SlideShare a Scribd company logo

3 Reasons Why the Cloud is More Secure than Your Server

Clio - Cloud-Based Legal Technology
Clio - Cloud-Based Legal Technology

The days of VPN, desktop practice management software and ftp file sharing have given way to online applications like Google Apps, Dropbox and online practice management solutions. Fast, cost-effective, and easy-to-use, law firms of all sizes are moving to cloud-based systems to run their operations. How secure is a cloud-based system though? Learn about: - Risks of servers and why securing data in the cloud is a better option - Procedures every law firm can use to make cloud data storage highly effective - How cloud applications can help firms meet strict statutory requirements

LawTechnology
1 of 45
Download to read offline
3 Reasons Why the Cloud is More Secure than Your Server Joshua Lenon – Lawyer-in-Residence @joshualenon Doug Edmunds – Asst. Dean for Information Technology @unclawinfotech
Agenda •  Cloud Overview (5 minutes) •  3 Reasons the Cloud is More Secure – Economies of Scale (5 minutes) – Cybersecurity Framework (10 minutes) •  Framework vs. Confidentiality Duties – Lightning Advancement (10 minutes) •  Guest: Doug Edmunds (20 minutes) •  Takeaways (5 minutes) •  Questions (5 minutes)
Instructors Joshua Lenon •  Lawyer, admitted in New York •  Lawyer-in-Residence for Clio Doug Edmunds •  Assistant Dean for Information Technology at University of North Carolina at Chapel Hill - School of Law
CLOUD OVERVIEW
NIST Cloud Definition “Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction” Source:(NIST(Defini0on(of(Cloud(Compu0ng;(Special(Publica0on(800>145(
Cloud Defined
Cloud Defined
3 REASONS THE CLOUD IS MORE SECURE
ECONOMIES OF SCALE
Cloud Economies Dedicated(Security( Team( Greater(Investment(in( Security(Infrastructure( Fault(Tolerance(and( Reliability( Greater(Resiliency( Hypervisor(Protec0on( Against(Network(AMacks( Simplifica0on(of( Compliance(Analysis( Data(Held(by(Unbiased( Party( Low>Cost(Disaster( Recovery(and(Data( Storage(Solu0ons( On>Demand(Security( Controls( Real>Time(Detec0on(of( System(Tampering( Rapid(Re>Cons0tu0on(of( Services( Source:(Cloud.CIO.gov(
Law Firms Current Security •  47% have no documented disaster recovery plan •  Only 39% have intrusion detection system •  Only 36% have intrusion prevention system •  32% never have outside security assessments performed •  Only 14% have server logs •  2% have ISO 27001 certification Source:(2013(ILTA(Tech(Survey(
Federal Labor Relation Authority (FLRA) Case Management System •  88% reduction in total cost of ownership over a five year period •  Eliminated up-front licensing cost of $273,000 •  Reduced annual maintenance from $77,000 to $16,800 •  Eliminated all hardware acquisition costs •  Secure access from any Internet connection •  Ability to operate and access case information from any location in the world, supporting the virtual enterprise Source:(Cloud.CIO.gov(
CYBER-SECURITY FRAMEWORK
Cybersecurity Framework •  “Framework for Improving Critical Infrastructure Cybersecurity” •  Published by NIST in February 2014 •  Provides Core, Tiers and Profiles
Cybersecurity Framework: Cores Source:(NIST,(“Framework(for(Improving(Cri0cal(Infrastructure( Cybersecurity,”(02/14/2014(
Cybersecurity Framework: Tiers •  4 Tiers: – Tier 1: Partial – Tier 2: Risk Informed – Tier 3: Repeatable – Tier 4: Adaptive “Progression to higher Tiers is encouraged when such a change would reduce cybersecurity risk and be cost effective.”
Cybersecurity Framework: Tiers •  Tier 3: Repeatable –  Formal risk management policies with reviews –  Organization-wide approach with training –  Collaborates with outside partners on risk management •  Tier 4: Adaptive –  Adapts security based on lessons & predictions –  Security is part of corporate culture with continuous improvement –  Actively shares information with partners
Cybersecurity Framework: Profiles •  Current: security outcomes being achieved •  Target: outcomes needed to meet goals •  Compare Current and Target Profiles to identify gaps in security processes
CYBERSECURITY FRAMEWORK VS. CONFIDENTIALITY DUTIES
Model Rules of Professional Conduct •  Rule 1.1 – Competency – “lawyer should keep abreast of changes in the law and its practice, including the benefits and risks associated with relevant technology…” •  Rule 1.6 – Confidentiality – “lawyer shall not reveal information relating to the representation of a client unless the client gives informed consent, the disclosure is impliedly authorized in order to carry out the representation…”
