SlideShare ist ein Scribd-Unternehmen logo

Exploring Data Security, Ownership and Control in the Cloud

SafeNet
SafeNet

This document discusses security challenges with cloud computing and sharing data in a multi-tenant environment. It notes that while cloud computing provides benefits like scalability and efficiency, security and compliance needs are not fully addressed due to increased risks from a larger attack surface, new definitions of privileged users, and difficulties applying security controls in shared environments. The document advocates approaches like encryption and strong authentication to help customers maintain ownership and control of their data and enable security in cloud models.

Technologie
1 von 27
Downloaden Sie, um offline zu lesen
Whose Cloud Is It Anyway? Exploring Data Security, Ownership and Control David Etue Name Insert Your VP, Corporate Development Strategy Insert Your Title February 26, 2014 Insert Date @djetue
Who We Are SafeNet is trusted to protect, control access to, and manage the worlds most sensitive data and high value applications FOUNDED REVENUE GLOBAL EMPLOYEES ACCREDITED 1983 ~330m +25,000 +1,500 Customers in 100 countries In 25 countries Products certified to the highest security standard We protect the most money that moves–over 80% of the world’s intra-bank fund transfers and nearly $1 trillion per day. We are the de facto root of trust– deploying more than 86,000 key managers and protecting up to 750,000,000 encryption keys. We monetize the most high-value software–more than 100 million license keys protect and manage on-premise, embedded, and cloud applications globally. We control access to the most sensitive corporate information– more than 35 million identities protected via tokens, smartcards, and mobile devices managed onpremise and in the cloud.
Cloud and Virtualization Are Changing the Way IT is Managed and Consumed Agile. Now. On demand. Simple. Secure? 3
Cloud Benefits Are Being Realized…  80% of mature cloud adopters are seeing:1 • Faster access to infrastructure • Greater Scalability • Faster Time to Market for Applications  50% of cloud users report benefits including:1 • Better application performance • Expanded geographic reach • Increased IT staff efficiency © SafeNet Confidential and Proprietary 1RightScale State of the Cloud Report 2013 4
…But Cloud Benefits Are Driven by Sharing © SafeNet Confidential and Proprietary 5
And Security and Compliance Are Not the Biggest Fans of Sharing… © SafeNet Confidential and Proprietary 6
Leading Inhibitors to Cloud Adoption 451 TheInfoPro 2013 Cloud Computing Outlook – Cloud Computing Wave 5
Security and Compliance Concerns With Shared Clouds Data Governance Lack of Visibility Data Compliance Lack of Data Control Data Protection Risk of Breach and Data Loss • Can you track all of my data instances? Backups? Snapshots? • Am I aware of government requests/discovery? • Do you new when data is copied? • Who is accessing my data? • Can I illustrate compliance with internal and external mandates? • Is there an audit trail of access to my data? • Are all my data instances secure? • Can I assure only authorized access to my data? • Can I “pull the plug” on data that’s at risk of exposure or who’s lifecycle has expired? How Do You Maintain Ownership and Control Of Your Information In A Multi-Tenant Environment? © SafeNet Confidential and Proprietary 8
New Risks Driving Cloud Security Challenges Increased Attack Surface Privileged Users Ability to Apply Security Controls Control (or there lack of)
New Risk: Increased Attack Surface
New Risk: New Definition of Privilege
New Risk: Ability to Apply Security Controls Security Controls Mapping and Sized by Budget Security Management & GRC Identity/Entity Security Data Security App Sec Host Network Infrastructure Security CSA Cloud Model
New Risk: Ability to Apply Security Controls Most organizations are trying to deploy “traditional” security controls in cloud and virtual environments…but were the controls even effective then?
New Risk: Control (or there lack of) Salesforce - SaaS The lower down the stack the Cloud provider stops, the more security you are tactically responsible for implementing & managing yourself. Google AppEngine - PaaS Amazon EC2 - IaaS
And Not Just The Traditional “Bad Guys" Government Discovery Adversaries Cloud Administrators Sensitive Data in the Cloud Auditors / Regulators
So, Whose Cloud Is It Anyway? Model Private Cloud IaaS PaaS/SaaS in Hybrid / Community / Public Cloud Whose Privilege Users? Customer Provider Provider Whose Infrastructure? Customer Provider Provider Whose VM / Instance? Customer Customer Provider Whose Application? Customer Customer Provider Law Enforcement Contact? Customer Provider Provider
Making it Your Cloud: Key Enablers to Cloud Security Encryption (and Key Management) Identity and Access Management with Strong Authentication Segmentation Privilege User Management Detection and Response Capabilities System Hardening Asset, Configuration, and Change Management
Encryption: Un-Sharing in a Shared Environment Un-Sharing FTW!!!
Clouds Love Crypto!!!* *with good key management…
Typical Sources of Trust Source Traditional Data Center Internal Cloud (Private) External Cloud (Public, Community, Hybrid) “Own the Stack” Yes N/A No System Fingerprinting Yes No No Trusted Platform Module (TPM) Yes Maybe? No Hardware Security Module (HSM) – Server Card Yes Maybe? No Hardware Security Module (HSM) Network Yes Yes Yes Smartcard Yes Maybe Maybe
Leveraging Crypto In The Cloud Hardware Security Module = Trust Anchor Sources of Trust Customer Premise Cloud Provider Customer Controlled at Service Provider + Most Control + Architecture + Architecture + Multi Cloud - Architecture - Security / Separation - Multi Cloud - Integration © SafeNet Confidential and Proprietary Trusted 3rd Party 21
Leveraging Crypto In The Cloud Applications and Workloads Key Management Hardware Security Module = Trust Anchor Sources of Trust Customer Premise Cloud Provider Customer Controlled at Service Provider + Most Control + Architecture + Architecture + Multi Cloud - Architecture - Security / Separation - Multi Cloud - Integration © SafeNet Confidential and Proprietary Trusted 3rd Party 22
Leveraging Crypto In The Cloud Most Flexible Applications and Workloads Highest Assurance Key Management Hardware Security Module = Trust Anchor Sources of Trust Customer Premise Cloud Provider Customer Controlled at Service Provider + Most Control + Architecture + Architecture + Multi Cloud - Architecture - Security / Separation - Multi Cloud - Integration © SafeNet Confidential and Proprietary Trusted 3rd Party 23
How Do You Apply Security Controls? Security Controls Mapping and Sized by Budget Security Management & GRC Identity/Entity Security Data Security App Sec Host Network Infrastructure Security CSA Cloud Model
Need to Focus “Up The Stack” CSA Cloud Model Security Management & GRC Identity/Entity Security Data Security App Sec Host Virtualization, Software Defined Networks, Network and Public/Hybrid/Community Cloud Forces Infrastructure Security a Change in How Security Controls Are Evaluated and Deployed
Data Centric Security = Agility! CSA Cloud Model Security Management & GRC Identity/Entity Security Data Security App Sec Host Network Infrastructure Security
Thank You!!! @djetue safenet-inc.com @SafeNetInc facebook.com/SafeNetInc Insert Your Name Insert Your Title Insert Date

