Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

In Cloud We Trust


Published on

Security and privacy are the major concerns for many companies to move forward with cloud computing. This presentation describes a few security and privacy issues related to cloud computing and where we as industry addressing these issues.

Published in: Business, Technology
  • Be the first to comment

In Cloud We Trust

  1. 1. InCloud<br />WeTrust<br />Not so fast!<br />“I’m Cloud Confused” series<br />
  2. 2. If you’re new to Cloud Computing, <br />or just confused…<br />Please try<br /><br />
  3. 3. the biggest Cloud Computing <br />concerns are…<br />Security <br />Privacy<br />
  4. 4. Fundamental Question<br />Is Cloud Computing<br />security weaker<br />than <br />EnterpriseSecurity? <br />
  5. 5. a Typical Reaction<br />when asks about security <br />SHA256<br />X.509<br />Salt<br />AES<br />PKCS<br />IV<br />DES<br />
  6. 6. the street<br />Security is….<br />Boring<br />Heard it on<br />Complex<br />Hacker stuff<br />Kills usability<br />Necessary Evil<br />Complicates my life<br />
  7. 7. Let’s make it simple<br />Child Play<br />
  8. 8. Let’s pick a simple story<br />You worked hard this year, <br />you bought a pile of gold bars<br />
  9. 9. Where should you storethem? <br />House?<br />Bank?<br />Your House<br />Your Bank<br />
  10. 10. What does this thief think?<br />…<br />
  11. 11. Plenty of valuableassets, <br />but it may have elaborate <br />securityprotection in place<br />Bank<br />
  12. 12. Some valuableassets,<br />security protection may not<br />as elaborate<br />House<br />
  13. 13. What would you do to boost<br />your protection? <br />
  14. 14. Yes, build layers of defense <br />
  15. 15. Put the fenceup<br />Put <br />
  16. 16. Install additional door locks <br />
  17. 17. Let’s also install alarmsystem <br />and surveillancecameras<br />
  18. 18. Feel Better? <br />
  19. 19. Oh, don’t forget about<br />adisasterplan <br />
  20. 20. Knock, knock<br />Who’s there?<br />
  21. 21. You control who hasaccessto your house<br />
  22. 22. And, pretty sure <br />yourinner circle won’t steal from you<br />
  23. 23. Let’s translate…<br />Corporate Data<br />IT Assets(Software, Hardware)<br />Employees<br />
  24. 24. You feel totally in control <br />
  25. 25. Whyin the world<br />you would give up control?<br />
  26. 26. ..and many eyes aim at big prizes<br />
  27. 27. when delegating security to other…<br />a few things to consider….<br />
  28. 28. It’s all about<br />It’s all about Trust<br />Trust<br />
  29. 29. Do you trust them that they’ll still be in the <br />business <br />tomorrow?<br />Help!<br />Ex-Cloud Provider will<br />work for Food<br />
  30. 30. Didn’t we see this before? <br />
  31. 31. Recommendation<br />Pick servicesthat are<br />backed by major players<br />
  32. 32. Data Lost <br />It is unlikely. <br />Reputable Cloud Providers copy data 3-4 times<br />
  33. 33. However, it is normal to store <br />highly value-able datain <br />two or more different cloud providers<br />Data<br />Service<br />replicated<br />replicated<br />Cloud Provider 1<br />Cloud Provider 2<br />
  34. 34. Data Privacy<br />Confidentiality <br />
  35. 35. Data in Transit<br />data<br />Internet<br />Cloud Provider <br />It can be secured using encryption technology, e.g. SSL<br />It is used especially for sensitive data<br />
  36. 36. Data at Rest<br />Cloud Provider <br />Biggest prize for attackers!<br />More and more cloud providers are developing nativedata encryption <br />Even if it is stolen, it will be useless for attackers<br />
  37. 37. You can pick whereyour data resides<br />
  38. 38. Physical Access <br />Cloud Provider<br />Data Center<br />
  39. 39. Security processes are typically <br />in place for physical access <br />Background Check<br />Two factor authentication<br />Intrusion detection system<br />Audit<br />Video surveillance <br />
  40. 40. Multi tenant<br />Infrastructure<br />Corporate 4<br />Corporate 3<br />Corporate 2<br />Corporate 1<br />…infrastructure is shared by many corporations (tenant)<br />
  41. 41. Will vulnerabilityin one company <br />affect others in the cloud?<br />
  42. 42. Cloud Providers use <br />isolationtechniques<br />Data Isolation<br />Virtualization<br />Computing Isolation<br />a vulnerability in one tenant has little impact on other tenants<br />
  43. 43. Identity<br />
  44. 44. Unwanted guest<br />Employees<br />Cloud Computing<br />Suppliers<br />Customers<br />
  45. 45. Potential External Entry Points<br />Web SiteHTTP(S)<br />Database<br />Queue<br />Web ServicesHTTP(S)<br />Custom<br />Blob(Files, Docs)<br />Worker VM<br /><br />
  46. 46. Typical access to a web site <br />hosted in the Cloud<br />
  47. 47. Example of <br />astronger authentication process<br />for sensitive web site<br />A8KP<br />
  48. 48. Accessing other Cloud Services<br />(Example)<br />Address<br /><br />Key2<br />Key1<br />R3ZhU3xAmLIEAnRRyiMHx…<br />xFAlNx4VeRDGQgSQI…<br />
  49. 49. Control which networkor machineshave access <br /><br /><br />
  50. 50. Let’s look at from<br /> cloud infrastructure provider’s<br />perspectives<br />
  51. 51. TypicalSLAs to compete<br />around<br />99.95<br />% uptime<br />
  52. 52. It is in their best interest to <br />maintain reputation, <br />best security practice<br />their business depends on it<br />
  53. 53. Headlines they try hard to avoid<br />Data is stolen from ….<br />…. has been down<br />since yesterday<br />Security breach at data center….<br />
  54. 54. Should you migrate all to Cloud? <br />
  55. 55. NO<br />Cloud Computing <br />is still at infancy <br />
  56. 56. Trust is Always Earned,<br />NeverGiven<br />---R. Williams<br />
  57. 57. Migrate <br />non-critical business operations, <br />departmental level data first <br />and Observe!<br />Enterprise<br />
  58. 58. It’s not as difficultas you think<br />simplicity, agility and elasticity <br />(another topic for further discussion)<br />
  59. 59. Excited about new possibilities in <br />cloudspace?<br />
  60. 60. Follow discussions and<br />presentations on<br />facebook <br />“I’m Cloud Confused”<br /><br />
  61. 61. You<br />Us<br />10simple questions,2minutes to complete<br />Will Publish Results on<br />facebook <br />
  62. 62. Want to try Cloudfor your business now ?<br />Only a few minutes to setup<br /><br />
  63. 63. For more presentations like this, visit, <br />follow, subscribe to: <br />Blog:<br />Twitter:<br />Contact:<br />