SlideShare ist ein Scribd-Unternehmen logo

Cloud computing arma_nnj

Als PPTX, PDF herunterladen
S
scm24
TechnologieBusiness
1 von 42
Cloud Computing Steven C. Markey,MSIS,PMP, CISSP,CIPP, CISM,CISA,STS-EV,CCSK Principal, nControl, LLC Adjunct Professor President, Cloud Security Alliance – Delaware Valley Chapter (CSA-DelVal)
Cloud Computing • Presentation Overview – Cloud Overview • General • Business Case for Cloud Computing • Security Guidance • Selecting a Cloud Service Provider (CSP) • Records & Info Management (RIM) in the Cloud – Case Studies • e-Discovery IN the Cloud
Cloud Computing • General Overview – Why should you care about the “cloud”?
Cloud Computing Trends Numbers Numbers around CC are always impressive: 80% fortune companies 1000 will pay to use cloud computing services and 30% will pay for infrastructure. Gartner At this moment, the 5 major search engines together have 2.000.000 Market : computers 42 billon: IDC 95 billion: Merrill Lynch 33% of IT business will be in Cloud Computing Gartner Microsoft data centre in Chicago: 610.000 servers 8 8 Source: Open Group
Cloud Computing • What is Cloud Computing? – Re-Branded IT Business Model • Application Service Provider (ASP) • IT Outsourcing (ITO) – Formal Characteristics • Resource Pooling • Rapid Elasticity – Confusion • Hosting • Virtualization • Service Provider
Service Delivery Models Source: Swain Techs
Responsibility Source: Matthew Gardiner, Computer Associates
SaaS Providers
PaaS Providers
IaaS Providers
Private Cloud • Dedicated Clouds – Usually Hosted Internally • Use Chargeback/Shared Services Model – External Private Clouds Exist
Hosting Providers
Third Parties
Cloud Computing • Business Case for Cloud Computing – Time-to-Market – Global Presence – Focus on Core Competency – Elasticity – Cost-Benefit Analysis (CBA)
Cloud Computing • Partly Cloudy with a Chance of Risk! – The Cloud is Perceived as Risky Business • Lack of Control • Regulatory Compliance • Hacks, Outages, Disasters….Oh My! Source: Youtube
Cloud Computing • Security Guidance – Existing Certifications/Attestations • SAS 70 Type II/SSAE 16/ISAE 3402 • ISO 27001/2, 27036, 15489 • BITS Shared Assessments • PCI DSS • HIPAA/HITECH – Guidance Specifically for the Cloud • CSA Guide v3.0 • ENISA Cloud Computing Risk Assessment • NIST SP 800-144 Guidelines Security/Privacy for a Public Cloud
Cloud Computing • Selecting a CSP – Service Provider/Consumer Process Alignment – Portability/Interoperability – Contractual/Legal Agreements – Industry Tools
Cloud Computing • Service Provider/Consumer Process Alignment – Change/Configuration Management – Loading/Offloading – Disaster Recovery – Incident Response – Legal Hold/Litigation Response/e-Discovery • Electronic Discovery Reference Model (EDRM) – Records and Information Management (RIM) • Generally Accepted Recordkeeping Principles (GARP) • Information Governance Reference Model (IGRM) • Information Lifecycle Management (ILM)
Cloud Computing • Portability/Interoperability – Software – Data – Third Parties
Cloud Computing • Contractual/Legal Agreements – Service Level Agreements (SLA) • Up-Time • Jurisdiction • Data Ownership – Escrow Data – Include Metadata • Exit Clause • Testing – Disaster Recovery – Incident Response – Legal Hold/Litigation Response/e-Discovery
Cloud Computing • Contractual/Legal Agreements – Service Level Agreements (SLA) • Right to Audit – Vendor & Vendor’s Vendors – GARP-Specific
Cloud Computing • Industry Tools – Selection • Gravitant CloudWiz • VMware Cloud Readiness Self-Assessment Tool – Brokerage/Management • RightScale • CloudFloor • Skydera • enStratus
Cloud Computing • Industry Tools – Migration • Bit Titan MigrationWiz • Layer 2 SharePoint Cloud Connector • Metalogix StoragePoint • AvePoint DocAve Migrator
Source: Metalogix StoragePoint
Source: Metalogix StoragePoint
Source: AvePoint DocAve Migrator
Cloud Computing • RIM in the Cloud – Process • Self-Service Provisioning • CSP Brokerage, Monitoring & Metering • CSP Information Governance • CSP Adherence to Standards – NIST » SP 800-92: Log Management – ISO » 15489: Records Management » 23081: Records Metadata » 15386: Digital Archive » 30300/303001: RIM Management System » 17024: Conformity Assessment
Source: Flickr
Cloud Computing • RIM in the Cloud – People • More Empowered: Shadow IT, Consumerized IT – Millenials Expect Autonomy – Bring Your Own Device (BYOD) – Less Office Time, But Always On • Increased Roles & Responsibilities • Additional Tech/Analytical Skill-Sets Required – Technology • Commoditized • CSP Metadata • New Technologies: Non-Relational Database Architectures • New Paradigms: Big Data (Data Lakes & Cloud)
