SlideShare a Scribd company logo

Cloud Security: Trust and Transformation

Download as PPT, PDF
Peter Coffee
Peter Coffee

Common concerns regarding cloud security are increasingly being recognized as speculative cases, compared to the reality of how IT governance often fails in traditional on-premise environments: failure modes that the cloud model greatly offsets

TechnologyNews & Politics
1 of 14
Trust and Transformation: The Compelling Case for the Cloud Peter Coffee VP / Head of Platform Research salesforce.com inc.
Public Clouds of Public Trust: The End of ‘Forbidden Zones’ General Economic Health & Defense & Transportation Government Development Human Services Public Safety Science & Environment Political Campaigns & Advocacy Culture & Education
Cloud Objections Are Being Addressed  Security: American Bankers Association blog says an enterprise should “verify that any outsourcing partner meets its standards. However, once verified, a cloud partner can actually provide greater security.”  Capacity / Availability: – Overall service portfolio routinely exceeds 600M transactions/day – Availability routinely > four 9s, converging on 24 × 365 operations  Compliance: United States’ National Institute of Standards and Technology says cloud-resident data “can be more available, faster to restore, and more reliable… [and] less of a risk than having data dispersed on portable computers or removable media.”
Best Practices Matter More than Data Location "There are five common factors that lead to the compromise of database information": • ignorance • poor password management • rampant account sharing • unfettered access to data • excessive portability of data DarkReading.com, October 2009
Trusted Advisors Recommend the Cloud Potential benefits from transitioning to a public cloud computing environment: • Staff Specialization • Platform Strength • Resource Availability • Backup and Recovery • Mobile Endpoints • Data Concentration
Force.com was designed from Line 1… …to be “Shared and Secure” Apply Data Login… Authenticate… Security Rules… View Filtered Content  Password security policies  Rich Sharing Rules  User Profiles  SSO/2-factor solutions
Granular Privilege Assignment + Expanding Ecosystem of Management Tools
All Assets Secured, All the Time Despite resource sharing, multitenancy will often improve security. Most current enterprise security models are perimeter-based, making you vulnerable to inside attacks. Multitenant services secure all assets at all times, since those within the main perimeter are all different clients… Multitenancy is here to stay. Our research and analysis indicates that multitenancy is not a less secure model — quite the opposite!
Data Stewardship is a Practice, not a Technology  Data protection regulations – Where can it be stored? – Who’s allowed to see it?  Peel the onion of ‘compliance’ – Anonymize/encrypt/partition specific fields – Cloud disciplines can enhance auditability • Role-based privilege assignment • Actions taken using granted privileges  Looking beyond the FUD – USA PATRIOT Act sometimes causes concern about powers of US government to access data – Limited to information-gathering related to matters of urgent national security – Use of USA PATRIOT Act requires involvement by all three branches of the US government – Many other countries, including in Europe, have very similar powers
Trust is Earned by Transparency
Continued Availability Improvement Spring ‘11 Summer ‘11 Winter ‘12 inter ’12 release: downtime reduced to 2 hours “Great work reducing the pain of the quarterly upgrade so dramatically. urtheror difference to of maintenance downtime in downtime and The reduction our overstated.” 2 3 hours can’t be business between 2 or 3 minutes of FY13
Becoming ‘Securely Social’  What is the organization’s mission?  What information supports that mission?  Where does it originate?  Who holds it?  Who can see it?  What events change it?  When is that important?  How do people know?  How can people act?  These are not new questions: NSA IAM introduced 2004
Trust is Essential Enabler for Cloud Adoption  Robust infrastructure security  Rigorous operational security  Granular customer controls – Role-based privilege sets – Convenient access control & audit  “Sum of all fears” superset protection – Multi-tenancy reduces opportunities for error – The most demanding customer sets the bar – FISMA: FIPS 199 LOW and MODERATE – PCI DSS Compliance Level 1 – Comprehensive and continuing audit and certification
Peter Coffee VP / Head of Platform Research pcoffee@salesforce.com facebook.com/peter.coffee twitter.com/petercoffee cloudblog.salesforce.com

