SlideShare ist ein Scribd-Unternehmen logo

David Slater G-Cloud Meet Up

•Als PPTX, PDF herunterladen•
•
WeAreEsynergy
WeAreEsynergy

Presentation from David Slater at our G-Cloud Meet Up

TechnologieBusiness
1 von 10
David Slater, CLAS Consultant
Security in G-Cloud Services at Restricted dd-mm-yyyy
Introduction • Achieving Restricted (IL3) accreditation of service is not easy • Presentation covers experiences gained from achieving accreditation of Restricted (IL3) services for Atos • Not an exhaustive list – just the highlights | Identity, Security and Risk Management from Atos Consulting
Before You Start … • Review your solution against: • • • • CESG Architectural Patters CESG Good Practice Guides IS Standards Check that your ISO 27001 Certification is: • • • Current Suitably scoped UKAS Certified (recognized) CESG like compliancy matrices against the relevant GPG’s Read the PSN Code | Identity, Security and Risk Management from Atos Consulting
Key Security Controls • Make sure applications: • • • Address the OWASP Top Ten Think about limiting concurrent logins Think about defense in depth • Input Validation • Parameterized Stored Procedures • Output Validation • Manage Out-of-Bands • Separate Interface • Not via the Internet • Lock everything down against Industry Guides (Centre for Internet Security) • Use CPA approved or Common Criteria Approved products | Identity, Security and Risk Management from Atos Consulting
Support • Keep it in the UK at Restricted (IL3) • Use secure protocols • SSH • HTTPS • Use dedicated support terminals • CESG approved encryption across insecure networks • Issue with approved products • Support from the office – not via Internet/Remote Access • Cleared staff • Another issue 6 | Identity, Security and Risk Management from Atos Consulting
Consider hosting in a pre-accredited Service A number of accredited ‘hosting’ environments: • • • • • Atos Skyscape Lockheed Martin SCC • Not all the same, each has its strengths and weaknesses • Look at what you get against your needs: • Internet Connection • PSN Connection • Support Connections • Monitoring • Patching • Disaster Recovery • Protective Monitoring 7 | Identity, Security and Risk Management from Atos Consulting
Things that catch you out …. • Staff Clearances • Cabinet Office will clear small number • SC for privileged users • Key Material for CAPS products • No easy route to gain • No real alternative • Penetration Tests • Recent – many month old test is no good • Single vulnerability allowing inter-network connection • CESG Design Review 8 | Identity, Security and Risk Management from Atos Consulting
The PGA is …. • Risk adverse • Well briefed • Has a lot of backup • Aligned with CESG Guidance 9 | Identity, Security and Risk Management from Atos Consulting
Thank You 10 | Identity, Security and Risk Management from Atos Consulting

Empfohlen

ISE UK&Ireland 2008 Showcase Nominee Presentation Vladimir Jirasek
ISE UK&Ireland 2008 Showcase Nominee Presentation Vladimir JirasekISE UK&Ireland 2008 Showcase Nominee Presentation Vladimir Jirasek
ISE UK&Ireland 2008 Showcase Nominee Presentation Vladimir JirasekVladimir Jirasek
 
Qualys Webex 24 June 2008
Qualys Webex 24 June 2008Qualys Webex 24 June 2008
Qualys Webex 24 June 2008Vladimir Jirasek
 
Alert Logic - Corporate Overview
Alert Logic - Corporate OverviewAlert Logic - Corporate Overview
Alert Logic - Corporate Overviewbmiller144
 
How to Rightsize Your Citrix Investment
How to Rightsize Your Citrix InvestmentHow to Rightsize Your Citrix Investment
How to Rightsize Your Citrix InvestmentZivaro Inc
 
21.06.2017 - KYOS Breakfast Event
21.06.2017 - KYOS Breakfast Event 21.06.2017 - KYOS Breakfast Event
21.06.2017 - KYOS Breakfast Event Kyos
 
Sam Herath - Six Critical Criteria for Cloud Workload Security
Sam Herath - Six Critical Criteria for Cloud Workload SecuritySam Herath - Six Critical Criteria for Cloud Workload Security
Sam Herath - Six Critical Criteria for Cloud Workload Securitycentralohioissa
 
Conquest Security Capabilities
Conquest Security CapabilitiesConquest Security Capabilities
Conquest Security CapabilitiesConquest Security, Inc.
 