Cloud Computing • Case Study: e-Discovery FROM the Cloud – Background – Drivers – Technologies – Limitations – Risks – Lessons Learned – Next Steps
Cloud Computing • Case Study: e-Discovery FROM the Cloud – Background • Financial Services SMB – Capital Management (PA) • Recent Project: 2010 • IT: Managed Service Provider/Operations, Director – Drivers • Cost • Compliance – Technologies • Email: Exchange Server 2007, 2010/Office 365 • Discovery: Symantec Enterprise Vault (EV) v8.0/v9.0
Cloud Computing • Case Study: e-Discovery FROM the Cloud – Limitations • Budget • Skill-Sets • Resources – Risks • Software/System Interoperability • Vendor Management: Contractual/SLA Omissions • Disaster Recovery: Datacom • Legacy Email Availability, No More Archiving • Scope Creep
Cloud Computing • Case Study: e-Discovery FROM the Cloud – Lessons Learned • Limited Cost Savings – On-Site Exchange Box for Journaling – Upgrade to EV v9.0 to Support Exchange 2010 – Exchange Hosted Encryption (EHE) – Forefront Online Protection for Exchange (FOPE) • Exchange Journaling From the Cloud, Complicated – Microsoft Federation Gateway (MFG) • Leverage Interim Solution for BlackBerry Services – Shutdown BlackBerry Enterprise Server (BES) – Leverage AstraSync (Exchange ActiveSync)
Cloud Computing • Case Study: e-Discovery FROM the Cloud – Next Steps • Upgrade to EV v10.0 – Incorporate Social Media • Test BCP/DR e-Discovery Functionality • BlackBerry Office 365 – Looking at BES Balance (“Data Boxing”) • Leverage Office 365 for SharePoint, iOS & Android – Nix AstraSync, Reviewing Hosted AirWatch & MobileIron for MDM • Reviewing Cloud e-Discovery SaaS Solutions – Symantec Enterprise Vault.cloud – Microsoft Exchange Online Archiving (EOA)
Cloud Computing • Presentation Take Aways – Cloud = Re-Branded Business Model –With New Bells & Whistles (Big Data, etc.) – Paradigm Shift Towards Empowerment – Strategy & Due Diligence Are VERY Important –Must Consider the Business Ecosystem
Cloud Computing • References – CSA Guide: https://cloudsecurityalliance.org/research/security-guidance/ – BITS Enterprise Cloud Self-Assessment: http://sharedassessments.org/media/pdf-EnterpriseCloud-SA.pdf – ENISA Risk Assessment: http://www.enisa.europa.eu/act/rm/files/deliverables/cloud-computing-risk- assessment – NIST SP 800-144: http://csrc.nist.gov/publications/drafts/800-144/Draft-SP-800-144_cloud-computing.pdf – IGRM: http://www.edrm.net/projects/igrm – EDRM: http://www.edrm.net/ – MIKE2.0: http://mike2.openmethodology.org/ – VMware CRSA: http://getcloudready.vmware.com/crsa/ – Bit Titan MigrationWiz: https://www.migrationwiz.com/Secure/Default.aspx – Gravitant cloudWiz: http://www.gravitant.com/cloudwiz-home.html – RightScale: http://www.rightscale.com/ – CloudFloor: http://www.cloudfloor.com/ – Skydera: http://www.skydera.com/ – enStratus: http://enstratus.com/ – Layer 2: http://www.layer2.de/en/products/Pages/Cloud-Connector-for-SharePoint-2010-Office365.aspx – Metalogix StoragePoint: http://www.metalogix.com/Products/StoragePoint.aspx – AvePoint DocAve: http://www.avepoint.com/sharepoint-to-sharepoint-migration-docave/
Cloud Computing • Personal References – PenTest Magazine, "Scanning Your Cloud Environment": http://pentestmag.com/client-side-exploits-pentest- 082011/ – ISACA Journal, "Testing Your Incident Response Plan": http://www.isaca.org/Journal/Current- Issue/Pages/default.aspx – e-Discovery 2.0: In the Cloud: https://s3.amazonaws.com/nControl-Docs/CSA11_Session-SMarkey.ppt – Security in the Cloud: https://s3.amazonaws.com/nControl-Docs/Cloud_Computing-Security.ppt – System Architecture & Engineering for the Cloud: https://s3.amazonaws.com/nControl- Docs/Cloud_Computing-Architecture_Engineering.ppt – Cloud Computing Primer: https://s3.amazonaws.com/nControl-Docs/Cloud_Computing-Basic.ppt – Cloud Computing - Authentication & Encryption: https://s3.amazonaws.com/nControl- Docs/Cloud_Computing_Security-Session_II.ppt – Cloud Computing - Application & Virtualization Security: https://s3.amazonaws.com/nControl- Docs/Cloud_Computing_Security-Session_III.ppt – Securing Your ESI: https://s3.amazonaws.com/nControl-Docs/Securing_Your_ESI_v2.ppt
• Questions? • Contact – Email: steve@ncontrol-llc.com – Twitter: @markes1, @csdadelval2011 – LI: http://www.linkedin.com/in/smarkey – CSA-DelVal: http://www.csadelval.org/

