InCloud<br />WeTrust<br />Not so fast!<br />“I’m Cloud Confused” series<br />
If you’re new to Cloud Computing, <br />or just confused…<br />Please try<br />http://www.slideshare.net/Guppers/im-cloud-...
the biggest Cloud Computing <br />concerns are…<br />Security <br />Privacy<br />
Fundamental Question<br />Is Cloud Computing<br />security weaker<br />than <br />EnterpriseSecurity? <br />
a Typical Reaction<br />when asks about security <br />SHA256<br />X.509<br />Salt<br />AES<br />PKCS<br />IV<br />DES<br />
the street<br />Security is….<br />Boring<br />Heard it on<br />Complex<br />Hacker stuff<br />Kills usability<br />Necess...
Let’s make it simple<br />Child Play<br />
Let’s pick a simple story<br />You worked hard this year, <br />you bought a pile of gold bars<br />
Where should you storethem? <br />House?<br />Bank?<br />Your House<br />Your Bank<br />
What does this thief think?<br />…<br />
Plenty of valuableassets, <br />but it may have elaborate <br />securityprotection in place<br />Bank<br />
Some valuableassets,<br />security protection may not<br />as elaborate<br />House<br />
What would you do to boost<br />your protection? <br />
Yes, build layers of defense <br />
Put the fenceup<br />Put <br />
Install additional door locks <br />
Let’s also install alarmsystem <br />and surveillancecameras<br />
Feel Better?  <br />
Oh, don’t forget about<br />adisasterplan <br />
Knock, knock<br />Who’s there?<br />
You control who hasaccessto your house<br />
And, pretty sure <br />yourinner circle won’t steal from you<br />
Let’s translate…<br />Corporate Data<br />IT Assets(Software, Hardware)<br />Employees<br />
You feel totally in control <br />
Whyin the world<br />you would give up control?<br />
..and many eyes aim at big prizes<br />
when delegating security to other…<br />a few things to consider….<br />
It’s all about<br />It’s all about Trust<br />Trust<br />
Do you trust them that they’ll still be in the <br />business <br />tomorrow?<br />Help!<br />Ex-Cloud Provider will<br />...
Didn’t we see this before? <br />
Recommendation<br />Pick servicesthat are<br />backed by major players<br />
Data Lost <br />It is unlikely. <br />Reputable Cloud Providers copy data 3-4 times<br />
However, it is normal to store <br />highly value-able datain <br />two or more different cloud providers<br />Data<br />S...
Data Privacy<br />Confidentiality <br />
Data in Transit<br />data<br />Internet<br />Cloud Provider <br />It can be secured using encryption technology, e.g. SSL<...
Data at Rest<br />Cloud Provider <br />Biggest prize for attackers!<br />More and more cloud providers are developing nati...
You can pick whereyour data resides<br />
Physical Access <br />Cloud Provider<br />Data Center<br />
Security processes are typically <br />in place  for physical access <br />Background Check<br />Two factor authentication...
Multi tenant<br />Infrastructure<br />Corporate 4<br />Corporate 3<br />Corporate 2<br />Corporate 1<br />…infrastructure ...
Will vulnerabilityin one company <br />affect others in the cloud?<br />
Cloud Providers use <br />isolationtechniques<br />Data Isolation<br />Virtualization<br />Computing Isolation<br />a vuln...
Identity<br />
Unwanted guest<br />Employees<br />Cloud Computing<br />Suppliers<br />Customers<br />
Potential External Entry Points<br />Web SiteHTTP(S)<br />Database<br />Queue<br />Web ServicesHTTP(S)<br />Custom<br />Bl...
Typical access to a web site <br />hosted in the Cloud<br />
Example of <br />astronger authentication process<br />for sensitive web site<br />A8KP<br />
Accessing other Cloud Services<br />(Example)<br />Address<br />https://aservice.mycloudprov.net<br />Key2<br />Key1<br />...
Control which networkor machineshave access <br />98.237.178.63<br />83.231.32.17<br />
Let’s look at from<br /> cloud infrastructure provider’s<br />perspectives<br />
TypicalSLAs to compete<br />around<br />99.95<br />% uptime<br />
It is in their best interest to <br />maintain reputation, <br />best security practice<br />their business depends on it<...
Headlines they try hard to avoid<br />Data is stolen from ….<br />…. has been down<br />since yesterday<br />Security brea...
Should you migrate all to Cloud? <br />
NO<br />Cloud Computing <br />is still at infancy <br />
Trust is Always Earned,<br />NeverGiven<br />---R. Williams<br />
Migrate <br />non-critical business operations, <br />departmental level data first <br />and Observe!<br />Enterprise<br />
It’s not as difficultas you think<br />simplicity, agility and elasticity <br />(another topic for further discussion)<br />
Excited about new possibilities in <br />cloudspace?<br />
Follow discussions and<br />presentations on<br />facebook <br />“I’m Cloud Confused”<br />http://www.facebook.com/pages/I...
You<br />Us<br />10simple questions,2minutes to completehttp://surveymonkey.com/s.aspx?sm=NrndNTZkoG6j8BWJYejC1g_3d_3d<br ...
Want to try Cloudfor your business now ?<br />Only a few minutes to setup<br />http://www.slideshare.net/Guppers/guppers-3...
For more presentations like this, visit, <br />follow, subscribe to:  <br />Blog: http://www.andyharjanto.com<br />Twitter...
Upcoming SlideShare
Loading in...5
×

