Canadian Cloud Webcast from CTE Solutions part of Smarter Everyday Project
Upcoming SlideShare
Loading in...5
×
 

Canadian Cloud Webcast from CTE Solutions part of Smarter Everyday Project

on

  • 410 views

This is a PPT from CTE Solutions' Smarter Everyday Project

This is a PPT from CTE Solutions' Smarter Everyday Project

Statistics

Views

Total Views
410
Views on SlideShare
401
Embed Views
9

Actions

Likes
0
Downloads
5
Comments
0

1 Embed 9

http://www.ctesolutions.com 9

Accessibility

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Canadian Cloud Webcast from CTE Solutions part of Smarter Everyday Project Presentation Transcript

  • 1. Top 5 Cloud Security Tips For Canadian Organizations The Smarter Everyday project is owned and operated by CTE Solutions Inc.
  • 2. Session Topics • • • • • • Cloud Benefits Canadian Approach To Cloud Geolocation Concerns Cloud Security Alliance Guidance Cloud Controls Matrix Q&A
  • 3. Cloud Benefits Going cloud is not just about the cost savings. In fact, depending on the application, it may wind up costing more. After speaking with hundreds of leaders of companies ranging from Fortune 100 to start-up firms, I can tell you agility is the primary driver for organizations today. Bottom line: I’m not here to sell you on cloud adoption. You either “get it” or you will eventually. We are here to discuss addressing Canadian adoptions intelligently.
  • 4. Canadian Approach To Cloud? • PATRIOT Act • NSA Prism • PIPEDA & Privacy Act • Conservative Nature* • Lack of understanding We can address 4 of these…
  • 5. Tip 1: Privacy - Consent Is Not An Option • Canada’s private sector privacy legislation does not prohibit organizations in Canada from transferring personal information to an organization in another jurisdiction for processing. • Privacy Commissioner of Canada
  • 6. Tip 2: Geo-location Concerns Mechanisms Available: • Consent Consent Consent • Governance • Data Classification • Encryption of Data at Rest • Encryption Gateway
  • 7. Tip 3: Governance and CMP Addressing governance in a cloud environment can be greatly assisted through the use of a Cloud Management Platform (CMP). The role of the CMP is to create a single choke-point for cloud services in your organization. There is a wide variety of CMP technology out there. As a starting point, we will discuss the highlights of CMP functionality…
  • 8. Top 4 CMP Functionality Highlights Security Policy Enforcement • Centrally determine where applications and workloads can be run (Public, Private, VPC, etc). • Example: Apps with PII data cannot run in public cloud. Automated instance hardening • Through automated configuration management, instances can be automatically hardened in accordance with corporate policy • Example: Host-Based security agents (e.g. HIPS) Security logs and audit trails Leverage existing encryption key management • All actions taken through the CMP are logged. • Example: Any policy changes are logged • A CMP should be able to plug-in existing key management solutions and extend these to cloud systems • Example: Key Management Interoperability Protocol (KMIP)
  • 9. Tip 4: Cloud Security Alliance Guidance • Domain 3 of the CSA guidance focuses on the legal aspects of adopting cloud computing. Canadians with concerns regarding the legal aspects of cloud as it relates to addressing Canadian laws. https://cloudsecurityalliance.org/download/s ecurity-guidance-for-critical-areas-of-focusin-cloud-computing-v3/
  • 10. CSA Guidance Table of Contents • CSA Guidance consists of 14 domains that cover the items from legal to encryption to interoperability & portability.
  • 11. Tip 5: Cloud Security Alliance Cloud Controls Matrix • The Cloud Controls Matrix can be used to determine how service providers meet your particular requirements. https://cloudsecurityalliance.org/research/ccm/
  • 12. Tip 5: Cloud Security Alliance Cloud Controls Matrix • The Cloud Controls Matrix can be used to determine how service providers meet your particular requirements. https://cloudsecurityalliance.org/research/ccm/
  • 13. CSA Training • Cloud Security Alliance Training is coming to Ottawa and Toronto in December. Get the latest information on Cloud Security and hands-on with Public and Private cloud technology. • Ottawa: December 2nd – 4th (3 days) • Toronto: December 9th – 11th (3 days)
  • 14. TECHNICAL Microsoft VMware Cloud Computing IT and Cyber Security CompTIA Java ProgrammingLanguages Novell UNIX Training with impact MANAGEMENT BUSINESS TOGAF Enterprise Architecture ITIL COBiT Agile and Scrum Business Analysis Project Management Change Management Communication Skills Leadership Skills Negotiation Skills Problem Solving Skills Facilitation Skills and many more…
  • 15. CTE Solutions Inc. - Ottawa 11 Holland Avenue, Suite 100 Ottawa, Ontario, K1Y 4S1 Tel: (613) 798-5353 Toll Free: 1 (866) 635-5353 Fax: (613) 798-5574 CTE Solutions Inc. - Toronto 77 Bloor St. West, Suite 1406 Toronto, Ontario M5S 1M2 Tel: (416) 284-2700 Toll Free: 1 (866) 635-5353 Fax: (416) 284-6797