Wrong confirmation ID

Email
Favorite
Favorited ×
Download
Embed
Private Content
Copy and paste this code into your blog or website Copy Customize… Close
We have emailed the verification/download link to "".
Login to your email and click the link to download the file directly.

To request the link at a different email address, update it here. Close
Validation messages. Success message. Fail message.

Check your bulk/spam folders if you can't find our mail.

+ Follow

Cloud Security- In Perspective

by Justin Pirie on Sep 29, 2010

1,743 views

More…

Less

9 Embeds 1,100

http://www.justinpirie.com	1038
http://feeds.feedburner.com	42
http://thisweekincloud.com	9
http://www.thisweekincloud.com	5
http://thisweekinsaas.com	2
http://webcache.googleusercontent.com	1
http://newsblur.com	1
http://translate.googleusercontent.com	1
http://www.google.com	1

More...

Statistics

Favorites: 0
Downloads: 14
Comments: 0
Embed Views: 1,100
Views on SlideShare: 643
Total Views: 1,743

Security
Security
Continutity
Archive
Bringing all the benefits of Google apps- horizontal scalability, reliability, etc
To Microsoft Exchange
Security
Security
From the Mimecast Cloud Adoption Survey
From the Mimecast Cloud Adoption Survey http://www.mimecast.com/events-press/press-releases/article/view/cloud-computing-delivering-on-its-promise-but-doubts-still-hold-back-adoption/462/
From the Mimecast Cloud Adoption Survey http://www.mimecast.com/events-press/press-releases/article/view/cloud-computing-delivering-on-its-promise-but-doubts-still-hold-back-adoption/462/
From the Mimecast Cloud Adoption Survey http://www.mimecast.com/events-press/press-releases/article/view/cloud-computing-delivering-on-its-promise-but-doubts-still-hold-back-adoption/462/
2010 Gartner Hype Cycle for emerging technologies
2010 Gartner Hype Cycle for emerging technologies
From the Mimecast Cloud Adoption Survey http://www.mimecast.com/events-press/press-releases/article/view/cloud-computing-delivering-on-its-promise-but-doubts-still-hold-back-adoption/462/
From the Mimecast Cloud Adoption Survey http://www.mimecast.com/events-press/press-releases/article/view/cloud-computing-delivering-on-its-promise-but-doubts-still-hold-back-adoption/462/
Or being blocked
What’s the problem?
Standards are only just emerging
Buyer Beware- http://en.wikipedia.org/wiki/Caveat_emptorUnder the doctrine of caveat emptor, the buyer could not recover from the seller for defects on the property that rendered the property unfit for ordinary purposes. The only exception was if the seller actively concealed latent defects or otherwise made material misrepresentations amounting to fraud.Before statutory law, the buyer had no warranty of the quality of goods. In many jurisdictions now, the law requires that goods must be of "merchantable quality". However, this implied warranty can be difficult to enforce and may not apply to all products. Hence, buyers are still advised to be cautious.
Which is why we in cloud feel like we’re being beaten up...
Security
Security is often presented as a binary object. It’s not.
It’s much more complex than that.
What is security?
Security is the management of risks
Define Acceptable risk
Step #6: Monitor Risks
Some People are unsure about Cloud Security
Probably because of the relative opacity of Cloud compared to the transparency of a private network and the control you can exert on it
The key is to understand your current risks- baseline them
i.e. Where are we today?
Users Applications File shares Email Document management
Sysadmins User based access Server access Database access
Others: Internet VPN Extranet Customer/Partner portals API’s Suppliers Telco’s Tape warehousing Backup delivery personnel
Permissions Nightmare
How are we managing those risks today?
Applying the 6 step process?
Are you given the budget / skills to do it?
“Quiscustodietipsoscustodes?”Who will guard the guards themselves?DecimusIuniusIuvenalis
Cloud can be a way to become a guard’s guard, instead of the guard
Reasons to go Cloud Security
Reason to go Cloud security #1 It’s their business- and their reputation depends on it
#2 Money - they are held financially responsible
Reason #3 Scale- Cloud platforms have scale that customers could never achieve on their own- protecting against large scale attacks
Reason #4 Specialised Skills- employ specific people to do specialised job. Cumulative effect of multiple customers
Cumulative effect of multiple customers
Best Practice embedded in organisation and distributed. Not dependent on one person
Not just about competence and budget- but focus. It’s all they do.
Cloud can be a way to become a guard’s guard, instead of the guard
Buyer Beware- http://en.wikipedia.org/wiki/Caveat_emptorUnder the doctrine of caveat emptor, the buyer could not recover from the seller for defects on the property that rendered the property unfit for ordinary purposes. The only exception was if the seller actively concealed latent defects or otherwise made material misrepresentations amounting to fraud.Before statutory law, the buyer had no warranty of the quality of goods. In many jurisdictions now, the law requires that goods must be of "merchantable quality". However, this implied warranty can be difficult to enforce and may not apply to all products. Hence, buyers are still advised to be cautious.
But make it proportional to risk- especially to CURRENT RISKS
Security

