SlideShare a Scribd company logo

Forecast odcau7 100_ak2

Download as PPTX, PDF
Open Data Center Alliance
Open Data Center Alliance
TechnologyBusiness
1 of 11
OCDA U: SECURITY DATA PROTECTION Matt Lowth (NAB) Ian Lamont (BMW) ®
AGENDA 2ODCA Data Security 2013 | Topic Discuss Learning Cloud Data Security - Usage Scenarios - Data Security Challenges - Data Security Lifecycle Learnings and Take-aways from this UM
TOPIC & UM BACKGROUND The ODCA Contributor organizations have created this Usage Model to collaboratively identify ways in how they agree cloud data security should be managed, and so as to provide this as a clear message to the Cloud and Solution Providers, and to share with the general public The Data Security UM addresses: 1. Concept 2. Important enabling elements 3. Usage Scenario’s 4. Categorization of service qualities in context of the UM 3ODCA Data Security 2013 |
UM CORE – KEY ELEMENTS 4 Different Security Methodology. Protecting the data versus protecting your perimeter? Important to understand what you’re protecting? Options to lower the sensitivity of the data by masking or encrypting it? Ensure access and management of your data is logged and monitored. Data Security Challenges Data Classification Data encryption & masking SIEM ODCA Data Security 2013 |
COMMON ACCESS TYPES 5ODCA Data Security 2013 |
DATA SECURITY – USAGE SCENARIOS 6 What to think about before you move your data to the cloud? How to get your data to the cloud. How to access your data in the cloud. How to Backup/Restore information from the cloud OR delete your data when you’re finished using it. Transfer Preparations Data Transfer Data Access Other Scenarios ODCA Data Security 2013 |
KEY TAKEAWAYS FOR THIS UM 7 Your data is only as secure as your weakest link. You need to consider what protection is necessary throughout your data’s lifecycle, not just protecting the information in transit. Where does your data live? It is difficult to apply appropriate protection to your data if you don’t understand the data’s sensitivity. Develop Securely Data Lifecycle Data Sovereignty Understand Your Data ODCA Data Security 2013 |
KEY INDUSTRY ACTIONS (STANDARDS AND MORE) 8 Data security must comply with country-specific legal requirements. These requirements and their implications need to be clearly comprehended by providers and subscribers. Are requested to submit input on the proposed data security criteria for the various assurance levels (Bronze, Silver, Gold, and Platinum). Should examine their enterprises and understand the data security life cycle; then they should validate their findings by comparing them to the RFP questions. Industry Wide Cloud Provider Cloud Subscriber ODCA Data Security 2013 |
INFORMATION AND ASSETS 9 Available to Members at: www.opendatacenteralliance.org URL for Public content: www.opendatacenteralliance.org Standardized Response Checklists Accelerate TTM Shared Practices Drive Scale Streamlined Requirements Accelerate Adoption ODCA Data Security 2013 |
QUESTIONS 10 www.opendatacenteralliance.org UM: Cloud Data Security From engagement to real adoption and implementation ODCA Data Security 2013 |
© 2013 Open Data Center Alliance, Inc. ALL RIGHTS RESERVED.

Recommended

Boldon James - How Data Classification can harness the power of Big Data
Boldon James - How Data Classification can harness the power of Big DataBoldon James - How Data Classification can harness the power of Big Data
Boldon James - How Data Classification can harness the power of Big Data
boldonjames
 
Privacy by Design as a system design strategy - EIC 2019
Privacy by Design as a system design strategy - EIC 2019 Privacy by Design as a system design strategy - EIC 2019
Privacy by Design as a system design strategy - EIC 2019
Sagara Gunathunga
 
Seclore Advantage Channel Program
Seclore Advantage Channel ProgramSeclore Advantage Channel Program
Seclore Advantage Channel Program
Seclore
 
Turtles, Trust and The Future of Cybersecurity
Turtles, Trust and The Future of Cybersecurity Turtles, Trust and The Future of Cybersecurity
Turtles, Trust and The Future of Cybersecurity
Digital Transformation EXPO Event Series
 
Security 24 - Seclore
Security 24 - SecloreSecurity 24 - Seclore
Security 24 - Seclore
Seclore
 