Recommended

Presentation For IAC Federal Acquisition
Presentation For IAC Federal AcquisitionPresentation For IAC Federal Acquisition
Presentation For IAC Federal Acquisition
Kim Kobza
 
Threats and risks to cloud computing
Threats and risks to cloud computingThreats and risks to cloud computing
Threats and risks to cloud computing
Ryo Matsumoto
 
Csathreats.v1.0
Csathreats.v1.0Csathreats.v1.0
Csathreats.v1.0
vivek_kale27
 
Peering Through the Cloud Forrester EMEA 2010
Peering Through the Cloud Forrester EMEA 2010Peering Through the Cloud Forrester EMEA 2010
Peering Through the Cloud Forrester EMEA 2010
graywilliams
 
Top 5 Cloud Security Threats in Healthcare
Top 5 Cloud Security Threats in HealthcareTop 5 Cloud Security Threats in Healthcare
Top 5 Cloud Security Threats in Healthcare
Bitglass
 
Akamai___WebSecurity_eBook_Final
Akamai___WebSecurity_eBook_FinalAkamai___WebSecurity_eBook_Final
Akamai___WebSecurity_eBook_Final
Cheryl Goldberg
 
Cloud Security Top Threats
Cloud Security Top ThreatsCloud Security Top Threats
Cloud Security Top Threats
Tiago de Almeida
 
Building Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital EconomyBuilding Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital Economy
Agus Wicaksono
 

Recommended

Presentation For IAC Federal Acquisition
Presentation For IAC Federal AcquisitionPresentation For IAC Federal Acquisition
Presentation For IAC Federal Acquisition
Kim Kobza
 
Threats and risks to cloud computing
Threats and risks to cloud computingThreats and risks to cloud computing
Threats and risks to cloud computing
Ryo Matsumoto
 
Csathreats.v1.0
Csathreats.v1.0Csathreats.v1.0
Csathreats.v1.0
vivek_kale27
 
Peering Through the Cloud Forrester EMEA 2010
Peering Through the Cloud Forrester EMEA 2010Peering Through the Cloud Forrester EMEA 2010
Peering Through the Cloud Forrester EMEA 2010
graywilliams
 
Top 5 Cloud Security Threats in Healthcare
Top 5 Cloud Security Threats in HealthcareTop 5 Cloud Security Threats in Healthcare
Top 5 Cloud Security Threats in Healthcare
Bitglass
 
Akamai___WebSecurity_eBook_Final
Akamai___WebSecurity_eBook_FinalAkamai___WebSecurity_eBook_Final
Akamai___WebSecurity_eBook_Final
Cheryl Goldberg
 
Cloud Security Top Threats
Cloud Security Top ThreatsCloud Security Top Threats
Cloud Security Top Threats
Tiago de Almeida
 
Building Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital EconomyBuilding Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital Economy
Agus Wicaksono
 
Journey to cyber resilience
Journey to cyber resilienceJourney to cyber resilience
Journey to cyber resilience
Andrew Bycroft
 
Mitigating Web 2.0 Threats
Mitigating Web 2.0 ThreatsMitigating Web 2.0 Threats
Mitigating Web 2.0 Threats
Kim Jensen
 
IT Security for Nonprofits
IT Security for NonprofitsIT Security for Nonprofits
IT Security for Nonprofits
Community IT Innovators
 
Cloud Computing Security Threats and Responses
Cloud Computing Security Threats and ResponsesCloud Computing Security Threats and Responses
Cloud Computing Security Threats and Responses
shafzonly
 
Csa about-threats-june-2010-ibm
Csa about-threats-june-2010-ibmCsa about-threats-june-2010-ibm
Csa about-threats-june-2010-ibm
Sergio Loureiro
 
BCS ITNow 201406 - The Risk Business
BCS ITNow 201406 - The Risk BusinessBCS ITNow 201406 - The Risk Business
BCS ITNow 201406 - The Risk Business
Gareth Niblett
 
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Minh Le
 
Managed security services for financial services firms
Managed security services for financial services firmsManaged security services for financial services firms
Managed security services for financial services firms
Jake Weaver
 
Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?
Global Business Events
 
Seclore: Information Rights Management
Seclore: Information Rights ManagementSeclore: Information Rights Management
Seclore: Information Rights Management
Rahul Neel Mani
 
Windstream Managed Network Security Presentation
Windstream Managed Network Security PresentationWindstream Managed Network Security Presentation
Windstream Managed Network Security Presentation
Ideba
 
Achieving Caribbean Cybersecuirty
Achieving Caribbean CybersecuirtyAchieving Caribbean Cybersecuirty
Achieving Caribbean Cybersecuirty
Shiva Bissessar
 
Privacy in Computer Vision
Privacy in Computer Vision Privacy in Computer Vision
Privacy in Computer Vision
Omid Mogharian
 
Data Security in Collaboration
Data Security in CollaborationData Security in Collaboration
Data Security in Collaboration
WindTalker Security
 
001.itsecurity bcp v1
001.itsecurity bcp v1001.itsecurity bcp v1
001.itsecurity bcp v1
Mohammad Ashfaqur Rahman
 
Self defending data webinar (feb13)
Self defending data webinar (feb13)Self defending data webinar (feb13)
Self defending data webinar (feb13)
Vic Winkler
 
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
Andris Soroka
 
Hakin9 interview w Prof Sood
Hakin9 interview w Prof SoodHakin9 interview w Prof Sood
Hakin9 interview w Prof Sood
Zsolt Nemeth
 
Small but Not Forgotten: Cybersecurity for the Small Firm Presented by Accell...
Small but Not Forgotten: Cybersecurity for the Small Firm Presented by Accell...Small but Not Forgotten: Cybersecurity for the Small Firm Presented by Accell...
Small but Not Forgotten: Cybersecurity for the Small Firm Presented by Accell...
Accellis Technology Group
 
Lee Newcombe, Capgemini “Security threats associated with cloud computing”
Lee Newcombe, Capgemini “Security threats associated with cloud computing”Lee Newcombe, Capgemini “Security threats associated with cloud computing”
Lee Newcombe, Capgemini “Security threats associated with cloud computing”
Chris Purrington
 
Cloud Computing Jobs In India
Cloud Computing Jobs In IndiaCloud Computing Jobs In India
Cloud Computing Jobs In India
Discover Cloud Computing
 
Hadoop & distributed cloud computing
Hadoop & distributed cloud computingHadoop & distributed cloud computing
Hadoop & distributed cloud computing
Rajan Kumar Upadhyay
 

More Related Content

What's hot

Csa about-threats-june-2010-ibm
Csa about-threats-june-2010-ibmCsa about-threats-june-2010-ibm
Csa about-threats-june-2010-ibm
Sergio Loureiro
 
Hakin9 interview w Prof Sood
Hakin9 interview w Prof SoodHakin9 interview w Prof Sood
Hakin9 interview w Prof Sood
Zsolt Nemeth
 

What's hot (20)

Journey to cyber resilience
Journey to cyber resilienceJourney to cyber resilience
Journey to cyber resilience
 
Mitigating Web 2.0 Threats
Mitigating Web 2.0 ThreatsMitigating Web 2.0 Threats
Mitigating Web 2.0 Threats
 
IT Security for Nonprofits
IT Security for NonprofitsIT Security for Nonprofits
IT Security for Nonprofits
 
Cloud Computing Security Threats and Responses
Cloud Computing Security Threats and ResponsesCloud Computing Security Threats and Responses
Cloud Computing Security Threats and Responses
 
Csa about-threats-june-2010-ibm
Csa about-threats-june-2010-ibmCsa about-threats-june-2010-ibm
Csa about-threats-june-2010-ibm
 
BCS ITNow 201406 - The Risk Business
BCS ITNow 201406 - The Risk BusinessBCS ITNow 201406 - The Risk Business
BCS ITNow 201406 - The Risk Business
 
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
 
Managed security services for financial services firms
Managed security services for financial services firmsManaged security services for financial services firms
Managed security services for financial services firms
 
Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?
 