Empfohlen

Whose Cloud is It Anyway - Data Security in the Cloud
Whose Cloud is It Anyway - Data Security in the CloudWhose Cloud is It Anyway - Data Security in the Cloud
Whose Cloud is It Anyway - Data Security in the CloudSafeNet
 
Cyber Security Management in a Highly Innovative World
Cyber Security Management in a Highly Innovative WorldCyber Security Management in a Highly Innovative World
Cyber Security Management in a Highly Innovative WorldSafeNet
 
Not Going Quietly: Gracefully Losing Control & Adapting to Cloud and Mobility
Not Going Quietly: Gracefully Losing Control & Adapting to Cloud and MobilityNot Going Quietly: Gracefully Losing Control & Adapting to Cloud and Mobility
Not Going Quietly: Gracefully Losing Control & Adapting to Cloud and MobilitySafeNet
 
ProtectV - Data Security for the Cloud
ProtectV - Data Security for the CloudProtectV - Data Security for the Cloud
ProtectV - Data Security for the CloudSafeNet
 
SECURING THE CLOUD DATA LAKES
SECURING THE CLOUD DATA LAKESSECURING THE CLOUD DATA LAKES
SECURING THE CLOUD DATA LAKESHappiest Minds Technologies
 
secureit-cloudsecurity-151130141528-lva1-app6892.pdf
secureit-cloudsecurity-151130141528-lva1-app6892.pdfsecureit-cloudsecurity-151130141528-lva1-app6892.pdf
secureit-cloudsecurity-151130141528-lva1-app6892.pdfYounesChafi1
 
The Cloud Crossover
The Cloud CrossoverThe Cloud Crossover
The Cloud CrossoverArmor
 
LIFT OFF 2017: AWS and Cloud Computing
LIFT OFF 2017: AWS and Cloud ComputingLIFT OFF 2017: AWS and Cloud Computing
LIFT OFF 2017: AWS and Cloud ComputingRobert Herjavec
 

Empfohlen

Whose Cloud is It Anyway - Data Security in the Cloud
Whose Cloud is It Anyway - Data Security in the CloudWhose Cloud is It Anyway - Data Security in the Cloud
Whose Cloud is It Anyway - Data Security in the CloudSafeNet
 
Cyber Security Management in a Highly Innovative World
Cyber Security Management in a Highly Innovative WorldCyber Security Management in a Highly Innovative World
Cyber Security Management in a Highly Innovative WorldSafeNet
 
Not Going Quietly: Gracefully Losing Control & Adapting to Cloud and Mobility
Not Going Quietly: Gracefully Losing Control & Adapting to Cloud and MobilityNot Going Quietly: Gracefully Losing Control & Adapting to Cloud and Mobility
Not Going Quietly: Gracefully Losing Control & Adapting to Cloud and MobilitySafeNet
 
ProtectV - Data Security for the Cloud
ProtectV - Data Security for the CloudProtectV - Data Security for the Cloud
ProtectV - Data Security for the CloudSafeNet
 
SECURING THE CLOUD DATA LAKES
SECURING THE CLOUD DATA LAKESSECURING THE CLOUD DATA LAKES
SECURING THE CLOUD DATA LAKESHappiest Minds Technologies
 
secureit-cloudsecurity-151130141528-lva1-app6892.pdf
secureit-cloudsecurity-151130141528-lva1-app6892.pdfsecureit-cloudsecurity-151130141528-lva1-app6892.pdf
secureit-cloudsecurity-151130141528-lva1-app6892.pdfYounesChafi1
 
The Cloud Crossover
The Cloud CrossoverThe Cloud Crossover
The Cloud CrossoverArmor
 
LIFT OFF 2017: AWS and Cloud Computing
LIFT OFF 2017: AWS and Cloud ComputingLIFT OFF 2017: AWS and Cloud Computing
LIFT OFF 2017: AWS and Cloud ComputingRobert Herjavec
 
Cyber security infotech pvt ltd
Cyber security infotech pvt ltdCyber security infotech pvt ltd
Cyber security infotech pvt ltdCyber Security Infotech
 
Microsoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overviewMicrosoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overviewAllessandra Negri
 
Best-Practices-Web-Usability
Best-Practices-Web-UsabilityBest-Practices-Web-Usability
Best-Practices-Web-UsabilityLarry Wilson
 
Data loss prevention by using MRSH-v2 algorithm
Data loss prevention by using MRSH-v2 algorithm Data loss prevention by using MRSH-v2 algorithm
Data loss prevention by using MRSH-v2 algorithm IJECEIAES
 
2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization
2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization
2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your OrganizationRaffa Learning Community
 
Cybersecurity frameworks globally and saudi arabia
Cybersecurity frameworks globally and saudi arabiaCybersecurity frameworks globally and saudi arabia
Cybersecurity frameworks globally and saudi arabiaFaysal Ghauri
 
cyber-security-reference-architecture
cyber-security-reference-architecturecyber-security-reference-architecture
cyber-security-reference-architectureBirendra Negi ☁️
 
Managing Cloud Security Risks in Your Organization
Managing Cloud Security Risks in Your OrganizationManaging Cloud Security Risks in Your Organization
Managing Cloud Security Risks in Your OrganizationCharles Lim
 
Cloud Computing Security - Cloud Controls Security
Cloud Computing Security - Cloud Controls SecurityCloud Computing Security - Cloud Controls Security
Cloud Computing Security - Cloud Controls SecurityHari Kumar
 
Msft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacksMsft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacksAkram Qureshi
 
