Successfully reported this slideshow.

4B - Is the cloud safe - Ed Zedlewski


Published on

Published in: Economy & Finance
  • Be the first to comment

  • Be the first to like this

4B - Is the cloud safe - Ed Zedlewski

  1. 1. Is the cloud secure?Ed Zedlewski, CIO, Eduserv
  2. 2. Cloud defined…Cloud computing is a model for enablingubiquitous, convenient, on-demand network accessto a shared pool of configurable computing resources(e.g., networks, servers, storage, applications, andservices) that can be rapidly provisioned andreleased with minimal management effort or serviceprovider interaction. [National Institute of Standards and Technology]
  3. 3. Cloud defined…On-demand self-service SaaSBroad network access PaaSResource pooling Private CloudRapid elasticity Community CloudMeasured service Public Cloudconsumption Hybrid CloudIaaS
  4. 4. Cloud defined…I want to buy only the computing I need, when I need it
  5. 5. What is Cloud Security? I want my information and my servicesprotected from the bad guys and from accidents
  6. 6. What could possibly go wrong?
  7. 7. Cloud scepticism• 37% of businesses cite security concerns• 13% (and rapidly rising) complexity of IT systems integration• 13% resistance to change
  8. 8. … yet growth in cloud services isrising faster than ever• 71% of local government organisations are using cloud computing• 37% of local government are currently using cloud applications• UK adults accessing the internet through a mobile device doubled between 2010 and 2012: source: Ofcom
  9. 9. Who is looking after yourservice at 03:00 hours?
  10. 10. Is the security model fit for purpose?
  11. 11. Do you have effective MIand understand your risks?
  12. 12. Where is your data?
  13. 13. How do you access your cloud service• 8bn people• 12bn MID• 2bn houses• 2bn TV’s• 1.5bn bicycles• 1bn cars
  14. 14. How secure is your own IT shop?• You will be subject to the same security challenges• Do you have all the necessary skills• Are you prepared to pay the cost of providing service elasticity
  15. 15. Increase in cyber-attacks (twice the level seen in 2010)On average 54 significant attacks by an unauthorisedoutsider were made on each large organisation in thelast year
  16. 16. Security breaches by staffComputer fraud; data loss; regulatory breaches; lack ofeducation about security• 19% of organisations suffered staff IT fraud• 20% of small businesses lost confidential data
  17. 17. Security Investment?67% of large organisations expect more securitybreaches next year50% of large organisations expect to spend more onsecurity next yearThe challenge is getting value from the investment
  18. 18. MYTH: An in-house (xxx) server is moresecure than a hosted solutionTRUTH: for a business without dedicated, in-house IT Professionals to monitor the security ofits network, in-house server solutions have lessphysical security, digital security and backupsecurity than hosted solutions
  19. 19. MYTH: An in-house solution offersmore control than a Cloud solution• Maybe, but is this good or bad?• Who is counting the cost of change?• Heavy customisation increases cost and reduces reliability• Application servers are very complex, requiring high levels of skill 24x7• Often cloud services abstract complexity
  20. 20. So what’s the difference?• Robust authentication & authorisation• Applications need to be architected for cloud deployment - Never trust user input - Encode all output• Consider data encryption• Effective service and contract management
  21. 21. Professionally built cloud services• Offer flexible levels of performance & security• Security designed in (not bolted on)• High availability designed in• Are monitored 7x24x365• Expertly managed - Delivering appropriate CIA
  22. 22. Questions?Ed Zedlewski, CIO, 470431Or visit the Eduserv stand