SlideShare a Scribd company logo

Cloud security - The Cloud is as Secure as you want it to be! - Indicthreads cloud computing conference 2011

IndicThreads
IndicThreads

Session presented at the 2nd IndicThreads.com Conference on Cloud Computing held in Pune, India on 3-4 June 2011. http://CloudComputing.IndicThreads.com Abstract:As part of this session I intend to provide a technical overview of how cloud computing can be made secure across various networks architectures and deployments such as (a) Security in public cloud deployments – data and application security. This will cover methods such as data encryption, multi tenancy, data wipeout, what type of data to place in public clouds, autentication methods. (b) Security by using public/private mix hybrid cloud deployments. This will cover using hybrid clouds effectively to segregate some portions of data in the public and some in hybrid and how a request can be moved across these. It would also cover options for enterprises to make their solutions secure. (c) Security features provided by current cloud vendors. (d) How a cloud deployer can ensure the solution they are providing is secure. Key Takeaway after this session: An understanding of various security solutions that developers, deployers, architects can use when using cloud computing solutions Speaker: Debashis Banerjee is a technology professional with 12+ years of expertise in development and leading global teams in development of Cloud, Security, Internet based and Telecom products. He is currently a Senior Engineering Manager with Yahoo! India.

Technology
1 of 13
Download to read offline
The cloud is as secure as you want it to be... Debashis Banerjee Yahoo! India 1
My son’s first day at school Catered Food on my anniversary party Money in my bank My seat on the plane 2
Today’s Journey Multi device Refresher to Cloud the cloud Security – Mobiles OTP, SMS Ensuring based multi your cloud Factor auth is secure Public, Private and Hybrid Secure Cloud Security APIs 3 Image: FreeDigitalPhotos.net
Cloud Computing - Refresher • Key aspects of using the cloud: Elasticity, On Demand, Multi Tenancy, Multi Device, Ability to measure Service • Type of Clouds - Public Clouds, Private Clouds, Hybrid Clouds, Community/Partner Clouds • Deployment models : SaaS , PaaS , IaaS 4
Key questions to ask about security? • What do you need to protect? Who are your users? • Where does your data live? How does it flow? What geographies? • What are your compliance, logging needs? • Is there SSO and Identity management in place? • Do you have a mix of physical , virtual, cloud? • Who pays for security? Who is accountable for what aspect of • security? • How do you react if a security breach takes place? 5
Ensuring your cloud solution is secure Identity Provider Strong Auth Secure Multi Ingress and Device Data Egress Security In backup Access Federated SSO Privileged Access Public Cloud Geo-Political Multi Tenancy Private Cloud Considerations Logging, Secure Data at Auditing rest, motion Compliance, Playback Enterprise Physical, Virtual and cloud resources Wipeout, 6 Encryption
Security in Public Cloud Deployments • Strong Identity management • Privileged Account Management • Place the appropriate type of data in the cloud • Have access to compliance and logging , auditing • Being a public cloud ensure you impose where you data can or cannot travel • Wipeout policies • Ensure you are comfortable with the security of multi tenancy • Secure keys 7
Security in the Private & Hybrid Cloud Private: • Design such that there is scope to move to a hybrid model • Impose SSO Hybrid: • Segregate your data between clouds • Use SAML and ensure appropriate enterprise credentials are within the perimeter • Have your Federation set up correctly. Enable SSO. • Ensuring enterprise credentials do not travel into the cloud 8
Multi Device Cloud Security – Mobile Phones • The mobile device as an extension of the Cloud • Secure Mobile Apps on the cloud. • On Cloud and On Device virus scanning • Seamless policies for mobile devices • Credential life cycle management • Secure Roaming Users 9
Multi Factor Auth – OTPs, SMS based Use OTPs effectively to protect your data access to the cloud GoldKey Multi Factor Auth – AWS/Gemalto 2 Factor Auth using SMS 10 Image: http://commons.wikimedia.org/wiki/File:RSA-SecurID-Tokens.jpg
Some APIs useful in cloud security • Safe Browsing API • VM Safe APIs 11
In Conclusion • Cloud Security is critical to succeed in the cloud • Choose Private / Public / Hybrid cloud & SaaS / PaaS / IaaS • Identity & Privileged User Management • Compliance, Certification and Logging • Consider Multi Device Scenarios • Use Strong Authentication 12
Remember your questions about security to 1. Your child’s school 2. Your anniversary party caterers 3. Your airline 4. Your bank And you won’t go wrong with the Cloud Security !!!! Image: FreeDigitalPhotos.net 13

Recommended

Debashis banerjee cloud_is_as_secure
Debashis banerjee cloud_is_as_secureDebashis banerjee cloud_is_as_secure
Debashis banerjee cloud_is_as_securedebashisb
 
Have content, will travel securely sharing mobile content in the cloud part II
Have content, will travel securely sharing mobile content in the cloud part IIHave content, will travel securely sharing mobile content in the cloud part II
Have content, will travel securely sharing mobile content in the cloud part IIProofpoint
 
