Enterprise and Cloud Computing
    – Clouded Security?



    Dr. Shekhar Kirani

    Vice President and Country Manager,
...
Digital World: How it looks?



    1.3B                                  Global Internet Users



    1.5T               ...
Why Such a Growth?

      Enterprise interactions Have
      Become Enterprise Internet
                     Interactions
...
What is Cloud Computing?
                 Cloud Computing Is NOT
               Grid Computing




                       ...
Defining Cloud Computing
                 Cloud Computing Is NOT
               Grid Computing   Utility Computing




   ...
Defining Cloud Computing
                 Cloud Computing Is NOT
               Grid Computing   Utility Computing   SaaS
...
Defining Cloud Computing
                 Cloud Computing Is NOT
               Grid Computing   Utility Computing   SaaS
...
Defining Cloud Computing
                           Cloud Computing IS
       Grid Computing
                             ...
Definition of Cloud Computing
       So, Cloud Computing is an emerging technology that:


     • utilizes concepts of gri...
Typical Enterprise Setup for Cloud Services
      CLOUD 1            CLOUD 2                          CLOUD 3




        ...
Cloud Security Basics
     End-to-end security is key for SaaS/PaaS/IaaS Vendors
       Stronger SLA and security than ent...
The Identity Problem of Cloud Computing




     30%  of Enterprises and SMBs
           view security as a top
          ...
Weak Link 1: Phishing in SaaS
                            CLOUD 1




Enterprise




                      R
             ...
Solution: Secure (EV Certs) or Green Bar Certs




                                                      14

14
Example: Green Browser Bar




       Phishing Site –
       Bar turned Red!




                                  15

15
Weak Link 2: Identity Theft
                                CLOUD 1




Enterprise




Rogue Emp




                     ...
Weak Link 2: Identity Theft
                                CLOUD 1




Enterprise




Rogue Emp




                     ...
Solution 2: Identity Theft
                                 CLOUD 1




Enterprise




Rogue Emp




                     ...
Solution: 2nd Factor (or 2nd Password)
     Offer a 2nd Factor solution in addition to login name/password

      –What yo...
Solution: 2nd Factor (2nd Password) for Online Access




                                                         20

20
Weak Link 3: Application/Data Security



Enterprise




Rogue Emp




                                                  2...
Solution: Strong Enterprise Encryption Solutions




     Email Applications                           Encrypted Communica...
Weak Link 4: Insider Theft
                        Sys Adm 1     Sys Adm 2   Rogue Adm




Enterprise

                   ...
Solution: Strong Authentication


     Web Applications                           Strong Web Authentication




     Remot...
Weak Link 5: DDoS Attack on Service

Enterprise




Bot 1



Bot 2


Bot 3


                                             ...
Weak Link 5: DDoS Attack on Service

Enterprise




Bot 1



Bot 2


Bot 3


                                             ...
Infrastructure: Evolving and Sophisticated DDoS Attacks
                                          Attack Bandwidth VS (Nor...
Summary
     Cloud Services need to offer Strong SLA and Security
     than Enterprises can do on their own.

     Cloud S...
Thank you!




                  29

29
Upcoming SlideShare
Loading in...5
×

Shekhar Kirani - Enterprise and Cloud Computing: Clouded Security?

1,107

Published on

The session will provide a 360-degree view on how enterprises can compete effectively by opening up their previously closed networks to business partners, customers, and their own increasingly mobile workforce - while managing security and associated risks. Kirani will also share practical examples from Indian and global enterprises that have secured critical business interactions and operations successfully.

Published in: Technology
0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,107
On Slideshare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
107
Comments
0
Likes
3
Embeds 0
No embeds

No notes for slide

Shekhar Kirani - Enterprise and Cloud Computing: Clouded Security?

