Compliance, Content Applica...
Integrated Cloud Framework: Security, Governance, Compliance, Content Applica...
 
Cloud Security: Perception VS Reality
Cloud Security: Perception VS RealityCloud Security: Perception VS Reality
Cloud Security: Perception VS Reality
 
Becoming the safe choice for the cloud by addressing cloud fraud & security t...
Becoming the safe choice for the cloud by addressing cloud fraud & security t...Becoming the safe choice for the cloud by addressing cloud fraud & security t...
Becoming the safe choice for the cloud by addressing cloud fraud & security t...
 

Mehr von Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 

Mehr von Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Kürzlich hochgeladen

DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 

Kürzlich hochgeladen (20)

DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 

AWS Summit 2011: Cloud Compliance 101: No PhD required - SafeNet

  • 1. Cloud Compliance 101: No PhD Required Cloud Computing forces the Data Governance Issue Mike Smart Insert Your Name Solutions Marketing Director Insert Your Title Mike.Smart@safenet-inc.com Insert Date - twitter @rmsmart007 June 2011
  • 2. Agenda Cloud What the The Bringing Questions Adoption – Regulations Solving the Compliance Predictive and on the Say (or Problem Problem Focus Answers move… Don’t) 2
  • 3. Cloud delivery models – all at once! Traditional Virtualizated Data Center Enterprise Private Cloud Public Cloud Community & Hybrid Clouds
  • 4. Global Cloud Adoption – Moving fast… * Gartner July 2010 – Cloud Hype Cycle 4
  • 5. Market Growth in Cloud Computing Over 60% of enterprises plan to evaluate or pilot Server revenue in the public some type of cloud-enabled offerings within the cloud category will grow next 18 months. However, enterprises continue to from $582 million in 2009 to delay cloud adoption due to concerns surrounding data security, privacy and compliance $718 million in 2014; Server (Gartner Hype Cycle for Cloud Computing, 2010, David revenue for the private cloud Mitchell Smith, July 27, 2010) market will grow from $7.3 billion to $11.8 billion (IDC, May 2010) SMB spending on cloud computing will approach $100 billion by 2014 (AMI Partners, August 2010)
  • 6. EMEA & Cloud – Growth Starting 2011… Source: 451Group Source: 451Group USA EMEA Americas Europe APAC
  • 7. UK’s Cloud Guidance & Governance Government ICT Strategy - March 2011 http://www.cabinetoffice.gov.uk/content/government-ict-strategy 2. The government Cloud (g-Cloud) - Rationalizing the government ICT estate, using cloud computing to increase capability and security, reduce costs and accelerate deployment speeds. Cloud 3. The Data Centre Strategy - Rationalizing data centers to reduce costs while Direction increasing resilience and capability. Set… 4. The government applications Store (g-aS) - Enabling faster procurement, greater innovation, higher speed to deliver outcomes and reduced costs. 5. Shared services, moving systems to the government Cloud - Continually moving to shared services delivered through the government Cloud for common activities. Cloud Computing Security – December 2010 It is good practice to encrypt the data prior to it being transferred to the online services company. This should render the data useless to any hackers and snoopers without the key, regardless of the jurisdiction it is in or who is processing it. Modern techniques increasingly allow processing operations to be carried out whilst maintaining the security and integrity of the data. 7
  • 8. Trust is THE issue! IT Security is stopping projects. Compliance/Audit has tons of questions. Cloud growth IS being limited. All the birds are dead. IT Security Group: The cloud isn’t secure. I don’t trust Providers. I don’t know how to secure that thing! Compliance Audit Group: Show me your security. Prove compliance in Clouds. Convince me! 8
  • 9. Cloud Security Challenges User ID and Access: Secure Authentication, Authorization, Logging  Fundamental Trust & Liability Issues Data Co-Mingling: Multi-tenant data mixing, leakage, ownership • Data exposure in multi-tenant environments Application Vulnerabilities: Exposed vulnerabilities and response • Separation of duties from cloud Insecure Application APIs: Application injection and tampering provider insiders Data Leakage: Isolating data • Transfer of liability by cloud Platform Vulnerabilities: Exposed vulnerabilities and response providers to data owners Insecure Platform APIs: Instance manipulation and tampering  Fundamental New Cloud Risks Data Location/ Residency: Geographic regulatory requirements • New hypervisor technologies Hypervisor Vulnerabilities: Virtualization vulnerabilities and architectures Data Retention: Secure deletion of data • Redefine trust and attestation Application & Service Hijacking: Malicious application usage in cloud environments  Privileged Users: Super-user abuse Regulatory Uncertainty in the Cloud Service Outage: Availability • Regulations likely to require Malicious Insider: Reconnaissance, manipulation, tampering strong controls in the cloud Logging & Forensics: Incident response, liability limitation Perimeter/ Network Security: Secure isolation and access Physical Security: Direct tampering and theft