Seclore: Information Rights Management
Seclore: Information Rights ManagementSeclore: Information Rights Management
Seclore: Information Rights Management
 
Windstream Managed Network Security Presentation
Windstream Managed Network Security PresentationWindstream Managed Network Security Presentation
Windstream Managed Network Security Presentation
 
Achieving Caribbean Cybersecuirty
Achieving Caribbean CybersecuirtyAchieving Caribbean Cybersecuirty
Achieving Caribbean Cybersecuirty
 
Privacy in Computer Vision
Privacy in Computer Vision Privacy in Computer Vision
Privacy in Computer Vision
 
Data Security in Collaboration
Data Security in CollaborationData Security in Collaboration
Data Security in Collaboration
 
001.itsecurity bcp v1
001.itsecurity bcp v1001.itsecurity bcp v1
001.itsecurity bcp v1
 
Self defending data webinar (feb13)
Self defending data webinar (feb13)Self defending data webinar (feb13)
Self defending data webinar (feb13)
 
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
 
Hakin9 interview w Prof Sood
Hakin9 interview w Prof SoodHakin9 interview w Prof Sood
Hakin9 interview w Prof Sood
 
Small but Not Forgotten: Cybersecurity for the Small Firm Presented by Accell...
Small but Not Forgotten: Cybersecurity for the Small Firm Presented by Accell...Small but Not Forgotten: Cybersecurity for the Small Firm Presented by Accell...
Small but Not Forgotten: Cybersecurity for the Small Firm Presented by Accell...
 
Lee Newcombe, Capgemini “Security threats associated with cloud computing”
Lee Newcombe, Capgemini “Security threats associated with cloud computing”Lee Newcombe, Capgemini “Security threats associated with cloud computing”
Lee Newcombe, Capgemini “Security threats associated with cloud computing”
 

Viewers also liked

Composing a case management solution with SaaS, PaaS, On-premise products
Composing a case management solution with SaaS, PaaS, On-premise productsComposing a case management solution with SaaS, PaaS, On-premise products
Composing a case management solution with SaaS, PaaS, On-premise products
Leon Smiers
 
Standard org chart & role descriptions
Standard org chart & role descriptionsStandard org chart & role descriptions
Standard org chart & role descriptions
Jeffa62
 
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
CA Technologies
 
Identity and Access Management Reference Architecture for Cloud Computing
Identity and Access Management Reference Architecture for Cloud ComputingIdentity and Access Management Reference Architecture for Cloud Computing
Identity and Access Management Reference Architecture for Cloud Computing
John Bauer
 

Viewers also liked (12)

Cloud Computing Jobs In India
Cloud Computing Jobs In IndiaCloud Computing Jobs In India
Cloud Computing Jobs In India
 
Hadoop & distributed cloud computing
Hadoop & distributed cloud computingHadoop & distributed cloud computing
Hadoop & distributed cloud computing
 
Keith Fricke - CISO for an Hour
Keith Fricke - CISO for an HourKeith Fricke - CISO for an Hour
Keith Fricke - CISO for an Hour
 
[Slideshare] fardhu'ain(batch#15-january-2016)lesson-#8-arkanul-iiman-(believ...
[Slideshare] fardhu'ain(batch#15-january-2016)lesson-#8-arkanul-iiman-(believ...[Slideshare] fardhu'ain(batch#15-january-2016)lesson-#8-arkanul-iiman-(believ...
[Slideshare] fardhu'ain(batch#15-january-2016)lesson-#8-arkanul-iiman-(believ...
 
CSA Cloud Trust Protocol and A4Cloud: Enforcing cloud accountability through ...
CSA Cloud Trust Protocol and A4Cloud: Enforcing cloud accountability through ...CSA Cloud Trust Protocol and A4Cloud: Enforcing cloud accountability through ...
CSA Cloud Trust Protocol and A4Cloud: Enforcing cloud accountability through ...
 