Digital IQ in managing risk and cyber threats
Digital IQ in managing risk and cyber threatsDigital IQ in managing risk and cyber threats
Digital IQ in managing risk and cyber threats
Maganathin Veeraragaloo
 
Secure Islands Case Study - Financial Firm Implements Enhanced DLP
Secure Islands Case Study - Financial Firm Implements Enhanced DLPSecure Islands Case Study - Financial Firm Implements Enhanced DLP
Secure Islands Case Study - Financial Firm Implements Enhanced DLP
Secure Islands - Data Security Policy
 
Qubole GDPR Security and Compliance Whitepaper
Qubole GDPR Security and Compliance Whitepaper Qubole GDPR Security and Compliance Whitepaper
Qubole GDPR Security and Compliance Whitepaper
Vasu S
 

Recommended

Boldon James - How Data Classification can harness the power of Big Data
Boldon James - How Data Classification can harness the power of Big DataBoldon James - How Data Classification can harness the power of Big Data
Boldon James - How Data Classification can harness the power of Big Data
boldonjames
 
Privacy by Design as a system design strategy - EIC 2019
Privacy by Design as a system design strategy - EIC 2019 Privacy by Design as a system design strategy - EIC 2019
Privacy by Design as a system design strategy - EIC 2019
Sagara Gunathunga
 
Seclore Advantage Channel Program
Seclore Advantage Channel ProgramSeclore Advantage Channel Program
Seclore Advantage Channel Program
Seclore
 
Turtles, Trust and The Future of Cybersecurity
Turtles, Trust and The Future of Cybersecurity Turtles, Trust and The Future of Cybersecurity
Turtles, Trust and The Future of Cybersecurity
Digital Transformation EXPO Event Series
 
Security 24 - Seclore
Security 24 - SecloreSecurity 24 - Seclore
Security 24 - Seclore
Seclore
 
Digital IQ in managing risk and cyber threats
Digital IQ in managing risk and cyber threatsDigital IQ in managing risk and cyber threats
Digital IQ in managing risk and cyber threats
Maganathin Veeraragaloo
 
Secure Islands Case Study - Financial Firm Implements Enhanced DLP
Secure Islands Case Study - Financial Firm Implements Enhanced DLPSecure Islands Case Study - Financial Firm Implements Enhanced DLP
Secure Islands Case Study - Financial Firm Implements Enhanced DLP
Secure Islands - Data Security Policy
 
Qubole GDPR Security and Compliance Whitepaper
Qubole GDPR Security and Compliance Whitepaper Qubole GDPR Security and Compliance Whitepaper
Qubole GDPR Security and Compliance Whitepaper
Vasu S
 
Webinar: Data Classification - Closing the Gap between Enterprise and SAP Data
Webinar: Data Classification - Closing the Gap between Enterprise and SAP DataWebinar: Data Classification - Closing the Gap between Enterprise and SAP Data
Webinar: Data Classification - Closing the Gap between Enterprise and SAP Data
UL Transaction Security
 
18 Tips for Data Classification - Data Sheet by Secure Islands
18 Tips for Data Classification - Data Sheet by Secure Islands18 Tips for Data Classification - Data Sheet by Secure Islands
18 Tips for Data Classification - Data Sheet by Secure Islands
Secure Islands - Data Security Policy
 
IRDAI Compliance & Data-Centric Security | Seclore
IRDAI Compliance & Data-Centric Security | SecloreIRDAI Compliance & Data-Centric Security | Seclore
IRDAI Compliance & Data-Centric Security | Seclore
Seclore
 
Data privacy and security in uae
Data privacy and security in uaeData privacy and security in uae
Data privacy and security in uae
RishalHalid1
 
Boldon James - SharePoint: information security's weakest link?
Boldon James - SharePoint: information security's weakest link?Boldon James - SharePoint: information security's weakest link?
Boldon James - SharePoint: information security's weakest link?
boldonjames
 
IQProtector Suite
IQProtector SuiteIQProtector Suite
IQProtector Suite
Secure Islands - Data Security Policy
 
The journey to Private AI, where Privacy-Preserving ML meets DLT
The journey to Private AI, where Privacy-Preserving ML meets DLTThe journey to Private AI, where Privacy-Preserving ML meets DLT
The journey to Private AI, where Privacy-Preserving ML meets DLT
Omid Mogharian
 