Big Data Security Intelligence and Analytics for Advanced Threat Protection
Big Data Security Intelligence and Analytics for Advanced Threat ProtectionBig Data Security Intelligence and Analytics for Advanced Threat Protection
Big Data Security Intelligence and Analytics for Advanced Threat ProtectionBlue Coat
 
cloud security ppt
cloud security ppt cloud security ppt
cloud security ppt Devyani Vaidya
 
Cloud Security Architecture - a different approach
Cloud Security Architecture - a different approachCloud Security Architecture - a different approach
Cloud Security Architecture - a different approachEC-Council
 
Global Mandate to Secure Cloud Computing
Global Mandate to Secure Cloud ComputingGlobal Mandate to Secure Cloud Computing
Global Mandate to Secure Cloud ComputingCloudSecurityAllianceAustralia
 
Cloud summit demystifying cloud security
Cloud summit demystifying cloud securityCloud summit demystifying cloud security
Cloud summit demystifying cloud securityDavid De Vos
 
LIFT OFF 2017: Ransomware and IR Overview
LIFT OFF 2017: Ransomware and IR OverviewLIFT OFF 2017: Ransomware and IR Overview
LIFT OFF 2017: Ransomware and IR OverviewRobert Herjavec
 
Microsoft Cloud Application Security Overview
Microsoft Cloud Application Security Overview Microsoft Cloud Application Security Overview
Microsoft Cloud Application Security Overview Syed Sabhi Haider
 
Azure Sentinel Tips
Azure Sentinel Tips Azure Sentinel Tips
Azure Sentinel Tips Mario Worwell
 
IT Security As A Service
IT Security As A ServiceIT Security As A Service
IT Security As A ServiceMichael Davis
 
Practical Security for the Cloud
Practical Security for the CloudPractical Security for the Cloud
Practical Security for the CloudChirag Joshi, CISA, CISM, CRISC
 
Life After Compliance march 2010 v2
Life After Compliance march 2010 v2Life After Compliance march 2010 v2
Life After Compliance march 2010 v2SafeNet
 
Achieving Data Privacy in the Enterprise
Achieving Data Privacy in the EnterpriseAchieving Data Privacy in the Enterprise
Achieving Data Privacy in the EnterpriseSafeNet
 

Weitere ähnliche Inhalte

Was ist angesagt?

Microsoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overviewMicrosoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overviewAllessandra Negri
 
Best-Practices-Web-Usability
Best-Practices-Web-UsabilityBest-Practices-Web-Usability
Best-Practices-Web-UsabilityLarry Wilson
 
Data loss prevention by using MRSH-v2 algorithm
Data loss prevention by using MRSH-v2 algorithm Data loss prevention by using MRSH-v2 algorithm
Data loss prevention by using MRSH-v2 algorithm IJECEIAES
 
2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization
2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization
2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your OrganizationRaffa Learning Community
 
Cybersecurity frameworks globally and saudi arabia
Cybersecurity frameworks globally and saudi arabiaCybersecurity frameworks globally and saudi arabia
Cybersecurity frameworks globally and saudi arabiaFaysal Ghauri
 
cyber-security-reference-architecture
cyber-security-reference-architecturecyber-security-reference-architecture
cyber-security-reference-architectureBirendra Negi ☁️
 
Managing Cloud Security Risks in Your Organization
Managing Cloud Security Risks in Your OrganizationManaging Cloud Security Risks in Your Organization
Managing Cloud Security Risks in Your OrganizationCharles Lim
 
Cloud Computing Security - Cloud Controls Security
Cloud Computing Security - Cloud Controls SecurityCloud Computing Security - Cloud Controls Security
Cloud Computing Security - Cloud Controls SecurityHari Kumar
 
Msft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacksMsft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacksAkram Qureshi
 
Big Data Security Intelligence and Analytics for Advanced Threat Protection
Big Data Security Intelligence and Analytics for Advanced Threat ProtectionBig Data Security Intelligence and Analytics for Advanced Threat Protection
Big Data Security Intelligence and Analytics for Advanced Threat ProtectionBlue Coat
 
Cloud Security Architecture - a different approach
Cloud Security Architecture - a different approachCloud Security Architecture - a different approach
Cloud Security Architecture - a different approachEC-Council
 
Cloud summit demystifying cloud security
Cloud summit demystifying cloud securityCloud summit demystifying cloud security
Cloud summit demystifying cloud securityDavid De Vos
 
LIFT OFF 2017: Ransomware and IR Overview
LIFT OFF 2017: Ransomware and IR OverviewLIFT OFF 2017: Ransomware and IR Overview
LIFT OFF 2017: Ransomware and IR OverviewRobert Herjavec
 
Microsoft Cloud Application Security Overview
Microsoft Cloud Application Security Overview Microsoft Cloud Application Security Overview
Microsoft Cloud Application Security Overview Syed Sabhi Haider
 
Azure Sentinel Tips
Azure Sentinel Tips Azure Sentinel Tips
Azure Sentinel Tips Mario Worwell
 
IT Security As A Service
IT Security As A ServiceIT Security As A Service
IT Security As A ServiceMichael Davis
 

Was ist angesagt? (20)

Cyber security infotech pvt ltd
Cyber security infotech pvt ltdCyber security infotech pvt ltd
Cyber security infotech pvt ltd
 
Microsoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overviewMicrosoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overview
 
Best-Practices-Web-Usability
Best-Practices-Web-UsabilityBest-Practices-Web-Usability
Best-Practices-Web-Usability
 
Data loss prevention by using MRSH-v2 algorithm
Data loss prevention by using MRSH-v2 algorithm Data loss prevention by using MRSH-v2 algorithm
Data loss prevention by using MRSH-v2 algorithm
 
2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization
2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization
2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization
 
Cybersecurity frameworks globally and saudi arabia
Cybersecurity frameworks globally and saudi arabiaCybersecurity frameworks globally and saudi arabia
Cybersecurity frameworks globally and saudi arabia
 
cyber-security-reference-architecture
cyber-security-reference-architecturecyber-security-reference-architecture
cyber-security-reference-architecture
 
Managing Cloud Security Risks in Your Organization
Managing Cloud Security Risks in Your OrganizationManaging Cloud Security Risks in Your Organization
Managing Cloud Security Risks in Your Organization
 