  • 10. Trust & Hypervisors Challenge Us to Do Better And encryption hits trust and isolation head-on Pen-test, Web scanning, etc. Scan & Report MFA, IAM integration, entitlement management Authentication/Authorization Code review/scan, newlists, Vulnerability Management developer ed., QA, etc. App/DB/File Encryption, G App/DB/File Data Protection DAM/FAM, Process, etc. CSA Controls A Matrix/ Patch process, newslists, patch Patch Management management P Assessment Questions Telemetry & Reporting New Technology Ground CloudAudit • Centered around Hypervisors Instance Authentication/ Authorization • Or the associated trust boundary Etc. • Encryption the single greatest way to address isolation/ trust Instance Isolation • Will also include building controls into CSP/Hypervisor tools Hypervisor Vulnerability Management VLANs, Firewalls, IPS, NAC, SAS 70 Network Security etc. ISO 27001 Physical Security
  • 11. Regulations Will Impact Cloud  Many regulations  That often overlap 11
  • 12. The Truth- You Are On Your Own for Now  Bad News: Confusing Regulatory Landscape • Shared responsibility model- but demarcation is gray • SAS 70 inadequate for common use in evaluating cloud providers • Formal transfer of liability highly likely written into your cloud contract • You will have to have a detailed architecture and API conversation to assess your responsibility  Good News: Everyone Trying to Solve the Problem • XaaS know this, working hard to alleviate • Cloud Security Alliance has Mapping Document
  • 13. So where do we go from here???  Focus on First Principles • Spirit and intent of regulations • Thoughtful data handling  Sprinkled with the “New” Cloud Issues • These are where regulations will focus • Will be around the new area we discussed before: • Trust and Ownership • Hypervisors • Disclosure and Visibility 13
  • 14. First Principles and Cloud Challenges Disclosure/Visibility Trust/Ownership Hypervisor Principle Issues Limit use of <sensitive data> Big issue in SaaS, in your control for the most X part in IaaS and PaaS Use secure development practices X Issue in SaaS and PaaS Control access to <sensitive data> Issues in all cases. Issues of user identification, X X X authorization rights, privileged cloud user Encrypt <sensitive data> in transit X Most likely already addressed, but customer to X cloud, intracloud communication can be an issue Optional <sensitive data> encrypt at rest Huge issue in data sitting in the cloud, across all X X platforms. Keep <sensitive data> confidential Main issue is guaranteeing the “trust” in data X X X when you don’t “trust” the cloud. Keep the integrity of <sensitive data> Main issue is guaranteeing the “trust” in data X X X when you don’t “trust” the cloud. Enforce separation of duties of Fundemenal issue of cloud employee and cloud administrator access. Extends to both physical <sensitive data> access and X X X and logical security. Invokes separation of duties administration issues around all controls. Report and audit your controls for X Can you prove it to your auditor. 14
  • 15. Emergence of Encryption as a Unifying Cloud Security Control  Encryption is a fundamental technology for realizing cloud security • Isolate data in multi-tenant environments • Recognized universally by analysts and experts and underlying control for cloud data • Sets a high-water mark for demonstrating regulatory compliance adherence for data  Moves from Data Center tactic to Cloud strategic solution • Physical controls, underlying trust in processes, and isolation mitigated some use of encryption • Mitigating trust factors that don’t exist in the cloud.
  • 16. How Encryption Solves Main Pain Points Disclosure/Visibility Trust/Ownership Hypervisor Principle Issues Limit use of <sensitive data> Big issue in SaaS, in your control for the most X part in IaaS and PaaS Use secure development practices X Issue in SaaS and PaaS Control access to <sensitive data> Encryption enables authentication and authorizationuser identification, X X X Issues in all cases. Issues of layer. authorization rights, privileged cloud user Encrypt <sensitive data> in transit X Most likely already addressed, but customer to cloud, intracloud communication can be an issue Optional <sensitive data> encrypt at rest Encryption directly addresses manyin data sitting in the cloud, across all Huge issue regulator requirements. Shows X standard of care. platforms. high X Keep <sensitive data> confidential Main issue is guaranteeing the “trust” in data Encryption fundamentally isolates your data from other tenants in a X cloud environment, shields from unauthorized data breach. share X X when you don’t “trust” the cloud. Keep the integrity of <sensitive data> Encryption inherently provides for integrity controls. “trust” in data X X X Main issue is guaranteeing the when you don’t “trust” the cloud. Enforce separation of duties of Encryption can add additional authentication cloudauthorization layer Fundemenal issue of and employee and cloud administrator access. Extends to both physical for users and administrators. Customer owned encryption definitively <sensitive data> access and X X X and logical security. Invokes separation of duties administration shows separation from cloud. issues around all controls. Encryption Key ownership is tangible proofyour auditor. Can you prove it to to data ownership. Report and audit your controls for X Encrypt/Decrypt actions become easy log and audit proofs. 16