Symantec Ubiquity
Symantec UbiquitySymantec Ubiquity
Symantec UbiquitySymantec
 
Symantec Advances Enterprise Mobility Strategy
Symantec Advances Enterprise Mobility StrategySymantec Advances Enterprise Mobility Strategy
Symantec Advances Enterprise Mobility StrategySymantec
 
Symantec Virtualization Launch VMworld 2012
Symantec Virtualization Launch VMworld 2012Symantec Virtualization Launch VMworld 2012
Symantec Virtualization Launch VMworld 2012Symantec
 
Winkler Cloud, ORCON, and Mobility
Winkler Cloud, ORCON, and MobilityWinkler Cloud, ORCON, and Mobility
Winkler Cloud, ORCON, and MobilityVic Winkler
 
Key2 share moosecon
Key2 share mooseconKey2 share moosecon
Key2 share mooseconHeinrich Seeger
 
Sxsw ppt voice-1
Sxsw ppt voice-1Sxsw ppt voice-1
Sxsw ppt voice-1Dan Miller
 

Recommended

Debashis banerjee cloud_is_as_secure
Debashis banerjee cloud_is_as_secureDebashis banerjee cloud_is_as_secure
Debashis banerjee cloud_is_as_securedebashisb
 
Have content, will travel securely sharing mobile content in the cloud part II
Have content, will travel securely sharing mobile content in the cloud part IIHave content, will travel securely sharing mobile content in the cloud part II
Have content, will travel securely sharing mobile content in the cloud part IIProofpoint
 
Symantec Ubiquity
Symantec UbiquitySymantec Ubiquity
Symantec UbiquitySymantec
 
Symantec Advances Enterprise Mobility Strategy
Symantec Advances Enterprise Mobility StrategySymantec Advances Enterprise Mobility Strategy
Symantec Advances Enterprise Mobility StrategySymantec
 
Symantec Virtualization Launch VMworld 2012
Symantec Virtualization Launch VMworld 2012Symantec Virtualization Launch VMworld 2012
Symantec Virtualization Launch VMworld 2012Symantec
 
Winkler Cloud, ORCON, and Mobility
Winkler Cloud, ORCON, and MobilityWinkler Cloud, ORCON, and Mobility
Winkler Cloud, ORCON, and MobilityVic Winkler
 
Key2 share moosecon
Key2 share mooseconKey2 share moosecon
Key2 share mooseconHeinrich Seeger
 
Sxsw ppt voice-1
Sxsw ppt voice-1Sxsw ppt voice-1
Sxsw ppt voice-1Dan Miller
 
Wayfs and Strays - Jonathan Richardson
Wayfs and Strays - Jonathan RichardsonWayfs and Strays - Jonathan Richardson
Wayfs and Strays - Jonathan RichardsonEduserv
 
Sophos Complete Security
Sophos Complete SecuritySophos Complete Security
Sophos Complete SecurityCTI Group
 
Security and Privacy in the AWS Cloud - AWS India Summit 2012
Security and Privacy in the AWS Cloud - AWS India Summit 2012Security and Privacy in the AWS Cloud - AWS India Summit 2012
Security and Privacy in the AWS Cloud - AWS India Summit 2012Amazon Web Services
 
Copyright and Technology London 2012: Content Identification - Werner Strydom...
Copyright and Technology London 2012: Content Identification - Werner Strydom...Copyright and Technology London 2012: Content Identification - Werner Strydom...
Copyright and Technology London 2012: Content Identification - Werner Strydom...GiantSteps Media Technology Strategies
 
Bapinger Network Security
Bapinger Network SecurityBapinger Network Security
Bapinger Network SecurityDjadja Sardjana
 
FaceTime - DSS @Vilnius 2010
FaceTime - DSS @Vilnius 2010FaceTime - DSS @Vilnius 2010
FaceTime - DSS @Vilnius 2010Andris Soroka
 
ekey+ Presentation
ekey+ Presentationekey+ Presentation
ekey+ PresentationCreus Moreira Carlos
 
Daniel künzli cloudgateway.next
Daniel künzli cloudgateway.nextDaniel künzli cloudgateway.next
Daniel künzli cloudgateway.nextDigicomp Academy AG
 
Smau Bari 2012 Marco Soldi
Smau Bari 2012 Marco SoldiSmau Bari 2012 Marco Soldi
Smau Bari 2012 Marco SoldiSMAU
 
Aus lug lotus protector
Aus lug lotus protectorAus lug lotus protector
Aus lug lotus protectoraosborne
 
Stronger/Multi-factor Authentication for Enterprise Applications
Stronger/Multi-factor Authentication for Enterprise ApplicationsStronger/Multi-factor Authentication for Enterprise Applications
Stronger/Multi-factor Authentication for Enterprise ApplicationsRamesh Nagappan
 
Green Security
Green SecurityGreen Security
Green SecurityShahar Geiger Maor
 
Protect Your Passwords, Secure Your Servers
Protect Your Passwords, Secure Your ServersProtect Your Passwords, Secure Your Servers
Protect Your Passwords, Secure Your ServersSteven Davis
 