Cloud Computing Security - Cloud Controls Security
Cloud Computing Security - Cloud Controls SecurityCloud Computing Security - Cloud Controls Security
Cloud Computing Security - Cloud Controls Security
 
Msft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacksMsft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacks
 
Big Data Security Intelligence and Analytics for Advanced Threat Protection
Big Data Security Intelligence and Analytics for Advanced Threat ProtectionBig Data Security Intelligence and Analytics for Advanced Threat Protection
Big Data Security Intelligence and Analytics for Advanced Threat Protection
 
cloud security ppt
cloud security ppt cloud security ppt
cloud security ppt
 
Cloud Security Architecture - a different approach
Cloud Security Architecture - a different approachCloud Security Architecture - a different approach
Cloud Security Architecture - a different approach
 
Global Mandate to Secure Cloud Computing
Global Mandate to Secure Cloud ComputingGlobal Mandate to Secure Cloud Computing
Global Mandate to Secure Cloud Computing
 
Cloud summit demystifying cloud security
Cloud summit demystifying cloud securityCloud summit demystifying cloud security
Cloud summit demystifying cloud security
 
LIFT OFF 2017: Ransomware and IR Overview
LIFT OFF 2017: Ransomware and IR OverviewLIFT OFF 2017: Ransomware and IR Overview
LIFT OFF 2017: Ransomware and IR Overview
 
Microsoft Cloud Application Security Overview
Microsoft Cloud Application Security Overview Microsoft Cloud Application Security Overview
Microsoft Cloud Application Security Overview
 
Azure Sentinel Tips
Azure Sentinel Tips Azure Sentinel Tips
Azure Sentinel Tips
 
IT Security As A Service
IT Security As A ServiceIT Security As A Service
IT Security As A Service
 
Practical Security for the Cloud
Practical Security for the CloudPractical Security for the Cloud
Practical Security for the Cloud
 

Andere mochten auch

Life After Compliance march 2010 v2
Life After Compliance march 2010 v2Life After Compliance march 2010 v2
Life After Compliance march 2010 v2SafeNet
 
Achieving Data Privacy in the Enterprise
Achieving Data Privacy in the EnterpriseAchieving Data Privacy in the Enterprise
Achieving Data Privacy in the EnterpriseSafeNet
 
PCI Compliance Evolved
PCI Compliance EvolvedPCI Compliance Evolved
PCI Compliance EvolvedSafeNet
 
Perpetual Information Security - Driving Data Protection in an Evolving Compl...
Perpetual Information Security - Driving Data Protection in an Evolving Compl...Perpetual Information Security - Driving Data Protection in an Evolving Compl...
Perpetual Information Security - Driving Data Protection in an Evolving Compl...SafeNet
 
Cloud Monetization: A Step-by-Step Guide to Optimizing Your SaaS Business Model
Cloud Monetization: A Step-by-Step Guide to Optimizing Your SaaS Business ModelCloud Monetization: A Step-by-Step Guide to Optimizing Your SaaS Business Model
Cloud Monetization: A Step-by-Step Guide to Optimizing Your SaaS Business ModelSafeNet
 
클라우드 기반 실시간 데이터 분석 및 예측 - 윤석찬 테크 에반젤리스트:: AWS Cloud Track 2 Advanced
클라우드 기반 실시간 데이터 분석 및 예측 - 윤석찬 테크 에반젤리스트:: AWS Cloud Track 2 Advanced클라우드 기반 실시간 데이터 분석 및 예측 - 윤석찬 테크 에반젤리스트:: AWS Cloud Track 2 Advanced
클라우드 기반 실시간 데이터 분석 및 예측 - 윤석찬 테크 에반젤리스트:: AWS Cloud Track 2 AdvancedAmazon Web Services Korea
 
50 citations sur l'innovation
50 citations sur l'innovation50 citations sur l'innovation
50 citations sur l'innovationHUB INSTITUTE
 
eIDAS Reference Guide
eIDAS Reference GuideeIDAS Reference Guide
eIDAS Reference GuideSafeNet
 

Andere mochten auch (9)

Life After Compliance march 2010 v2
Life After Compliance march 2010 v2Life After Compliance march 2010 v2
Life After Compliance march 2010 v2
 
Achieving Data Privacy in the Enterprise
Achieving Data Privacy in the EnterpriseAchieving Data Privacy in the Enterprise
Achieving Data Privacy in the Enterprise
 
PCI Compliance Evolved
PCI Compliance EvolvedPCI Compliance Evolved
PCI Compliance Evolved
 
Perpetual Information Security - Driving Data Protection in an Evolving Compl...
Perpetual Information Security - Driving Data Protection in an Evolving Compl...Perpetual Information Security - Driving Data Protection in an Evolving Compl...
Perpetual Information Security - Driving Data Protection in an Evolving Compl...
 
Cloud Monetization: A Step-by-Step Guide to Optimizing Your SaaS Business Model
Cloud Monetization: A Step-by-Step Guide to Optimizing Your SaaS Business ModelCloud Monetization: A Step-by-Step Guide to Optimizing Your SaaS Business Model
Cloud Monetization: A Step-by-Step Guide to Optimizing Your SaaS Business Model
 
Cereals
CerealsCereals
Cereals
 
클라우드 기반 실시간 데이터 분석 및 예측 - 윤석찬 테크 에반젤리스트:: AWS Cloud Track 2 Advanced
클라우드 기반 실시간 데이터 분석 및 예측 - 윤석찬 테크 에반젤리스트:: AWS Cloud Track 2 Advanced클라우드 기반 실시간 데이터 분석 및 예측 - 윤석찬 테크 에반젤리스트:: AWS Cloud Track 2 Advanced
클라우드 기반 실시간 데이터 분석 및 예측 - 윤석찬 테크 에반젤리스트:: AWS Cloud Track 2 Advanced
 
50 citations sur l'innovation
50 citations sur l'innovation50 citations sur l'innovation
50 citations sur l'innovation
 
eIDAS Reference Guide
eIDAS Reference GuideeIDAS Reference Guide
eIDAS Reference Guide
 

Ähnlich wie Exploring Data Security, Ownership and Control in the Cloud

Jak využít cloudu pro zvýšení bezpečnosti vašeho IT
Jak využít cloudu pro zvýšení bezpečnosti vašeho ITJak využít cloudu pro zvýšení bezpečnosti vašeho IT
Jak využít cloudu pro zvýšení bezpečnosti vašeho ITMarketingArrowECS_CZ
 