Composing a case management solution with SaaS, PaaS, On-premise products
Composing a case management solution with SaaS, PaaS, On-premise productsComposing a case management solution with SaaS, PaaS, On-premise products
Composing a case management solution with SaaS, PaaS, On-premise products
 
Standard org chart & role descriptions
Standard org chart & role descriptionsStandard org chart & role descriptions
Standard org chart & role descriptions
 
2012-01 How to Secure a Cloud Identity Roadmap
2012-01 How to Secure a Cloud Identity Roadmap2012-01 How to Secure a Cloud Identity Roadmap
2012-01 How to Secure a Cloud Identity Roadmap
 
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
 
F5 TLS & SSL Practices
F5 TLS & SSL PracticesF5 TLS & SSL Practices
F5 TLS & SSL Practices
 
Video on the web: from trend to landmark
Video on the web: from trend to landmarkVideo on the web: from trend to landmark
Video on the web: from trend to landmark
 
Identity and Access Management Reference Architecture for Cloud Computing
Identity and Access Management Reference Architecture for Cloud ComputingIdentity and Access Management Reference Architecture for Cloud Computing
Identity and Access Management Reference Architecture for Cloud Computing
 

Similar to Cloud Security: Trust and Transformation

Extending security in the cloud network box - v4
Extending security in the cloud network box - v4Extending security in the cloud network box - v4
Extending security in the cloud network box - v4
Valencell, Inc.
 
Ciso Platform Webcast: Shadow Data Exposed
Ciso Platform Webcast: Shadow Data ExposedCiso Platform Webcast: Shadow Data Exposed
Ciso Platform Webcast: Shadow Data Exposed
Elastica Inc.
 
Whose Cloud Is It Anyway? Exploring Data Security, Ownership and Control
Whose Cloud Is It Anyway? Exploring Data Security, Ownership and ControlWhose Cloud Is It Anyway? Exploring Data Security, Ownership and Control
Whose Cloud Is It Anyway? Exploring Data Security, Ownership and Control
David Etue
 
Bil Harmer - Myths of Cloud Security Debunked!
Bil Harmer - Myths of Cloud Security Debunked!Bil Harmer - Myths of Cloud Security Debunked!
Bil Harmer - Myths of Cloud Security Debunked!
centralohioissa
 
Dr. Michael Valivullah, NASS/USDA - Cloud Computing
Dr. Michael Valivullah, NASS/USDA - Cloud ComputingDr. Michael Valivullah, NASS/USDA - Cloud Computing
Dr. Michael Valivullah, NASS/USDA - Cloud Computing
ikanow
 

Similar to Cloud Security: Trust and Transformation (20)

Extending security in the cloud network box - v4
Extending security in the cloud network box - v4Extending security in the cloud network box - v4
Extending security in the cloud network box - v4
 
Practical Security for the Cloud
Practical Security for the CloudPractical Security for the Cloud
Practical Security for the Cloud
 
Navigating through the Cloud - 7 feb 2012 at Institute for Information Manage...
Navigating through the Cloud - 7 feb 2012 at Institute for Information Manage...Navigating through the Cloud - 7 feb 2012 at Institute for Information Manage...
Navigating through the Cloud - 7 feb 2012 at Institute for Information Manage...
 
Ciso Platform Webcast: Shadow Data Exposed
Ciso Platform Webcast: Shadow Data ExposedCiso Platform Webcast: Shadow Data Exposed
Ciso Platform Webcast: Shadow Data Exposed
 
Data security in the cloud
Data security in the cloud Data security in the cloud
Data security in the cloud
 
Whose Cloud Is It Anyway? Exploring Data Security, Ownership and Control
Whose Cloud Is It Anyway? Exploring Data Security, Ownership and ControlWhose Cloud Is It Anyway? Exploring Data Security, Ownership and Control
Whose Cloud Is It Anyway? Exploring Data Security, Ownership and Control
 
CYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdf
CYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdfCYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdf
CYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdf
 
Cloud Types and Security- Which one is right for you?
Cloud Types and Security- Which one is right for you?Cloud Types and Security- Which one is right for you?
Cloud Types and Security- Which one is right for you?
 