Empfohlen

Bd cloud v3
Bd cloud v3Bd cloud v3
Bd cloud v3scm24
 
Securing your esi_piedmont
Securing your esi_piedmontSecuring your esi_piedmont
Securing your esi_piedmontscm24
 
Maximizing your share_point_investment_final
Maximizing your share_point_investment_finalMaximizing your share_point_investment_final
Maximizing your share_point_investment_finalscm24
 
Cw13 cloud computing & big data by ahmed aamer
Cw13 cloud computing & big data by ahmed aamerCw13 cloud computing & big data by ahmed aamer
Cw13 cloud computing & big data by ahmed aamerinevitablecloud
 
Cloud Capacity Management
Cloud Capacity ManagementCloud Capacity Management
Cloud Capacity ManagementMetron
 
Capacity Management in a Cloud Computing World
Capacity Management in a Cloud Computing WorldCapacity Management in a Cloud Computing World
Capacity Management in a Cloud Computing WorldDavid Linthicum
 
Cloud Capacity Management
Cloud Capacity ManagementCloud Capacity Management
Cloud Capacity ManagementPrecisely
 
Cloud_Computing_IIMC_v1
Cloud_Computing_IIMC_v1Cloud_Computing_IIMC_v1
Cloud_Computing_IIMC_v1Steve Markey
 

Empfohlen

Bd cloud v3
Bd cloud v3Bd cloud v3
Bd cloud v3scm24
 
Securing your esi_piedmont
Securing your esi_piedmontSecuring your esi_piedmont
Securing your esi_piedmontscm24
 
Maximizing your share_point_investment_final
Maximizing your share_point_investment_finalMaximizing your share_point_investment_final
Maximizing your share_point_investment_finalscm24
 
Cw13 cloud computing & big data by ahmed aamer
Cw13 cloud computing & big data by ahmed aamerCw13 cloud computing & big data by ahmed aamer
Cw13 cloud computing & big data by ahmed aamerinevitablecloud
 
Cloud Capacity Management
Cloud Capacity ManagementCloud Capacity Management
Cloud Capacity ManagementMetron
 
Capacity Management in a Cloud Computing World
Capacity Management in a Cloud Computing WorldCapacity Management in a Cloud Computing World
Capacity Management in a Cloud Computing WorldDavid Linthicum
 
Cloud Capacity Management
Cloud Capacity ManagementCloud Capacity Management
Cloud Capacity ManagementPrecisely
 
Cloud_Computing_IIMC_v1
Cloud_Computing_IIMC_v1Cloud_Computing_IIMC_v1
Cloud_Computing_IIMC_v1Steve Markey
 
AWS Cloud Use Cases - Ezhil Arasan Babaraj, CSS Corp
AWS Cloud Use Cases - Ezhil Arasan Babaraj, CSS CorpAWS Cloud Use Cases - Ezhil Arasan Babaraj, CSS Corp
AWS Cloud Use Cases - Ezhil Arasan Babaraj, CSS CorpAmazon Web Services
 
Intelligent Business Process Management Suites (iBPMS) - The Next-Generation ...
Intelligent Business Process Management Suites (iBPMS) - The Next-Generation ...Intelligent Business Process Management Suites (iBPMS) - The Next-Generation ...
Intelligent Business Process Management Suites (iBPMS) - The Next-Generation ...Kai Wähner
 
Cloud Computing in Business and facts
Cloud Computing in Business and factsCloud Computing in Business and facts
Cloud Computing in Business and factsArun Ganesh
 
Cloud Computing and Big Data
Cloud Computing and Big DataCloud Computing and Big Data
Cloud Computing and Big DataRobert Keahey
 
Security & privacy challenges in cloud computing
Security & privacy challenges in cloud computingSecurity & privacy challenges in cloud computing
Security & privacy challenges in cloud computingkdore
 
AAF - Enterprise Architecture and Cloud Computing
AAF - Enterprise Architecture and Cloud ComputingAAF - Enterprise Architecture and Cloud Computing
AAF - Enterprise Architecture and Cloud ComputingMarc Caltabiano
 
Challenges in cloud computing to enable future internet of things v0.3
Challenges in cloud computing to enable future internet of things v0.3Challenges in cloud computing to enable future internet of things v0.3
Challenges in cloud computing to enable future internet of things v0.3Ignacio M. Llorente
 
Embracing Cloud in a Traditional Data Center
Embracing Cloud in a Traditional Data CenterEmbracing Cloud in a Traditional Data Center
Embracing Cloud in a Traditional Data CenterBrian Anderson
 
Advantages to Adoption the Microsoft Cloud - Microsoft Customer Executive Summit
Advantages to Adoption the Microsoft Cloud - Microsoft Customer Executive SummitAdvantages to Adoption the Microsoft Cloud - Microsoft Customer Executive Summit
Advantages to Adoption the Microsoft Cloud - Microsoft Customer Executive SummitRichard Harbridge
 
Leaders in the Cloud: Identifying Cloud Business Value for Customers
Leaders in the Cloud: Identifying Cloud Business Value for CustomersLeaders in the Cloud: Identifying Cloud Business Value for Customers
Leaders in the Cloud: Identifying Cloud Business Value for CustomersOpSource
 
Cloud computing overview
Cloud computing overviewCloud computing overview
Cloud computing overviewdaklug
 
Cloud-Based Big Data Analytics
Cloud-Based Big Data AnalyticsCloud-Based Big Data Analytics
Cloud-Based Big Data AnalyticsSateeshreddy N
 
No sql now2011_review_of_adhoc_architectures
No sql now2011_review_of_adhoc_architecturesNo sql now2011_review_of_adhoc_architectures
No sql now2011_review_of_adhoc_architecturesNicholas Goodman
 
Big Data & The Cloud
Big Data & The CloudBig Data & The Cloud
Big Data & The CloudAmazon Web Services
 
The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...
The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...
The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...gueste4e93e3
 
Introduction to Cloud Computing and Big Data
Introduction to Cloud Computing and Big DataIntroduction to Cloud Computing and Big Data
Introduction to Cloud Computing and Big Datawaheed751
 
Tci reference architecture_v2.0
Tci reference architecture_v2.0Tci reference architecture_v2.0
Tci reference architecture_v2.0Sandeep Sharma IIMK Smart City,IoT,Bigdata,Cloud,BI,DW
 
Relationship between cloud computing and big data
Relationship between cloud computing and big dataRelationship between cloud computing and big data
Relationship between cloud computing and big dataJazan University
 
Systems Advantage Forum : Autonomous DB e DBaaS
Systems Advantage Forum : Autonomous DB e DBaaS Systems Advantage Forum : Autonomous DB e DBaaS
Systems Advantage Forum : Autonomous DB e DBaaS Riccardo Romani
 
Cloud Computing 101 Issue 1 (Sample)
Cloud Computing 101 Issue 1 (Sample)Cloud Computing 101 Issue 1 (Sample)
Cloud Computing 101 Issue 1 (Sample)Alan Quayle
 
Selecting csp iapp_summit_2012 - 5-february
Selecting csp iapp_summit_2012 - 5-februarySelecting csp iapp_summit_2012 - 5-february
Selecting csp iapp_summit_2012 - 5-februaryscm24
 
Financial impact of Cloud Computing
Financial impact of Cloud ComputingFinancial impact of Cloud Computing
Financial impact of Cloud Computingkrisbliesner
 

Weitere ähnliche Inhalte

Was ist angesagt?

