3. #IBMCloudTour16
3
• Identity and access control
• Data protection
• Application security
• Network security
Security in a
Cloud Context
4. #IBMCloudTour16
4
• Lack of visibility
• Shadow IT
• Mobile and IoT
• Ungoverned collaboration
Cloud Specific
Threats
5. #IBMCloudTour16
5
• Assess security & business needs
• Match environment to data
• Integrate operational security
• Detect and control shadow IT
• Manage mobile device security
• Use cognitive
Actions
6. #IBMCloudTour16
6
Brief Cloud Security Checklist
• IaaS
• Redundant, standards compliant, data centers
• Dark fiber private network
• Trusted computing platform
• PaaS and SaaS
• Support managing identity from the enterprise
• Strong APIs
• Overall Cloud Environment
• Strong provider access and compliance controls, SOC 1 and SOC 2 compliance
• Additional provider certifications: ISO 27001, PCI, HIPAA, FISMA NIST, CSA, CSCC
• Support mobile security linkage
• Cloud provider security ecosystem; integrates with security vendor products