Can I Trust the Cloud?

903 views
841 views

Published on

Published in: Technology, Business
1 Comment
1 Like
Statistics
Notes
No Downloads
Views
Total views
903
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
37
Comments
1
Likes
1
Embeds 0
No embeds

No notes for slide

Can I Trust the Cloud?

  1. 1. Can I Trust the Cloud?<br />W. Wyatt Starnes<br />VP Advanced Concepts<br />
  2. 2. Background <br /><ul><li>Harris Corporation
  3. 3. More than 16,000 employees including nearly 7,000 engineers and scientists
  4. 4. $6 billion annual revenue
  5. 5. Industry leader in mission critical networked systems
  6. 6. Significant investment in Cyber Integrated Solutions</li></ul>Wyatt Starnes<br />Leads research and development for Harris Trusted Enterprise Cloud and the Harris Cyber Integration Center<br />Instrumental in establishing industry standards for security, compliance, and systems measurement<br />Founder and former CEO of Signacert and Tripwire<br />36 years experience in high technology with eight startups<br />Harris has a 115-year history of engineering excellence, technical innovation, and customer delight.<br />
  7. 7. The Buzz about Cloud<br />
  8. 8. Everyone is Talking Cloud…<br />
  9. 9. …but Which Cloud and Can I Trust it?<br />Can I Trust the Cloud?<br />Which Cloud?<br />Private Cloud<br />On premise enterprise data center<br />Public Cloud<br />Off premise, multi-tenant<br />Shared resources<br />Community Cloud<br />Enterprise membership<br />Hybrid Cloud<br />Multiple elements of the above<br />Information Week Analytics Cloud Computing Survey, 2009. Respondents were asked: How concerned are you with the following issues as they relate to cloud computing? (range from 1 to 5)<br />
  10. 10. Barriers to the Cloud are Real<br />Trust<br />Cost & Control<br />
  11. 11. What is Trust in the Cloud?<br />
  12. 12. What is Trust?<br />Trust - Noun. <br /><ul><li>Reliance on the integrity, strength, ability, surety, etc., of a person or thing.
  13. 13. Confident expectation of something.</li></li></ul><li>What is Trust in the Cloud?<br />“Trust in cloud computing is defined as the continuous monitoring of all quality of service (QoS) elements that impact business service delivery and continuity. These include supply chain provenance, life cycle integrity, governance, security, privacy and transparency.”<br />
  14. 14. What is Trust in the Cloud?<br />“…..….the commission supports programs such as Security Content Automation Protocol, or S-CAP, a standard which enables the automation of reporting and verifying IT security control parameters. S-CAP provides a ready method to capture, test and continuously monitor the controls and integrity settings required to achieve the respective standard and/or compliance requirements.” <br />
  15. 15. Security ≠ Trust<br />Traditional security methods focus on keeping bad code out<br />Harris adds Positive Assurance enabling full integrity verification <br />All active elements in the infrastructure are monitored and validated including servers & network components (firewalls, routers, switches)<br />Explicit Trust through Positive Platform Assurance<br />
  16. 16. The Pillars of Trust<br />TRUST<br />Supply Chain<br />Positive Assurance<br />Service Delivery<br />Security & Compliance<br />
  17. 17. Building the Trusted Cloud<br />
  18. 18. The Trusted Enterprise Cloud<br />World-class and purpose-built infrastructure – the Cyber Integration Center and Harris’ network of cyber facilities and operations centers<br />Best-of-breed systems and processes – focused on virtualization, automation, a unique end-to-end service model, and customized control through the client portal<br />Trust Enablement Technology – continuous monitoring and assessment of the device and software supply chain using our Global Trust Repository of 3 billion (growing by 3 million a day!) industry standard reference images and external vulnerability feeds<br />Application Data and Signature Database<br />+2000 other vendors<br />Global Trust Repository<br />(GTR)<br />Enterprise Trust Server<br />Compliance Assessment<br />Reference<br />Configurations<br />Reporting<br />Inventory Reports<br />Change Reports<br />Compliance Reports<br />Notifications<br />IT Infrastructure<br /><ul><li>Ecommerce Service
  19. 19. Trading Service
  20. 20. Virtual Infrastructure
  21. 21. Web Servers
  22. 22. Database Servers
  23. 23. File Servers
  24. 24. Directory Servers</li></ul>The industry’s first enterprise-grade, high-assurance cloud computing solution<br />
  25. 25. Proof that the code was actually built by the named supplier is a <br />crucial element of software and device validation or attestation<br />Trust and Supply Chain<br />Do I know that the software elements that I am loading and running on my platform ARE what they say they are?<br />What proof do I have that the code I am using was actually built by the named vendor?<br />Is an increasing concern for software & hardware vendors and users in all sectors<br />
  26. 26. Cyber Integration Center<br /><ul><li>100,000 sq ft dedicated facility
  27. 27. Buffered VA location
  28. 28. Operations support ISO 20000, ISO 27001, SAS70 Type 2, NIST 800-53-High
  29. 29. Three secure data rooms
  30. 30. IT capacity > 340 W/sq ft
  31. 31. On site Client Operations & Security Center
  32. 32. LEED Silver designed
  33. 33. Green construction
  34. 34. Five, 500 ton, high efficiency centrifugal chillers
  35. 35. Chemical free cooling water reuse