Bil Harmer - Myths of Cloud Security Debunked!
Bil Harmer - Myths of Cloud Security Debunked!Bil Harmer - Myths of Cloud Security Debunked!
Bil Harmer - Myths of Cloud Security Debunked!
 
Monitoring security in the externalised organisation (Auscert 2013)
Monitoring security in the externalised organisation (Auscert 2013)Monitoring security in the externalised organisation (Auscert 2013)
Monitoring security in the externalised organisation (Auscert 2013)
 
Trust in a Digital World
Trust in a Digital WorldTrust in a Digital World
Trust in a Digital World
 
The Future Paradigm Shifts of the Cloud and Big Data: Security Impacts & New ...
The Future Paradigm Shifts of the Cloud and Big Data: Security Impacts & New ...The Future Paradigm Shifts of the Cloud and Big Data: Security Impacts & New ...
The Future Paradigm Shifts of the Cloud and Big Data: Security Impacts & New ...
 
110307 cloud security requirements gourley
110307 cloud security requirements gourley110307 cloud security requirements gourley
110307 cloud security requirements gourley
 
David valovcin big data - big risk
David valovcin big data - big riskDavid valovcin big data - big risk
David valovcin big data - big risk
 
Bridging the Data Security Gap
Bridging the Data Security GapBridging the Data Security Gap
Bridging the Data Security Gap
 
Your clouds must be transparent - an intro to Cloud Security Alliance
Your clouds must be transparent - an intro to Cloud Security AllianceYour clouds must be transparent - an intro to Cloud Security Alliance
Your clouds must be transparent - an intro to Cloud Security Alliance
 
EMEA10: Trepidation in Moving to the Cloud
EMEA10: Trepidation in Moving to the CloudEMEA10: Trepidation in Moving to the Cloud
EMEA10: Trepidation in Moving to the Cloud
 
Cloud Security - Emerging Facets and Frontiers
Cloud Security - Emerging Facets and FrontiersCloud Security - Emerging Facets and Frontiers
Cloud Security - Emerging Facets and Frontiers
 
Dr. Michael Valivullah, NASS/USDA - Cloud Computing
Dr. Michael Valivullah, NASS/USDA - Cloud ComputingDr. Michael Valivullah, NASS/USDA - Cloud Computing
Dr. Michael Valivullah, NASS/USDA - Cloud Computing
 
Issue identification cloud computing
Issue identification cloud computingIssue identification cloud computing
Issue identification cloud computing
 

More from Peter Coffee

Game of Phones - Becoming the Architects of Connection (Midwest Dreamin' Clos...
Game of Phones - Becoming the Architects of Connection (Midwest Dreamin' Clos...Game of Phones - Becoming the Architects of Connection (Midwest Dreamin' Clos...
Game of Phones - Becoming the Architects of Connection (Midwest Dreamin' Clos...
Peter Coffee
 
It's About The Citizen - Changing Needs and Rising Expectations
It's About The Citizen - Changing Needs and Rising ExpectationsIt's About The Citizen - Changing Needs and Rising Expectations
It's About The Citizen - Changing Needs and Rising Expectations
Peter Coffee
 

More from Peter Coffee (20)

Create And Keep a Customer
Create And Keep a CustomerCreate And Keep a Customer
Create And Keep a Customer
 
Snowforce 2017 Keynote - Peter Coffee
Snowforce 2017 Keynote - Peter CoffeeSnowforce 2017 Keynote - Peter Coffee
Snowforce 2017 Keynote - Peter Coffee
 
#PaveItForward 2016 - Peter Coffee
#PaveItForward 2016 - Peter Coffee#PaveItForward 2016 - Peter Coffee
#PaveItForward 2016 - Peter Coffee
 
Game of Phones - Becoming the Architects of Connection (Midwest Dreamin' Clos...
Game of Phones - Becoming the Architects of Connection (Midwest Dreamin' Clos...Game of Phones - Becoming the Architects of Connection (Midwest Dreamin' Clos...
Game of Phones - Becoming the Architects of Connection (Midwest Dreamin' Clos...
 