Cloudsecurity
CloudsecurityCloudsecurity
Cloudsecuritydrewz lin
 
Safenet Authentication Service, SAS
Safenet Authentication Service, SASSafenet Authentication Service, SAS
Safenet Authentication Service, SASrobbuddingh
 
Ruckus BYOD whitepaper
Ruckus BYOD whitepaperRuckus BYOD whitepaper
Ruckus BYOD whitepaperMichal Jarski
 
Cidway Secure Mobile Access Transactions Short 05 12
Cidway Secure Mobile Access Transactions Short 05 12Cidway Secure Mobile Access Transactions Short 05 12
Cidway Secure Mobile Access Transactions Short 05 12lfilliat
 
Webinar - Easy multi factor authentication strategies and PCI DSS
Webinar - Easy multi factor authentication strategies and PCI DSSWebinar - Easy multi factor authentication strategies and PCI DSS
Webinar - Easy multi factor authentication strategies and PCI DSSonionid12
 
Security Intelligence
Security IntelligenceSecurity Intelligence
Security IntelligenceIBMGovernmentCA
 
تقرير التقن الحوسبة السحابية
تقرير التقن الحوسبة السحابيةتقرير التقن الحوسبة السحابية
تقرير التقن الحوسبة السحابيةim_q16
 
التصيد الإلكتروني
التصيد الإلكترونيالتصيد الإلكتروني
التصيد الإلكترونيkhojahay
 
مميزات الحوسبة السحابية
مميزات الحوسبة السحابيةمميزات الحوسبة السحابية
مميزات الحوسبة السحابيةSoftex Software House
 

More Related Content

What's hot

Wayfs and Strays - Jonathan Richardson
Wayfs and Strays - Jonathan RichardsonWayfs and Strays - Jonathan Richardson
Wayfs and Strays - Jonathan RichardsonEduserv
 
Sophos Complete Security
Sophos Complete SecuritySophos Complete Security
Sophos Complete SecurityCTI Group
 
Security and Privacy in the AWS Cloud - AWS India Summit 2012
Security and Privacy in the AWS Cloud - AWS India Summit 2012Security and Privacy in the AWS Cloud - AWS India Summit 2012
Security and Privacy in the AWS Cloud - AWS India Summit 2012Amazon Web Services
 
Copyright and Technology London 2012: Content Identification - Werner Strydom...
Copyright and Technology London 2012: Content Identification - Werner Strydom...Copyright and Technology London 2012: Content Identification - Werner Strydom...
Copyright and Technology London 2012: Content Identification - Werner Strydom...GiantSteps Media Technology Strategies
 
Bapinger Network Security
Bapinger Network SecurityBapinger Network Security
Bapinger Network SecurityDjadja Sardjana
 
FaceTime - DSS @Vilnius 2010
FaceTime - DSS @Vilnius 2010FaceTime - DSS @Vilnius 2010
FaceTime - DSS @Vilnius 2010Andris Soroka
 
Daniel künzli cloudgateway.next
Daniel künzli cloudgateway.nextDaniel künzli cloudgateway.next
Daniel künzli cloudgateway.nextDigicomp Academy AG
 
Smau Bari 2012 Marco Soldi
Smau Bari 2012 Marco SoldiSmau Bari 2012 Marco Soldi
Smau Bari 2012 Marco SoldiSMAU
 
Aus lug lotus protector
Aus lug lotus protectorAus lug lotus protector
Aus lug lotus protectoraosborne
 
Stronger/Multi-factor Authentication for Enterprise Applications
Stronger/Multi-factor Authentication for Enterprise ApplicationsStronger/Multi-factor Authentication for Enterprise Applications
Stronger/Multi-factor Authentication for Enterprise ApplicationsRamesh Nagappan
 
Protect Your Passwords, Secure Your Servers
Protect Your Passwords, Secure Your ServersProtect Your Passwords, Secure Your Servers
Protect Your Passwords, Secure Your ServersSteven Davis
 
Cloudsecurity
CloudsecurityCloudsecurity
Cloudsecuritydrewz lin
 
Safenet Authentication Service, SAS
Safenet Authentication Service, SASSafenet Authentication Service, SAS
Safenet Authentication Service, SASrobbuddingh
 
Ruckus BYOD whitepaper
Ruckus BYOD whitepaperRuckus BYOD whitepaper
Ruckus BYOD whitepaperMichal Jarski
 
Cidway Secure Mobile Access Transactions Short 05 12
Cidway Secure Mobile Access Transactions Short 05 12Cidway Secure Mobile Access Transactions Short 05 12
Cidway Secure Mobile Access Transactions Short 05 12lfilliat
 
Webinar - Easy multi factor authentication strategies and PCI DSS
Webinar - Easy multi factor authentication strategies and PCI DSSWebinar - Easy multi factor authentication strategies and PCI DSS
Webinar - Easy multi factor authentication strategies and PCI DSSonionid12
 

What's hot (19)