AWS Cloud Use Cases - Ezhil Arasan Babaraj, CSS Corp
AWS Cloud Use Cases - Ezhil Arasan Babaraj, CSS CorpAWS Cloud Use Cases - Ezhil Arasan Babaraj, CSS Corp
AWS Cloud Use Cases - Ezhil Arasan Babaraj, CSS CorpAmazon Web Services
 
Intelligent Business Process Management Suites (iBPMS) - The Next-Generation ...
Intelligent Business Process Management Suites (iBPMS) - The Next-Generation ...Intelligent Business Process Management Suites (iBPMS) - The Next-Generation ...
Intelligent Business Process Management Suites (iBPMS) - The Next-Generation ...Kai Wähner
 
Cloud Computing in Business and facts
Cloud Computing in Business and factsCloud Computing in Business and facts
Cloud Computing in Business and factsArun Ganesh
 
Cloud Computing and Big Data
Cloud Computing and Big DataCloud Computing and Big Data
Cloud Computing and Big DataRobert Keahey
 
Security & privacy challenges in cloud computing
Security & privacy challenges in cloud computingSecurity & privacy challenges in cloud computing
Security & privacy challenges in cloud computingkdore
 
AAF - Enterprise Architecture and Cloud Computing
AAF - Enterprise Architecture and Cloud ComputingAAF - Enterprise Architecture and Cloud Computing
AAF - Enterprise Architecture and Cloud ComputingMarc Caltabiano
 
Challenges in cloud computing to enable future internet of things v0.3
Challenges in cloud computing to enable future internet of things v0.3Challenges in cloud computing to enable future internet of things v0.3
Challenges in cloud computing to enable future internet of things v0.3Ignacio M. Llorente
 
Embracing Cloud in a Traditional Data Center
Embracing Cloud in a Traditional Data CenterEmbracing Cloud in a Traditional Data Center
Embracing Cloud in a Traditional Data CenterBrian Anderson
 
Advantages to Adoption the Microsoft Cloud - Microsoft Customer Executive Summit
Advantages to Adoption the Microsoft Cloud - Microsoft Customer Executive SummitAdvantages to Adoption the Microsoft Cloud - Microsoft Customer Executive Summit
Advantages to Adoption the Microsoft Cloud - Microsoft Customer Executive SummitRichard Harbridge
 
Leaders in the Cloud: Identifying Cloud Business Value for Customers
Leaders in the Cloud: Identifying Cloud Business Value for CustomersLeaders in the Cloud: Identifying Cloud Business Value for Customers
Leaders in the Cloud: Identifying Cloud Business Value for CustomersOpSource
 
Cloud computing overview
Cloud computing overviewCloud computing overview
Cloud computing overviewdaklug
 
Cloud-Based Big Data Analytics
Cloud-Based Big Data AnalyticsCloud-Based Big Data Analytics
Cloud-Based Big Data AnalyticsSateeshreddy N
 
No sql now2011_review_of_adhoc_architectures
No sql now2011_review_of_adhoc_architecturesNo sql now2011_review_of_adhoc_architectures
No sql now2011_review_of_adhoc_architecturesNicholas Goodman
 
The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...
The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...
The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...gueste4e93e3
 
Introduction to Cloud Computing and Big Data
Introduction to Cloud Computing and Big DataIntroduction to Cloud Computing and Big Data
Introduction to Cloud Computing and Big Datawaheed751
 
Relationship between cloud computing and big data
Relationship between cloud computing and big dataRelationship between cloud computing and big data
Relationship between cloud computing and big dataJazan University
 
Systems Advantage Forum : Autonomous DB e DBaaS
Systems Advantage Forum : Autonomous DB e DBaaS Systems Advantage Forum : Autonomous DB e DBaaS
Systems Advantage Forum : Autonomous DB e DBaaS Riccardo Romani
 
Cloud Computing 101 Issue 1 (Sample)
Cloud Computing 101 Issue 1 (Sample)Cloud Computing 101 Issue 1 (Sample)
Cloud Computing 101 Issue 1 (Sample)Alan Quayle
 

Was ist angesagt? (20)

AWS Cloud Use Cases - Ezhil Arasan Babaraj, CSS Corp
AWS Cloud Use Cases - Ezhil Arasan Babaraj, CSS CorpAWS Cloud Use Cases - Ezhil Arasan Babaraj, CSS Corp
AWS Cloud Use Cases - Ezhil Arasan Babaraj, CSS Corp
 
Intelligent Business Process Management Suites (iBPMS) - The Next-Generation ...
Intelligent Business Process Management Suites (iBPMS) - The Next-Generation ...Intelligent Business Process Management Suites (iBPMS) - The Next-Generation ...
Intelligent Business Process Management Suites (iBPMS) - The Next-Generation ...
 