3 oraclex evento reg puglia_v2017-09-14-2
3 oraclex evento reg puglia_v2017-09-14-23 oraclex evento reg puglia_v2017-09-14-2
3 oraclex evento reg puglia_v2017-09-14-2
Redazione InnovaPuglia
 
___2360_SP_RBR_4pp_FINAL---Screen
___2360_SP_RBR_4pp_FINAL---Screen___2360_SP_RBR_4pp_FINAL---Screen
___2360_SP_RBR_4pp_FINAL---Screen
Manuel Sanchez Lopez
 
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah Sheikh
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah SheikhISACA Journal Publication - Does your Cloud have a Secure Lining? Shah Sheikh
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah Sheikh
Shah Sheikh
 
Dlp Methodology
Dlp MethodologyDlp Methodology
Dlp Methodology
tbeckwith
 
Introduction to RESILIA and Cyber Resilience
Introduction to RESILIA and Cyber ResilienceIntroduction to RESILIA and Cyber Resilience
Introduction to RESILIA and Cyber Resilience
Christian F. Nissen
 
Cloud Security Governance
Cloud Security GovernanceCloud Security Governance
Cloud Security Governance
BIJ MISHRA
 
New York Metro ISSA - PCI DSS Compliance - Ulf Mattsson 2009
New York Metro ISSA - PCI DSS Compliance - Ulf Mattsson 2009New York Metro ISSA - PCI DSS Compliance - Ulf Mattsson 2009
New York Metro ISSA - PCI DSS Compliance - Ulf Mattsson 2009
Ulf Mattsson
 
Arthur van der Wees, Arthur's Legal on Making Cloud SLAs readily usable in th...
Arthur van der Wees, Arthur's Legal on Making Cloud SLAs readily usable in th...Arthur van der Wees, Arthur's Legal on Making Cloud SLAs readily usable in th...
Arthur van der Wees, Arthur's Legal on Making Cloud SLAs readily usable in th...
SLA-Ready Network
 
Introduction to International Standardization
Introduction to International StandardizationIntroduction to International Standardization
Introduction to International Standardization
Kris Kimmerle
 
TITUS - Top Reasons For Data Classification
TITUS - Top Reasons For Data ClassificationTITUS - Top Reasons For Data Classification
TITUS - Top Reasons For Data Classification
John Timmerman
 
The EU General Protection Regulation and how Oracle can help
The EU General Protection Regulation and how Oracle can help The EU General Protection Regulation and how Oracle can help
The EU General Protection Regulation and how Oracle can help
Niklas Hjorthen
 
Data Security
Data SecurityData Security
Data Security
ankita_kashyap
 
Kerangka untuk RPM Information Security Governance: COBIT 5 for Information S...
Kerangka untuk RPM Information Security Governance: COBIT 5 for Information S...Kerangka untuk RPM Information Security Governance: COBIT 5 for Information S...
Kerangka untuk RPM Information Security Governance: COBIT 5 for Information S...
Directorate of Information Security | Ditjen Aptika
 
Forecast odcau6 100_eb
Forecast odcau6 100_ebForecast odcau6 100_eb
Forecast odcau6 100_eb
Open Data Center Alliance
 
Expanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challengesExpanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challenges
Tom Kirby
 

More Related Content

What's hot

Data privacy and security in uae
Data privacy and security in uaeData privacy and security in uae
Data privacy and security in uae
RishalHalid1
 
Boldon James - SharePoint: information security's weakest link?
Boldon James - SharePoint: information security's weakest link?Boldon James - SharePoint: information security's weakest link?
Boldon James - SharePoint: information security's weakest link?
boldonjames
 
Cloud Security Governance
Cloud Security GovernanceCloud Security Governance
Cloud Security Governance
BIJ MISHRA
 
Arthur van der Wees, Arthur's Legal on Making Cloud SLAs readily usable in th...
Arthur van der Wees, Arthur's Legal on Making Cloud SLAs readily usable in th...Arthur van der Wees, Arthur's Legal on Making Cloud SLAs readily usable in th...
Arthur van der Wees, Arthur's Legal on Making Cloud SLAs readily usable in th...
SLA-Ready Network
 
