THE CLOUDIS AS SECURE AS      YOU WANT IT TO BEDebashis Banerjee (Yahoo! India)
My son’s first                     day                  at school                      Catered Food                 on my ...
Today’s Journey        Refresher to                        Multi device         the cloud                         Cloud Se...
Cloud Computing - Refresher•   Key aspects of using the cloud: Elasticity, On    Demand, Multi Tenancy, Multi Device, Abil...
Key questions to ask about Cloud Security?•   What do you need to protect? Who are your users?•   Where does your data liv...
Ensuring your cloud solution is secure                            Identity                            Provider            ...
Security in Public Cloud Deployments•   Strong Identity management•   Privileged Account Management•   Place the appropria...
Security in the Private & Hybrid Cloud   Private:    • Design such that there is scope to move to a hybrid model    • Imp...
Multi Device Cloud Security – Mobile Phones•   The mobile device as an extension of the Cloud•   Secure Mobile Apps on the...
Multi Factor Auth – OTPs, SMS based   Use OTPs effectively to protect your data access to    the cloud       GoldKey    ...
Some APIs useful in cloud security•   Safe Browsing API•   VM Safe APIs
In Conclusion•   Cloud Security is critical to succeed in the cloud•   Choose Private / Public / Hybrid cloud & SaaS /    ...
Remember your questions about security to1. Your child’s school2. Your anniversary party caterers3. Your airline4. Your ba...
Upcoming SlideShare
Loading in …5
×

Debashis banerjee cloud_is_as_secure

178
-1

Published on

Session at ISACA, TUV sud, IndInc conferences for "Cloud is as Secure as you want it to be"

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
178
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Debashis banerjee cloud_is_as_secure

  1. 1. THE CLOUDIS AS SECURE AS YOU WANT IT TO BEDebashis Banerjee (Yahoo! India)
  2. 2. My son’s first day at school Catered Food on my anniversary party Money in my bankMy seat on theplane
  3. 3. Today’s Journey Refresher to Multi device the cloud Cloud Security – Mobiles OTP, SMS Ensuring based multiyour cloud is Factor auth secure Public, Private and Hybrid Secure Cloud Security APIs Image: FreeDigitalPhotos.net
  4. 4. Cloud Computing - Refresher• Key aspects of using the cloud: Elasticity, On Demand, Multi Tenancy, Multi Device, Ability to measure Service• Type of Clouds - Public Clouds, Private Clouds, Hybrid Clouds, Community/Partner Clouds• SaaS , PaaS , IaaS
  5. 5. Key questions to ask about Cloud Security?• What do you need to protect? Who are your users?• Where does your data live? How does it flow? What geographies?• What are your compliance, logging needs?• Is there SSO and Identity management in place?• Do you have a mix of physical , virtual, cloud?• Who pays for security? Who is accountable for what aspect of security?• How do you react if a security breach takes place?
  6. 6. Ensuring your cloud solution is secure Identity Provider Strong AuthSecure Multi Ingress andData Egress Security DeviceIn backup Federated SSO Access Public Cloud Privileged Access Geo-Political Multi Tenancy Private Cloud ConsiderationsLogging, Secure Data atAuditing rest, motionCompliance,Playback Enterprise Physical, Virtual and cloud resources Wipeout, Encryption
  7. 7. Security in Public Cloud Deployments• Strong Identity management• Privileged Account Management• Place the appropriate type of data in the cloud• Have access to compliance and logging , auditing• Being a public cloud ensure you impose where you data can or cannot travel• Wipeout policies• Ensure you are comfortable with the security of multi tenancy• Secure keys
  8. 8. Security in the Private & Hybrid Cloud Private: • Design such that there is scope to move to a hybrid model • Impose SSO Hybrid: • Segregate your data between clouds • Use SAML and ensure appropriate enterprise credentials are within the perimeter • Have your Federation set up correctly. Enable SSO. • Ensuring enterprise credentials do not travel into the cloud
  9. 9. Multi Device Cloud Security – Mobile Phones• The mobile device as an extension of the Cloud• Secure Mobile Apps on the cloud.• On Cloud and On Device virus scanning• Seamless policies for mobile devices• Credential life cycle management• Secure Roaming Users
  10. 10. Multi Factor Auth – OTPs, SMS based Use OTPs effectively to protect your data access to the cloud  GoldKey  Multi Factor Auth – AWS/Gemalto 2 Factor Auth using SMS Image: http://commons.wikimedia.org/wiki/File:RSA-SecurID-Tokens.jpg
  11. 11. Some APIs useful in cloud security• Safe Browsing API• VM Safe APIs
  12. 12. In Conclusion• Cloud Security is critical to succeed in the cloud• Choose Private / Public / Hybrid cloud & SaaS / PaaS / IaaS• Identity & Privileged User Management• Compliance, Certification and Logging• Consider Multi Device Scenarios• Use Strong Authentication
  13. 13. Remember your questions about security to1. Your child’s school2. Your anniversary party caterers3. Your airline4. Your bank And you won’t go wrong with the Cloud Security !!!! Image: FreeDigitalPhotos.net
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×