Cloud Computing in Business and facts
Cloud Computing in Business and factsCloud Computing in Business and facts
Cloud Computing in Business and facts
 
Cloud Computing and Big Data
Cloud Computing and Big DataCloud Computing and Big Data
Cloud Computing and Big Data
 
Security & privacy challenges in cloud computing
Security & privacy challenges in cloud computingSecurity & privacy challenges in cloud computing
Security & privacy challenges in cloud computing
 
AAF - Enterprise Architecture and Cloud Computing
AAF - Enterprise Architecture and Cloud ComputingAAF - Enterprise Architecture and Cloud Computing
AAF - Enterprise Architecture and Cloud Computing
 
Challenges in cloud computing to enable future internet of things v0.3
Challenges in cloud computing to enable future internet of things v0.3Challenges in cloud computing to enable future internet of things v0.3
Challenges in cloud computing to enable future internet of things v0.3
 
Embracing Cloud in a Traditional Data Center
Embracing Cloud in a Traditional Data CenterEmbracing Cloud in a Traditional Data Center
Embracing Cloud in a Traditional Data Center
 
Advantages to Adoption the Microsoft Cloud - Microsoft Customer Executive Summit
Advantages to Adoption the Microsoft Cloud - Microsoft Customer Executive SummitAdvantages to Adoption the Microsoft Cloud - Microsoft Customer Executive Summit
Advantages to Adoption the Microsoft Cloud - Microsoft Customer Executive Summit
 
Leaders in the Cloud: Identifying Cloud Business Value for Customers
Leaders in the Cloud: Identifying Cloud Business Value for CustomersLeaders in the Cloud: Identifying Cloud Business Value for Customers
Leaders in the Cloud: Identifying Cloud Business Value for Customers
 
Cloud computing overview
Cloud computing overviewCloud computing overview
Cloud computing overview
 
Cloud-Based Big Data Analytics
Cloud-Based Big Data AnalyticsCloud-Based Big Data Analytics
Cloud-Based Big Data Analytics
 
No sql now2011_review_of_adhoc_architectures
No sql now2011_review_of_adhoc_architecturesNo sql now2011_review_of_adhoc_architectures
No sql now2011_review_of_adhoc_architectures
 
Big Data & The Cloud
Big Data & The CloudBig Data & The Cloud
Big Data & The Cloud
 
The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...
The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...
The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...
 
Introduction to Cloud Computing and Big Data
Introduction to Cloud Computing and Big DataIntroduction to Cloud Computing and Big Data
Introduction to Cloud Computing and Big Data
 
Tci reference architecture_v2.0
Tci reference architecture_v2.0Tci reference architecture_v2.0
Tci reference architecture_v2.0
 
Relationship between cloud computing and big data
Relationship between cloud computing and big dataRelationship between cloud computing and big data
Relationship between cloud computing and big data
 
Systems Advantage Forum : Autonomous DB e DBaaS
Systems Advantage Forum : Autonomous DB e DBaaS Systems Advantage Forum : Autonomous DB e DBaaS
Systems Advantage Forum : Autonomous DB e DBaaS
 
Cloud Computing 101 Issue 1 (Sample)
Cloud Computing 101 Issue 1 (Sample)Cloud Computing 101 Issue 1 (Sample)
Cloud Computing 101 Issue 1 (Sample)
 

Ähnlich wie Cloud computing arma_nnj

Selecting csp iapp_summit_2012 - 5-february
Selecting csp iapp_summit_2012 - 5-februarySelecting csp iapp_summit_2012 - 5-february
Selecting csp iapp_summit_2012 - 5-februaryscm24
 
Financial impact of Cloud Computing
Financial impact of Cloud ComputingFinancial impact of Cloud Computing
Financial impact of Cloud Computingkrisbliesner
 
Info Sec 2010 Possibilities And Security Challenges Of Cloud Computing (Han...
Info Sec 2010 Possibilities And Security Challenges Of Cloud Computing (Han...Info Sec 2010 Possibilities And Security Challenges Of Cloud Computing (Han...
Info Sec 2010 Possibilities And Security Challenges Of Cloud Computing (Han...ptaglephd
 
Global IT BPM Market Perspective by Dolat Capital with special coverage on cl...
Global IT BPM Market Perspective by Dolat Capital with special coverage on cl...Global IT BPM Market Perspective by Dolat Capital with special coverage on cl...
Global IT BPM Market Perspective by Dolat Capital with special coverage on cl...Mohit Agarwal, CFA
 
Plenary_three_Cloud_computing_-_is_social_housing_ready_for_it_-_Phil_Copperw...
Plenary_three_Cloud_computing_-_is_social_housing_ready_for_it_-_Phil_Copperw...Plenary_three_Cloud_computing_-_is_social_housing_ready_for_it_-_Phil_Copperw...
Plenary_three_Cloud_computing_-_is_social_housing_ready_for_it_-_Phil_Copperw...Phil Copperwheat
 
Cloud Computing Course Content
Cloud Computing Course ContentCloud Computing Course Content
Cloud Computing Course ContentAshraf Ali
 
Lovett introducing cloud computing nov 2009
Lovett introducing cloud computing nov 2009Lovett introducing cloud computing nov 2009
Lovett introducing cloud computing nov 2009Hilde Lovett
 
Cloud Businesses: Strategic Considerations
Cloud Businesses: Strategic ConsiderationsCloud Businesses: Strategic Considerations
Cloud Businesses: Strategic ConsiderationsTathagat Varma
 
Cloud Computing Course Overview
Cloud Computing Course OverviewCloud Computing Course Overview
Cloud Computing Course OverviewAshraf Ali
 
Cloud Computing and Data Governance
Cloud Computing and Data GovernanceCloud Computing and Data Governance
Cloud Computing and Data GovernanceTrillium Software
 
Rio Info 2010 - Seminário de Tecnologia - Integracao de Servicos - Cesar Taur...
Rio Info 2010 - Seminário de Tecnologia - Integracao de Servicos - Cesar Taur...Rio Info 2010 - Seminário de Tecnologia - Integracao de Servicos - Cesar Taur...
Rio Info 2010 - Seminário de Tecnologia - Integracao de Servicos - Cesar Taur...Rio Info
 