Ken Czekaj & Robert Wright - Leveraging APM NPM Solutions to Compliment Cyber...
Ken Czekaj & Robert Wright - Leveraging APM NPM Solutions to Compliment Cyber...Ken Czekaj & Robert Wright - Leveraging APM NPM Solutions to Compliment Cyber...
Ken Czekaj & Robert Wright - Leveraging APM NPM Solutions to Compliment Cyber...centralohioissa
 

Empfohlen

ISE UK&Ireland 2008 Showcase Nominee Presentation Vladimir Jirasek
ISE UK&Ireland 2008 Showcase Nominee Presentation Vladimir JirasekISE UK&Ireland 2008 Showcase Nominee Presentation Vladimir Jirasek
ISE UK&Ireland 2008 Showcase Nominee Presentation Vladimir JirasekVladimir Jirasek
 
Qualys Webex 24 June 2008
Qualys Webex 24 June 2008Qualys Webex 24 June 2008
Qualys Webex 24 June 2008Vladimir Jirasek
 
Alert Logic - Corporate Overview
Alert Logic - Corporate OverviewAlert Logic - Corporate Overview
Alert Logic - Corporate Overviewbmiller144
 
How to Rightsize Your Citrix Investment
How to Rightsize Your Citrix InvestmentHow to Rightsize Your Citrix Investment
How to Rightsize Your Citrix InvestmentZivaro Inc
 
21.06.2017 - KYOS Breakfast Event
21.06.2017 - KYOS Breakfast Event 21.06.2017 - KYOS Breakfast Event
21.06.2017 - KYOS Breakfast Event Kyos
 
Sam Herath - Six Critical Criteria for Cloud Workload Security
Sam Herath - Six Critical Criteria for Cloud Workload SecuritySam Herath - Six Critical Criteria for Cloud Workload Security
Sam Herath - Six Critical Criteria for Cloud Workload Securitycentralohioissa
 
Conquest Security Capabilities
Conquest Security CapabilitiesConquest Security Capabilities
Conquest Security CapabilitiesConquest Security, Inc.
 
Ken Czekaj & Robert Wright - Leveraging APM NPM Solutions to Compliment Cyber...
Ken Czekaj & Robert Wright - Leveraging APM NPM Solutions to Compliment Cyber...Ken Czekaj & Robert Wright - Leveraging APM NPM Solutions to Compliment Cyber...
Ken Czekaj & Robert Wright - Leveraging APM NPM Solutions to Compliment Cyber...centralohioissa
 
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......centralohioissa
 
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Odds
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At OddsJervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Odds
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Oddscentralohioissa
 
Discover an IT Infrastructure Services & Management
Discover an IT Infrastructure Services & ManagementDiscover an IT Infrastructure Services & Management
Discover an IT Infrastructure Services & ManagementWebindia Internet Services (Chennai) Pvt. Ltd.
 
Infosec 2014: Capita Customer Management: Network Visibility to Manage Firewa...
Infosec 2014: Capita Customer Management: Network Visibility to Manage Firewa...Infosec 2014: Capita Customer Management: Network Visibility to Manage Firewa...
Infosec 2014: Capita Customer Management: Network Visibility to Manage Firewa...Skybox Security
 
NEWSentinel_services15
NEWSentinel_services15NEWSentinel_services15
NEWSentinel_services15Bilha Diaz
 
10 tips for hardening your system
10 tips for hardening your system10 tips for hardening your system
10 tips for hardening your systemRevital Lapidot
 
Hotels, Hookups and Video Conferencing: A Top 10 Countdown to 2020's Worst Da...
Hotels, Hookups and Video Conferencing: A Top 10 Countdown to 2020's Worst Da...Hotels, Hookups and Video Conferencing: A Top 10 Countdown to 2020's Worst Da...
Hotels, Hookups and Video Conferencing: A Top 10 Countdown to 2020's Worst Da...DevOps.com
 
Managing risk and vulnerabilities in a business context
Managing risk and vulnerabilities in a business contextManaging risk and vulnerabilities in a business context
Managing risk and vulnerabilities in a business contextAlgoSec
 
It Infrastructure Security - 24x7 Security Monitoring
It Infrastructure Security - 24x7 Security MonitoringIt Infrastructure Security - 24x7 Security Monitoring
It Infrastructure Security - 24x7 Security MonitoringWebindia Internet Services
 
The Compliancy Group : The Guard, a HIPAA Compliance Solution
The Compliancy Group : The Guard, a HIPAA Compliance SolutionThe Compliancy Group : The Guard, a HIPAA Compliance Solution
The Compliancy Group : The Guard, a HIPAA Compliance SolutionCompliancy Group
 