  1. 1. Enterprise and Cloud Computing – Clouded Security? Dr. Shekhar Kirani Vice President and Country Manager, VeriSign India 10/08/09 1 1
  2. 2. Digital World: How it looks? 1.3B Global Internet Users 1.5T E-mails 177M Web sites 1. Source: Forrester Research 2008 2 2. Source: Goldman Sachs 2007 CSO Survey 2 3. Source: Synovate 2008 Consumer Survey
  3. 3. Why Such a Growth? Enterprise interactions Have Become Enterprise Internet Interactions Enteprise Internet Interactions -> Enterprise Cloud Interactions Efficiency & Convenience = $$$ 3 Source:http://www.verisign.com/Resources/Naming_Services 3 _Resources/Domain_Name_Industry_Brief/index.html
  4. 4. What is Cloud Computing? Cloud Computing Is NOT Grid Computing Grid Computing Distributed computing that uses a cluster of networked computers, acting in concert to perform a task 4 4
  5. 5. Defining Cloud Computing Cloud Computing Is NOT Grid Computing Utility Computing Utility Computing Virtualized computing resources, such as computation and storage, offered as a metered service Sun Grid Service Elastic Compute Cloud 5 5
  6. 6. Defining Cloud Computing Cloud Computing Is NOT Grid Computing Utility Computing SaaS Software-As-A-Service Delivery method of applications over the web using utility computing and multi-tenant architecture 6 6
  7. 7. Defining Cloud Computing Cloud Computing Is NOT Grid Computing Utility Computing SaaS Then what is it? 7 7
  8. 8. Defining Cloud Computing Cloud Computing IS Grid Computing Storage Infrastructure Identity Infrastructure + Utility Computing Security Infrastructure + Application Integration and Mash-ups + SaaS Business Intelligence Business Process Management 8 8
  9. 9. Definition of Cloud Computing So, Cloud Computing is an emerging technology that: • utilizes concepts of grid and utility computing • to provide application services over the Internet • along with all associated functions available with regular in-premise implementations • and may work in conjunction with in-premise resources 9 9
  10. 10. Typical Enterprise Setup for Cloud Services CLOUD 1 CLOUD 2 CLOUD 3 Different URLs with login-name/password Different URLs with login-name/password Enterprise combination. combination. Account Provisioning is batch-mode Account Provisioning is batch-mode Single Sign-on is not yet present. Single Sign-on is not yet present. 10 10
  11. 11. Cloud Security Basics End-to-end security is key for SaaS/PaaS/IaaS Vendors Stronger SLA and security than enterprise security. Every resource is access controlled, logged, protected, and managed. Principle of Least Privileged. Weakest link in the security chain is always exploited Physical, network, transaction, customer, employee, consultant, etc Least protected to more protected Social engineering – will remain key attack method Security by Design: Before v/s After Thought Cost and Usability Level of Security Likelihood of exploit Opportunity to exploit Deterrence, Prevention, Identification, and Action 11 11
  12. 12. The Identity Problem of Cloud Computing 30% of Enterprises and SMBs view security as a top concern in SaaS1 72% believe Identity and 78% Access Management is the key security issue2 of consumers want more control over securing their identity3 1. Source: Forrester Research 2008 12 2. Source: Goldman Sachs 2007 CSO Survey 12 3. Source: Synovate 2008 Consumer Survey
  13. 13. Weak Link 1: Phishing in SaaS CLOUD 1 Enterprise R O G U E A P 13 P 13
  14. 14. Solution: Secure (EV Certs) or Green Bar Certs 14 14
  15. 15. Example: Green Browser Bar Phishing Site – Bar turned Red! 15 15
  16. 16. Weak Link 2: Identity Theft CLOUD 1 Enterprise Rogue Emp 16 16
  17. 17. Weak Link 2: Identity Theft CLOUD 1 Enterprise Rogue Emp 17 17
  18. 18. Solution 2: Identity Theft CLOUD 1 Enterprise Rogue Emp 18 18
  19. 19. Solution: 2nd Factor (or 2nd Password) Offer a 2nd Factor solution in addition to login name/password –What you know and What you have Offer 2nd Factor across all types of devices (tokens, mobile, cards, etc). Identity theft requires a physical device to be stolen -> makes it hard! 19 19
  20. 20. Solution: 2nd Factor (2nd Password) for Online Access 20 20
  21. 21. Weak Link 3: Application/Data Security Enterprise Rogue Emp 21 21
  22. 22. Solution: Strong Enterprise Encryption Solutions Email Applications Encrypted Communication + = Endpoint Security Digital Certs Protected Assets and Data Data Storage Secured Data at Rest 22 22
  23. 23. Weak Link 4: Insider Theft Sys Adm 1 Sys Adm 2 Rogue Adm Enterprise No Digital Cer. Digital Certificate. 23 23
  24. 24. Solution: Strong Authentication Web Applications Strong Web Authentication Remote Access Secure Remote Access + = Digital Certs & Desktop Logon Multi-Factor Desktop Logon OTP Token Networking Secure Network Access 24 24
  25. 25. Weak Link 5: DDoS Attack on Service Enterprise Bot 1 Bot 2 Bot 3 25 25
  26. 26. Weak Link 5: DDoS Attack on Service Enterprise Bot 1 Bot 2 Bot 3 26 26
  27. 27. Infrastructure: Evolving and Sophisticated DDoS Attacks Attack Bandwidth VS (Normal) Bandwidth 70 VoIP/Cell Phone Worm ? 60 New threats due to 150x increased nodes and 50 adoption of IP-based DNS Gbps mobile devices 40 DNS Reflector 100x 30 Routing 20 Root Server Attacks Loop .COM Attacks Sobig Worm 50x 10 AOL Microsoft 40x Normal DNS Traffic 3x 30x 0 2000 2001 2002 2003 2004 2005 2006 DDoS Packet Filtering During Attack Attack Bandwidth (Normal) Bandwidth 27 27
  28. 28. Summary Cloud Services need to offer Strong SLA and Security than Enterprises can do on their own. Cloud Services need to demonstrate back-to-back SLA/Security throughout the SaaS/PaaS/IaaS chain. Clould Services need to demonstrate how they plan to do Deterrence, Prevention, Identification, and Action against attacks Enterprise will move to Cloud if Security/Privacy Issues are addressed 28 28
  29. 29. Thank you! 29 29
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×