Wayfs and Strays - Jonathan Richardson
Wayfs and Strays - Jonathan RichardsonWayfs and Strays - Jonathan Richardson
Wayfs and Strays - Jonathan Richardson
 
Sophos Complete Security
Sophos Complete SecuritySophos Complete Security
Sophos Complete Security
 
Security and Privacy in the AWS Cloud - AWS India Summit 2012
Security and Privacy in the AWS Cloud - AWS India Summit 2012Security and Privacy in the AWS Cloud - AWS India Summit 2012
Security and Privacy in the AWS Cloud - AWS India Summit 2012
 
Copyright and Technology London 2012: Content Identification - Werner Strydom...
Copyright and Technology London 2012: Content Identification - Werner Strydom...Copyright and Technology London 2012: Content Identification - Werner Strydom...
Copyright and Technology London 2012: Content Identification - Werner Strydom...
 
Bapinger Network Security
Bapinger Network SecurityBapinger Network Security
Bapinger Network Security
 
FaceTime - DSS @Vilnius 2010
FaceTime - DSS @Vilnius 2010FaceTime - DSS @Vilnius 2010
FaceTime - DSS @Vilnius 2010
 
ekey+ Presentation
ekey+ Presentationekey+ Presentation
ekey+ Presentation
 
Daniel künzli cloudgateway.next
Daniel künzli cloudgateway.nextDaniel künzli cloudgateway.next
Daniel künzli cloudgateway.next
 
Smau Bari 2012 Marco Soldi
Smau Bari 2012 Marco SoldiSmau Bari 2012 Marco Soldi
Smau Bari 2012 Marco Soldi
 
Aus lug lotus protector
Aus lug lotus protectorAus lug lotus protector
Aus lug lotus protector
 
Stronger/Multi-factor Authentication for Enterprise Applications
Stronger/Multi-factor Authentication for Enterprise ApplicationsStronger/Multi-factor Authentication for Enterprise Applications
Stronger/Multi-factor Authentication for Enterprise Applications
 
Green Security
Green SecurityGreen Security
Green Security
 
Protect Your Passwords, Secure Your Servers
Protect Your Passwords, Secure Your ServersProtect Your Passwords, Secure Your Servers
Protect Your Passwords, Secure Your Servers
 
Cloudsecurity
CloudsecurityCloudsecurity
Cloudsecurity
 
Safenet Authentication Service, SAS
Safenet Authentication Service, SASSafenet Authentication Service, SAS
Safenet Authentication Service, SAS
 
Ruckus BYOD whitepaper
Ruckus BYOD whitepaperRuckus BYOD whitepaper
Ruckus BYOD whitepaper
 
Cidway Secure Mobile Access Transactions Short 05 12
Cidway Secure Mobile Access Transactions Short 05 12Cidway Secure Mobile Access Transactions Short 05 12
Cidway Secure Mobile Access Transactions Short 05 12
 
Webinar - Easy multi factor authentication strategies and PCI DSS
Webinar - Easy multi factor authentication strategies and PCI DSSWebinar - Easy multi factor authentication strategies and PCI DSS
Webinar - Easy multi factor authentication strategies and PCI DSS
 
Security Intelligence
Security IntelligenceSecurity Intelligence
Security Intelligence
 

Viewers also liked

تقرير التقن الحوسبة السحابية
تقرير التقن الحوسبة السحابيةتقرير التقن الحوسبة السحابية
تقرير التقن الحوسبة السحابيةim_q16
 
التصيد الإلكتروني
التصيد الإلكترونيالتصيد الإلكتروني
التصيد الإلكترونيkhojahay
 
مميزات الحوسبة السحابية
مميزات الحوسبة السحابيةمميزات الحوسبة السحابية
مميزات الحوسبة السحابيةSoftex Software House
 
GSAW Presentation on Cloud Security V2.1
GSAW Presentation on Cloud Security V2.1GSAW Presentation on Cloud Security V2.1
GSAW Presentation on Cloud Security V2.1GovCloud Network
 
Cloud computing Security
Cloud computing SecurityCloud computing Security
Cloud computing SecurityCloud Genius
 
أساسيات أمن المعلومات
أساسيات أمن المعلوماتأساسيات أمن المعلومات
أساسيات أمن المعلوماتMohammed Almeshekah
 
الحوسبة السحابية
الحوسبة السحابيةالحوسبة السحابية
الحوسبة السحابيةMamoun Matar
 

Viewers also liked (10)

تقرير التقن الحوسبة السحابية
تقرير التقن الحوسبة السحابيةتقرير التقن الحوسبة السحابية
تقرير التقن الحوسبة السحابية
 
التصيد الإلكتروني
التصيد الإلكترونيالتصيد الإلكتروني
التصيد الإلكتروني
 
مميزات الحوسبة السحابية
مميزات الحوسبة السحابيةمميزات الحوسبة السحابية
مميزات الحوسبة السحابية
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
2af
2af2af
2af
 
Global Mandate to Secure Cloud Computing
Global Mandate to Secure Cloud ComputingGlobal Mandate to Secure Cloud Computing
Global Mandate to Secure Cloud Computing
 