BeyondCorp and Zero Trust
BeyondCorp and Zero TrustBeyondCorp and Zero Trust
BeyondCorp and Zero TrustIvan Dwyer
 
collateral_datasheet_sungard
collateral_datasheet_sungardcollateral_datasheet_sungard
collateral_datasheet_sungardCheryl Goldberg
 
BeyondCorp and Zero Trust
BeyondCorp and Zero TrustBeyondCorp and Zero Trust
BeyondCorp and Zero TrustIvan Dwyer
 
Bitglass Webinar - Top 6 CASB Use Cases
Bitglass Webinar - Top 6 CASB Use CasesBitglass Webinar - Top 6 CASB Use Cases
Bitglass Webinar - Top 6 CASB Use CasesBitglass
 
Bengt Berg, Cybercom Security, Polen
Bengt Berg, Cybercom Security, PolenBengt Berg, Cybercom Security, Polen
Bengt Berg, Cybercom Security, PolenCybercom Group
 
Bitglass Webinar - BlueCross BlueShield of Tennessee's CASB Journey to Secure...
Bitglass Webinar - BlueCross BlueShield of Tennessee's CASB Journey to Secure...Bitglass Webinar - BlueCross BlueShield of Tennessee's CASB Journey to Secure...
Bitglass Webinar - BlueCross BlueShield of Tennessee's CASB Journey to Secure...Bitglass
 
Outpost24 webinar - Mastering the art of multicloud security
Outpost24 webinar - Mastering the art of multicloud securityOutpost24 webinar - Mastering the art of multicloud security
Outpost24 webinar - Mastering the art of multicloud securityOutpost24
 
Moving Security to the Left
Moving Security to the LeftMoving Security to the Left
Moving Security to the LeftJavier Godinez
 
Bitglass Webinar - 5 Cloud Security Best Practices for 2018
Bitglass Webinar - 5 Cloud Security Best Practices for 2018Bitglass Webinar - 5 Cloud Security Best Practices for 2018
Bitglass Webinar - 5 Cloud Security Best Practices for 2018Bitglass
 
The Share Responsibility Model of Cloud Computing - ILTA Philadelphia
The Share Responsibility Model of Cloud Computing - ILTA PhiladelphiaThe Share Responsibility Model of Cloud Computing - ILTA Philadelphia
The Share Responsibility Model of Cloud Computing - ILTA PhiladelphiaPatrick Sklodowski
 
Steve Cliff G-Cloud UK Meet Up
Steve Cliff G-Cloud UK Meet UpSteve Cliff G-Cloud UK Meet Up
Steve Cliff G-Cloud UK Meet UpWeAreEsynergy
 
Development platforms for startups by shawn gosh at guru program spring 2014
Development platforms for startups by shawn gosh at guru program spring 2014Development platforms for startups by shawn gosh at guru program spring 2014
Development platforms for startups by shawn gosh at guru program spring 2014TechMeetups
 

Weitere ähnliche Inhalte

Was ist angesagt?

Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......centralohioissa
 
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Odds
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At OddsJervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Odds
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Oddscentralohioissa
 
Infosec 2014: Capita Customer Management: Network Visibility to Manage Firewa...
Infosec 2014: Capita Customer Management: Network Visibility to Manage Firewa...Infosec 2014: Capita Customer Management: Network Visibility to Manage Firewa...
Infosec 2014: Capita Customer Management: Network Visibility to Manage Firewa...Skybox Security
 
NEWSentinel_services15
NEWSentinel_services15NEWSentinel_services15
NEWSentinel_services15Bilha Diaz
 
10 tips for hardening your system
10 tips for hardening your system10 tips for hardening your system
10 tips for hardening your systemRevital Lapidot
 
Hotels, Hookups and Video Conferencing: A Top 10 Countdown to 2020's Worst Da...
Hotels, Hookups and Video Conferencing: A Top 10 Countdown to 2020's Worst Da...Hotels, Hookups and Video Conferencing: A Top 10 Countdown to 2020's Worst Da...
Hotels, Hookups and Video Conferencing: A Top 10 Countdown to 2020's Worst Da...DevOps.com
 
Managing risk and vulnerabilities in a business context
Managing risk and vulnerabilities in a business contextManaging risk and vulnerabilities in a business context
Managing risk and vulnerabilities in a business contextAlgoSec
 
It Infrastructure Security - 24x7 Security Monitoring
It Infrastructure Security - 24x7 Security MonitoringIt Infrastructure Security - 24x7 Security Monitoring
It Infrastructure Security - 24x7 Security MonitoringWebindia Internet Services
 
