Panel: Virtual World with Virtual Risks. Can it be Cloudy and Clearly Secure?


Published on

As companies migrate to the virtual datacenter, executives must deal with security, audit, and visibility of their environment which has grown beyond their physical datacenter. Because of this, hesitancy remains and many questions are still being asked. What is a next-gen datacenter? What changes as businesses take steps toward a hybrid datacenter? When they move to a virtualized environment, how does their data remain secured and in their control? Will encrypting data in this environment achieve visibility and control of who is accessing it? Plus despite more knowledge on virtual risks, cloud services are still being purchased without authentication, adopting cloud first and then thinking about security second. So how can organisations win the struggle with authentication in the cloud?

Join your fellow professionals for this lively and insightful discussion providing a complete vision on virtual risks in a virtual world. Then understand a way to manage risk, maintain compliance, accelerate and protect business from evolving security threats.
Panelists: Gargi Mitra Keeling, VMware; Jofre Palau, Vodafone; Patrick McBride, Xceedium, Leonor Martins, SafeNet
Moderator: Jason Hart, SafeNet
Watch the full webcast:

Published in: Technology, Business
1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • Talk to the current challenges of IT today. I tend to lean toward operational efficacy and pressures from the business. These pressures are driving IT to become more like IS and offer a service.
  • This would make you think that there is some activity going on to making things better …. But …
  • This would make you think that there is some activity going on to making things better …. But …
  • As today’s network has changed, network perimeters have increasingly dissolved. Instead of protecting an ineffective perimeter, SafeNet enables you to protect the data itself.
  • Panel: Virtual World with Virtual Risks. Can it be Cloudy and Clearly Secure?

    1. 1. Insert Your NameInsert Your TitleInsert DateVirtual World with VirtualRisks. Can it be Cloudy andClearly Secure?Jason Hart – VP, Authentication and Cloud Visionary, SafeNet - ModeratorPanellists:Gargi Mitra Keeling, Group Product Manager, Networking and Security, VMwareJofre Palau, Principal Product Manager, Security, VodafonePatrick McBride , VP Marketing, XceediumLeonor Martins, Principal Solutions Specialist, Virtualization & Cloud, SafeNetPANEL SESSION
    2. 2. IntroductionsJason Hart – Moderator. VP, Authentication and Cloud, SafeNetPanellists: Gargi Mitra Keeling, Group Product Manager, Networking andSecurity, VMware Jofre Palau, Principal Product Manager, Security, Vodafone Patrick McBride , VP Marketing, Xceedium Leonor Martins, Principal Solutions Specialist, Virtualization &Cloud, SafeNet
    3. 3. Agenda Meeting Format Introduction and Welcome 3 questions for the panel discussion 3 polling questions for the audience Quick analysis of results Summary Q & A
    4. 4.  With the adoption of cloud and migration to thevirtual data center, do you believe customers areaware of the virtual risks? What do you see as the cause of the hesitancyremaining in customers? Do customers realise they are in the cloud/hybridcloud ie. SFDC, Dropbox etc?Question 1
    5. 5. Today’s issues Data breaches are rampant Data is moving everywhere The approach to protecting data must change
    6. 6. State of Data Security2012: 855 data breachincidents 174 millionrecords affected Second-worstyear ever*Based on a SafeNet Survey of 800+ security professionals.Source: 2012 Verizon Data BreachInvestigations Report
    7. 7. What are your main concerns or reasons forhesitation to move into the cloud? Compliance Loss of control OwnershipPolling Question 1
    8. 8. State of Data SecuritySecurityprofessionalsbelieve they willsuffer a breach.*Based on a SafeNet Survey of 800 security professionals.
    9. 9. State of Data SecurityOrganizationscontinue to relyon the sametechnologies.*Based on a SafeNet Survey of 800 security professionals.
    10. 10. State of Data SecurityDoubt in securityindustry’s abilityto detect andprevent breaches.*Based on a SafeNet Survey of 800 security professionals.
    11. 11. State of Data SecurityRecognition that ifperimetersfailed, high value datawould not be safe.*Based on a SafeNet Survey of 800 security professionals.
    12. 12. A new prescription for the“Secure Breach” era• Its time to try something new…Introspection• You can’t prevent a perimeter breach…Acceptance• Know your enemies and what they areafter…Understanding• Protect What Matters…THE DATA!Action
    13. 13. What are your beliefs on a new securityparadigm, ie. no perimeter existing and securingthe actual data, instead of the vector which nolonger exists?• Breach acceptance and securing the data in viewof:• 800 IT professionals surveyed globally• Survey shows they are continuing to secure theperimeter and not the data, although they are expectinga breachQuestion 2 and discussion points
    14. 14. Verizon’s annual Data BreachInvestigations Report (DBIR) published lastweekQuoted from the report:“Not one breach in this sample happened to data that was„in transit‟. In fact, two-thirds of breaches involved data „atrest‟ (in databases and on file servers), and the rest wasbeing processed when compromised.”Question 2 discussion points
    15. 15. Verizon’s annual Data Breach InvestigationsReport (DBIR) published last week, 80% of data-breaches could have been eliminated just by usingstrong-authentication.Quoted from the report:“So, it really comes as no surprise that authenticationbased attacks (guessing, cracking, or reusing validcredentials) factored into about four of every fivebreaches involving hacking in our 2012 dataset. …Question 2 discussion points
    16. 16. • Many threats are invisible:• insider threats and passwords have beencompromised for a considerable time and thedata exposed, without the organisation beingawareQuoted from the Verizon report: “... 66% of thebreaches in our 2013 report took months or even years todiscover (62% months, 4% years).”• What is your view on Killing the Data?Question 2 discussion cont...
    17. 17. Polling question 2 Where/why do you think your databreach would occur?• Data center/Virtual data center• Unapproved hardware• Weak credentials• Phishing attacks• Insider threat/disgruntled employees18
    18. 18. Should it be mandatory for a cloud providerto make 2 Factor Authentication an option?• Cloud alliance sets standards. Should this be astandard?• Should it be clients choice to enable 2FA?Question 3 and discussion points
    19. 19. Polling question 3 If you had the option to enable 2Factor AUT for a cloudapplication, would you use it?20
    20. 20. Summary Where encryption can be deployed The implications of each of those places The types of threats associated with thoselocations The importance of Key Management
    21. 21. Protect the target, not the perimeter Controlling access to resources:authentication At the core: key management, keyvaulting, root of trust In the data center:databases, applications, mainframes, and storage Into the cloud: virtualservers, applications and storage
    22. 22. The Importance of Key Management Your data is only as secure as your keys Keys (and data) may have a life of many decades Disaster recovery support is essential Policy driven with role management Key rotation/Rekeying Secure destruction Auditing System recoverIf your data is now encrypted, then losing the keyswould be a significant and unrecoverable disaster!
    23. 23. Who We AreTrusted to protect the world’s most sensitive data forthe world’s most trusted brands.We protect the mostmoney that moves inthe world, $1 trilliondaily.We protect the most digitalidentities in the world.We protect the mostclassified informationin the world.FOUNDED1983REVENUE~330mEMPLOYEES+1,400In 25 countriesOWNERSHIPPrivateGLOBAL FOOTPRINT+25,000Customers in100 countriesACCREDITEDProducts certifiedto the highestsecurity standard
    24. 24. Follow SafeNet on Social Media [Blog] @safenetinc
    25. 25. Thank you for attendingAny questions?