In Cloud We Trust

5,010

Published on

Security and privacy are the major concerns for many companies to move forward with cloud computing. This presentation describes a few security and privacy issues related to cloud computing and where we as industry addressing these issues.

Published in: Business, Technology
0 Comments
10 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
5,010
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
510
Comments
0
Likes
10
Embeds 0
No embeds

No notes for slide

In Cloud We Trust

  1. 1. InCloud<br />WeTrust<br />Not so fast!<br />“I’m Cloud Confused” series<br />
  2. 2. If you’re new to Cloud Computing, <br />or just confused…<br />Please try<br />http://www.slideshare.net/Guppers/im-cloud-confused<br />
  3. 3. the biggest Cloud Computing <br />concerns are…<br />Security <br />Privacy<br />
  4. 4. Fundamental Question<br />Is Cloud Computing<br />security weaker<br />than <br />EnterpriseSecurity? <br />
  5. 5. a Typical Reaction<br />when asks about security <br />SHA256<br />X.509<br />Salt<br />AES<br />PKCS<br />IV<br />DES<br />
  6. 6. the street<br />Security is….<br />Boring<br />Heard it on<br />Complex<br />Hacker stuff<br />Kills usability<br />Necessary Evil<br />Complicates my life<br />
  7. 7. Let’s make it simple<br />Child Play<br />
  8. 8. Let’s pick a simple story<br />You worked hard this year, <br />you bought a pile of gold bars<br />
  9. 9. Where should you storethem? <br />House?<br />Bank?<br />Your House<br />Your Bank<br />
  10. 10. What does this thief think?<br />…<br />
  11. 11. Plenty of valuableassets, <br />but it may have elaborate <br />securityprotection in place<br />Bank<br />
  12. 12. Some valuableassets,<br />security protection may not<br />as elaborate<br />House<br />
  13. 13. What would you do to boost<br />your protection? <br />
  14. 14. Yes, build layers of defense <br />
  15. 15. Put the fenceup<br />Put <br />
  16. 16. Install additional door locks <br />
  17. 17. Let’s also install alarmsystem <br />and surveillancecameras<br />
  18. 18. Feel Better? <br />
  19. 19. Oh, don’t forget about<br />adisasterplan <br />
  20. 20. Knock, knock<br />Who’s there?<br />
  21. 21. You control who hasaccessto your house<br />
  22. 22. And, pretty sure <br />yourinner circle won’t steal from you<br />
  23. 23. Let’s translate…<br />Corporate Data<br />IT Assets(Software, Hardware)<br />Employees<br />
  24. 24. You feel totally in control <br />
  25. 25. Whyin the world<br />you would give up control?<br />
  26. 26. ..and many eyes aim at big prizes<br />
  27. 27. when delegating security to other…<br />a few things to consider….<br />
  28. 28. It’s all about<br />It’s all about Trust<br />Trust<br />
  29. 29. Do you trust them that they’ll still be in the <br />business <br />tomorrow?<br />Help!<br />Ex-Cloud Provider will<br />work for Food<br />
  30. 30. Didn’t we see this before? <br />
  31. 31. Recommendation<br />Pick servicesthat are<br />backed by major players<br />
  32. 32. Data Lost <br />It is unlikely. <br />Reputable Cloud Providers copy data 3-4 times<br />
  33. 33. However, it is normal to store <br />highly value-able datain <br />two or more different cloud providers<br />Data<br />Service<br />replicated<br />replicated<br />Cloud Provider 1<br />Cloud Provider 2<br />
  34. 34. Data Privacy<br />Confidentiality <br />
  35. 35. Data in Transit<br />data<br />Internet<br />Cloud Provider <br />It can be secured using encryption technology, e.g. SSL<br />It is used especially for sensitive data<br />