The Compliancy Group : The Guard, a HIPAA Compliance Solution
The Compliancy Group : The Guard, a HIPAA Compliance SolutionThe Compliancy Group : The Guard, a HIPAA Compliance Solution
The Compliancy Group : The Guard, a HIPAA Compliance SolutionCompliancy Group
 
BeyondCorp and Zero Trust
BeyondCorp and Zero TrustBeyondCorp and Zero Trust
BeyondCorp and Zero TrustIvan Dwyer
 
collateral_datasheet_sungard
collateral_datasheet_sungardcollateral_datasheet_sungard
collateral_datasheet_sungardCheryl Goldberg
 
BeyondCorp and Zero Trust
BeyondCorp and Zero TrustBeyondCorp and Zero Trust
BeyondCorp and Zero TrustIvan Dwyer
 
Bitglass Webinar - Top 6 CASB Use Cases
Bitglass Webinar - Top 6 CASB Use CasesBitglass Webinar - Top 6 CASB Use Cases
Bitglass Webinar - Top 6 CASB Use CasesBitglass
 
Bengt Berg, Cybercom Security, Polen
Bengt Berg, Cybercom Security, PolenBengt Berg, Cybercom Security, Polen
Bengt Berg, Cybercom Security, PolenCybercom Group
 
Bitglass Webinar - BlueCross BlueShield of Tennessee's CASB Journey to Secure...
Bitglass Webinar - BlueCross BlueShield of Tennessee's CASB Journey to Secure...Bitglass Webinar - BlueCross BlueShield of Tennessee's CASB Journey to Secure...
Bitglass Webinar - BlueCross BlueShield of Tennessee's CASB Journey to Secure...Bitglass
 
Outpost24 webinar - Mastering the art of multicloud security
Outpost24 webinar - Mastering the art of multicloud securityOutpost24 webinar - Mastering the art of multicloud security
Outpost24 webinar - Mastering the art of multicloud securityOutpost24
 
Moving Security to the Left
Moving Security to the LeftMoving Security to the Left
Moving Security to the LeftJavier Godinez
 
Bitglass Webinar - 5 Cloud Security Best Practices for 2018
Bitglass Webinar - 5 Cloud Security Best Practices for 2018Bitglass Webinar - 5 Cloud Security Best Practices for 2018
Bitglass Webinar - 5 Cloud Security Best Practices for 2018Bitglass
 
The Share Responsibility Model of Cloud Computing - ILTA Philadelphia
The Share Responsibility Model of Cloud Computing - ILTA PhiladelphiaThe Share Responsibility Model of Cloud Computing - ILTA Philadelphia
The Share Responsibility Model of Cloud Computing - ILTA PhiladelphiaPatrick Sklodowski
 

Was ist angesagt? (20)

Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......
 
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Odds
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At OddsJervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Odds
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Odds
 
Discover an IT Infrastructure Services & Management
Discover an IT Infrastructure Services & ManagementDiscover an IT Infrastructure Services & Management
Discover an IT Infrastructure Services & Management
 
Infosec 2014: Capita Customer Management: Network Visibility to Manage Firewa...
Infosec 2014: Capita Customer Management: Network Visibility to Manage Firewa...Infosec 2014: Capita Customer Management: Network Visibility to Manage Firewa...
Infosec 2014: Capita Customer Management: Network Visibility to Manage Firewa...
 
NEWSentinel_services15
NEWSentinel_services15NEWSentinel_services15
NEWSentinel_services15
 
10 tips for hardening your system
10 tips for hardening your system10 tips for hardening your system
10 tips for hardening your system
 
Hotels, Hookups and Video Conferencing: A Top 10 Countdown to 2020's Worst Da...
Hotels, Hookups and Video Conferencing: A Top 10 Countdown to 2020's Worst Da...Hotels, Hookups and Video Conferencing: A Top 10 Countdown to 2020's Worst Da...
Hotels, Hookups and Video Conferencing: A Top 10 Countdown to 2020's Worst Da...
 