White Paper: Protecting Your Cloud
White Paper: Protecting Your CloudWhite Paper: Protecting Your Cloud
White Paper: Protecting Your CloudthinkASG
 
Office 365 Security, Privacy and Compliance - SMB Nation 2015
Office 365 Security, Privacy and Compliance - SMB Nation 2015Office 365 Security, Privacy and Compliance - SMB Nation 2015
Office 365 Security, Privacy and Compliance - SMB Nation 2015Robert Crane
 
Cyber Security Demistyified
Cyber Security DemistyifiedCyber Security Demistyified
Cyber Security DemistyifiedMicrosoft UK
 
CYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdf
CYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdfCYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdf
CYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdfJenna Murray
 
Cyber security within Organisations: A sneaky peak of current status, trends,...
Cyber security within Organisations: A sneaky peak of current status, trends,...Cyber security within Organisations: A sneaky peak of current status, trends,...
Cyber security within Organisations: A sneaky peak of current status, trends,...Marco Casassa Mont
 
Whose Cloud Is It Anyway? Exploring Data Security, Ownership and Control
Whose Cloud Is It Anyway? Exploring Data Security, Ownership and ControlWhose Cloud Is It Anyway? Exploring Data Security, Ownership and Control
Whose Cloud Is It Anyway? Exploring Data Security, Ownership and ControlDavid Etue
 
Tecnologías para el Cumplimiento. Alexandre Bento. SafeNet
Tecnologías para el Cumplimiento. Alexandre Bento. SafeNetTecnologías para el Cumplimiento. Alexandre Bento. SafeNet
Tecnologías para el Cumplimiento. Alexandre Bento. SafeNetInternet Security Auditors
 
MT50 Data is the new currency: Protect it!
MT50 Data is the new currency: Protect it!MT50 Data is the new currency: Protect it!
MT50 Data is the new currency: Protect it!Dell EMC World
 
SafeNet overview 2014
SafeNet overview 2014SafeNet overview 2014
SafeNet overview 2014Sectricity
 
Top Cloud Infrastructure Practices And Strategies For Maximum Security.pdf
Top Cloud Infrastructure Practices And Strategies For Maximum Security.pdfTop Cloud Infrastructure Practices And Strategies For Maximum Security.pdf
Top Cloud Infrastructure Practices And Strategies For Maximum Security.pdfForgeahead Solutions
 
SC-900 Concepts of Security, Compliance, and Identity
SC-900 Concepts of Security, Compliance, and IdentitySC-900 Concepts of Security, Compliance, and Identity
SC-900 Concepts of Security, Compliance, and IdentityFredBrandonAuthorMCP
 
Identity and Security in the Cloud
Identity and Security in the CloudIdentity and Security in the Cloud
Identity and Security in the CloudRichard Diver
 
Data Governance Trends and Best Practices To Implement Today
Data Governance Trends and Best Practices To Implement TodayData Governance Trends and Best Practices To Implement Today
Data Governance Trends and Best Practices To Implement TodayDATAVERSITY
 
CyberKnight capabilties
CyberKnight capabiltiesCyberKnight capabilties
CyberKnight capabiltiesSneha .
 
Are You Leveraging the Cloud? Or is it Leveraging You?
Are You Leveraging the Cloud? Or is it Leveraging You?Are You Leveraging the Cloud? Or is it Leveraging You?
Are You Leveraging the Cloud? Or is it Leveraging You?Tom Mumford
 
Office 365 Security And Compliance
Office 365 Security And ComplianceOffice 365 Security And Compliance
Office 365 Security And ComplianceMicrosoft
 

Ähnlich wie Exploring Data Security, Ownership and Control in the Cloud (20)

Jak využít cloudu pro zvýšení bezpečnosti vašeho IT
Jak využít cloudu pro zvýšení bezpečnosti vašeho ITJak využít cloudu pro zvýšení bezpečnosti vašeho IT
Jak využít cloudu pro zvýšení bezpečnosti vašeho IT
 
White Paper: Protecting Your Cloud
White Paper: Protecting Your CloudWhite Paper: Protecting Your Cloud
White Paper: Protecting Your Cloud
 
Office 365 Security, Privacy and Compliance - SMB Nation 2015
Office 365 Security, Privacy and Compliance - SMB Nation 2015Office 365 Security, Privacy and Compliance - SMB Nation 2015
Office 365 Security, Privacy and Compliance - SMB Nation 2015
 
Cyber Security Demistyified
Cyber Security DemistyifiedCyber Security Demistyified
Cyber Security Demistyified
 
CYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdf
CYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdfCYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdf
CYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdf
 
Cyber security within Organisations: A sneaky peak of current status, trends,...
Cyber security within Organisations: A sneaky peak of current status, trends,...Cyber security within Organisations: A sneaky peak of current status, trends,...
Cyber security within Organisations: A sneaky peak of current status, trends,...
 
Whose Cloud Is It Anyway? Exploring Data Security, Ownership and Control
Whose Cloud Is It Anyway? Exploring Data Security, Ownership and ControlWhose Cloud Is It Anyway? Exploring Data Security, Ownership and Control
Whose Cloud Is It Anyway? Exploring Data Security, Ownership and Control
 
Tecnologías para el Cumplimiento. Alexandre Bento. SafeNet
Tecnologías para el Cumplimiento. Alexandre Bento. SafeNetTecnologías para el Cumplimiento. Alexandre Bento. SafeNet
Tecnologías para el Cumplimiento. Alexandre Bento. SafeNet
 
MT50 Data is the new currency: Protect it!
MT50 Data is the new currency: Protect it!MT50 Data is the new currency: Protect it!
MT50 Data is the new currency: Protect it!
 
