Your SlideShare is downloading. ×
0
Cloud Security - Made simple
Cloud Security - Made simple
Cloud Security - Made simple
Cloud Security - Made simple
Cloud Security - Made simple
Cloud Security - Made simple
Cloud Security - Made simple
Cloud Security - Made simple
Cloud Security - Made simple
Cloud Security - Made simple
Cloud Security - Made simple
Cloud Security - Made simple
Cloud Security - Made simple
Cloud Security - Made simple
Cloud Security - Made simple
Cloud Security - Made simple
Cloud Security - Made simple
Cloud Security - Made simple
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Cloud Security - Made simple

1,133

Published on

Cloud security is must for any of the IaaS, PaaS, SaaS or CaaS initiative. this presentation aims to simplify the concept of cloud security with clear steps to achieve it. It also summarize the …

Cloud security is must for any of the IaaS, PaaS, SaaS or CaaS initiative. this presentation aims to simplify the concept of cloud security with clear steps to achieve it. It also summarize the controls required to implement cloud security.

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,133
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
80
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Cloud SecurityCloud Security sameer paradia sameer paradia
  • 2. Goals 1. Brief on Cloud Computing 2. Security Threats  2 Security Threats 3. Framework  4. Controls   4. Controlshttp://www.flickr.com/photos/tomhaymes/321292834/
  • 3. Understand Cloud Cl d
  • 4. Essential CharacteristicOn‐Demand Lowered requirement to  forecasts Lowered requirement to forecasts Demand trends are predicted by the  providerUsage‐metered Usage metered Pay‐by‐the‐realtime use Self‐service from pool of resources Resources managed by consumer  Resources managed by consumer with a GUI or APIElastic Scalability Grow or shrink resources as required Grow or shrink resources as requiredUbiquitous  Network The network is essential to use the  service ser i e
  • 5. Beyond basic..Modes of Deployment p S i Services Types Compute Storage IaaSDeployment Network Datacentre  models Web 2.0 Applications  Public cloud S PaaS Runtime Development tools Business  Hybrid cloud Middleware Database Java Runtime Private cloud Pi t l dCommunity cloud Collaboratio ERP / CRM aS n Saa Business  Enterprise  Processes Applications
  • 6. Security Threat Thr t
  • 7. Lots of noise on....Cloud Security?...how do we simplify it how it... http://www.flickr.com/photos/purpleslog/2870445256/in/photostream/
  • 8. It is same As current InfoSec practice You have to take the ha e same approach as current ISMShttp://www.flickr.com/photos/pheckaboolala/3410638119
  • 9. Cloud Security• What is it? – Protection of your information in Protection of your information in  cloud• Why is critical? – Your information is at central  unknown place in cloud – No visibility of security measures in No visibility of security measures in  Public cloud• Impact of breach  on business? – Lack of Compliance  k f li – Legal issue – Breach of privacy Breach of privacy http://www.flickr.com/photos/nigeljohnson73/6788941421
  • 10. Threats in XaaS Threats in XaaS Models• SaaS:  – Built in security functionality Built in security functionality – Least consumer extensibility – Relatively high level of integrated security• PaaS – Enable developers to build their own applications on top of the platform – M More extensible than SaaS, at the expense of customer ready features ibl h S S h f d f – Built in capabilities are less complete, but there is more flexibility to layer on additional  security• IaaS  – Few  application‐like features,  – Enormous extensibility – Less integrated security capabilities and functionality beyond protecting the  infrastructure itself  – Assets to be managed and secured by the cloud consumer
  • 11. Security Framework Fr rk
  • 12. 1. Identify asset  2. Assess impact  3. Map the asset  to c oud y to cloudify o ta se g of transferring  to potential  to potential a) Data assets on cloud  cloud  b) Applications on business in  deployment  case of breach  case of breach models Security Framework 4. Evaluate  5. Evaluate the  controls in  Dataflow , to  ata o , to each of Iaas/  understand the  Paas/ Saas flow  layer  y depending  upon asset
  • 13. Cloud Controls C tr l
  • 14. 3 Dimensions of cloud security Business  IT Assets  Risk  Criticality  C iti lit in cloud i l d Assessment A t For achieving robust and practical security consider all 3 perspective
  • 15. Types of Controls Types of Controls Governance G Operational O ti l (Strategic)  (Tactical) • Risk Management  • BCP/ DR• Legal & Electronic  • Data centre  Discovery Operations• Compliance/ Audit • Incident • Information Life  Management  M t cycle management  • Application security• Portability and Portability and  • Encryption Encryption  Interoperability • Identity & Access  Management  Management • Virtualization 
  • 16. Implement Controls• Possible controls – Layered security  – facilities (physical security) – network infrastructure(network  t ki f t t ( t k security) – IT systems (system security) – information and applications  (application security).• IaaS Cloud provider : IaaS Cloud provider :  – address security controls such as  physical security, environmental  security, and virtualization security it d i t li ti it• SaaS – Addresses upto Application layer Addresses upto Application layer http://www.flickr.com/photos/telstar/2816038167
  • 17. Summary• Consider three perspective‐ Assets, Risk management and  Business criticality • Cloud as an operational model  neither  provide for nor prevent  p p achieving compliance • Selection of control depends on  the service and deployment model the service and deployment model• Control varies depending on  the  design, deployment, and  management of the resources f h• Most of Security controls in cloud  are, same as normal IT  environment http://www.flickr.com/photos/isadocafe/2095153000/
  • 18. Sameer Paradia – CGEIT, CISM, CISSP(sameer_m_paradia@yahoo.com)Practicing IT Security for 12+ y g y years out of 20+ y years of IT Services/ Outsourcing work experience. g p http://www.flickr.com/photos/forgetmeknottphotography/7003899183/sizes/l/in/photostream/

×