GSAW Presentation on Cloud Security V2.1
GSAW Presentation on Cloud Security V2.1GSAW Presentation on Cloud Security V2.1
GSAW Presentation on Cloud Security V2.1
 
Cloud computing Security
Cloud computing SecurityCloud computing Security
Cloud computing Security
 
أساسيات أمن المعلومات
أساسيات أمن المعلوماتأساسيات أمن المعلومات
أساسيات أمن المعلومات
 
الحوسبة السحابية
الحوسبة السحابيةالحوسبة السحابية
الحوسبة السحابية
 

Similar to Cloud security - The Cloud is as Secure as you want it to be! - Indicthreads cloud computing conference 2011

The cloud is as secure as you want it to be
The cloud is as secure as you want it to beThe cloud is as secure as you want it to be
The cloud is as secure as you want it to beDebashis Banerjee
 
Safe Net: Cloud Security Solutions
Safe Net: Cloud Security SolutionsSafe Net: Cloud Security Solutions
Safe Net: Cloud Security SolutionsASBIS SK
 
Executive Alliance Dallas - Accellion Presentation
Executive Alliance Dallas - Accellion PresentationExecutive Alliance Dallas - Accellion Presentation
Executive Alliance Dallas - Accellion PresentationProofpoint
 
Extending security in the cloud network box - v4
Extending security in the cloud network box - v4Extending security in the cloud network box - v4
Extending security in the cloud network box - v4Valencell, Inc.
 
Enterprise Security in Cloud
Enterprise Security in CloudEnterprise Security in Cloud
Enterprise Security in CloudLenin Aboagye
 
Trend micro - Your journey to the cloud, where are you
Trend micro - Your journey to the cloud, where are youTrend micro - Your journey to the cloud, where are you
Trend micro - Your journey to the cloud, where are youGlobal Business Events
 
Peering Through the Cloud Forrester EMEA 2010
Peering Through the Cloud Forrester EMEA 2010Peering Through the Cloud Forrester EMEA 2010
Peering Through the Cloud Forrester EMEA 2010graywilliams
 
Smart Cards & Devices Forum 2012 - Securing Cloud Computing
Smart Cards & Devices Forum 2012 - Securing Cloud ComputingSmart Cards & Devices Forum 2012 - Securing Cloud Computing
Smart Cards & Devices Forum 2012 - Securing Cloud ComputingOKsystem
 
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...Amazon Web Services
 
Udløs potentialet i Enterprise Mobility, Vijay Dheap, IBM US
Udløs potentialet i Enterprise Mobility, Vijay Dheap, IBM USUdløs potentialet i Enterprise Mobility, Vijay Dheap, IBM US
Udløs potentialet i Enterprise Mobility, Vijay Dheap, IBM USIBM Danmark
 
How to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
How to Make Your IoT Devices Secure, Act Autonomously & Trusted SubjectsHow to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
How to Make Your IoT Devices Secure, Act Autonomously & Trusted SubjectsMaxim Salnikov
 
AWS Summit 2011: Cloud Compliance 101: No PhD required - SafeNet
AWS Summit 2011: Cloud Compliance 101: No PhD required - SafeNetAWS Summit 2011: Cloud Compliance 101: No PhD required - SafeNet
AWS Summit 2011: Cloud Compliance 101: No PhD required - SafeNetAmazon Web Services
 
Intel Cloud Summit: Greg Brown McAfee
Intel Cloud Summit: Greg Brown McAfeeIntel Cloud Summit: Greg Brown McAfee
Intel Cloud Summit: Greg Brown McAfeeIntelAPAC
 
Security and Mobile Application Management with Worklight
Security and Mobile Application Management with WorklightSecurity and Mobile Application Management with Worklight
Security and Mobile Application Management with WorklightIBM WebSphereIndia
 
CloudPassage Overview
CloudPassage OverviewCloudPassage Overview
CloudPassage OverviewCloudPassage
 
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performanceDeepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performanceUNIT4 IT Solutions
 
Mark Carlile, EMEA Enterprise Lead at Airwatch - Mobile content strategies an...
Mark Carlile, EMEA Enterprise Lead at Airwatch - Mobile content strategies an...Mark Carlile, EMEA Enterprise Lead at Airwatch - Mobile content strategies an...
Mark Carlile, EMEA Enterprise Lead at Airwatch - Mobile content strategies an...Global Business Events
 
Protecting Data in the Cloud
Protecting Data in the CloudProtecting Data in the Cloud
Protecting Data in the CloudNeil Readshaw
 

Similar to Cloud security - The Cloud is as Secure as you want it to be! - Indicthreads cloud computing conference 2011 (20)

The cloud is as secure as you want it to be
The cloud is as secure as you want it to beThe cloud is as secure as you want it to be
The cloud is as secure as you want it to be
 
Safe Net: Cloud Security Solutions
Safe Net: Cloud Security SolutionsSafe Net: Cloud Security Solutions
Safe Net: Cloud Security Solutions
 
