0
Top 5 Cloud Security Tips For
Canadian Organizations
The Smarter Everyday project is owned and operated by CTE Solutions I...
Session Topics
•
•
•
•
•
•

Cloud Benefits
Canadian Approach To Cloud
Geolocation Concerns
Cloud Security Alliance Guidanc...
Cloud Benefits
Going cloud is not just about the cost savings. In fact,
depending on the application, it may wind up costi...
Canadian Approach To Cloud?
• PATRIOT Act
• NSA Prism
• PIPEDA &
Privacy Act
• Conservative
Nature*
• Lack of
understandin...
Tip 1: Privacy - Consent Is Not An
Option
• Canada’s private sector privacy
legislation does not prohibit
organizations in...
Tip 2: Geo-location Concerns
Mechanisms Available:
• Consent Consent Consent
• Governance
• Data Classification
• Encrypti...
Tip 3: Governance and CMP
Addressing governance in a cloud environment can
be greatly assisted through the use of a Cloud
...
Top 4 CMP Functionality Highlights
Security Policy
Enforcement

• Centrally determine where applications and workloads can...
Tip 4: Cloud Security Alliance
Guidance
• Domain 3 of the CSA guidance focuses on
the legal aspects of adopting cloud
comp...
CSA Guidance Table of Contents
• CSA Guidance consists of 14 domains that
cover the items from legal to encryption to
inte...
Tip 5: Cloud Security Alliance Cloud
Controls Matrix
• The Cloud Controls Matrix can be used to
determine how service prov...
Tip 5: Cloud Security Alliance Cloud
Controls Matrix
• The Cloud Controls Matrix can be used to
determine how service prov...
CSA Training
• Cloud Security Alliance Training is coming
to Ottawa and Toronto in December. Get
the latest information on...
TECHNICAL
Microsoft
VMware
Cloud Computing
IT and Cyber Security
CompTIA
Java ProgrammingLanguages
Novell
UNIX

Training w...
CTE Solutions Inc. - Ottawa
11 Holland Avenue, Suite 100
Ottawa, Ontario, K1Y 4S1
Tel: (613) 798-5353
Toll Free: 1 (866) 6...
Upcoming SlideShare
Loading in...5
×

Canadian Cloud Webcast from CTE Solutions part of Smarter Everyday Project

235

Published on

This is a PPT from CTE Solutions' Smarter Everyday Project

Published in: Education, Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
235
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
7
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "Canadian Cloud Webcast from CTE Solutions part of Smarter Everyday Project"

  1. 1. Top 5 Cloud Security Tips For Canadian Organizations The Smarter Everyday project is owned and operated by CTE Solutions Inc.
  2. 2. Session Topics • • • • • • Cloud Benefits Canadian Approach To Cloud Geolocation Concerns Cloud Security Alliance Guidance Cloud Controls Matrix Q&A
  3. 3. Cloud Benefits Going cloud is not just about the cost savings. In fact, depending on the application, it may wind up costing more. After speaking with hundreds of leaders of companies ranging from Fortune 100 to start-up firms, I can tell you agility is the primary driver for organizations today. Bottom line: I’m not here to sell you on cloud adoption. You either “get it” or you will eventually. We are here to discuss addressing Canadian adoptions intelligently.
  4. 4. Canadian Approach To Cloud? • PATRIOT Act • NSA Prism • PIPEDA & Privacy Act • Conservative Nature* • Lack of understanding We can address 4 of these…
  5. 5. Tip 1: Privacy - Consent Is Not An Option • Canada’s private sector privacy legislation does not prohibit organizations in Canada from transferring personal information to an organization in another jurisdiction for processing. • Privacy Commissioner of Canada
  6. 6. Tip 2: Geo-location Concerns Mechanisms Available: • Consent Consent Consent • Governance • Data Classification • Encryption of Data at Rest • Encryption Gateway
  7. 7. Tip 3: Governance and CMP Addressing governance in a cloud environment can be greatly assisted through the use of a Cloud Management Platform (CMP). The role of the CMP is to create a single choke-point for cloud services in your organization. There is a wide variety of CMP technology out there. As a starting point, we will discuss the highlights of CMP functionality…
  8. 8. Top 4 CMP Functionality Highlights Security Policy Enforcement • Centrally determine where applications and workloads can be run (Public, Private, VPC, etc). • Example: Apps with PII data cannot run in public cloud. Automated instance hardening • Through automated configuration management, instances can be automatically hardened in accordance with corporate policy • Example: Host-Based security agents (e.g. HIPS) Security logs and audit trails Leverage existing encryption key management • All actions taken through the CMP are logged. • Example: Any policy changes are logged • A CMP should be able to plug-in existing key management solutions and extend these to cloud systems • Example: Key Management Interoperability Protocol (KMIP)
  9. 9. Tip 4: Cloud Security Alliance Guidance • Domain 3 of the CSA guidance focuses on the legal aspects of adopting cloud computing. Canadians with concerns regarding the legal aspects of cloud as it relates to addressing Canadian laws. https://cloudsecurityalliance.org/download/s ecurity-guidance-for-critical-areas-of-focusin-cloud-computing-v3/
  10. 10. CSA Guidance Table of Contents • CSA Guidance consists of 14 domains that cover the items from legal to encryption to interoperability & portability.
  11. 11. Tip 5: Cloud Security Alliance Cloud Controls Matrix • The Cloud Controls Matrix can be used to determine how service providers meet your particular requirements. https://cloudsecurityalliance.org/research/ccm/
  12. 12. Tip 5: Cloud Security Alliance Cloud Controls Matrix • The Cloud Controls Matrix can be used to determine how service providers meet your particular requirements. https://cloudsecurityalliance.org/research/ccm/
  13. 13. CSA Training • Cloud Security Alliance Training is coming to Ottawa and Toronto in December. Get the latest information on Cloud Security and hands-on with Public and Private cloud technology. • Ottawa: December 2nd – 4th (3 days) • Toronto: December 9th – 11th (3 days)
  14. 14. TECHNICAL Microsoft VMware Cloud Computing IT and Cyber Security CompTIA Java ProgrammingLanguages Novell UNIX Training with impact MANAGEMENT BUSINESS TOGAF Enterprise Architecture ITIL COBiT Agile and Scrum Business Analysis Project Management Change Management Communication Skills Leadership Skills Negotiation Skills Problem Solving Skills Facilitation Skills and many more…
  15. 15. CTE Solutions Inc. - Ottawa 11 Holland Avenue, Suite 100 Ottawa, Ontario, K1Y 4S1 Tel: (613) 798-5353 Toll Free: 1 (866) 635-5353 Fax: (613) 798-5574 CTE Solutions Inc. - Toronto 77 Bloor St. West, Suite 1406 Toronto, Ontario M5S 1M2 Tel: (416) 284-2700 Toll Free: 1 (866) 635-5353 Fax: (416) 284-6797
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×