Your SlideShare is downloading. ×
0
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Cloudtrust 091204053223 Phpapp01
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Cloudtrust 091204053223 Phpapp01

341

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
341
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
25
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. InCloud
    WeTrust
    Not so fast!
    “I’m Cloud Confused” series
  • 2. If you’re new to Cloud Computing,
    or just confused…
    Please try
    http://www.slideshare.net/Guppers/im-cloud-confused
  • 3. the biggest Cloud Computing
    concerns are…
    Security
    Privacy
  • 4. Fundamental Question
    Is Cloud Computing
    security weaker
    than
    EnterpriseSecurity?
  • 5. a Typical Reaction
    when asks about security
    SHA256
    X.509
    Salt
    AES
    PKCS
    IV
    DES
  • 6. the street
    Security is….
    Boring
    Heard it on
    Complex
    Hacker stuff
    Kills usability
    Necessary Evil
    Complicates my life
  • 7. Let’s make it simple
    Child Play
  • 8. Let’s pick a simple story
    You worked hard this year,
    you bought a pile of gold bars
  • 9. Where should you storethem?
    House?
    Bank?
    Your House
    Your Bank
  • 10. What does this thief think?

  • 11. Plenty of valuableassets,
    but it may have elaborate
    securityprotection in place
    Bank
  • 12. Some valuableassets,
    security protection may not
    as elaborate
    House
  • 13. What would you do to boost
    your protection?
  • 14. Yes, build layers of defense
  • 15. Put the fenceup
    Put
  • 16. Install additional door locks
  • 17. Let’s also install alarmsystem
    and surveillancecameras
  • 18. Feel Better?
  • 19. Oh, don’t forget about
    adisasterplan
  • 20. Knock, knock
    Who’s there?
  • 21. You control who hasaccessto your house
  • 22. And, pretty sure
    yourinner circle won’t steal from you
  • 23. Let’s translate…
    Corporate Data
    IT Assets(Software, Hardware)
    Employees
  • 24. You feel totally in control
  • 25. Whyin the world
    you would give up control?
  • 26. ..and many eyes aim at big prizes
  • 27. when delegating security to other…
    a few things to consider….
  • 28. It’s all about
    It’s all about Trust
    Trust
  • 29. Do you trust them that they’ll still be in the
    business
    tomorrow?
    Help!
    Ex-Cloud Provider will
    work for Food
  • 30. Didn’t we see this before?
  • 31. Recommendation
    Pick servicesthat are
    backed by major players
  • 32. Data Lost
    It is unlikely.
    Reputable Cloud Providers copy data 3-4 times
  • 33. However, it is normal to store
    highly value-able datain
    two or more different cloud providers
    Data
    Service
    replicated
    replicated
    Cloud Provider 1
    Cloud Provider 2
  • 34. Data Privacy
    Confidentiality
  • 35. Data in Transit
    data
    Internet
    Cloud Provider
    It can be secured using encryption technology, e.g. SSL
    It is used especially for sensitive data
  • 36. Data at Rest
    Cloud Provider
    Biggest prize for attackers!
    More and more cloud providers are developing nativedata encryption
    Even if it is stolen, it will be useless for attackers
  • 37. You can pick whereyour data resides
  • 38. Physical Access
    Cloud Provider
    Data Center
  • 39. Security processes are typically
    in place for physical access
    Background Check
    Two factor authentication
    Intrusion detection system
    Audit
    Video surveillance
  • 40. Multi tenant
    Infrastructure
    Corporate 4
    Corporate 3
    Corporate 2
    Corporate 1
    …infrastructure is shared by many corporations (tenant)
  • 41. Will vulnerabilityin one company
    affect others in the cloud?
  • 42. Cloud Providers use
    isolationtechniques
    Data Isolation
    Virtualization
    Computing Isolation
    a vulnerability in one tenant has little impact on other tenants
  • 43. Identity
  • 44. Unwanted guest
    Employees
    Cloud Computing
    Suppliers
    Customers
  • 45. Potential External Entry Points
    Web SiteHTTP(S)
    Database
    Queue
    Web ServicesHTTP(S)
    Custom
    Blob(Files, Docs)
    Worker VM
    XYZCorp.com
  • 46. Typical access to a web site
    hosted in the Cloud
  • 47. Example of
    astronger authentication process
    for sensitive web site
    A8KP
  • 48. Accessing other Cloud Services
    (Example)
    Address
    https://aservice.mycloudprov.net
    Key2
    Key1
    R3ZhU3xAmLIEAnRRyiMHx…
    xFAlNx4VeRDGQgSQI…
  • 49. Control which networkor machineshave access
    98.237.178.63
    83.231.32.17
  • 50. Let’s look at from
    cloud infrastructure provider’s
    perspectives
  • 51. TypicalSLAs to compete
    around
    99.95
    % uptime
  • 52. It is in their best interest to
    maintain reputation,
    best security practice
    their business depends on it
  • 53. Headlines they try hard to avoid
    Data is stolen from ….
    …. has been down
    since yesterday
    Security breach at data center….
  • 54. Should you migrate all to Cloud?
  • 55. NO
    Cloud Computing
    is still at infancy
  • 56. Trust is Always Earned,
    NeverGiven
    ---R. Williams
  • 57. Migrate
    non-critical business operations,
    departmental level data first
    and Observe!
    Enterprise
  • 58. It’s not as difficultas you think
    simplicity, agility and elasticity
    (another topic for further discussion)
  • 59. Excited about new possibilities in
    cloudspace?
  • 60. Follow discussions and
    presentations on
    facebook
    “I’m Cloud Confused”
    http://www.facebook.com/pages/Im-Cloud-Confused/219897591208?ref=ts
  • 61. You
    Us
    10simple questions,2minutes to completehttp://surveymonkey.com/s.aspx?sm=NrndNTZkoG6j8BWJYejC1g_3d_3d
    Will Publish Results on
    facebook
  • 62. Want to try Cloudfor your business now ?
    Only a few minutes to setup
    http://www.slideshare.net/Guppers/guppers-3-minute-walkthrough
  • 63. For more presentations like this, visit,
    follow, subscribe to:
    Blog: http://www.andyharjanto.com
    Twitter: http://twitter.com/harjanto
    Contact: andy@guppers.com

×