The Ultimate Guide to Cloud Migration - A Whitepaper by RapidValue
The Ultimate Guide to Cloud Migration - A Whitepaper by RapidValueThe Ultimate Guide to Cloud Migration - A Whitepaper by RapidValue
The Ultimate Guide to Cloud Migration - A Whitepaper by RapidValueRapidValue
 
Taiye Lambo - Auditing the cloud
Taiye Lambo - Auditing the cloudTaiye Lambo - Auditing the cloud
Taiye Lambo - Auditing the cloudnooralmousa
 
Cloud computing – An Overview
Cloud computing – An OverviewCloud computing – An Overview
Cloud computing – An OverviewKannan Subbiah
 
Cloud Computing 101 Workshop Sample
Cloud Computing 101 Workshop SampleCloud Computing 101 Workshop Sample
Cloud Computing 101 Workshop SampleAlan Quayle
 
Cisco Connect 2018 Thailand - Secure, intelligent platform for the digital bu...
Cisco Connect 2018 Thailand - Secure, intelligent platform for the digital bu...Cisco Connect 2018 Thailand - Secure, intelligent platform for the digital bu...
Cisco Connect 2018 Thailand - Secure, intelligent platform for the digital bu...NetworkCollaborators
 
How Cloud Computing will change how you and your team will run IT
How Cloud Computing will change how you and your team will run ITHow Cloud Computing will change how you and your team will run IT
How Cloud Computing will change how you and your team will run ITPeter HJ van Eijk
 
Basics of cloud computing & salesforce.com
Basics of cloud computing & salesforce.comBasics of cloud computing & salesforce.com
Basics of cloud computing & salesforce.comDeepu S Nath
 
E discovery 2-cloud_v5
E discovery 2-cloud_v5E discovery 2-cloud_v5
E discovery 2-cloud_v5scm24
 
Trend and Future of Cloud Computing
Trend and Future of Cloud ComputingTrend and Future of Cloud Computing
Trend and Future of Cloud Computinghybrid cloud
 

Ähnlich wie Cloud computing arma_nnj (20)

Selecting csp iapp_summit_2012 - 5-february
Selecting csp iapp_summit_2012 - 5-februarySelecting csp iapp_summit_2012 - 5-february
Selecting csp iapp_summit_2012 - 5-february
 
Financial impact of Cloud Computing
Financial impact of Cloud ComputingFinancial impact of Cloud Computing
Financial impact of Cloud Computing
 
Info Sec 2010 Possibilities And Security Challenges Of Cloud Computing (Han...
Info Sec 2010 Possibilities And Security Challenges Of Cloud Computing (Han...Info Sec 2010 Possibilities And Security Challenges Of Cloud Computing (Han...
Info Sec 2010 Possibilities And Security Challenges Of Cloud Computing (Han...
 
Global IT BPM Market Perspective by Dolat Capital with special coverage on cl...
Global IT BPM Market Perspective by Dolat Capital with special coverage on cl...Global IT BPM Market Perspective by Dolat Capital with special coverage on cl...
Global IT BPM Market Perspective by Dolat Capital with special coverage on cl...
 
Plenary_three_Cloud_computing_-_is_social_housing_ready_for_it_-_Phil_Copperw...
Plenary_three_Cloud_computing_-_is_social_housing_ready_for_it_-_Phil_Copperw...Plenary_three_Cloud_computing_-_is_social_housing_ready_for_it_-_Phil_Copperw...
Plenary_three_Cloud_computing_-_is_social_housing_ready_for_it_-_Phil_Copperw...
 
Cloud Computing Course Content
Cloud Computing Course ContentCloud Computing Course Content
Cloud Computing Course Content
 
Lovett introducing cloud computing nov 2009
Lovett introducing cloud computing nov 2009Lovett introducing cloud computing nov 2009
Lovett introducing cloud computing nov 2009
 
Cloud Businesses: Strategic Considerations
Cloud Businesses: Strategic ConsiderationsCloud Businesses: Strategic Considerations
Cloud Businesses: Strategic Considerations
 
Cloud Computing Course Overview
Cloud Computing Course OverviewCloud Computing Course Overview
Cloud Computing Course Overview
 
Cloud Computing and Data Governance
Cloud Computing and Data GovernanceCloud Computing and Data Governance
Cloud Computing and Data Governance
 
Rio Info 2010 - Seminário de Tecnologia - Integracao de Servicos - Cesar Taur...
Rio Info 2010 - Seminário de Tecnologia - Integracao de Servicos - Cesar Taur...Rio Info 2010 - Seminário de Tecnologia - Integracao de Servicos - Cesar Taur...
Rio Info 2010 - Seminário de Tecnologia - Integracao de Servicos - Cesar Taur...
 
The Ultimate Guide to Cloud Migration - A Whitepaper by RapidValue
The Ultimate Guide to Cloud Migration - A Whitepaper by RapidValueThe Ultimate Guide to Cloud Migration - A Whitepaper by RapidValue
The Ultimate Guide to Cloud Migration - A Whitepaper by RapidValue
 
Taiye Lambo - Auditing the cloud
Taiye Lambo - Auditing the cloudTaiye Lambo - Auditing the cloud
Taiye Lambo - Auditing the cloud
 
Cloud computing – An Overview
Cloud computing – An OverviewCloud computing – An Overview
Cloud computing – An Overview
 
Cloud Computing 101 Workshop Sample
Cloud Computing 101 Workshop SampleCloud Computing 101 Workshop Sample
Cloud Computing 101 Workshop Sample
 
Cisco Connect 2018 Thailand - Secure, intelligent platform for the digital bu...
Cisco Connect 2018 Thailand - Secure, intelligent platform for the digital bu...Cisco Connect 2018 Thailand - Secure, intelligent platform for the digital bu...
Cisco Connect 2018 Thailand - Secure, intelligent platform for the digital bu...
 