  • 17. Encryption- Additional Upside “Lawful Order” to Cloud Provider for Data Issue: Cloud provider may turn over your data when another member of the cloud is under criminal investigation. Your data is now viewable to law enforcement. Resolution: Encrypted data unviewable by law enforcement. Law enforcement would have to work through legal channels, under which you have guaranteed rights, to get you to turn over decryption keys. Destruction of Cloud Data Issue: Is data in the cloud ever destroyed? Are you sure? Resolution: Encryption makes data unusable in the cloud. “Key shredding” virtually makes encrypted cloud data unrecoverable Physical Location Issues of Cloud Data Issue: Is cloud data now in new physical locations requiring new regulatory insight, or violates existing regulatory law? Resolution: Encrypted data can be moved anywhere in the cloud, but controlled decryption with proper key release policy can define what localities may use data. 17
  • 18. SafeNet Trusted Cloud Fabric Maintaining Trust and Control in Virtualized Environments
  • 19. SafeNet Offering – on AWS SafeNet ProtectV™ and Data Secure, server- and storage-based encryption, and application/database encryption, customers can now protect compliance- impacted data stored and used in cloud environments. ProtectV™Instance enables organizations to encrypt and secure the entire contents of virtual servers, protecting these assets from theft or exposure. ProtectV™Volume enables enterprises to secure entire virtual volumes in the cloud containing their data such as files or folders. Data Secure with ProtectApp and ProtectDB enables enterprises to encrypt and prove control over data in applications hosted in the cloud. Delivers: • Data Isolation • Cloud Compliance • Separation of Duties • Pre-Launch Authentication • Multi-tenant Protection 19
  • 20. SafeNet ProtectV in Amazon AWS Protected Customer AMI SafeNet ProtectV: • Encrypted Volume • Pre-Launch Authentication • Policy + Key Management Amazon • Protected EBS Volumes Amazon EBS EC2 20
  • 21. SafeNet ProtectV in Amazon AWS! #1 Select SafeNet AMIs • EC2 and VPC • 4 Public Images • Windows 2003/2008, 32/64 bit • Linux April/May • (enable SSL Port 443 access) #2 Set Encryption Options • RDP Local Management Console • Encrypt Local Instance • Encrypt Attached Storage Volumes • Set Encryption Level (AES 256) • Set Secure Pre-Launch Authentication Amazon Amazon EBS EC2 (& VPC) #3 Pre-Launch Authentication • Standard SSL Web Browser Session • Secures at Pre-Boot Level • Authenticate Instance for Launch 21
  • 22. ProtectV and Scaling in Large Environments ProtectV and ProtectV Manager Cloud APIs Centralized • Authentication Automation Management • Activation/ Snapshot SafeNet ProtectV Manager • Provides centralized management • Supports either customer premise or cloud deployments • Manages and coordinates ProtectV Security • Fully meshed encrypted volumes (enables transparent access) •Open APIs to cloud management, customer provisioning, reporting SafeNet KeySecure (on Premise) •Centralizes key management for persistence and flexibility • Secure key creation and storage • Key discovery • Snapshot re-keying • Key archiving and shredding
  • 23. Additional Resources  Cloud Security Alliance Excellent Vendor Neutral “Penn said that encryption is one of the best ways to secure corporate data in the cloud,  SafeNet Website but “it has to be encryption that the company controls.” www.safenet-inc.com/cloudsecurity “One of the vendors that offers encryption-based cloud security products to companies and government organizations is Maryland-based SafeNet.” “One of the biggest issues our customers are running across is around the Videos concept of trust in the cloud”, said Dean Ocampo, solutions strategy director at SafeNet. “There isn’t a lot of insight among customers in understanding what cloud providers are doing from a security perspective”, he told Infosecurity. White Papers SafeNet Makes Formal Foray into Cloud Security Market with Launch Additional Resources of Trusted Cloud Fabric.” “SafeNet, which has been around since 1993, formally made the jump today from on-premise security to cloud security with the introduction of a new framework designed to extend their established offerings into the cloud. Additionally, they have extended and refined some of their existing services to fit into the public cloud realm via Amazon Web Services.” 23
  • 24. Questions? Cloud Compliance 101: No PhD Required Mike Smart Insert Your Name Solutions Marketing Director Insert Your Title Mike.Smart@safenet-inc.com Insert Date - twitter @rmsmart007 June 2011