Managing risk and vulnerabilities in a business context
Managing risk and vulnerabilities in a business contextManaging risk and vulnerabilities in a business context
Managing risk and vulnerabilities in a business context
 
It Infrastructure Security - 24x7 Security Monitoring
It Infrastructure Security - 24x7 Security MonitoringIt Infrastructure Security - 24x7 Security Monitoring
It Infrastructure Security - 24x7 Security Monitoring
 
The Compliancy Group : The Guard, a HIPAA Compliance Solution
The Compliancy Group : The Guard, a HIPAA Compliance SolutionThe Compliancy Group : The Guard, a HIPAA Compliance Solution
The Compliancy Group : The Guard, a HIPAA Compliance Solution
 
BeyondCorp and Zero Trust
BeyondCorp and Zero TrustBeyondCorp and Zero Trust
BeyondCorp and Zero Trust
 
collateral_datasheet_sungard
collateral_datasheet_sungardcollateral_datasheet_sungard
collateral_datasheet_sungard
 
BeyondCorp and Zero Trust
BeyondCorp and Zero TrustBeyondCorp and Zero Trust
BeyondCorp and Zero Trust
 
Bitglass Webinar - Top 6 CASB Use Cases
Bitglass Webinar - Top 6 CASB Use CasesBitglass Webinar - Top 6 CASB Use Cases
Bitglass Webinar - Top 6 CASB Use Cases
 
Bengt Berg, Cybercom Security, Polen
Bengt Berg, Cybercom Security, PolenBengt Berg, Cybercom Security, Polen
Bengt Berg, Cybercom Security, Polen
 
Bitglass Webinar - BlueCross BlueShield of Tennessee's CASB Journey to Secure...
Bitglass Webinar - BlueCross BlueShield of Tennessee's CASB Journey to Secure...Bitglass Webinar - BlueCross BlueShield of Tennessee's CASB Journey to Secure...
Bitglass Webinar - BlueCross BlueShield of Tennessee's CASB Journey to Secure...
 
Outpost24 webinar - Mastering the art of multicloud security
Outpost24 webinar - Mastering the art of multicloud securityOutpost24 webinar - Mastering the art of multicloud security
Outpost24 webinar - Mastering the art of multicloud security
 
Moving Security to the Left
Moving Security to the LeftMoving Security to the Left
Moving Security to the Left
 
Bitglass Webinar - 5 Cloud Security Best Practices for 2018
Bitglass Webinar - 5 Cloud Security Best Practices for 2018Bitglass Webinar - 5 Cloud Security Best Practices for 2018
Bitglass Webinar - 5 Cloud Security Best Practices for 2018
 
The Share Responsibility Model of Cloud Computing - ILTA Philadelphia
The Share Responsibility Model of Cloud Computing - ILTA PhiladelphiaThe Share Responsibility Model of Cloud Computing - ILTA Philadelphia
The Share Responsibility Model of Cloud Computing - ILTA Philadelphia
 

Andere mochten auch

Steve Cliff G-Cloud UK Meet Up
Steve Cliff G-Cloud UK Meet UpSteve Cliff G-Cloud UK Meet Up
Steve Cliff G-Cloud UK Meet UpWeAreEsynergy
 
Development platforms for startups by shawn gosh at guru program spring 2014
Development platforms for startups by shawn gosh at guru program spring 2014Development platforms for startups by shawn gosh at guru program spring 2014
Development platforms for startups by shawn gosh at guru program spring 2014TechMeetups
 
Fast forward SETsquared IP network
Fast forward SETsquared IP network Fast forward SETsquared IP network
Fast forward SETsquared IP network Alan Scrase
 
IBM SmartCloud and ISVs September 2013 (Softlayer)
IBM SmartCloud and ISVs September 2013 (Softlayer)IBM SmartCloud and ISVs September 2013 (Softlayer)
IBM SmartCloud and ISVs September 2013 (Softlayer)Simon Baker
 
How to increase the business value of your IT team
How to increase the business value of your IT teamHow to increase the business value of your IT team
How to increase the business value of your IT teamBCS-IT
 
Netflix in the cloud 2011
Netflix in the cloud 2011Netflix in the cloud 2011
Netflix in the cloud 2011Adrian Cockcroft
 
node.js on Google Compute Engine
node.js on Google Compute Enginenode.js on Google Compute Engine
node.js on Google Compute EngineArun Nagarajan
 
Slides for the day-long Lean Analytics workshop at the 2014 Lean Startup conf...
Slides for the day-long Lean Analytics workshop at the 2014 Lean Startup conf...Slides for the day-long Lean Analytics workshop at the 2014 Lean Startup conf...
Slides for the day-long Lean Analytics workshop at the 2014 Lean Startup conf...Lean Analytics
 
Comparison of it governance framework-COBIT, ITIL, BS7799
Comparison of it governance framework-COBIT, ITIL, BS7799Comparison of it governance framework-COBIT, ITIL, BS7799
Comparison of it governance framework-COBIT, ITIL, BS7799Meghna Verma
 