Executive Alliance Dallas - Accellion Presentation
Executive Alliance Dallas - Accellion PresentationExecutive Alliance Dallas - Accellion Presentation
Executive Alliance Dallas - Accellion Presentation
 
Extending security in the cloud network box - v4
Extending security in the cloud network box - v4Extending security in the cloud network box - v4
Extending security in the cloud network box - v4
 
Enterprise Security in Cloud
Enterprise Security in CloudEnterprise Security in Cloud
Enterprise Security in Cloud
 
Enterprise Security in Hybrid Cloud ISACA-SV 2012
Enterprise Security in Hybrid Cloud ISACA-SV 2012Enterprise Security in Hybrid Cloud ISACA-SV 2012
Enterprise Security in Hybrid Cloud ISACA-SV 2012
 
Trend micro - Your journey to the cloud, where are you
Trend micro - Your journey to the cloud, where are youTrend micro - Your journey to the cloud, where are you
Trend micro - Your journey to the cloud, where are you
 
Peering Through the Cloud Forrester EMEA 2010
Peering Through the Cloud Forrester EMEA 2010Peering Through the Cloud Forrester EMEA 2010
Peering Through the Cloud Forrester EMEA 2010
 
Smart Cards & Devices Forum 2012 - Securing Cloud Computing
Smart Cards & Devices Forum 2012 - Securing Cloud ComputingSmart Cards & Devices Forum 2012 - Securing Cloud Computing
Smart Cards & Devices Forum 2012 - Securing Cloud Computing
 
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
 
Udløs potentialet i Enterprise Mobility, Vijay Dheap, IBM US
Udløs potentialet i Enterprise Mobility, Vijay Dheap, IBM USUdløs potentialet i Enterprise Mobility, Vijay Dheap, IBM US
Udløs potentialet i Enterprise Mobility, Vijay Dheap, IBM US
 
How to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
How to Make Your IoT Devices Secure, Act Autonomously & Trusted SubjectsHow to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
How to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
 
AWS Summit 2011: Cloud Compliance 101: No PhD required - SafeNet
AWS Summit 2011: Cloud Compliance 101: No PhD required - SafeNetAWS Summit 2011: Cloud Compliance 101: No PhD required - SafeNet
AWS Summit 2011: Cloud Compliance 101: No PhD required - SafeNet
 
Intel Cloud Summit: Greg Brown McAfee
Intel Cloud Summit: Greg Brown McAfeeIntel Cloud Summit: Greg Brown McAfee
Intel Cloud Summit: Greg Brown McAfee
 
Security and Mobile Application Management with Worklight
Security and Mobile Application Management with WorklightSecurity and Mobile Application Management with Worklight
Security and Mobile Application Management with Worklight
 
CloudPassage Overview
CloudPassage OverviewCloudPassage Overview
CloudPassage Overview
 
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performanceDeepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
 
Mark Carlile, EMEA Enterprise Lead at Airwatch - Mobile content strategies an...
Mark Carlile, EMEA Enterprise Lead at Airwatch - Mobile content strategies an...Mark Carlile, EMEA Enterprise Lead at Airwatch - Mobile content strategies an...
Mark Carlile, EMEA Enterprise Lead at Airwatch - Mobile content strategies an...
 
Protecting Data in the Cloud
Protecting Data in the CloudProtecting Data in the Cloud
Protecting Data in the Cloud
 
Webinar on Enterprise Security & android
Webinar on Enterprise Security & androidWebinar on Enterprise Security & android
Webinar on Enterprise Security & android
 

More from IndicThreads

Http2 is here! And why the web needs it
Http2 is here! And why the web needs itHttp2 is here! And why the web needs it
Http2 is here! And why the web needs itIndicThreads
 
Understanding Bitcoin (Blockchain) and its Potential for Disruptive Applications
Understanding Bitcoin (Blockchain) and its Potential for Disruptive ApplicationsUnderstanding Bitcoin (Blockchain) and its Potential for Disruptive Applications
Understanding Bitcoin (Blockchain) and its Potential for Disruptive ApplicationsIndicThreads
 
Go Programming Language - Learning The Go Lang way
Go Programming Language - Learning The Go Lang wayGo Programming Language - Learning The Go Lang way
Go Programming Language - Learning The Go Lang wayIndicThreads
 
Building Resilient Microservices
Building Resilient Microservices Building Resilient Microservices
Building Resilient Microservices IndicThreads
 
App using golang indicthreads
App using golang indicthreadsApp using golang indicthreads
App using golang indicthreadsIndicThreads
 
Building on quicksand microservices indicthreads
Building on quicksand microservices indicthreadsBuilding on quicksand microservices indicthreads
Building on quicksand microservices indicthreadsIndicThreads
 
How to Think in RxJava Before Reacting
How to Think in RxJava Before ReactingHow to Think in RxJava Before Reacting
How to Think in RxJava Before ReactingIndicThreads
 
Iot secure connected devices indicthreads
Iot secure connected devices indicthreadsIot secure connected devices indicthreads
Iot secure connected devices indicthreadsIndicThreads
 
