Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Jak využít cloudu pro zvýšení bezpečnosti vašeho IT

324 views

Published on

Prezentace z konference Virtualization Forum 2019
Praha, 3.10.2019
Sál A

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Jak využít cloudu pro zvýšení bezpečnosti vašeho IT

  1. 1. www.thalesgroup.com Jak využít cloudu pro zvýšení bezpečnosti vašeho IT a pohodlí koncových uživatelů Petr Kunstát Thales CEE
  2. 2. 2 Thales & Gemalto: A New Profile Does not include externally financed R&D. 80,000employees *Based on Thales and Gemalto reported 2017 consolidated income statements. 68Countries global presence €1bn+self-funded R&D* 2017 Our team Around the world Innovation €19bn A balanced revenue structure Revenue* around 60% Civil 40% Defence
  3. 3. 3 The Reality The Perception 94% of enterprises say their perimeter security technology is quite effective at keeping unauthorized users out of their networks. of enterprises aren’t confident their data would be secure after a breach. Source: 2017 Gemalto Data Security Confidence Index report 65%94% Would your data be secure after a breach?
  4. 4. 4 With no defined perimeter in the digital world, it’s time for a fundamental shift in the security paradigm… …by moving security closer to what matters most – Data and Identities
  5. 5. 5 Move security beyond the perimeter to defend what’s really under attack OWN & SECURE ENCRYPTION KEYS
 • Manage key lifecycle • Store keys securely • Manage cryptographic resources CONTROL ACCESS • Manage and ensure appropriate access to resources across enterprise environments • Provide strong multi-factor authentication to corporate resources ENCRYPT SENSITIVE DATA • Secure data at rest and data in motion • Secure data across cloud, virtual, and on-premises environments
  6. 6. 6
  7. 7. www.thalesgroup.com Využijte „cloud“ chytře a mějte data zabezpečená
  8. 8. 8 IDENTITY THEFT UNENCRYPTED DATA Main cause of attacks Main cause of damages 69% of breach incidents came from identity theft 95% of breaches involved unencrypted data The main causes of cyber threats
  9. 9. 9 Data a jejich hodnota na trhu
  10. 10. 10 Co přinesla adopce cloud aplikací ▌Uživatel • Frustration or Same Passwords • PW Fatigue • Security work arounds ▌IT Admin • PW resets • Security risk • Lack of visibility
  11. 11. 11 SSO v hybridním IT postředí ▌Uživatel • Convenient and hassle free ▌IT Admin • Security risk: if the credential is compromised, all apps will be vulnerable • Visibility: Can’t track which apps are being accessed and when
  12. 12. 12 SSO + MFA + IT Control = Win-Win pro uživatele a IT ▌Uživatel • Authenticate once and step up only when required ▌IT Admin • Set the access policy per cloud app • Get visibility on who is accessing what, when and how • Maintain security, reduce PW workarounds
  13. 13. 13 SafeNet Trusted Access APPLY ASSESS Assess which access policy should be applied Apply appropriate access controls, with smart single sign on IDENTIFY Validate user’s identity 1 23 • SafeNet Trusted Access allows organizations to manage access to cloud applications by validating identities, determining levels of trust and applying appropriate access controls each time the user accesses a cloud service. OTP PushSMS Hardware PKI Biometric
  14. 14. 14 Windows Integrated Authentication and PKI adoption ▌ SafeNet Trusted Access can use Windows login to the enterprise As an authentication factor in the SSO session ▌ Enhances convenience: No need to authenticate again after logging in with your Windows domain password
  15. 15. 15 Thales © 2019 All rights reserved. Thales Group Internal Encryption Risk Mitigation vs Deployment Complexity Transparent Encryption Complexity&Security Application Crypto Suite Full Disk Encryption (FDE) Encryption Technologies Application/ Database File System Disk Risks Mitigated Database Admins, SQL Injections External threats, Privileged User Abuse Only Protects Media from Theft
  16. 16. 16 Thales © 2019 All rights reserved. Thales Group Internal Key Management Server FIPS 140-2 Level 1,2 & 3 Key Management Single Platform – Multiple Solutions Big Data Encryption • Hadoop, NoSQL • Teradata, SAP Hana • Encryption, Admin Access Control • Data de-identification Application Encryption • Easy application integration • Integrates .NET, Java & C • PKCS11 APIs • FPE and AES256 support FileEncryption BigData AppEncryption Key Management • Specialized Key Management • Key Escrow for Oracle/SQL TDE • KMIP/PKCS Key Manager • Third Party Key/Certificate Vault Unstructured FilesStructured Databases Security Intelligence • ArcSight, Splunk, Intel Security, etc. • Export to any SIEM • Compliance reporting • Accelerate threat detection SIEM Tokenization with Dynamic Data Masking • Format preserving tokenization • Dynamic data masking • REST API – standards based • Vaultless Apps Cloud Big Data Name: Jon Dough SS: 123-45-6789 PO: Jan395-2014 Data at Rest API Tokenization KeyMgt CipherTrust Cloud Key Manager • IaaS and SaaS key management • On-premise or as a Service • Support for Azure, AWS, Salesforce • Key revocation when YOU need it CloudKeys Transparent Encryption • Volume, folder, file level encryption • Granular access control
  17. 17. Thales Group InternalThales © 2019 All rights reserved Thank you

×