How Cloud Computing will change how you and your team will run IT
How Cloud Computing will change how you and your team will run ITHow Cloud Computing will change how you and your team will run IT
How Cloud Computing will change how you and your team will run IT
 
Basics of cloud computing & salesforce.com
Basics of cloud computing & salesforce.comBasics of cloud computing & salesforce.com
Basics of cloud computing & salesforce.com
 
E discovery 2-cloud_v5
E discovery 2-cloud_v5E discovery 2-cloud_v5
E discovery 2-cloud_v5
 
Trend and Future of Cloud Computing
Trend and Future of Cloud ComputingTrend and Future of Cloud Computing
Trend and Future of Cloud Computing
 

Kürzlich hochgeladen

The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 

Kürzlich hochgeladen (20)

The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 

Cloud computing arma_nnj

  • 1. Cloud Computing Steven C. Markey,MSIS,PMP, CISSP,CIPP, CISM,CISA,STS-EV,CCSK Principal, nControl, LLC Adjunct Professor President, Cloud Security Alliance – Delaware Valley Chapter (CSA-DelVal)
  • 2. Cloud Computing • Presentation Overview – Cloud Overview • General • Business Case for Cloud Computing • Security Guidance • Selecting a Cloud Service Provider (CSP) • Records & Info Management (RIM) in the Cloud – Case Studies • e-Discovery IN the Cloud
  • 3. Cloud Computing • General Overview – Why should you care about the “cloud”?
  • 4. Cloud Computing Trends Numbers Numbers around CC are always impressive: 80% fortune companies 1000 will pay to use cloud computing services and 30% will pay for infrastructure. Gartner At this moment, the 5 major search engines together have 2.000.000 Market : computers 42 billon: IDC 95 billion: Merrill Lynch 33% of IT business will be in Cloud Computing Gartner Microsoft data centre in Chicago: 610.000 servers 8 8 Source: Open Group
  • 5. Cloud Computing • What is Cloud Computing? – Re-Branded IT Business Model • Application Service Provider (ASP) • IT Outsourcing (ITO) – Formal Characteristics • Resource Pooling • Rapid Elasticity – Confusion • Hosting • Virtualization • Service Provider
  • 6.
  • 7. Service Delivery Models Source: Swain Techs
  • 8. Responsibility Source: Matthew Gardiner, Computer Associates
  • 12. Private Cloud • Dedicated Clouds – Usually Hosted Internally • Use Chargeback/Shared Services Model – External Private Clouds Exist
  • 15. Cloud Computing • Business Case for Cloud Computing – Time-to-Market – Global Presence – Focus on Core Competency – Elasticity – Cost-Benefit Analysis (CBA)
  • 16. Cloud Computing • Partly Cloudy with a Chance of Risk! – The Cloud is Perceived as Risky Business • Lack of Control • Regulatory Compliance • Hacks, Outages, Disasters….Oh My! Source: Youtube
  • 17. Cloud Computing • Security Guidance – Existing Certifications/Attestations • SAS 70 Type II/SSAE 16/ISAE 3402 • ISO 27001/2, 27036, 15489 • BITS Shared Assessments • PCI DSS • HIPAA/HITECH – Guidance Specifically for the Cloud • CSA Guide v3.0 • ENISA Cloud Computing Risk Assessment • NIST SP 800-144 Guidelines Security/Privacy for a Public Cloud
  • 18. Cloud Computing • Selecting a CSP – Service Provider/Consumer Process Alignment – Portability/Interoperability – Contractual/Legal Agreements – Industry Tools
  • 19. Cloud Computing • Service Provider/Consumer Process Alignment – Change/Configuration Management – Loading/Offloading – Disaster Recovery – Incident Response – Legal Hold/Litigation Response/e-Discovery • Electronic Discovery Reference Model (EDRM) – Records and Information Management (RIM) • Generally Accepted Recordkeeping Principles (GARP) • Information Governance Reference Model (IGRM) • Information Lifecycle Management (ILM)
  • 20. Cloud Computing • Portability/Interoperability – Software – Data – Third Parties
  • 21. Cloud Computing • Contractual/Legal Agreements – Service Level Agreements (SLA) • Up-Time • Jurisdiction • Data Ownership – Escrow Data – Include Metadata • Exit Clause • Testing – Disaster Recovery – Incident Response – Legal Hold/Litigation Response/e-Discovery
  • 22. Cloud Computing • Contractual/Legal Agreements – Service Level Agreements (SLA) • Right to Audit – Vendor & Vendor’s Vendors – GARP-Specific
  • 23. Cloud Computing • Industry Tools – Selection • Gravitant CloudWiz • VMware Cloud Readiness Self-Assessment Tool – Brokerage/Management • RightScale • CloudFloor • Skydera • enStratus
  • 24. Cloud Computing • Industry Tools – Migration • Bit Titan MigrationWiz • Layer 2 SharePoint Cloud Connector • Metalogix StoragePoint • AvePoint DocAve Migrator
  • 25.
  • 26.
  • 30. Cloud Computing • RIM in the Cloud – Process • Self-Service Provisioning • CSP Brokerage, Monitoring & Metering • CSP Information Governance • CSP Adherence to Standards – NIST » SP 800-92: Log Management – ISO » 15489: Records Management » 23081: Records Metadata » 15386: Digital Archive » 30300/303001: RIM Management System » 17024: Conformity Assessment