TITUS - Top Reasons For Data Classification
TITUS - Top Reasons For Data ClassificationTITUS - Top Reasons For Data Classification
TITUS - Top Reasons For Data Classification
John Timmerman
 

What's hot (20)

Webinar: Data Classification - Closing the Gap between Enterprise and SAP Data
Webinar: Data Classification - Closing the Gap between Enterprise and SAP DataWebinar: Data Classification - Closing the Gap between Enterprise and SAP Data
Webinar: Data Classification - Closing the Gap between Enterprise and SAP Data
 
18 Tips for Data Classification - Data Sheet by Secure Islands
18 Tips for Data Classification - Data Sheet by Secure Islands18 Tips for Data Classification - Data Sheet by Secure Islands
18 Tips for Data Classification - Data Sheet by Secure Islands
 
IRDAI Compliance & Data-Centric Security | Seclore
IRDAI Compliance & Data-Centric Security | SecloreIRDAI Compliance & Data-Centric Security | Seclore
IRDAI Compliance & Data-Centric Security | Seclore
 
Data privacy and security in uae
Data privacy and security in uaeData privacy and security in uae
Data privacy and security in uae
 
Boldon James - SharePoint: information security's weakest link?
Boldon James - SharePoint: information security's weakest link?Boldon James - SharePoint: information security's weakest link?
Boldon James - SharePoint: information security's weakest link?
 
IQProtector Suite
IQProtector SuiteIQProtector Suite
IQProtector Suite
 
The journey to Private AI, where Privacy-Preserving ML meets DLT
The journey to Private AI, where Privacy-Preserving ML meets DLTThe journey to Private AI, where Privacy-Preserving ML meets DLT
The journey to Private AI, where Privacy-Preserving ML meets DLT
 
3 oraclex evento reg puglia_v2017-09-14-2
3 oraclex evento reg puglia_v2017-09-14-23 oraclex evento reg puglia_v2017-09-14-2
3 oraclex evento reg puglia_v2017-09-14-2
 
___2360_SP_RBR_4pp_FINAL---Screen
___2360_SP_RBR_4pp_FINAL---Screen___2360_SP_RBR_4pp_FINAL---Screen
___2360_SP_RBR_4pp_FINAL---Screen
 
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah Sheikh
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah SheikhISACA Journal Publication - Does your Cloud have a Secure Lining? Shah Sheikh
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah Sheikh
 
Dlp Methodology
Dlp MethodologyDlp Methodology
Dlp Methodology
 
Introduction to RESILIA and Cyber Resilience
Introduction to RESILIA and Cyber ResilienceIntroduction to RESILIA and Cyber Resilience
Introduction to RESILIA and Cyber Resilience
 
Cloud Security Governance
Cloud Security GovernanceCloud Security Governance
Cloud Security Governance
 
New York Metro ISSA - PCI DSS Compliance - Ulf Mattsson 2009
New York Metro ISSA - PCI DSS Compliance - Ulf Mattsson 2009New York Metro ISSA - PCI DSS Compliance - Ulf Mattsson 2009
New York Metro ISSA - PCI DSS Compliance - Ulf Mattsson 2009
 
Arthur van der Wees, Arthur's Legal on Making Cloud SLAs readily usable in th...
Arthur van der Wees, Arthur's Legal on Making Cloud SLAs readily usable in th...Arthur van der Wees, Arthur's Legal on Making Cloud SLAs readily usable in th...
Arthur van der Wees, Arthur's Legal on Making Cloud SLAs readily usable in th...
 
Introduction to International Standardization
Introduction to International StandardizationIntroduction to International Standardization
Introduction to International Standardization
 
TITUS - Top Reasons For Data Classification
TITUS - Top Reasons For Data ClassificationTITUS - Top Reasons For Data Classification
TITUS - Top Reasons For Data Classification
 
The EU General Protection Regulation and how Oracle can help
The EU General Protection Regulation and how Oracle can help The EU General Protection Regulation and how Oracle can help
The EU General Protection Regulation and how Oracle can help
 
Data Security
Data SecurityData Security
Data Security
 
Kerangka untuk RPM Information Security Governance: COBIT 5 for Information S...
Kerangka untuk RPM Information Security Governance: COBIT 5 for Information S...Kerangka untuk RPM Information Security Governance: COBIT 5 for Information S...
Kerangka untuk RPM Information Security Governance: COBIT 5 for Information S...
 