Model Rules of Professional Conduct •  Rule 5.3 - Responsibilities Regarding Nonlawyer Assistant – “person's [nonlawyer] conduct is compatible with the professional obligations of the lawyer…”
Cloud Computing Ethics Opinions Source:(American(Bar(Associa0on(
Framework vs. Ethics Opinions Framework helps map, measure, & migrate cost benefit analysis
Cybersecurity Framework: Tiers •  Tier 3: Repeatable –  Formal risk management policies with reviews –  Organization-wide approach with training –  Collaborates with outside partners on risk management •  Tier 4: Adaptive –  Adapts security based on lessons & predictions –  Security is part of corporate culture with continuous improvement –  Actively shares information with partners
Framework vs. Ethics Opinions Opinions fail to discuss regulatory requirements.
Framework vs. Ethics Opinions Cloud services allow easier regulatory compliance
LIGHTNING ADVANCEMENTS
28% of solo and small firms have no process for updating their computers. Source:(2013(ILTA(Tech(Survey(
Lightning Advancements •  Cloud Services move at the speed of the internet. •  Real-time monitoring and upgrades keep your Software-as-a-Service on the cutting edge.
Heartbleed
“When weaknesses are discovered in cryptographic systems, the system will not necessarily become suddenly insecure.” Source:(Bruce(Schneier,(‘Cryptanalysis(of(SHA>1’(
“Such discoveries impel migration to more secure techniques, rather than signifying that everything encrypted with that system is immediately insecure.” Source:(Bruce(Schneier,(‘Cryptanalysis(of(SHA>1’(
GUEST: DOUG EDMUNDS
Carolina Law - Background •  Part of UNC-Chapel Hill, nation’s oldest degree-granting public university •  Law school founded 1845 •  Charter member of ABA – 1920 •  Approx. 740 students; 63 tenure track faculty; 35+ adjuncts •  6 clinics with 70-80 students per year
Clinical Program - Challenges •  Aging hardware •  Bad software support •  Short staffing •  Limited funding •  Campus security policies •  Skepticism of university counsel Photo(source:(hMp://0nyurl.com/lk5hy4u(
Old Model vs. New Model Time Matters - Local •  Poor support for Macs •  Software upgrades difficult •  No redundancy – single server in place •  Vendor difficult to reach •  Students frustrated, faculty jaded Clio - Cloud •  Operating system agnostic •  Software upgrades totally transparent •  Geolocation of data centers and fully redundant •  Excellent vendor support and self-help resources •  Students and faculty love it
Security Local Solution •  Security = just one thing your organization does •  Cobbled together, piecemeal •  Few if any guarantees •  Knowledge deficient •  No formal access controls Cloud Solution •  Data center’s rep & business depend on it •  Multi-layered, robust •  Guarantees in Service Level Agreement •  Expertise •  Monitored, controlled environment
Policies & Procedures •  Rule #1 - Cloud adoption should not be based solely on convenience •  Rule #2 – Implement consistent metadata/ tagging standards •  Rule #3 - Leverage version control •  Rule #4 - Require security awareness training •  Rule #5 – Prohibit “rogue agents”
Mobility & Agility •  True anytime, anywhere access •  Security is “baked in” rather than “bolted on” •  Accessible across platforms/devices •  No downtime due to server outages Photo(source:(hMp://0nyurl.com/l7wgd45(
TAKEAWAYS
Takeaways •  Cloud computing economies of scale provide security and service that cannot be matched by individual installations •  Organizations large and small are shifting to cloud-based services for increased savings •  Robust frameworks for measuring and mitigating risks are being developed for cloud services •  Cloud services are best suited for cutting edge implementations
Action Items •  Read state ethics opinions on technology •  Commit to a cybersecurity review. – Document •  Cores •  Tiers for Firm and Vendors •  Current vs. Target Profiles •  Download the Cybersecurity Framework Core Exercise on GoClio.com/Blog
ClioWeb Planning to move to the Cloud now? Try Clio for free & get 25% off your first 6 months
QUESTIONS
Thank You Doug Edmunds edmunds@unc.edu @unclawinfotech linkedin.com/in/ dougedmunds Joshua Lenon joshua@goclio.com @JoshuaLenon linkedin.com/in/joshualenon

