2. • Currently working as an iOS Developer
• Admin of Mobile Device Management System
• Admin of On-premise Private Cloud Storage and File
Sharing System
3. Cloud Computing : A model of provision and marketing IT
services that meet certain characteristics
• The infrastructure is shared.
• The services are accessed on demand in
units that vary by service
• Services are scalable
• The pricing model is by consumption.
• Services can be accessed from anywhere in the world by
multiple devices.
4. Offer IT Services
to any customer
over the internet
Offer IT Services
to a predefined
group of
customers, with
access through
internet or
private networks
5. The cloud IT service are grouped into three categories:
• Infrastructure as a Service (IaaS): Provides the processing
environment.
• Platform as a Service (PaaS): Provides an environment for
developing and running applications.
• Software as a Service (SaaS): The software service provide
functionalities that solve user problems. Cloud storage
and share services, Office automation are SaaS examples.
6. Cloud file sharing services is
a type of SaaS and enables
users securely share data
with other designated users.
Cloud storage means the
storage of data online in
cloud in which a company’s
data is stored in and
accessible from distributed
connected resources.
Four types of cloud storage
exist; Personal, Public,
Private and Hybrid
7. Personal Cloud Storage: (Mobile Cloud Storage)
subset of public. Stores individual’s data and
provide access from anywhere. Enables data sync
and share across multiple devices.
Public Cloud Storage: Enterprise and cloud service
provider are separate. Cloud provider fully manages
Private Cloud Storage: Cloud provider has infrastructure in
the enterprise data center managed by Cloud provider.
Another form is On premise Private clouds in which
• Cloud storage is totally installed in enterprise data center
• Gives an option to managed it by enterprise
Hybrid Cloud Storage: Combination of public and private.
Critical data resides in enterprise. Other data is stored in
public storage
8.
9.
10. • A tool named “iDict”
can bypass two factor
authentication
• The only requirement
is iCloud username
(i.e. email address)
11. • Apple fixed the security flow
after two days.
• Again advising users to change
simple passwords
• Someone’s iCloud data
probably leaked again.
12. The Files are stored in the cloud
You need to have Office 365 business subscription
Have some problems with data integrity
13. • What gets synced to the cloud
generally not the same as what gets
synced back from the cloud
• 8 KB sized file extensions added
after sync.
• Date modified attribute left
unchanged although file size
changed.
• Same test done on other provider
(like BittorrentSync). It is found that
Data integrity is preserved in other
provider.
14. • The exchange account credentials (username
and password) is stored in the cloud without
notice.
• The test done by us shows that after changing
email password, the application can receive and
send emails for duration of 8 hours.
• If you have a policy stating that credentials must
only reside in company servers, then the app
breaks your security policy without notice.
15. • Means that files are encrypted so that they can only
accessed by those with the keys
• The files are stored in the cloud are “locked vaults”
• The content in the locked vaults is only accessible to those
who locked them.
16. • Encryption : The process of encoding messages in a way that
only authorized can read it
• Encryption key : The key used to transfer the plain text file to
encrypted file and vice versa
• Encrypt in transit : The act of encrypting data when it is
uploaded to a Cloud service
• Encrypt at rest : The act of encrypting data once it is stored
on the servers of a Cloud service
18. • At Zero knowledge cloud
services, the files encrypted
locally and then synced to
the cloud.
• Users keep the keys and
cloud vendors cannot
access the actual content.
• Files are encrypted end to
end
19. Duane Wilson
• If data is sent via the cloud
service without user
downloading it on to their
system (i.e. using a web
browser), the vendors have
an opportunity to view it.
• The research examines
Zero knowledge vendors
(Spider Oak, Wuala and
Tresorit)
Recent study shows that;
20. Some of the cloud providers (Tresorit, Wuala and
SpiderOak) that examined in the paper agree some
aspects and encourages customers to use the desktop
application to transfer files instead of doing so through
the cloud’s web portal.
Cloud Application
Cloud Web Portal
IF YOU SHARE
23. • Look for public
cloud storage apps
through MDM
system
• Check also for
iCloud like device
embedded cloud
storage services
• Observe how user’s
consume such apps
and understand the
purpose.
24. In terms of cloud storage, we believe that the solution
should;
• Be deployed on premise
• not need a vpn for secure connection
• Take backup of various devices such as mobile, laptop
• Allow monitoring all sharing and backup activities
• Have mobile apps at least good as the free one in
terms of mobile user interface design and utilize
touchID like security features
25. We assume that the on-premise deployment offering is
chosen
• Data and management modules should be
separated
• Data account size limits should be determined
carefully
• Testing the solution’s mobile apps and web portal
security is crucial
26. • The newly deployed cloud system probably will have
different interface than usual free cloud offerings.
• The cloud thing is still new to many enterprise users.
Online education if needed onside training
Education of the end user is critical as;
27. • Block apps having security flaws in mobile devices using
MDM from end to end
• Prevent usage of embedded cloud storage in mobile
devices.
• Block the communication of the services in the firewall side.
You can assess the success of the mobile strategy in these
phase :
If enterprise users able to use newly deployed secure cloud
storage without hassle, then the strategy works flawlessly.