NIST Cloud Computing Reference Architecture
NIST Cloud Computing Reference ArchitectureNIST Cloud Computing Reference Architecture
NIST Cloud Computing Reference ArchitectureThanakrit Lersmethasakul
 
Defining Services for a Service Catalog
Defining Services for a Service CatalogDefining Services for a Service Catalog
Defining Services for a Service CatalogAxios Systems
 

Andere mochten auch (12)

Steve Cliff G-Cloud UK Meet Up
Steve Cliff G-Cloud UK Meet UpSteve Cliff G-Cloud UK Meet Up
Steve Cliff G-Cloud UK Meet Up
 
Development platforms for startups by shawn gosh at guru program spring 2014
Development platforms for startups by shawn gosh at guru program spring 2014Development platforms for startups by shawn gosh at guru program spring 2014
Development platforms for startups by shawn gosh at guru program spring 2014
 
Fast forward SETsquared IP network
Fast forward SETsquared IP network Fast forward SETsquared IP network
Fast forward SETsquared IP network
 
IBM SmartCloud and ISVs September 2013 (Softlayer)
IBM SmartCloud and ISVs September 2013 (Softlayer)IBM SmartCloud and ISVs September 2013 (Softlayer)
IBM SmartCloud and ISVs September 2013 (Softlayer)
 
How to increase the business value of your IT team
How to increase the business value of your IT teamHow to increase the business value of your IT team
How to increase the business value of your IT team
 
Netflix in the cloud 2011
Netflix in the cloud 2011Netflix in the cloud 2011
Netflix in the cloud 2011
 
node.js on Google Compute Engine
node.js on Google Compute Enginenode.js on Google Compute Engine
node.js on Google Compute Engine
 
Slides for the day-long Lean Analytics workshop at the 2014 Lean Startup conf...
Slides for the day-long Lean Analytics workshop at the 2014 Lean Startup conf...Slides for the day-long Lean Analytics workshop at the 2014 Lean Startup conf...
Slides for the day-long Lean Analytics workshop at the 2014 Lean Startup conf...
 
Comparison of it governance framework-COBIT, ITIL, BS7799
Comparison of it governance framework-COBIT, ITIL, BS7799Comparison of it governance framework-COBIT, ITIL, BS7799
Comparison of it governance framework-COBIT, ITIL, BS7799
 
NIST Cloud Computing Reference Architecture
NIST Cloud Computing Reference ArchitectureNIST Cloud Computing Reference Architecture
NIST Cloud Computing Reference Architecture
 
Defining Services for a Service Catalog
Defining Services for a Service CatalogDefining Services for a Service Catalog
Defining Services for a Service Catalog
 
Intro to AWS Security
Intro to AWS SecurityIntro to AWS Security
Intro to AWS Security
 

Ähnlich wie David Slater G-Cloud Meet Up

When Your CISO Says No - Security & Compliance in Office 365
When Your CISO Says No - Security & Compliance in Office 365When Your CISO Says No - Security & Compliance in Office 365
When Your CISO Says No - Security & Compliance in Office 365Ricardo Wilkins
 
(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the Cloud(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the CloudAmazon Web Services
 
The What, Why, and How of DevSecOps
The What, Why, and How of DevSecOpsThe What, Why, and How of DevSecOps
The What, Why, and How of DevSecOpsCprime
 
Open Architecture: The Key to Aviation Security
Open Architecture: The Key to Aviation SecurityOpen Architecture: The Key to Aviation Security
Open Architecture: The Key to Aviation Securityagoldsmith1
 
Security architecture best practices for saas applications
Security architecture best practices for saas applicationsSecurity architecture best practices for saas applications
Security architecture best practices for saas applicationskanimozhin
 
Security Architecture Best Practices for SaaS Applications
Security Architecture Best Practices for SaaS ApplicationsSecurity Architecture Best Practices for SaaS Applications
Security Architecture Best Practices for SaaS ApplicationsTechcello
 
Cyber Security in The Cloud
Cyber Security in The CloudCyber Security in The Cloud
Cyber Security in The CloudPECB
 
The New Assure Security: Complete IBM i Compliance and Security
The New Assure Security: Complete IBM i Compliance and SecurityThe New Assure Security: Complete IBM i Compliance and Security
The New Assure Security: Complete IBM i Compliance and SecurityPrecisely
 