SafeNet overview 2014
SafeNet overview 2014SafeNet overview 2014
SafeNet overview 2014
 
Top Cloud Infrastructure Practices And Strategies For Maximum Security.pdf
Top Cloud Infrastructure Practices And Strategies For Maximum Security.pdfTop Cloud Infrastructure Practices And Strategies For Maximum Security.pdf
Top Cloud Infrastructure Practices And Strategies For Maximum Security.pdf
 
SC-900 Concepts of Security, Compliance, and Identity
SC-900 Concepts of Security, Compliance, and IdentitySC-900 Concepts of Security, Compliance, and Identity
SC-900 Concepts of Security, Compliance, and Identity
 
Data security
Data securityData security
Data security
 
Identity and Security in the Cloud
Identity and Security in the CloudIdentity and Security in the Cloud
Identity and Security in the Cloud
 
CSO CXO Series Breakfast
CSO CXO Series BreakfastCSO CXO Series Breakfast
CSO CXO Series Breakfast
 
Data Governance Trends and Best Practices To Implement Today
Data Governance Trends and Best Practices To Implement TodayData Governance Trends and Best Practices To Implement Today
Data Governance Trends and Best Practices To Implement Today
 
CyberKnight capabilties
CyberKnight capabiltiesCyberKnight capabilties
CyberKnight capabilties
 
Are You Leveraging the Cloud? Or is it Leveraging You?
Are You Leveraging the Cloud? Or is it Leveraging You?Are You Leveraging the Cloud? Or is it Leveraging You?
Are You Leveraging the Cloud? Or is it Leveraging You?
 
AWS Cloud Security
AWS Cloud SecurityAWS Cloud Security
AWS Cloud Security
 
Office 365 Security And Compliance
Office 365 Security And ComplianceOffice 365 Security And Compliance
Office 365 Security And Compliance
 

Mehr von SafeNet

SafeWord 2008 Migration Bundle Building a Fully Trusted Authentication Enviro...
SafeWord 2008 Migration Bundle Building a Fully Trusted Authentication Enviro...SafeWord 2008 Migration Bundle Building a Fully Trusted Authentication Enviro...
SafeWord 2008 Migration Bundle Building a Fully Trusted Authentication Enviro...SafeNet
 
A Single Strong Authentication Platform for Cloud and On-Premise Applications
A Single Strong Authentication Platform for Cloud and On-Premise ApplicationsA Single Strong Authentication Platform for Cloud and On-Premise Applications
A Single Strong Authentication Platform for Cloud and On-Premise ApplicationsSafeNet
 
Securing Digital Identities and Transactions in the Cloud Security Guide
Securing Digital Identities and Transactions in the Cloud Security GuideSecuring Digital Identities and Transactions in the Cloud Security Guide
Securing Digital Identities and Transactions in the Cloud Security GuideSafeNet
 
Securing Network-Attached HSMs: The SafeNet Luna SA Three-Layer Authenticatio...
Securing Network-Attached HSMs: The SafeNet Luna SA Three-Layer Authenticatio...Securing Network-Attached HSMs: The SafeNet Luna SA Three-Layer Authenticatio...
Securing Network-Attached HSMs: The SafeNet Luna SA Three-Layer Authenticatio...SafeNet
 
Introduction to PKI & SafeNet Luna Hardware Security Modules with Microsoft W...
Introduction to PKI & SafeNet Luna Hardware Security Modules with Microsoft W...Introduction to PKI & SafeNet Luna Hardware Security Modules with Microsoft W...
Introduction to PKI & SafeNet Luna Hardware Security Modules with Microsoft W...SafeNet
 
Cloud Computing and the Federal Government: Maximizing Trust Supporting the M...
Cloud Computing and the Federal Government: Maximizing Trust Supporting the M...Cloud Computing and the Federal Government: Maximizing Trust Supporting the M...
Cloud Computing and the Federal Government: Maximizing Trust Supporting the M...SafeNet
 
Hardware Security Modules: Critical to Information Risk Management
Hardware Security Modules: Critical to Information Risk ManagementHardware Security Modules: Critical to Information Risk Management
Hardware Security Modules: Critical to Information Risk ManagementSafeNet
 
Strong Authentication: Securing Identities and Enabling Business
Strong Authentication: Securing Identities and Enabling BusinessStrong Authentication: Securing Identities and Enabling Business
Strong Authentication: Securing Identities and Enabling BusinessSafeNet
 
Building Trust into eInvoicing: Key Requirements and Strategies
Building Trust into eInvoicing: Key Requirements and StrategiesBuilding Trust into eInvoicing: Key Requirements and Strategies
Building Trust into eInvoicing: Key Requirements and StrategiesSafeNet
 
A Question of Trust: How Service Providers Can Attract More Customers by Deli...
A Question of Trust: How Service Providers Can Attract More Customers by Deli...A Question of Trust: How Service Providers Can Attract More Customers by Deli...
A Question of Trust: How Service Providers Can Attract More Customers by Deli...SafeNet
 
Payment Card Security: 12-Steps to Meeting PCI-DSS Compliance with SafeNet
Payment Card Security: 12-Steps to Meeting PCI-DSS Compliance with SafeNetPayment Card Security: 12-Steps to Meeting PCI-DSS Compliance with SafeNet
Payment Card Security: 12-Steps to Meeting PCI-DSS Compliance with SafeNetSafeNet
 
E-Passport: Deploying Hardware Security Modules to Ensure Data Authenticity a...
E-Passport: Deploying Hardware Security Modules to Ensure Data Authenticity a...E-Passport: Deploying Hardware Security Modules to Ensure Data Authenticity a...
E-Passport: Deploying Hardware Security Modules to Ensure Data Authenticity a...SafeNet
 
SafeNet DataSecure vs. Native SQL Server Encryption
SafeNet DataSecure vs. Native SQL Server EncryptionSafeNet DataSecure vs. Native SQL Server Encryption
SafeNet DataSecure vs. Native SQL Server EncryptionSafeNet
 
Building Trust into DNS: Key Strategies
Building Trust into DNS: Key StrategiesBuilding Trust into DNS: Key Strategies
Building Trust into DNS: Key StrategiesSafeNet
 
Charting Your Path to Enterprise Key Management
Charting Your Path to Enterprise Key ManagementCharting Your Path to Enterprise Key Management
Charting Your Path to Enterprise Key ManagementSafeNet
 
Secure PIN Management How to Issue and Change PINs Securely over the Web
Secure PIN Management How to Issue and Change PINs Securely over the WebSecure PIN Management How to Issue and Change PINs Securely over the Web
Secure PIN Management How to Issue and Change PINs Securely over the WebSafeNet
 
An Enterprise Guide to Understanding Key Management
An Enterprise Guide to Understanding Key ManagementAn Enterprise Guide to Understanding Key Management
An Enterprise Guide to Understanding Key ManagementSafeNet
 
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...SafeNet
 
Securing the Smart Grid with SafeNet HSMs
Securing the Smart Grid with SafeNet HSMsSecuring the Smart Grid with SafeNet HSMs
Securing the Smart Grid with SafeNet HSMsSafeNet
 
Authentication_Best_Practices_WP(EN)_web
Authentication_Best_Practices_WP(EN)_webAuthentication_Best_Practices_WP(EN)_web
Authentication_Best_Practices_WP(EN)_webSafeNet
 

Mehr von SafeNet (20)

SafeWord 2008 Migration Bundle Building a Fully Trusted Authentication Enviro...
SafeWord 2008 Migration Bundle Building a Fully Trusted Authentication Enviro...SafeWord 2008 Migration Bundle Building a Fully Trusted Authentication Enviro...
SafeWord 2008 Migration Bundle Building a Fully Trusted Authentication Enviro...
 