Inside Out and Upside Down - FOO Camp 2016 - Peter Coffee
Inside Out and Upside Down - FOO Camp 2016 - Peter CoffeeInside Out and Upside Down - FOO Camp 2016 - Peter Coffee
Inside Out and Upside Down - FOO Camp 2016 - Peter Coffee
 
Big Data Goes to Work - Liberating Latent Value in a Connected World - P.Coffee
Big Data Goes to Work - Liberating Latent Value in a Connected World - P.CoffeeBig Data Goes to Work - Liberating Latent Value in a Connected World - P.Coffee
Big Data Goes to Work - Liberating Latent Value in a Connected World - P.Coffee
 
Forcing Functions: Reconceiving Everything - Peter Coffee at AITP San Diego C...
Forcing Functions: Reconceiving Everything - Peter Coffee at AITP San Diego C...Forcing Functions: Reconceiving Everything - Peter Coffee at AITP San Diego C...
Forcing Functions: Reconceiving Everything - Peter Coffee at AITP San Diego C...
 
Forces of the Future That's Now - Peter Coffee at SoTeC 2015
Forces of the Future That's Now - Peter Coffee at SoTeC 2015Forces of the Future That's Now - Peter Coffee at SoTeC 2015
Forces of the Future That's Now - Peter Coffee at SoTeC 2015
 
Fusion Trumps Confusion - 2015
Fusion Trumps Confusion - 2015Fusion Trumps Confusion - 2015
Fusion Trumps Confusion - 2015
 
Unleash innovation on the Customer Success Platform
Unleash innovation on the Customer Success PlatformUnleash innovation on the Customer Success Platform
Unleash innovation on the Customer Success Platform
 
It's About The Citizen - Changing Needs and Rising Expectations
It's About The Citizen - Changing Needs and Rising ExpectationsIt's About The Citizen - Changing Needs and Rising Expectations
It's About The Citizen - Changing Needs and Rising Expectations
 
Busting Silos, Boosting Communities
Busting Silos, Boosting CommunitiesBusting Silos, Boosting Communities
Busting Silos, Boosting Communities
 
What Is "Secure"?
What Is "Secure"?What Is "Secure"?
What Is "Secure"?
 
Governing The Connected Everything
Governing The Connected EverythingGoverning The Connected Everything
Governing The Connected Everything
 
The Rising Floor of Platform - MIT Platform Summit 2014
The Rising Floor of Platform - MIT Platform Summit 2014The Rising Floor of Platform - MIT Platform Summit 2014
The Rising Floor of Platform - MIT Platform Summit 2014
 
New Services, No Silos: The Next 15 Years
New Services, No Silos: The Next 15 YearsNew Services, No Silos: The Next 15 Years
New Services, No Silos: The Next 15 Years
 
How To Thrive In A World of Connected Customers
How To Thrive In A World of Connected CustomersHow To Thrive In A World of Connected Customers
How To Thrive In A World of Connected Customers
 
Looking Back at the Next Ten Years - Fusion Symposium 2024
Looking Back at the Next Ten Years - Fusion Symposium 2024Looking Back at the Next Ten Years - Fusion Symposium 2024
Looking Back at the Next Ten Years - Fusion Symposium 2024
 
Delighting the Customer - The New Business Normal
Delighting the Customer - The New Business NormalDelighting the Customer - The New Business Normal
Delighting the Customer - The New Business Normal
 
Redefining "Clean IT": Rejecting Incremental Improvement
Redefining "Clean IT": Rejecting Incremental ImprovementRedefining "Clean IT": Rejecting Incremental Improvement
Redefining "Clean IT": Rejecting Incremental Improvement
 

Recently uploaded

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 

Recently uploaded (20)