Implementing Legal within Tech. What are the Cyber Security issues?
Implementing Legal within Tech. What are the Cyber Security issues?Implementing Legal within Tech. What are the Cyber Security issues?
Implementing Legal within Tech. What are the Cyber Security issues?Cyber Security Partners
 
Rightscale Webinar: PCI in Public Cloud
Rightscale Webinar: PCI in Public CloudRightscale Webinar: PCI in Public Cloud
Rightscale Webinar: PCI in Public CloudRightScale
 
JDA: Building an Open Source Center of Excellence
JDA: Building an Open Source Center of ExcellenceJDA: Building an Open Source Center of Excellence
JDA: Building an Open Source Center of ExcellenceBlack Duck by Synopsys
 
Latest Developments in Cloud Security Standards and Privacy
Latest Developments in Cloud Security Standards and PrivacyLatest Developments in Cloud Security Standards and Privacy
Latest Developments in Cloud Security Standards and PrivacyCloud Standards Customer Council
 
Cloud Security Standards: What to Expect and What to Negotiate V2.0
Cloud Security Standards: What to Expect and What to Negotiate V2.0Cloud Security Standards: What to Expect and What to Negotiate V2.0
Cloud Security Standards: What to Expect and What to Negotiate V2.0Cloud Standards Customer Council
 
AWS Meetup CGN 11/2021
AWS Meetup CGN 11/2021AWS Meetup CGN 11/2021
AWS Meetup CGN 11/2021Theo Pack
 
CompTIA CAS-002 VCE Outline
CompTIA CAS-002 VCE OutlineCompTIA CAS-002 VCE Outline
CompTIA CAS-002 VCE OutlineExamcollection
 
Professional Designations IT Assurance
Professional Designations IT AssuranceProfessional Designations IT Assurance
Professional Designations IT Assurancea3virani
 
AWS Enterprise Summit London 2015 | Security in the Cloud
AWS Enterprise Summit London 2015 | Security in the CloudAWS Enterprise Summit London 2015 | Security in the Cloud
AWS Enterprise Summit London 2015 | Security in the CloudAmazon Web Services
 
Top Security Challenges Facing Credit Unions Today
Top Security Challenges Facing Credit Unions TodayTop Security Challenges Facing Credit Unions Today
Top Security Challenges Facing Credit Unions TodayChris Gates
 
7 Secrets to Becoming a Citrix Hero
7 Secrets to Becoming a Citrix Hero7 Secrets to Becoming a Citrix Hero
7 Secrets to Becoming a Citrix HeroeG Innovations
 

Ähnlich wie David Slater G-Cloud Meet Up (20)

When Your CISO Says No - Security & Compliance in Office 365
When Your CISO Says No - Security & Compliance in Office 365When Your CISO Says No - Security & Compliance in Office 365
When Your CISO Says No - Security & Compliance in Office 365
 
(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the Cloud(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the Cloud
 
The What, Why, and How of DevSecOps
The What, Why, and How of DevSecOpsThe What, Why, and How of DevSecOps
The What, Why, and How of DevSecOps
 
Open Architecture: The Key to Aviation Security
Open Architecture: The Key to Aviation SecurityOpen Architecture: The Key to Aviation Security
Open Architecture: The Key to Aviation Security
 
Security architecture best practices for saas applications
Security architecture best practices for saas applicationsSecurity architecture best practices for saas applications
Security architecture best practices for saas applications
 
Security Architecture Best Practices for SaaS Applications
Security Architecture Best Practices for SaaS ApplicationsSecurity Architecture Best Practices for SaaS Applications
Security Architecture Best Practices for SaaS Applications
 
Cyber Security in The Cloud
Cyber Security in The CloudCyber Security in The Cloud
Cyber Security in The Cloud
 
The New Assure Security: Complete IBM i Compliance and Security
The New Assure Security: Complete IBM i Compliance and SecurityThe New Assure Security: Complete IBM i Compliance and Security
The New Assure Security: Complete IBM i Compliance and Security
 
Implementing Legal within Tech. What are the Cyber Security issues?
Implementing Legal within Tech. What are the Cyber Security issues?Implementing Legal within Tech. What are the Cyber Security issues?
Implementing Legal within Tech. What are the Cyber Security issues?
 