Similar to Forecast odcau7 100_ak2

Design and implement a new cloud security method based on multi clouds on ope...
Design and implement a new cloud security method based on multi clouds on ope...Design and implement a new cloud security method based on multi clouds on ope...
Design and implement a new cloud security method based on multi clouds on ope...
csandit
 
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...
cscpconf
 
Cloud Auditing With Zero Knowledge Privacy
Cloud Auditing With Zero Knowledge PrivacyCloud Auditing With Zero Knowledge Privacy
Cloud Auditing With Zero Knowledge Privacy
IJERA Editor
 
A proposed Solution: Data Availability and Error Correction in Cloud Computing
A proposed Solution: Data Availability and Error Correction in Cloud ComputingA proposed Solution: Data Availability and Error Correction in Cloud Computing
A proposed Solution: Data Availability and Error Correction in Cloud Computing
CSCJournals
 
APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...
APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...
APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...
IJCNCJournal
 
Security and privacy approach of cloud computing
Security and privacy approach of cloud computingSecurity and privacy approach of cloud computing
Security and privacy approach of cloud computing
Jahangeer Qadiree
 

Similar to Forecast odcau7 100_ak2 (20)

Forecast odcau6 100_eb
Forecast odcau6 100_ebForecast odcau6 100_eb
Forecast odcau6 100_eb
 
Expanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challengesExpanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challenges
 
Top ten big data security and privacy challenges
Top ten big data security and privacy challengesTop ten big data security and privacy challenges
Top ten big data security and privacy challenges
 
Information security group presentation
Information security group presentationInformation security group presentation
Information security group presentation
 
Design and implement a new cloud security method based on multi clouds on ope...
Design and implement a new cloud security method based on multi clouds on ope...Design and implement a new cloud security method based on multi clouds on ope...
Design and implement a new cloud security method based on multi clouds on ope...
 
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...
 
Information security group presentation ppt
Information security group presentation pptInformation security group presentation ppt
Information security group presentation ppt
 
Ad4502189193
Ad4502189193Ad4502189193
Ad4502189193
 
Cloud Auditing With Zero Knowledge Privacy
Cloud Auditing With Zero Knowledge PrivacyCloud Auditing With Zero Knowledge Privacy
Cloud Auditing With Zero Knowledge Privacy
 
Cloud Services As An Enabler
Cloud Services As An EnablerCloud Services As An Enabler
Cloud Services As An Enabler
 
Cloud Services As An Enabler: The Strategic, Legal & Pragmatic Approach
Cloud Services As An Enabler: The Strategic, Legal & Pragmatic ApproachCloud Services As An Enabler: The Strategic, Legal & Pragmatic Approach
Cloud Services As An Enabler: The Strategic, Legal & Pragmatic Approach
 
A proposed Solution: Data Availability and Error Correction in Cloud Computing
A proposed Solution: Data Availability and Error Correction in Cloud ComputingA proposed Solution: Data Availability and Error Correction in Cloud Computing
A proposed Solution: Data Availability and Error Correction in Cloud Computing
 
Preventing Data Cloud Breaches with Zero Trust
Preventing Data Cloud Breaches with Zero TrustPreventing Data Cloud Breaches with Zero Trust
Preventing Data Cloud Breaches with Zero Trust
 
APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...
APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...
APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...
 
Security in cloud computing
Security in cloud computingSecurity in cloud computing
Security in cloud computing
 
Security and privacy approach of cloud computing
Security and privacy approach of cloud computingSecurity and privacy approach of cloud computing
Security and privacy approach of cloud computing
 
A study on security issues in cloud based e learning
A study on security issues in cloud based e learningA study on security issues in cloud based e learning
A study on security issues in cloud based e learning
 
Microsoft Cloud GDPR Compliance Options (SUGUK)
Microsoft Cloud GDPR Compliance Options (SUGUK)Microsoft Cloud GDPR Compliance Options (SUGUK)
Microsoft Cloud GDPR Compliance Options (SUGUK)
 