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 

Cloud Security: Trust and Transformation

  • 1. Trust and Transformation: The Compelling Case for the Cloud Peter Coffee VP / Head of Platform Research salesforce.com inc.
  • 2. Public Clouds of Public Trust: The End of ‘Forbidden Zones’ General Economic Health & Defense & Transportation Government Development Human Services Public Safety Science & Environment Political Campaigns & Advocacy Culture & Education
  • 3. Cloud Objections Are Being Addressed  Security: American Bankers Association blog says an enterprise should “verify that any outsourcing partner meets its standards. However, once verified, a cloud partner can actually provide greater security.”  Capacity / Availability: – Overall service portfolio routinely exceeds 600M transactions/day – Availability routinely > four 9s, converging on 24 × 365 operations  Compliance: United States’ National Institute of Standards and Technology says cloud-resident data “can be more available, faster to restore, and more reliable… [and] less of a risk than having data dispersed on portable computers or removable media.”
  • 4. Best Practices Matter More than Data Location "There are five common factors that lead to the compromise of database information": • ignorance • poor password management • rampant account sharing • unfettered access to data • excessive portability of data DarkReading.com, October 2009
  • 5. Trusted Advisors Recommend the Cloud Potential benefits from transitioning to a public cloud computing environment: • Staff Specialization • Platform Strength • Resource Availability • Backup and Recovery • Mobile Endpoints • Data Concentration
  • 6. Force.com was designed from Line 1… …to be “Shared and Secure” Apply Data Login… Authenticate… Security Rules… View Filtered Content  Password security policies  Rich Sharing Rules  User Profiles  SSO/2-factor solutions
  • 7. Granular Privilege Assignment + Expanding Ecosystem of Management Tools
  • 8. All Assets Secured, All the Time Despite resource sharing, multitenancy will often improve security. Most current enterprise security models are perimeter-based, making you vulnerable to inside attacks. Multitenant services secure all assets at all times, since those within the main perimeter are all different clients… Multitenancy is here to stay. Our research and analysis indicates that multitenancy is not a less secure model — quite the opposite!
  • 9. Data Stewardship is a Practice, not a Technology  Data protection regulations – Where can it be stored? – Who’s allowed to see it?  Peel the onion of ‘compliance’ – Anonymize/encrypt/partition specific fields – Cloud disciplines can enhance auditability • Role-based privilege assignment • Actions taken using granted privileges  Looking beyond the FUD – USA PATRIOT Act sometimes causes concern about powers of US government to access data – Limited to information-gathering related to matters of urgent national security – Use of USA PATRIOT Act requires involvement by all three branches of the US government – Many other countries, including in Europe, have very similar powers
  • 10. Trust is Earned by Transparency
  • 11. Continued Availability Improvement Spring ‘11 Summer ‘11 Winter ‘12 inter ’12 release: downtime reduced to 2 hours “Great work reducing the pain of the quarterly upgrade so dramatically. urtheror difference to of maintenance downtime in downtime and The reduction our overstated.” 2 3 hours can’t be business between 2 or 3 minutes of FY13
  • 12. Becoming ‘Securely Social’  What is the organization’s mission?  What information supports that mission?  Where does it originate?  Who holds it?  Who can see it?  What events change it?  When is that important?  How do people know?  How can people act?  These are not new questions: NSA IAM introduced 2004
  • 13. Trust is Essential Enabler for Cloud Adoption  Robust infrastructure security  Rigorous operational security  Granular customer controls – Role-based privilege sets – Convenient access control & audit  “Sum of all fears” superset protection – Multi-tenancy reduces opportunities for error – The most demanding customer sets the bar – FISMA: FIPS 199 LOW and MODERATE – PCI DSS Compliance Level 1 – Comprehensive and continuing audit and certification
  • 14. Peter Coffee VP / Head of Platform Research pcoffee@salesforce.com facebook.com/peter.coffee twitter.com/petercoffee cloudblog.salesforce.com

Editor's Notes

  1. Granular, governable and auditable privilege assignment elevates security in the cloud above what’s achieved in legacy environments
  2. When you design from Day 1 for massive sharing, you build in a representation of data ownership from the bottom up instead of trying to construct a perimeter
  3. Granular, governable and auditable privilege assignment elevates security in the cloud above what’s achieved in legacy environments
  4. Regulations often fail to reflect the state of technology and the current understanding of best practices, but governments still…govern
  5. What security or similar certifications do you have? (i.e. FIPS, SAS-70, PCI)