Rightscale Webinar: PCI in Public Cloud
Rightscale Webinar: PCI in Public CloudRightscale Webinar: PCI in Public Cloud
Rightscale Webinar: PCI in Public Cloud
 
JDA: Building an Open Source Center of Excellence
JDA: Building an Open Source Center of ExcellenceJDA: Building an Open Source Center of Excellence
JDA: Building an Open Source Center of Excellence
 
Latest Developments in Cloud Security Standards and Privacy
Latest Developments in Cloud Security Standards and PrivacyLatest Developments in Cloud Security Standards and Privacy
Latest Developments in Cloud Security Standards and Privacy
 
Cloud Security Standards: What to Expect and What to Negotiate V2.0
Cloud Security Standards: What to Expect and What to Negotiate V2.0Cloud Security Standards: What to Expect and What to Negotiate V2.0
Cloud Security Standards: What to Expect and What to Negotiate V2.0
 
Compliance with AWS
Compliance with AWSCompliance with AWS
Compliance with AWS
 
AWS Meetup CGN 11/2021
AWS Meetup CGN 11/2021AWS Meetup CGN 11/2021
AWS Meetup CGN 11/2021
 
CompTIA CAS-002 VCE Outline
CompTIA CAS-002 VCE OutlineCompTIA CAS-002 VCE Outline
CompTIA CAS-002 VCE Outline
 
Professional Designations IT Assurance
Professional Designations IT AssuranceProfessional Designations IT Assurance
Professional Designations IT Assurance
 
AWS Enterprise Summit London 2015 | Security in the Cloud
AWS Enterprise Summit London 2015 | Security in the CloudAWS Enterprise Summit London 2015 | Security in the Cloud
AWS Enterprise Summit London 2015 | Security in the Cloud
 
Top Security Challenges Facing Credit Unions Today
Top Security Challenges Facing Credit Unions TodayTop Security Challenges Facing Credit Unions Today
Top Security Challenges Facing Credit Unions Today
 
7 Secrets to Becoming a Citrix Hero
7 Secrets to Becoming a Citrix Hero7 Secrets to Becoming a Citrix Hero
7 Secrets to Becoming a Citrix Hero
 

KĂźrzlich hochgeladen

Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 

KĂźrzlich hochgeladen (20)

Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 

David Slater G-Cloud Meet Up

  • 1. David Slater, CLAS Consultant
  • 2. Security in G-Cloud Services at Restricted dd-mm-yyyy
  • 3. Introduction • Achieving Restricted (IL3) accreditation of service is not easy • Presentation covers experiences gained from achieving accreditation of Restricted (IL3) services for Atos • Not an exhaustive list – just the highlights | Identity, Security and Risk Management from Atos Consulting
  • 4. Before You Start … • Review your solution against: • • • • CESG Architectural Patters CESG Good Practice Guides IS Standards Check that your ISO 27001 Certification is: • • • Current Suitably scoped UKAS Certified (recognized) CESG like compliancy matrices against the relevant GPG’s Read the PSN Code | Identity, Security and Risk Management from Atos Consulting
  • 5. Key Security Controls • Make sure applications: • • • Address the OWASP Top Ten Think about limiting concurrent logins Think about defense in depth • Input Validation • Parameterized Stored Procedures • Output Validation • Manage Out-of-Bands • Separate Interface • Not via the Internet • Lock everything down against Industry Guides (Centre for Internet Security) • Use CPA approved or Common Criteria Approved products | Identity, Security and Risk Management from Atos Consulting
  • 6. Support • Keep it in the UK at Restricted (IL3) • Use secure protocols • SSH • HTTPS • Use dedicated support terminals • CESG approved encryption across insecure networks • Issue with approved products • Support from the office – not via Internet/Remote Access • Cleared staff • Another issue 6 | Identity, Security and Risk Management from Atos Consulting
  • 7. Consider hosting in a pre-accredited Service A number of accredited ‘hosting’ environments: • • • • • Atos Skyscape Lockheed Martin SCC • Not all the same, each has its strengths and weaknesses • Look at what you get against your needs: • Internet Connection • PSN Connection • Support Connections • Monitoring • Patching • Disaster Recovery • Protective Monitoring 7 | Identity, Security and Risk Management from Atos Consulting
  • 8. Things that catch you out …. • Staff Clearances • Cabinet Office will clear small number • SC for privileged users • Key Material for CAPS products • No easy route to gain • No real alternative • Penetration Tests • Recent – many month old test is no good • Single vulnerability allowing inter-network connection • CESG Design Review 8 | Identity, Security and Risk Management from Atos Consulting
  • 9. The PGA is …. • Risk adverse • Well briefed • Has a lot of backup • Aligned with CESG Guidance 9 | Identity, Security and Risk Management from Atos Consulting
  • 10. Thank You 10 | Identity, Security and Risk Management from Atos Consulting