Data-Centric Security | Seclore
Data-Centric Security | Seclore Data-Centric Security | Seclore
Data-Centric Security | Seclore
 
IRJET- Security Enhancement for Sharing Data within Group Members in Cloud
IRJET- Security Enhancement for Sharing Data within Group Members in CloudIRJET- Security Enhancement for Sharing Data within Group Members in Cloud
IRJET- Security Enhancement for Sharing Data within Group Members in Cloud
 

More from Open Data Center Alliance

ODCA DevOps: Magnifying Business Value
ODCA DevOps: Magnifying Business ValueODCA DevOps: Magnifying Business Value
ODCA DevOps: Magnifying Business Value
Open Data Center Alliance
 
Cloud & Enterprise IT. Hybrid IT, Coexistence Strategies
Cloud & Enterprise IT. Hybrid IT, Coexistence StrategiesCloud & Enterprise IT. Hybrid IT, Coexistence Strategies
Cloud & Enterprise IT. Hybrid IT, Coexistence Strategies
Open Data Center Alliance
 
Forecast 2014: Making Better Business Decisions with Big Data and IoT
Forecast 2014: Making Better Business Decisions with Big Data and IoTForecast 2014: Making Better Business Decisions with Big Data and IoT
Forecast 2014: Making Better Business Decisions with Big Data and IoT
Open Data Center Alliance
 
Forecast 2014: TOSCA: An Open Standard for Business Application Agility and P...
Forecast 2014: TOSCA: An Open Standard for Business Application Agility and P...Forecast 2014: TOSCA: An Open Standard for Business Application Agility and P...
Forecast 2014: TOSCA: An Open Standard for Business Application Agility and P...
Open Data Center Alliance
 
Forecast 2014: eDiscovery and Forensics
Forecast 2014: eDiscovery and Forensics Forecast 2014: eDiscovery and Forensics
Forecast 2014: eDiscovery and Forensics
Open Data Center Alliance
 
Forecast 2014 Keynote: Re-architecting the Data Center for the Digital Servic...
Forecast 2014 Keynote: Re-architecting the Data Center for the Digital Servic...Forecast 2014 Keynote: Re-architecting the Data Center for the Digital Servic...
Forecast 2014 Keynote: Re-architecting the Data Center for the Digital Servic...
Open Data Center Alliance
 

More from Open Data Center Alliance (20)

ODCA DevOps: Magnifying Business Value
ODCA DevOps: Magnifying Business ValueODCA DevOps: Magnifying Business Value
ODCA DevOps: Magnifying Business Value
 
Cloud & Enterprise IT. Hybrid IT, Coexistence Strategies
Cloud & Enterprise IT. Hybrid IT, Coexistence StrategiesCloud & Enterprise IT. Hybrid IT, Coexistence Strategies
Cloud & Enterprise IT. Hybrid IT, Coexistence Strategies
 
Open Data Center Alliance 2014 Member Survey on Cloud Adoption
Open Data Center Alliance 2014 Member Survey on Cloud AdoptionOpen Data Center Alliance 2014 Member Survey on Cloud Adoption
Open Data Center Alliance 2014 Member Survey on Cloud Adoption
 
ODCA Board Best Practice: High Performance Computing at BMW
ODCA Board Best Practice: High Performance Computing at BMWODCA Board Best Practice: High Performance Computing at BMW
ODCA Board Best Practice: High Performance Computing at BMW
 
Forecast 2014: Making Better Business Decisions with Big Data and IoT
Forecast 2014: Making Better Business Decisions with Big Data and IoTForecast 2014: Making Better Business Decisions with Big Data and IoT
Forecast 2014: Making Better Business Decisions with Big Data and IoT
 
Forecast 2014: The Grand Challenge, Simplifying IT to Unleash Innovation
Forecast 2014: The Grand Challenge, Simplifying IT to Unleash InnovationForecast 2014: The Grand Challenge, Simplifying IT to Unleash Innovation
Forecast 2014: The Grand Challenge, Simplifying IT to Unleash Innovation
 
Forecast 2014: Why Open Platforms Matter to Enterprises and Developers
Forecast 2014: Why Open Platforms Matter to Enterprises and DevelopersForecast 2014: Why Open Platforms Matter to Enterprises and Developers
Forecast 2014: Why Open Platforms Matter to Enterprises and Developers
 
