Your SlideShare is downloading. ×
Lss implementing cyber security in the cloud, and from the cloud-feb14
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Lss implementing cyber security in the cloud, and from the cloud-feb14

167
views

Published on

This presentation outlines how security can be implemented in the cloud. …

This presentation outlines how security can be implemented in the cloud.

Published in: Business

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
167
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Implementing Cyber Security In & From The Cloud LS Subramanian niseindia.com
  • 2. Today’s AgendaCloud Security Alliance (CSA)CSA’s“ Security Guidance for Critical Areas of Focus in Cloud Computing V 3.0”Cyber Security Solutions in the Cloudand from the cloud.
  • 3. About the Cloud Security Alliance• Global, not-for-profit organization• Over 23,000 individual members, 100 corporate members, 50 chapters• Building best practices and a trusted cloud ecosystem• Agile philosophy, rapid development of applied research – GRC: Balance compliance with risk management – Reference models: build using existing standards – Identity: a key foundation of a functioning cloud economy – Champion interoperability – Enable innovation – Advocacy of prudent public policy “To promote the use of best practices for providing security assurance within Cloud Computing, and provide education on the uses of Cloud Computing to help secure all other forms of computing.”
  • 4. CSA - Initiativeshttps://cloudsecurityalliance.org/research/ Copyright © 2011 Cloud Security Alliance
  • 5. HOW DO WE BUILD THE “TRUSTED CLOUD?”…• Strategy• Education• Security Framework• Assessment• Build for the Future Copyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.org
  • 6. Security Guidance forCritical Areas of Focus inCloud Computing V3.0 Prepared by theCloud Security Alliance
  • 7. What is Cloud Computing?
  • 8. CSA Security GuidanceCloud Computing Architecture
  • 9. CSA Security Guidance What is Security for Cloud Computing?Understanding the impact of these differences betweenservice models and how they are deployed is critical to managing the risk posture of an organization.
  • 10. CSA Guidance Domains Architecture1. Cloud Computing Architectural Framework Governing in the Cloud2. Governance & Enterprise Risk Management3. Legal Issues : Contracts & Electronic Discovery4. Compliance & Audit Management5. Information Management & Data Security6. Interoperability & Portability
  • 11. CSA Guidance Domains Operating in the Cloud7. Traditional Security, Business Continuity & DR8. Data Center Operations9. Incident Response10. Application Security11. Encryption & Key Mgmt12. Identity & Access Mgmt13. Virtualization14. Security as a Service
  • 12. CSA - Trend Micro Partnership Founding Sponsor of CSA’s HQ in APAC Chair of the CSA Executive Council Sponsor one global CSA research project Sponsor of all CSA events in APAC Update from all CSA Chapters in APAC CCSK certification for Trend Micro cloud security experts Engaging regional key stake holders including government, legal experts, service providers, technology providers and consumers. Customizing/developing relevant best practices and standards for the APAC market. Centre of excellence for research and training. Establishment of global standards secretariat within APAC
  • 13. Cyber Security Solutions in the Cloud and from the cloud
  • 14. Who Has Control? Servers Virtualization & Public Cloud Public Cloud Public Cloud Private Cloud’’’’’ IaaS PaaS SaaS End-User (Enterprise) Service Provider Trend Micro Confidential 2/26/2013 Copyright 2009 Trend Micro Inc.
  • 15. SecureCloud: Enterprise ControlledData Protection for the Cloud Patent pending Trend Micro technology enables enterprises to retain control of data in the cloud Trend Micro Confidential2/26/2013 Copyright 2009 Trend Micro Inc. 15
  • 16. A New Security Architecture For A New Era All environments should be considered un-trusted Users access app Deep SecurityDatacenter SecureCloud: • Facilitates movement between Public Cloud datacenter & cloud • Delivers control, security and compliance through encryption • Host defends Avoids service provider lock-in • itself from attack Enables secure storage recycling SecureCloud Data encrypted within the server Encryption keys controlled by you Encrypted Data Data Data Copyright 2009 Trend Micro Inc.
  • 17. CNAM – Real Time Attack DetectionARCHITECTURE
  • 18. CNAM – Real Time Attack DetectionTOPOLOGY
  • 19. CNAM – Real Time Attack DetectionMODEL
  • 20. Acknowledgement All ownership and credits for pictures, logos copyright and trademarks rests with the owners. We Acknowledge & thank owners for the use of theirmaterial in this presentation to educate on cloud computing. Material for this presentation has been sourced from CSA, NIST & Trend Micro & Net Monastery & others. We thank the organizations for allowing us to use this material.
  • 21. The Future of Computing is the Cloud lssubramanian@niseindia.com