• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Cloud security
 

Cloud security

on

  • 616 views

set of policies, technologies, and controls deployed to protect data, applications, and the associated infrastructure of cloud computing.

set of policies, technologies, and controls deployed to protect data, applications, and the associated infrastructure of cloud computing.

Statistics

Views

Total Views
616
Views on SlideShare
581
Embed Views
35

Actions

Likes
2
Downloads
21
Comments
0

1 Embed 35

http://pedroalexander.wordpress.com 35

Accessibility

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Cloud security Cloud security Presentation Transcript

    • Cloud ComputingCLOUD SECURITY PEDRO ALEXANDER ROMERO
    • Cloud SecurityAgenda- Security Framework- What Vendors Should do- What Customers Should do From: www.rackspace.com/cloud/cloudu
    • Cloud SecurityA Security Framework for the CloudThe Cloud Security Alliance (CSA) is a non-profitorganization formed to promote the use of best practices forproviding security assurance within Cloud Computing, andprovide education on the uses of Cloud Computing to helpsecure all other forms of computing.Objectives: Promote a common level of understanding between the consumers and providers Promote independent research into best practices. Create consensus lists of issues and guidance for cloud security assurance
    • Cloud SecurityWhat Vendors Should Do (1/7) 1. Physical Data Center Security 2. Security of Host Machine Operating System 3. Control of Hypervisor 4. Network Security 5. Virtual Machine Security
    • Cloud SecurityWhat Vendors Should Do (2/7)1. Physical Data Center Security:  Security of the Building: Keycard protocols, biometric scanning protocols and round-the-clock interior and exterior surveillance  Authorization of Personnel: Only authorized data center personnel should be granted access  Employee Background checking: Before they’re hired
    • Cloud SecurityWhat Vendors Should Do (3/7)2. Security of Host Machine Operating System: The operating system within which virtual machines are hosted requires extra scrutiny as it is the manager for guest virtual machines.  Intrusiondetection system  The minimum number of users accounts possible  Limited administrator access to named accounts  No publicly accessible network accessible services Vulnerabilities in the base OS can have impacts on the individual Virtual Machines.
    • Cloud SecurityWhat Vendors Should Do (4/7)3. Control of the Hypervisor: While, in most cases, control of individual virtual machines is the responsibility for the customer, vendors need to ensure robust security of the hypervisor itself, the tool which keeps the individual virtual machines separate.Hypervisor or virtual machine monitor (VMM) is a piece of computer software, firmware or hardware that creates and runs virtual machines.
    • Cloud SecurityWhat Vendors Should Do (5/7)4. Network Security:
    • Cloud SecurityWhat Vendors Should Do (6/7)4. Network Security: (Cont.) Consists of the policies and procedures adopted by the network administrator to prevent and monitor unauthorized access, misuse, modification or denial of the computer network and network-accessible resources. Includes:  Perimeter Controls  Network access  Regulate access control
    • Cloud SecurityWhat Vendors Should Do (7/7)5. Virtual Machine Security Virtual machines share the same security vulnerabilities as physical machines and should be protected from the same problems: hardware failures, viruses, hacking , data corruption.
    • Cloud SecurityWhat Customers Should Do Customers too have an important part to play in ensuring the security of the solutions they utilize.1. Firewall2. Patches and Backups3. Passwords4. Controlling Access to Devices Connected to the Cloud5. Ensuring the Security of Staff
    • Cloud SecurityWhat Customers Should DoThe Whispered Truth - Your Data, Your ResponsibilityIn Infrastructure as a Service (IaaS) and Platform as aService (PaaS) clouds, protecting data at rest is Customerresponsibility not the Providers.To meet privacy obligations to the company customers and employees,and to comply with regulatory standards such as PCI DSS and SOX, is amust to securely encrypt cloud-based data, while keeping operationaloverhead to a minimum.PCI DSS: Payment Card Industry Data Security StandardSOX:Sarbanes-Oxley Act of 2002