A Single Strong Authentication Platform for Cloud and On-Premise Applications
A Single Strong Authentication Platform for Cloud and On-Premise ApplicationsA Single Strong Authentication Platform for Cloud and On-Premise Applications
A Single Strong Authentication Platform for Cloud and On-Premise Applications
 
Securing Digital Identities and Transactions in the Cloud Security Guide
Securing Digital Identities and Transactions in the Cloud Security GuideSecuring Digital Identities and Transactions in the Cloud Security Guide
Securing Digital Identities and Transactions in the Cloud Security Guide
 
Securing Network-Attached HSMs: The SafeNet Luna SA Three-Layer Authenticatio...
Securing Network-Attached HSMs: The SafeNet Luna SA Three-Layer Authenticatio...Securing Network-Attached HSMs: The SafeNet Luna SA Three-Layer Authenticatio...
Securing Network-Attached HSMs: The SafeNet Luna SA Three-Layer Authenticatio...
 
Introduction to PKI & SafeNet Luna Hardware Security Modules with Microsoft W...
Introduction to PKI & SafeNet Luna Hardware Security Modules with Microsoft W...Introduction to PKI & SafeNet Luna Hardware Security Modules with Microsoft W...
Introduction to PKI & SafeNet Luna Hardware Security Modules with Microsoft W...
 
Cloud Computing and the Federal Government: Maximizing Trust Supporting the M...
Cloud Computing and the Federal Government: Maximizing Trust Supporting the M...Cloud Computing and the Federal Government: Maximizing Trust Supporting the M...
Cloud Computing and the Federal Government: Maximizing Trust Supporting the M...
 
Hardware Security Modules: Critical to Information Risk Management
Hardware Security Modules: Critical to Information Risk ManagementHardware Security Modules: Critical to Information Risk Management
Hardware Security Modules: Critical to Information Risk Management
 
Strong Authentication: Securing Identities and Enabling Business
Strong Authentication: Securing Identities and Enabling BusinessStrong Authentication: Securing Identities and Enabling Business
Strong Authentication: Securing Identities and Enabling Business
 
Building Trust into eInvoicing: Key Requirements and Strategies
Building Trust into eInvoicing: Key Requirements and StrategiesBuilding Trust into eInvoicing: Key Requirements and Strategies
Building Trust into eInvoicing: Key Requirements and Strategies
 
A Question of Trust: How Service Providers Can Attract More Customers by Deli...
A Question of Trust: How Service Providers Can Attract More Customers by Deli...A Question of Trust: How Service Providers Can Attract More Customers by Deli...
A Question of Trust: How Service Providers Can Attract More Customers by Deli...
 
Payment Card Security: 12-Steps to Meeting PCI-DSS Compliance with SafeNet
Payment Card Security: 12-Steps to Meeting PCI-DSS Compliance with SafeNetPayment Card Security: 12-Steps to Meeting PCI-DSS Compliance with SafeNet
Payment Card Security: 12-Steps to Meeting PCI-DSS Compliance with SafeNet
 
E-Passport: Deploying Hardware Security Modules to Ensure Data Authenticity a...
E-Passport: Deploying Hardware Security Modules to Ensure Data Authenticity a...E-Passport: Deploying Hardware Security Modules to Ensure Data Authenticity a...
E-Passport: Deploying Hardware Security Modules to Ensure Data Authenticity a...
 
SafeNet DataSecure vs. Native SQL Server Encryption
SafeNet DataSecure vs. Native SQL Server EncryptionSafeNet DataSecure vs. Native SQL Server Encryption
SafeNet DataSecure vs. Native SQL Server Encryption
 
Building Trust into DNS: Key Strategies
Building Trust into DNS: Key StrategiesBuilding Trust into DNS: Key Strategies
Building Trust into DNS: Key Strategies
 
Charting Your Path to Enterprise Key Management
Charting Your Path to Enterprise Key ManagementCharting Your Path to Enterprise Key Management
Charting Your Path to Enterprise Key Management
 
Secure PIN Management How to Issue and Change PINs Securely over the Web
Secure PIN Management How to Issue and Change PINs Securely over the WebSecure PIN Management How to Issue and Change PINs Securely over the Web
Secure PIN Management How to Issue and Change PINs Securely over the Web
 
An Enterprise Guide to Understanding Key Management
An Enterprise Guide to Understanding Key ManagementAn Enterprise Guide to Understanding Key Management
An Enterprise Guide to Understanding Key Management
 
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
 
Securing the Smart Grid with SafeNet HSMs
Securing the Smart Grid with SafeNet HSMsSecuring the Smart Grid with SafeNet HSMs
Securing the Smart Grid with SafeNet HSMs
 
Authentication_Best_Practices_WP(EN)_web
Authentication_Best_Practices_WP(EN)_webAuthentication_Best_Practices_WP(EN)_web
Authentication_Best_Practices_WP(EN)_web
 

Kürzlich hochgeladen

Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfSeasiaInfotech2
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesZilliz
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 

Kürzlich hochgeladen (20)

Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdf
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector Databases
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embedding
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 