  36. 36. Green IT Audacious Idea Award</li></ul>Two physically diverse telecom pathways <br />Two water sources used for cooling<br />Dual power sources from two separate substations<br />Nine generators for backup power<br /><ul><li>100’ perimeter security fence with intrusion detection
  37. 37. Interior and exterior motion-activated video monitoring
  38. 38. Biometric access scanners and man-trap portal
  39. 39. 24/7/365 on-site security guards & video surveillance</li></li></ul><li>Delivering Cyber Assurance Through Continuous Monitoring and Control<br />Automation, Vulnerability Identification & Software Authenticity Validation<br />Explicit Trust<br />Automated Positive Platform Assurance and S/W Supply Chain validation<br />S-CAP:<br />Security Content Automated Protocol<br />Configuration Management & Vulnerability Assessment<br />High Fidelity Software Signatures<br />Security Foundation is NIST SP800-53 (High Impact)<br />Security Tools & Components (Based on SP800-53)<br />Log Monitoring<br />Intrusion Prevention<br />Anti-Malware<br />DLP<br />Other<br />Foundation<br />Automated Defense In Depth Security Controls via NIST SP800-53/37<br />Risk Management – NIST SP800-37<br />Complete Cyber Assurance<br />
  40. 40. Marquee Facility Backed by a Global Support Network<br />Harris Cyber Integration Center<br /><ul><li>Multiple Harris Cyber facilities
  41. 41. CapRock, GCS & Other network backbones
  42. 42. 24/7/365 field support locations
  43. 43. Readily Accessible Partner Facilities
  44. 44. 18 Teleports Across 6 Continents
  45. 45. 6 Network Operations Centers (24x7)
  46. 46. 83 PoPs on Global Terrestrial Network
  47. 47. 140 Countries Served</li></li></ul><li>Building Your Cloud<br />
  48. 48. Choose the Cloud That’s Right for You<br />Harris Trusted Enterprise Cloud™<br />Trusted Dedicated Cloud<br />Client A<br />Trusted Dedicated Cloud<br />Client B<br />Trusted Dedicated Cloud<br />Client C<br />VPN or VPLS<br />Trusted<br />Private<br />Cloud<br />Trusted Multi-Tenant Cloud<br />Client A<br />Client B<br />Client C<br />Client Enterprise<br />Cyber Integrated Solutions Client Operations & Security Center<br />Choose the elements of your cloud. Manage as one system.<br />
  49. 49. Choose the Cloud That’s Right for You<br />Harris Trusted Enterprise Cloud™<br /><ul><li>Three core components to create the cloud architecture that is right for your enterprise
  50. 50. Each component features:
  51. 51. Cloud Infrastructure as a Service (IaaS)
  52. 52. Harris Trusted Enterprise Cloud security controls and trust enablement technology
  53. 53. Embedded continuous monitoring
  54. 54. Control & management via the Cyber Operations and Security Center (COSC)</li></ul>Trusted Dedicated Cloud<br />Client A<br />Trusted Dedicated Cloud<br />Client B<br />Trusted Dedicated Cloud<br />Client C<br />VPN or VPLS<br />Trusted<br />Private<br />Cloud<br />Trusted Multi-Tenant Cloud<br />Client A<br />Client B<br />Client C<br />Client Enterprise<br />Cyber Integrated Solutions Client Operations & Security Center<br />Choose the elements of your cloud. Manage as one system.<br />
  55. 55. Trusted Enterprise Cloud Configurations<br /><ul><li>Hosted cloud infrastructure for provisioning on demand
  56. 56. Secure multi-tenant or dedicated single tenant infrastructure
  57. 57. Hosted private cloud
  58. 58. Public cloud
  59. 59. Designed to exceed the VCE VMDC 2.0 Reference Architecture</li></ul>Trusted Dedicated Cloud<br />Client A<br />Trusted Dedicated Cloud<br />Client B<br />Trusted Dedicated Cloud<br />Client C<br />VPN or VPLS<br />Trusted<br />Private<br />Cloud<br />Trusted Multi-Tenant Cloud<br />Client A<br />Client B<br />Client C<br />Client Enterprise<br />Cyber Integrated Solutions Client Operations & Security Center<br />Choose the elements of your cloud. Manage as one system.<br />
  60. 60. Trusted Private Cloud<br /><ul><li>On-premise cloud – remotely managed by Harris Client Operations and Security Center
  61. 61. Capacity and agility benefits of cloud computing with the control of on-premise equipment
  62. 62. Harris trust enablement technologies
  63. 63. Eases migration path to the cloud</li></ul>Trusted Enterprise Cloud<br />Trusted Dedicated Cloud<br />Client A<br />Trusted Dedicated Cloud<br />Client B<br />Trusted Dedicated Cloud<br />Client C<br />VPN or VPLS<br />Trusted<br />Private<br />Cloud<br />Trusted Multi-Tenant Cloud<br />Client A<br />Client B<br />Client C<br />Client Enterprise<br />Cyber Integrated Solutions Client Operations & Security Center<br />Choose the elements of your cloud. Manage as one system.<br />
  64. 64. Key Features & Benefits<br />
  65. 65. You Can Trust the Cloud!<br />
  66. 66. You Can Trust the Cloud!<br />
  67. 67. You Can Trust the Cloud!<br />“The Harris Trusted Enterprise Cloud clearly offers advanced security and trust capabilities far in excess of what you'd normally find in the vast majority of enterprise IT environments.  It's arguably much better than you could do yourself, or – at least – do in a reasonable fashion.”<br />“They created a purpose-built enterprise cloud that was arguably orders of magnitude more secure and more trusted than anything an IT environment could do for themselves.”<br />“You'll see, it's far far better in many regards.”<br />
  68. 68. Trust In The Cloud<br />The industry’s first enterprise-grade, high-assurance cloud computing solution<br />World class partners providing best of breed technology<br />Cyber integration expertise to cost effectively meet the unique needs of your business<br />Trust enablement technology that goes beyond security to unprecedented visibility and control of your infrastructure<br />www.cyber.harris.com<br />
  69. 69. Thank you!wstarnes@harris.com<br />

×