Cloud Security- In Perspective — Presentation Transcript

Cloud Security- Is my data safe?
Justin Pirie
@justinpirie
blog.mimecast.com
jpirie@mimecast.com
CMA- London
September 29th2010
matthewbradley
Analyst Blogger
Community Manager
Social Media Influence
Where I work
Cloud Services for Microsoft Exchange
tipiro
Cloud Wrapper
Email Security
matthewbradley
Email Continuity
neilalderney123
Email Archive
dolescum
Benefits of Google Apps
For Microsoft Exchange
What do users get?
minifig
Unlimited Storage
mescon
Fast Search
Ronan_C
Uptime
szeke
Over 500,000 users can’t be wrong!
Cloud Security- Is my data safe?
matthewbradley
Today’s Presentation
iSlime
Area I normally specialise in...
massdistraction
James Blake
Barry Gill
Cloud Security Experts
matthewbradley
James Blake- CISO
flik
Barry Gill...
bowbrick
Can’t walk...
Badly Drawn Dad
Stuck with me
Pixzamillion
Cloud Landscape
zoutedrop
Lets have some data
bionicteaching
To Understand
russelldavies
US Cloud Adoption
2009 = 36%
US Cloud Adoption
2010 = 56%
US Businesses Considering Adopting
70%
UK lags behind US attitudes
6%
2010 Hype Cycle
2010 Hype Cycle
Grand Canyon between adopters
James Marvin Phelps (mandj98)
Adopters: Cloud Improved Security
57%
Non Adopters: Cloud = Security Risk
62%
Where is the gap?
massdistraction
Blocking Cloud Initiatives
dmoola
What’s the problem?
aturkus
Cloud is embryonic
viralbus
Standards just emerging
mayakamina
So.... Caveat Emptor
jeffc5000
And why it sometimes feels like this...
gxdoyle
Change Direction
Paul Wicks
James Blake
Barry Gill
Security
matthewbradley
Presented as Binary
MarkOMeara
Reality...
cdw9
Ask an InfoSec pro
thomasglobal
What is Security?
Thomas Hawk
Management of Risk
kyz
Too easily think of hardware
stars6 / Leonardo Rizzi
Step #1: Define Acceptable Risks
tnarik
Step #2: Assess your Risks
Eneas
Step #3: Mitigate Risks
get down
Step #4: Transfer Risks
Brandon Christopher Warren
Step #5: Accept Risks
dhammza
Step #6: Monitor / Audit
Boyce Duprey
Unsure about Cloud Security?
jessicafm
Cloud Security is Opaque
Andrew Coulter Enright
Compared to your tin
stars6 / Leonardo Rizzi
Baseline Current Risks
Chuck “Caveman” Coker
i.e. Where are we today?
Chris D 2006
Trusting Users....
Thai Jasmine (Take good care :-))
And Sysadmins....
leftcase
Others...
Tambako the Jaguar
Permissions Nightmare
marimoon
Managing those risks?
Patrick Q
6 Steps?
bitchcakesny
Is expensive
jo'nas
Got the budget?
The Prime Minister's Office
“Quiscustodiet
ipsoscustodes?”
Cloud: Guards Guard
Cloud Security?
matt.hintsa
#1. It’s their Business
Esthr
#2. Financially Responsible
wwarby
#3. Scale
laffy4k
#4. Specialised Skills
SarahMcDॐ
#5. Cumulative Effect of Multiple Customers
Leo Reynolds
#6. Best Practice: Embedded, Distributed
Lars Plougmann
#7. Focus
Chris Campbell
Want to be the Guards Guard?
Remember: Caveat Emptor
jeffc5000
But proportional to Risk
gxdoyle
Any Questions?
Justin Pirie
@justinpirie
blog.mimecast.com
jpirie@mimecast.com
matthewbradley

Cloud Security- In Perspective

by Justin Pirie on Sep 29, 2010

Accessibility

Tags

Upload Details

Usage Rights

9 Embeds 1,100

Statistics

Cloud Security- In Perspective — Presentation Transcript