Real world IoT for enterprises
Real world IoT for enterprisesReal world IoT for enterprises
Real world IoT for enterprisesIndicThreads
 
IoT testing and quality assurance indicthreads
IoT testing and quality assurance indicthreadsIoT testing and quality assurance indicthreads
IoT testing and quality assurance indicthreadsIndicThreads
 
Functional Programming Past Present Future
Functional Programming Past Present FutureFunctional Programming Past Present Future
Functional Programming Past Present FutureIndicThreads
 
Harnessing the Power of Java 8 Streams
Harnessing the Power of Java 8 Streams Harnessing the Power of Java 8 Streams
Harnessing the Power of Java 8 Streams IndicThreads
 
Building & scaling a live streaming mobile platform - Gr8 road to fame
Building & scaling a live streaming mobile platform - Gr8 road to fameBuilding & scaling a live streaming mobile platform - Gr8 road to fame
Building & scaling a live streaming mobile platform - Gr8 road to fameIndicThreads
 
Internet of things architecture perspective - IndicThreads Conference
Internet of things architecture perspective - IndicThreads ConferenceInternet of things architecture perspective - IndicThreads Conference
Internet of things architecture perspective - IndicThreads ConferenceIndicThreads
 
Cars and Computers: Building a Java Carputer
Cars and Computers: Building a Java Carputer Cars and Computers: Building a Java Carputer
Cars and Computers: Building a Java CarputerIndicThreads
 
Scrap Your MapReduce - Apache Spark
Scrap Your MapReduce - Apache Spark Scrap Your MapReduce - Apache Spark
Scrap Your MapReduce - Apache SparkIndicThreads
 
Continuous Integration (CI) and Continuous Delivery (CD) using Jenkins & Docker
Continuous Integration (CI) and Continuous Delivery (CD) using Jenkins & Docker Continuous Integration (CI) and Continuous Delivery (CD) using Jenkins & Docker
Continuous Integration (CI) and Continuous Delivery (CD) using Jenkins & DockerIndicThreads
 
Speed up your build pipeline for faster feedback
Speed up your build pipeline for faster feedbackSpeed up your build pipeline for faster feedback
Speed up your build pipeline for faster feedbackIndicThreads
 
Unraveling OpenStack Clouds
Unraveling OpenStack Clouds Unraveling OpenStack Clouds
Unraveling OpenStack CloudsIndicThreads
 
Digital Transformation of the Enterprise. What IT leaders need to know!
Digital Transformation of the Enterprise. What IT leaders need to know!Digital Transformation of the Enterprise. What IT leaders need to know!
Digital Transformation of the Enterprise. What IT leaders need to know!IndicThreads
 

More from IndicThreads (20)

Http2 is here! And why the web needs it
Http2 is here! And why the web needs itHttp2 is here! And why the web needs it
Http2 is here! And why the web needs it
 
Understanding Bitcoin (Blockchain) and its Potential for Disruptive Applications
Understanding Bitcoin (Blockchain) and its Potential for Disruptive ApplicationsUnderstanding Bitcoin (Blockchain) and its Potential for Disruptive Applications
Understanding Bitcoin (Blockchain) and its Potential for Disruptive Applications
 
Go Programming Language - Learning The Go Lang way
Go Programming Language - Learning The Go Lang wayGo Programming Language - Learning The Go Lang way
Go Programming Language - Learning The Go Lang way
 
Building Resilient Microservices
Building Resilient Microservices Building Resilient Microservices
Building Resilient Microservices
 
App using golang indicthreads
App using golang indicthreadsApp using golang indicthreads
App using golang indicthreads
 
Building on quicksand microservices indicthreads
Building on quicksand microservices indicthreadsBuilding on quicksand microservices indicthreads
Building on quicksand microservices indicthreads
 
How to Think in RxJava Before Reacting
How to Think in RxJava Before ReactingHow to Think in RxJava Before Reacting
How to Think in RxJava Before Reacting
 
Iot secure connected devices indicthreads
Iot secure connected devices indicthreadsIot secure connected devices indicthreads
Iot secure connected devices indicthreads
 
Real world IoT for enterprises
Real world IoT for enterprisesReal world IoT for enterprises
Real world IoT for enterprises
 
IoT testing and quality assurance indicthreads
IoT testing and quality assurance indicthreadsIoT testing and quality assurance indicthreads
IoT testing and quality assurance indicthreads
 
Functional Programming Past Present Future
Functional Programming Past Present FutureFunctional Programming Past Present Future
Functional Programming Past Present Future
 
Harnessing the Power of Java 8 Streams
Harnessing the Power of Java 8 Streams Harnessing the Power of Java 8 Streams
Harnessing the Power of Java 8 Streams
 
Building & scaling a live streaming mobile platform - Gr8 road to fame
Building & scaling a live streaming mobile platform - Gr8 road to fameBuilding & scaling a live streaming mobile platform - Gr8 road to fame
Building & scaling a live streaming mobile platform - Gr8 road to fame
 