Recommended

Tripwire Energy Working Group: TIV Demo
Tripwire Energy Working Group: TIV Demo Tripwire Energy Working Group: TIV Demo
Tripwire Energy Working Group: TIV Demo Tripwire
 
CSO CXO Series Breakfast
CSO CXO Series BreakfastCSO CXO Series Breakfast
CSO CXO Series BreakfastCSO_Presentations
 
Migrating Critical Applications To The Cloud - ISACA Seattle - Sanitized
Migrating Critical Applications To The Cloud - ISACA Seattle - SanitizedMigrating Critical Applications To The Cloud - ISACA Seattle - Sanitized
Migrating Critical Applications To The Cloud - ISACA Seattle - SanitizedNorm Barber
 
Migrating Critical Applications to the Cloud - isaca seattle - sanitized
Migrating Critical Applications to the Cloud - isaca seattle - sanitizedMigrating Critical Applications to the Cloud - isaca seattle - sanitized
Migrating Critical Applications to the Cloud - isaca seattle - sanitizedUnifyCloud
 
Top 5 Cloud Security Predictions for 2016
Top 5 Cloud Security Predictions for 2016 Top 5 Cloud Security Predictions for 2016
Top 5 Cloud Security Predictions for 2016 Alert Logic
 
Symantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec
 
Latency Control And Supervision In Resilience Design Patterns
Latency Control And Supervision In Resilience Design Patterns Latency Control And Supervision In Resilience Design Patterns
Latency Control And Supervision In Resilience Design Patterns Tu Pham
 
ciso-platform-annual-summit-2013-Hp enterprise security overview
ciso-platform-annual-summit-2013-Hp enterprise security overviewciso-platform-annual-summit-2013-Hp enterprise security overview
ciso-platform-annual-summit-2013-Hp enterprise security overviewPriyanka Aash
 

Recommended

Tripwire Energy Working Group: TIV Demo
Tripwire Energy Working Group: TIV Demo Tripwire Energy Working Group: TIV Demo
Tripwire Energy Working Group: TIV Demo Tripwire
 
CSO CXO Series Breakfast
CSO CXO Series BreakfastCSO CXO Series Breakfast
CSO CXO Series BreakfastCSO_Presentations
 
Migrating Critical Applications To The Cloud - ISACA Seattle - Sanitized
Migrating Critical Applications To The Cloud - ISACA Seattle - SanitizedMigrating Critical Applications To The Cloud - ISACA Seattle - Sanitized
Migrating Critical Applications To The Cloud - ISACA Seattle - SanitizedNorm Barber
 