Exploring Data Security, Ownership and Control in the Cloud

  • 1. Whose Cloud Is It Anyway? Exploring Data Security, Ownership and Control David Etue Name Insert Your VP, Corporate Development Strategy Insert Your Title February 26, 2014 Insert Date @djetue
  • 2. Who We Are SafeNet is trusted to protect, control access to, and manage the worlds most sensitive data and high value applications FOUNDED REVENUE GLOBAL EMPLOYEES ACCREDITED 1983 ~330m +25,000 +1,500 Customers in 100 countries In 25 countries Products certified to the highest security standard We protect the most money that moves–over 80% of the world’s intra-bank fund transfers and nearly $1 trillion per day. We are the de facto root of trust– deploying more than 86,000 key managers and protecting up to 750,000,000 encryption keys. We monetize the most high-value software–more than 100 million license keys protect and manage on-premise, embedded, and cloud applications globally. We control access to the most sensitive corporate information– more than 35 million identities protected via tokens, smartcards, and mobile devices managed onpremise and in the cloud.
  • 3. Cloud and Virtualization Are Changing the Way IT is Managed and Consumed Agile. Now. On demand. Simple. Secure? 3
  • 4. Cloud Benefits Are Being Realized…  80% of mature cloud adopters are seeing:1 • Faster access to infrastructure • Greater Scalability • Faster Time to Market for Applications  50% of cloud users report benefits including:1 • Better application performance • Expanded geographic reach • Increased IT staff efficiency © SafeNet Confidential and Proprietary 1RightScale State of the Cloud Report 2013 4
  • 5. …But Cloud Benefits Are Driven by Sharing © SafeNet Confidential and Proprietary 5
  • 6. And Security and Compliance Are Not the Biggest Fans of Sharing… © SafeNet Confidential and Proprietary 6
  • 7. Leading Inhibitors to Cloud Adoption 451 TheInfoPro 2013 Cloud Computing Outlook – Cloud Computing Wave 5
  • 8. Security and Compliance Concerns With Shared Clouds Data Governance Lack of Visibility Data Compliance Lack of Data Control Data Protection Risk of Breach and Data Loss • Can you track all of my data instances? Backups? Snapshots? • Am I aware of government requests/discovery? • Do you new when data is copied? • Who is accessing my data? • Can I illustrate compliance with internal and external mandates? • Is there an audit trail of access to my data? • Are all my data instances secure? • Can I assure only authorized access to my data? • Can I “pull the plug” on data that’s at risk of exposure or who’s lifecycle has expired? How Do You Maintain Ownership and Control Of Your Information In A Multi-Tenant Environment? © SafeNet Confidential and Proprietary 8
  • 9. New Risks Driving Cloud Security Challenges Increased Attack Surface Privileged Users Ability to Apply Security Controls Control (or there lack of)
  • 11. New Risk: New Definition of Privilege
  • 12. New Risk: Ability to Apply Security Controls Security Controls Mapping and Sized by Budget Security Management & GRC Identity/Entity Security Data Security App Sec Host Network Infrastructure Security CSA Cloud Model
  • 13. New Risk: Ability to Apply Security Controls Most organizations are trying to deploy “traditional” security controls in cloud and virtual environments…but were the controls even effective then?
  • 14. New Risk: Control (or there lack of) Salesforce - SaaS The lower down the stack the Cloud provider stops, the more security you are tactically responsible for implementing & managing yourself. Google AppEngine - PaaS Amazon EC2 - IaaS
  • 15. And Not Just The Traditional “Bad Guys" Government Discovery Adversaries Cloud Administrators Sensitive Data in the Cloud Auditors / Regulators
  • 16. So, Whose Cloud Is It Anyway? Model Private Cloud IaaS PaaS/SaaS in Hybrid / Community / Public Cloud Whose Privilege Users? Customer Provider Provider Whose Infrastructure? Customer Provider Provider Whose VM / Instance? Customer Customer Provider Whose Application? Customer Customer Provider Law Enforcement Contact? Customer Provider Provider
  • 17. Making it Your Cloud: Key Enablers to Cloud Security Encryption (and Key Management) Identity and Access Management with Strong Authentication Segmentation Privilege User Management Detection and Response Capabilities System Hardening Asset, Configuration, and Change Management
  • 18. Encryption: Un-Sharing in a Shared Environment Un-Sharing FTW!!!
  • 19. Clouds Love Crypto!!!* *with good key management…
  • 20. Typical Sources of Trust Source Traditional Data Center Internal Cloud (Private) External Cloud (Public, Community, Hybrid) “Own the Stack” Yes N/A No System Fingerprinting Yes No No Trusted Platform Module (TPM) Yes Maybe? No Hardware Security Module (HSM) – Server Card Yes Maybe? No Hardware Security Module (HSM) Network Yes Yes Yes Smartcard Yes Maybe Maybe
  • 21. Leveraging Crypto In The Cloud Hardware Security Module = Trust Anchor Sources of Trust Customer Premise Cloud Provider Customer Controlled at Service Provider + Most Control + Architecture + Architecture + Multi Cloud - Architecture - Security / Separation - Multi Cloud - Integration © SafeNet Confidential and Proprietary Trusted 3rd Party 21
  • 22. Leveraging Crypto In The Cloud Applications and Workloads Key Management Hardware Security Module = Trust Anchor Sources of Trust Customer Premise Cloud Provider Customer Controlled at Service Provider + Most Control + Architecture + Architecture + Multi Cloud - Architecture - Security / Separation - Multi Cloud - Integration © SafeNet Confidential and Proprietary Trusted 3rd Party 22
  • 23. Leveraging Crypto In The Cloud Most Flexible Applications and Workloads Highest Assurance Key Management Hardware Security Module = Trust Anchor Sources of Trust Customer Premise Cloud Provider Customer Controlled at Service Provider + Most Control + Architecture + Architecture + Multi Cloud - Architecture - Security / Separation - Multi Cloud - Integration © SafeNet Confidential and Proprietary Trusted 3rd Party 23
  • 24. How Do You Apply Security Controls? Security Controls Mapping and Sized by Budget Security Management & GRC Identity/Entity Security Data Security App Sec Host Network Infrastructure Security CSA Cloud Model
  • 25. Need to Focus “Up The Stack” CSA Cloud Model Security Management & GRC Identity/Entity Security Data Security App Sec Host Virtualization, Software Defined Networks, Network and Public/Hybrid/Community Cloud Forces Infrastructure Security a Change in How Security Controls Are Evaluated and Deployed
  • 26. Data Centric Security = Agility! CSA Cloud Model Security Management & GRC Identity/Entity Security Data Security App Sec Host Network Infrastructure Security