  36. 36. Data at Rest<br />Cloud Provider <br />Biggest prize for attackers!<br />More and more cloud providers are developing nativedata encryption <br />Even if it is stolen, it will be useless for attackers<br />
  37. 37. You can pick whereyour data resides<br />
  38. 38. Physical Access <br />Cloud Provider<br />Data Center<br />
  39. 39. Security processes are typically <br />in place for physical access <br />Background Check<br />Two factor authentication<br />Intrusion detection system<br />Audit<br />Video surveillance <br />
  40. 40. Multi tenant<br />Infrastructure<br />Corporate 4<br />Corporate 3<br />Corporate 2<br />Corporate 1<br />…infrastructure is shared by many corporations (tenant)<br />
  41. 41. Will vulnerabilityin one company <br />affect others in the cloud?<br />
  42. 42. Cloud Providers use <br />isolationtechniques<br />Data Isolation<br />Virtualization<br />Computing Isolation<br />a vulnerability in one tenant has little impact on other tenants<br />
  43. 43. Identity<br />
  44. 44. Unwanted guest<br />Employees<br />Cloud Computing<br />Suppliers<br />Customers<br />
  45. 45. Potential External Entry Points<br />Web SiteHTTP(S)<br />Database<br />Queue<br />Web ServicesHTTP(S)<br />Custom<br />Blob(Files, Docs)<br />Worker VM<br />XYZCorp.com<br />
  46. 46. Typical access to a web site <br />hosted in the Cloud<br />
  47. 47. Example of <br />astronger authentication process<br />for sensitive web site<br />A8KP<br />
  48. 48. Accessing other Cloud Services<br />(Example)<br />Address<br />https://aservice.mycloudprov.net<br />Key2<br />Key1<br />R3ZhU3xAmLIEAnRRyiMHx…<br />xFAlNx4VeRDGQgSQI…<br />
  49. 49. Control which networkor machineshave access <br />98.237.178.63<br />83.231.32.17<br />
  50. 50. Let’s look at from<br /> cloud infrastructure provider’s<br />perspectives<br />
  51. 51. TypicalSLAs to compete<br />around<br />99.95<br />% uptime<br />
  52. 52. It is in their best interest to <br />maintain reputation, <br />best security practice<br />their business depends on it<br />
  53. 53. Headlines they try hard to avoid<br />Data is stolen from ….<br />…. has been down<br />since yesterday<br />Security breach at data center….<br />
  54. 54. Should you migrate all to Cloud? <br />
  55. 55. NO<br />Cloud Computing <br />is still at infancy <br />
  56. 56. Trust is Always Earned,<br />NeverGiven<br />---R. Williams<br />
  57. 57. Migrate <br />non-critical business operations, <br />departmental level data first <br />and Observe!<br />Enterprise<br />
  58. 58. It’s not as difficultas you think<br />simplicity, agility and elasticity <br />(another topic for further discussion)<br />
  59. 59. Excited about new possibilities in <br />cloudspace?<br />
  60. 60. Follow discussions and<br />presentations on<br />facebook <br />“I’m Cloud Confused”<br />http://www.facebook.com/pages/Im-Cloud-Confused/219897591208?ref=ts<br />
  61. 61. You<br />Us<br />10simple questions,2minutes to completehttp://surveymonkey.com/s.aspx?sm=NrndNTZkoG6j8BWJYejC1g_3d_3d<br />Will Publish Results on<br />facebook <br />
  62. 62. Want to try Cloudfor your business now ?<br />Only a few minutes to setup<br />http://www.slideshare.net/Guppers/guppers-3-minute-walkthrough<br />
  63. 63. For more presentations like this, visit, <br />follow, subscribe to: <br />Blog: http://www.andyharjanto.com<br />Twitter: http://twitter.com/harjanto<br />Contact: andy@guppers.com<br />
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×