  • 32. Cloud Computing • RIM in the Cloud – People • More Empowered: Shadow IT, Consumerized IT – Millenials Expect Autonomy – Bring Your Own Device (BYOD) – Less Office Time, But Always On • Increased Roles & Responsibilities • Additional Tech/Analytical Skill-Sets Required – Technology • Commoditized • CSP Metadata • New Technologies: Non-Relational Database Architectures • New Paradigms: Big Data (Data Lakes & Cloud)
  • 33.
  • 34. Cloud Computing • Case Study: e-Discovery FROM the Cloud – Background – Drivers – Technologies – Limitations – Risks – Lessons Learned – Next Steps
  • 35. Cloud Computing • Case Study: e-Discovery FROM the Cloud – Background • Financial Services SMB – Capital Management (PA) • Recent Project: 2010 • IT: Managed Service Provider/Operations, Director – Drivers • Cost • Compliance – Technologies • Email: Exchange Server 2007, 2010/Office 365 • Discovery: Symantec Enterprise Vault (EV) v8.0/v9.0
  • 36. Cloud Computing • Case Study: e-Discovery FROM the Cloud – Limitations • Budget • Skill-Sets • Resources – Risks • Software/System Interoperability • Vendor Management: Contractual/SLA Omissions • Disaster Recovery: Datacom • Legacy Email Availability, No More Archiving • Scope Creep
  • 37. Cloud Computing • Case Study: e-Discovery FROM the Cloud – Lessons Learned • Limited Cost Savings – On-Site Exchange Box for Journaling – Upgrade to EV v9.0 to Support Exchange 2010 – Exchange Hosted Encryption (EHE) – Forefront Online Protection for Exchange (FOPE) • Exchange Journaling From the Cloud, Complicated – Microsoft Federation Gateway (MFG) • Leverage Interim Solution for BlackBerry Services – Shutdown BlackBerry Enterprise Server (BES) – Leverage AstraSync (Exchange ActiveSync)
  • 38. Cloud Computing • Case Study: e-Discovery FROM the Cloud – Next Steps • Upgrade to EV v10.0 – Incorporate Social Media • Test BCP/DR e-Discovery Functionality • BlackBerry Office 365 – Looking at BES Balance (“Data Boxing”) • Leverage Office 365 for SharePoint, iOS & Android – Nix AstraSync, Reviewing Hosted AirWatch & MobileIron for MDM • Reviewing Cloud e-Discovery SaaS Solutions – Symantec Enterprise Vault.cloud – Microsoft Exchange Online Archiving (EOA)
  • 39. Cloud Computing • Presentation Take Aways – Cloud = Re-Branded Business Model –With New Bells & Whistles (Big Data, etc.) – Paradigm Shift Towards Empowerment – Strategy & Due Diligence Are VERY Important –Must Consider the Business Ecosystem
  • 40. Cloud Computing • References – CSA Guide: https://cloudsecurityalliance.org/research/security-guidance/ – BITS Enterprise Cloud Self-Assessment: http://sharedassessments.org/media/pdf-EnterpriseCloud-SA.pdf – ENISA Risk Assessment: http://www.enisa.europa.eu/act/rm/files/deliverables/cloud-computing-risk- assessment – NIST SP 800-144: http://csrc.nist.gov/publications/drafts/800-144/Draft-SP-800-144_cloud-computing.pdf – IGRM: http://www.edrm.net/projects/igrm – EDRM: http://www.edrm.net/ – MIKE2.0: http://mike2.openmethodology.org/ – VMware CRSA: http://getcloudready.vmware.com/crsa/ – Bit Titan MigrationWiz: https://www.migrationwiz.com/Secure/Default.aspx – Gravitant cloudWiz: http://www.gravitant.com/cloudwiz-home.html – RightScale: http://www.rightscale.com/ – CloudFloor: http://www.cloudfloor.com/ – Skydera: http://www.skydera.com/ – enStratus: http://enstratus.com/ – Layer 2: http://www.layer2.de/en/products/Pages/Cloud-Connector-for-SharePoint-2010-Office365.aspx – Metalogix StoragePoint: http://www.metalogix.com/Products/StoragePoint.aspx – AvePoint DocAve: http://www.avepoint.com/sharepoint-to-sharepoint-migration-docave/
  • 41. Cloud Computing • Personal References – PenTest Magazine, "Scanning Your Cloud Environment": http://pentestmag.com/client-side-exploits-pentest- 082011/ – ISACA Journal, "Testing Your Incident Response Plan": http://www.isaca.org/Journal/Current- Issue/Pages/default.aspx – e-Discovery 2.0: In the Cloud: https://s3.amazonaws.com/nControl-Docs/CSA11_Session-SMarkey.ppt – Security in the Cloud: https://s3.amazonaws.com/nControl-Docs/Cloud_Computing-Security.ppt – System Architecture & Engineering for the Cloud: https://s3.amazonaws.com/nControl- Docs/Cloud_Computing-Architecture_Engineering.ppt – Cloud Computing Primer: https://s3.amazonaws.com/nControl-Docs/Cloud_Computing-Basic.ppt – Cloud Computing - Authentication & Encryption: https://s3.amazonaws.com/nControl- Docs/Cloud_Computing_Security-Session_II.ppt – Cloud Computing - Application & Virtualization Security: https://s3.amazonaws.com/nControl- Docs/Cloud_Computing_Security-Session_III.ppt – Securing Your ESI: https://s3.amazonaws.com/nControl-Docs/Securing_Your_ESI_v2.ppt
  • 42. • Questions? • Contact – Email: steve@ncontrol-llc.com – Twitter: @markes1, @csdadelval2011 – LI: http://www.linkedin.com/in/smarkey – CSA-DelVal: http://www.csadelval.org/

Hinweis der Redaktion

  1. CAS: Content-Addressable Storage / Associative Storage
  2. CAS: Content-Addressable Storage / Associative Storage