Internet of things architecture perspective - IndicThreads Conference
Internet of things architecture perspective - IndicThreads ConferenceInternet of things architecture perspective - IndicThreads Conference
Internet of things architecture perspective - IndicThreads Conference
 
Cars and Computers: Building a Java Carputer
Cars and Computers: Building a Java Carputer Cars and Computers: Building a Java Carputer
Cars and Computers: Building a Java Carputer
 
Scrap Your MapReduce - Apache Spark
Scrap Your MapReduce - Apache Spark Scrap Your MapReduce - Apache Spark
Scrap Your MapReduce - Apache Spark
 
Continuous Integration (CI) and Continuous Delivery (CD) using Jenkins & Docker
Continuous Integration (CI) and Continuous Delivery (CD) using Jenkins & Docker Continuous Integration (CI) and Continuous Delivery (CD) using Jenkins & Docker
Continuous Integration (CI) and Continuous Delivery (CD) using Jenkins & Docker
 
Speed up your build pipeline for faster feedback
Speed up your build pipeline for faster feedbackSpeed up your build pipeline for faster feedback
Speed up your build pipeline for faster feedback
 
Unraveling OpenStack Clouds
Unraveling OpenStack Clouds Unraveling OpenStack Clouds
Unraveling OpenStack Clouds
 
Digital Transformation of the Enterprise. What IT leaders need to know!
Digital Transformation of the Enterprise. What IT leaders need to know!Digital Transformation of the Enterprise. What IT leaders need to know!
Digital Transformation of the Enterprise. What IT leaders need to know!
 

Recently uploaded

Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 

Recently uploaded (20)

Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 

Cloud security - The Cloud is as Secure as you want it to be! - Indicthreads cloud computing conference 2011

  • 1. The cloud is as secure as you want it to be... Debashis Banerjee Yahoo! India 1
  • 2. My son’s first day at school Catered Food on my anniversary party Money in my bank My seat on the plane 2
  • 3. Today’s Journey Multi device Refresher to Cloud the cloud Security – Mobiles OTP, SMS Ensuring based multi your cloud Factor auth is secure Public, Private and Hybrid Secure Cloud Security APIs 3 Image: FreeDigitalPhotos.net
  • 4. Cloud Computing - Refresher • Key aspects of using the cloud: Elasticity, On Demand, Multi Tenancy, Multi Device, Ability to measure Service • Type of Clouds - Public Clouds, Private Clouds, Hybrid Clouds, Community/Partner Clouds • Deployment models : SaaS , PaaS , IaaS 4
  • 5. Key questions to ask about security? • What do you need to protect? Who are your users? • Where does your data live? How does it flow? What geographies? • What are your compliance, logging needs? • Is there SSO and Identity management in place? • Do you have a mix of physical , virtual, cloud? • Who pays for security? Who is accountable for what aspect of • security? • How do you react if a security breach takes place? 5
  • 6. Ensuring your cloud solution is secure Identity Provider Strong Auth Secure Multi Ingress and Device Data Egress Security In backup Access Federated SSO Privileged Access Public Cloud Geo-Political Multi Tenancy Private Cloud Considerations Logging, Secure Data at Auditing rest, motion Compliance, Playback Enterprise Physical, Virtual and cloud resources Wipeout, 6 Encryption
  • 7. Security in Public Cloud Deployments • Strong Identity management • Privileged Account Management • Place the appropriate type of data in the cloud • Have access to compliance and logging , auditing • Being a public cloud ensure you impose where you data can or cannot travel • Wipeout policies • Ensure you are comfortable with the security of multi tenancy • Secure keys 7
  • 8. Security in the Private & Hybrid Cloud Private: • Design such that there is scope to move to a hybrid model • Impose SSO Hybrid: • Segregate your data between clouds • Use SAML and ensure appropriate enterprise credentials are within the perimeter • Have your Federation set up correctly. Enable SSO. • Ensuring enterprise credentials do not travel into the cloud 8
  • 9. Multi Device Cloud Security – Mobile Phones • The mobile device as an extension of the Cloud • Secure Mobile Apps on the cloud. • On Cloud and On Device virus scanning • Seamless policies for mobile devices • Credential life cycle management • Secure Roaming Users 9
  • 10. Multi Factor Auth – OTPs, SMS based Use OTPs effectively to protect your data access to the cloud GoldKey Multi Factor Auth – AWS/Gemalto 2 Factor Auth using SMS 10 Image: http://commons.wikimedia.org/wiki/File:RSA-SecurID-Tokens.jpg
  • 11. Some APIs useful in cloud security • Safe Browsing API • VM Safe APIs 11
  • 12. In Conclusion • Cloud Security is critical to succeed in the cloud • Choose Private / Public / Hybrid cloud & SaaS / PaaS / IaaS • Identity & Privileged User Management • Compliance, Certification and Logging • Consider Multi Device Scenarios • Use Strong Authentication 12
  • 13. Remember your questions about security to 1. Your child’s school 2. Your anniversary party caterers 3. Your airline 4. Your bank And you won’t go wrong with the Cloud Security !!!! Image: FreeDigitalPhotos.net 13