Forecast 2014: ODCA Cloud Maturity Model V2.0
Forecast 2014: ODCA Cloud Maturity Model V2.0Forecast 2014: ODCA Cloud Maturity Model V2.0
Forecast 2014: ODCA Cloud Maturity Model V2.0
 
Forecast 2014: TOSCA: An Open Standard for Business Application Agility and P...
Forecast 2014: TOSCA: An Open Standard for Business Application Agility and P...Forecast 2014: TOSCA: An Open Standard for Business Application Agility and P...
Forecast 2014: TOSCA: An Open Standard for Business Application Agility and P...
 
Forecast 2014: Maximizing Your Cloud Service Quality and Costs
Forecast 2014: Maximizing Your Cloud Service Quality and Costs Forecast 2014: Maximizing Your Cloud Service Quality and Costs
Forecast 2014: Maximizing Your Cloud Service Quality and Costs
 
Forecast 2014: TOSCA Proof of Concept
Forecast 2014: TOSCA Proof of ConceptForecast 2014: TOSCA Proof of Concept
Forecast 2014: TOSCA Proof of Concept
 
Forecast 2014: Welcome to the ODCA University - School is Way Cool!
Forecast 2014: Welcome to the ODCA University - School is Way Cool!Forecast 2014: Welcome to the ODCA University - School is Way Cool!
Forecast 2014: Welcome to the ODCA University - School is Way Cool!
 
Forecast 2014: Software Defined Networking - What's New?
Forecast 2014: Software Defined Networking - What's New? Forecast 2014: Software Defined Networking - What's New?
Forecast 2014: Software Defined Networking - What's New?
 
Forecast 2014: Cloud-Aware Applications
Forecast 2014: Cloud-Aware Applications Forecast 2014: Cloud-Aware Applications
Forecast 2014: Cloud-Aware Applications
 
Forecast 2014: eDiscovery and Forensics
Forecast 2014: eDiscovery and Forensics Forecast 2014: eDiscovery and Forensics
Forecast 2014: eDiscovery and Forensics
 
Forecast 2014: Cloud Service Brokering
Forecast 2014: Cloud Service BrokeringForecast 2014: Cloud Service Brokering
Forecast 2014: Cloud Service Brokering
 
Forecast 2014: Infrastructure as a Service (IaaS)
Forecast 2014: Infrastructure as a Service (IaaS)Forecast 2014: Infrastructure as a Service (IaaS)
Forecast 2014: Infrastructure as a Service (IaaS)
 
Forecast 2014: SaaS Data Exchange
Forecast 2014: SaaS Data ExchangeForecast 2014: SaaS Data Exchange
Forecast 2014: SaaS Data Exchange
 
Forecast 2014: Business Strategy Enabled by Cloud
Forecast 2014: Business Strategy Enabled by Cloud Forecast 2014: Business Strategy Enabled by Cloud
Forecast 2014: Business Strategy Enabled by Cloud
 
Forecast 2014 Keynote: Re-architecting the Data Center for the Digital Servic...
Forecast 2014 Keynote: Re-architecting the Data Center for the Digital Servic...Forecast 2014 Keynote: Re-architecting the Data Center for the Digital Servic...
Forecast 2014 Keynote: Re-architecting the Data Center for the Digital Servic...
 

Recently uploaded

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 

Recently uploaded (20)

AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 

Forecast odcau7 100_ak2

  • 1. OCDA U: SECURITY DATA PROTECTION Matt Lowth (NAB) Ian Lamont (BMW) ®
  • 2. AGENDA 2ODCA Data Security 2013 | Topic Discuss Learning Cloud Data Security - Usage Scenarios - Data Security Challenges - Data Security Lifecycle Learnings and Take-aways from this UM
  • 3. TOPIC & UM BACKGROUND The ODCA Contributor organizations have created this Usage Model to collaboratively identify ways in how they agree cloud data security should be managed, and so as to provide this as a clear message to the Cloud and Solution Providers, and to share with the general public The Data Security UM addresses: 1. Concept 2. Important enabling elements 3. Usage Scenario’s 4. Categorization of service qualities in context of the UM 3ODCA Data Security 2013 |
  • 4. UM CORE – KEY ELEMENTS 4 Different Security Methodology. Protecting the data versus protecting your perimeter? Important to understand what you’re protecting? Options to lower the sensitivity of the data by masking or encrypting it? Ensure access and management of your data is logged and monitored. Data Security Challenges Data Classification Data encryption & masking SIEM ODCA Data Security 2013 |
  • 5. COMMON ACCESS TYPES 5ODCA Data Security 2013 |
  • 6. DATA SECURITY – USAGE SCENARIOS 6 What to think about before you move your data to the cloud? How to get your data to the cloud. How to access your data in the cloud. How to Backup/Restore information from the cloud OR delete your data when you’re finished using it. Transfer Preparations Data Transfer Data Access Other Scenarios ODCA Data Security 2013 |
  • 7. KEY TAKEAWAYS FOR THIS UM 7 Your data is only as secure as your weakest link. You need to consider what protection is necessary throughout your data’s lifecycle, not just protecting the information in transit. Where does your data live? It is difficult to apply appropriate protection to your data if you don’t understand the data’s sensitivity. Develop Securely Data Lifecycle Data Sovereignty Understand Your Data ODCA Data Security 2013 |
  • 8. KEY INDUSTRY ACTIONS (STANDARDS AND MORE) 8 Data security must comply with country-specific legal requirements. These requirements and their implications need to be clearly comprehended by providers and subscribers. Are requested to submit input on the proposed data security criteria for the various assurance levels (Bronze, Silver, Gold, and Platinum). Should examine their enterprises and understand the data security life cycle; then they should validate their findings by comparing them to the RFP questions. Industry Wide Cloud Provider Cloud Subscriber ODCA Data Security 2013 |
  • 9. INFORMATION AND ASSETS 9 Available to Members at: www.opendatacenteralliance.org URL for Public content: www.opendatacenteralliance.org Standardized Response Checklists Accelerate TTM Shared Practices Drive Scale Streamlined Requirements Accelerate Adoption ODCA Data Security 2013 |
  • 10. QUESTIONS 10 www.opendatacenteralliance.org UM: Cloud Data Security From engagement to real adoption and implementation ODCA Data Security 2013 |
  • 11. © 2013 Open Data Center Alliance, Inc. ALL RIGHTS RESERVED.

Editor's Notes

  1. N-Tier architecture vs protect the data.Low/Medium/High confidentiality, important to understand these concepts What else can you do with the data to protect it? SIEM - (Compliance monitoring / Provider assurance) – you just missed it. – you should come to the previous session.Ian: Ask what’s happening in BMW for Data Classification & SIEM?
  2. Different access types- Customer Data AccessThe customer typically accesses data in the cloud through an application which provides him a service around the data. The customer will typically come from an uncontrollable external network – generalized as Internet. The access goes through a traditional DMZ architecture with an outer firewall – a reverse proxy enforcing the user authentication and applying access control for the requested application.Staff Data AccessStaff members will access their resources in the cloud through their enterprise firewall or virtual private network (VPN) connection to an access gateway which ensures the user is coming from an identified organization (the cloud subscriber). Staff members will perform admin tasks as well as use applications running in the cloud. Basically, their roles and accessible resources will be controlled by an access control or policy server similar to that controlling the access of the customers (i.e., from a cloud provider’s point of view, these are all customers).- Sysadmin Data AccessThe SysAdmin has OS-level access the the cloud provider’s servers and is under control of an admin gateway to limit the access to systems the admin is entitled to. The admin gateway can be implemented as a function on each server, which enforces role-based access control on the OS level (e.g., PowerBroker).Figure 6 illustrates the SysAdmin access path to data. Basically, the SysAdmin has access to all servers on the OS level. He always accesses data directly, as he has no application entitlements.Application Data AccessThings to think about here include whether you need to think about MASSL for auth, account credentials etc..See the Identity mgmt usage models.
  3. Data Sovereignty – In .AU, lots of talk of it, but no real impacts as of yet as people aren’t using public cloud for highly sensitive services. I hear Data Sovereignty is a problem in Europe – how do you see this affecting Cloud adoption in this area?