Migrating Critical Applications to the Cloud - isaca seattle - sanitized
Migrating Critical Applications to the Cloud - isaca seattle - sanitizedMigrating Critical Applications to the Cloud - isaca seattle - sanitized
Migrating Critical Applications to the Cloud - isaca seattle - sanitizedUnifyCloud
 
Top 5 Cloud Security Predictions for 2016
Top 5 Cloud Security Predictions for 2016 Top 5 Cloud Security Predictions for 2016
Top 5 Cloud Security Predictions for 2016 Alert Logic
 
Symantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec
 
Latency Control And Supervision In Resilience Design Patterns
Latency Control And Supervision In Resilience Design Patterns Latency Control And Supervision In Resilience Design Patterns
Latency Control And Supervision In Resilience Design Patterns Tu Pham
 
ciso-platform-annual-summit-2013-Hp enterprise security overview
ciso-platform-annual-summit-2013-Hp enterprise security overviewciso-platform-annual-summit-2013-Hp enterprise security overview
ciso-platform-annual-summit-2013-Hp enterprise security overviewPriyanka Aash
 
Vulnerability Testing Services Case Study
Vulnerability Testing Services Case StudyVulnerability Testing Services Case Study
Vulnerability Testing Services Case StudyNandita Nityanandam
 
Outpost24 webinar: Security Analytics: what's in a risk score
Outpost24 webinar: Security Analytics: what's in a risk scoreOutpost24 webinar: Security Analytics: what's in a risk score
Outpost24 webinar: Security Analytics: what's in a risk scoreOutpost24
 
Shared Security Responsibility in the AWS Public Cloud
Shared Security Responsibility in the AWS Public CloudShared Security Responsibility in the AWS Public Cloud
Shared Security Responsibility in the AWS Public CloudAlert Logic
 
Security Analytics for Data Discovery - Closing the SIEM Gap
Security Analytics for Data Discovery - Closing the SIEM GapSecurity Analytics for Data Discovery - Closing the SIEM Gap
Security Analytics for Data Discovery - Closing the SIEM GapEric Johansen, CISSP
 
Realities of Security in the Cloud
Realities of Security in the CloudRealities of Security in the Cloud
Realities of Security in the CloudAlert Logic
 
Vulnerability Management – Opportunities and Challenges!
Vulnerability Management – Opportunities and Challenges!Vulnerability Management – Opportunities and Challenges!
Vulnerability Management – Opportunities and Challenges!Outpost24
 
Lisa Guess - Embracing the Cloud
Lisa Guess - Embracing the CloudLisa Guess - Embracing the Cloud
Lisa Guess - Embracing the Cloudcentralohioissa
 
Network security, seriously?
Network security, seriously?Network security, seriously?
Network security, seriously?Peter Wood
 
Infrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy HiremathInfrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy HiremathClubHack
 
Introduction to Cyber Resilience
Introduction to Cyber ResilienceIntroduction to Cyber Resilience
Introduction to Cyber ResiliencePeter Wood
 
Information Assurance Metrics: Practical Steps to Measurement
Information Assurance Metrics: Practical Steps to MeasurementInformation Assurance Metrics: Practical Steps to Measurement
Information Assurance Metrics: Practical Steps to MeasurementEnclaveSecurity
 
RSA: Security Analytics Architecture for APT
RSA: Security Analytics Architecture for APTRSA: Security Analytics Architecture for APT
RSA: Security Analytics Architecture for APTLee Wei Yeong
 
Journey to the Cloud: Securing Your AWS Applications - April 2015
Journey to the Cloud: Securing Your AWS Applications - April 2015Journey to the Cloud: Securing Your AWS Applications - April 2015
Journey to the Cloud: Securing Your AWS Applications - April 2015Alert Logic
 
Using an Open Source Threat Model for Prioritized Defense
Using an Open Source Threat Model for Prioritized DefenseUsing an Open Source Threat Model for Prioritized Defense
Using an Open Source Threat Model for Prioritized DefenseEnclaveSecurity
 
Cloud Security - Made simple
Cloud Security - Made simpleCloud Security - Made simple
Cloud Security - Made simpleSameer Paradia
 
Cybersecurity framework v1-1_presentation
Cybersecurity framework v1-1_presentationCybersecurity framework v1-1_presentation
Cybersecurity framework v1-1_presentationMonchai Phaichitchan
 
Dressing up the ICS Kill Chain
Dressing up the ICS Kill ChainDressing up the ICS Kill Chain
Dressing up the ICS Kill ChainDragos, Inc.
 
Symantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec
 
Key Security Insights: Examining 2014 to predict emerging threats
Key Security Insights: Examining 2014 to predict emerging threats Key Security Insights: Examining 2014 to predict emerging threats
Key Security Insights: Examining 2014 to predict emerging threats Dell World
 
Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...
Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...
Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...Cybersecurity Education and Research Centre
 
BATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdfBATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdfBATbern
 
HITRUST CSF in the Cloud
HITRUST CSF in the CloudHITRUST CSF in the Cloud
HITRUST CSF in the CloudOnRamp
 

More Related Content

What's hot

Vulnerability Testing Services Case Study
Vulnerability Testing Services Case StudyVulnerability Testing Services Case Study
Vulnerability Testing Services Case StudyNandita Nityanandam
 
Outpost24 webinar: Security Analytics: what's in a risk score
Outpost24 webinar: Security Analytics: what's in a risk scoreOutpost24 webinar: Security Analytics: what's in a risk score
Outpost24 webinar: Security Analytics: what's in a risk scoreOutpost24
 
Shared Security Responsibility in the AWS Public Cloud
Shared Security Responsibility in the AWS Public CloudShared Security Responsibility in the AWS Public Cloud
Shared Security Responsibility in the AWS Public CloudAlert Logic
 
Security Analytics for Data Discovery - Closing the SIEM Gap
Security Analytics for Data Discovery - Closing the SIEM GapSecurity Analytics for Data Discovery - Closing the SIEM Gap
Security Analytics for Data Discovery - Closing the SIEM GapEric Johansen, CISSP
 
Realities of Security in the Cloud
Realities of Security in the CloudRealities of Security in the Cloud
Realities of Security in the CloudAlert Logic
 
Vulnerability Management – Opportunities and Challenges!
Vulnerability Management – Opportunities and Challenges!Vulnerability Management – Opportunities and Challenges!
Vulnerability Management – Opportunities and Challenges!Outpost24
 
Lisa Guess - Embracing the Cloud
Lisa Guess - Embracing the CloudLisa Guess - Embracing the Cloud
Lisa Guess - Embracing the Cloudcentralohioissa
 
Network security, seriously?
Network security, seriously?Network security, seriously?
Network security, seriously?Peter Wood
 
Infrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy HiremathInfrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy HiremathClubHack
 
Introduction to Cyber Resilience
Introduction to Cyber ResilienceIntroduction to Cyber Resilience
Introduction to Cyber ResiliencePeter Wood
 
Information Assurance Metrics: Practical Steps to Measurement
Information Assurance Metrics: Practical Steps to MeasurementInformation Assurance Metrics: Practical Steps to Measurement
Information Assurance Metrics: Practical Steps to MeasurementEnclaveSecurity
 
RSA: Security Analytics Architecture for APT
RSA: Security Analytics Architecture for APTRSA: Security Analytics Architecture for APT
RSA: Security Analytics Architecture for APTLee Wei Yeong
 
Journey to the Cloud: Securing Your AWS Applications - April 2015
Journey to the Cloud: Securing Your AWS Applications - April 2015Journey to the Cloud: Securing Your AWS Applications - April 2015
Journey to the Cloud: Securing Your AWS Applications - April 2015Alert Logic
 
Using an Open Source Threat Model for Prioritized Defense
Using an Open Source Threat Model for Prioritized DefenseUsing an Open Source Threat Model for Prioritized Defense
Using an Open Source Threat Model for Prioritized DefenseEnclaveSecurity
 
Cloud Security - Made simple
Cloud Security - Made simpleCloud Security - Made simple
Cloud Security - Made simpleSameer Paradia
 
Cybersecurity framework v1-1_presentation
Cybersecurity framework v1-1_presentationCybersecurity framework v1-1_presentation
Cybersecurity framework v1-1_presentationMonchai Phaichitchan
 
Dressing up the ICS Kill Chain
Dressing up the ICS Kill ChainDressing up the ICS Kill Chain
Dressing up the ICS Kill ChainDragos, Inc.
 
Symantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec
 
Key Security Insights: Examining 2014 to predict emerging threats
Key Security Insights: Examining 2014 to predict emerging threats Key Security Insights: Examining 2014 to predict emerging threats
Key Security Insights: Examining 2014 to predict emerging threats Dell World
 
Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...
Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...
Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...Cybersecurity Education and Research Centre
 

What's hot (20)

Vulnerability Testing Services Case Study
Vulnerability Testing Services Case StudyVulnerability Testing Services Case Study
Vulnerability Testing Services Case Study
 
Outpost24 webinar: Security Analytics: what's in a risk score
Outpost24 webinar: Security Analytics: what's in a risk scoreOutpost24 webinar: Security Analytics: what's in a risk score
Outpost24 webinar: Security Analytics: what's in a risk score
 
Shared Security Responsibility in the AWS Public Cloud
Shared Security Responsibility in the AWS Public CloudShared Security Responsibility in the AWS Public Cloud
Shared Security Responsibility in the AWS Public Cloud
 
Security Analytics for Data Discovery - Closing the SIEM Gap
Security Analytics for Data Discovery - Closing the SIEM GapSecurity Analytics for Data Discovery - Closing the SIEM Gap
Security Analytics for Data Discovery - Closing the SIEM Gap
 
Realities of Security in the Cloud
Realities of Security in the CloudRealities of Security in the Cloud
Realities of Security in the Cloud
 
Vulnerability Management – Opportunities and Challenges!
Vulnerability Management – Opportunities and Challenges!Vulnerability Management – Opportunities and Challenges!
Vulnerability Management – Opportunities and Challenges!
 
Lisa Guess - Embracing the Cloud
Lisa Guess - Embracing the CloudLisa Guess - Embracing the Cloud
Lisa Guess - Embracing the Cloud
 
Network security, seriously?
Network security, seriously?Network security, seriously?
Network security, seriously?
 
Infrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy HiremathInfrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy Hiremath
 
Introduction to Cyber Resilience
Introduction to Cyber ResilienceIntroduction to Cyber Resilience
Introduction to Cyber Resilience
 
Information Assurance Metrics: Practical Steps to Measurement
Information Assurance Metrics: Practical Steps to MeasurementInformation Assurance Metrics: Practical Steps to Measurement
Information Assurance Metrics: Practical Steps to Measurement
 
RSA: Security Analytics Architecture for APT
RSA: Security Analytics Architecture for APTRSA: Security Analytics Architecture for APT
RSA: Security Analytics Architecture for APT
 
Journey to the Cloud: Securing Your AWS Applications - April 2015
Journey to the Cloud: Securing Your AWS Applications - April 2015Journey to the Cloud: Securing Your AWS Applications - April 2015
Journey to the Cloud: Securing Your AWS Applications - April 2015
 
Using an Open Source Threat Model for Prioritized Defense
Using an Open Source Threat Model for Prioritized DefenseUsing an Open Source Threat Model for Prioritized Defense
Using an Open Source Threat Model for Prioritized Defense
 
Cloud Security - Made simple
Cloud Security - Made simpleCloud Security - Made simple
Cloud Security - Made simple
 
Cybersecurity framework v1-1_presentation
Cybersecurity framework v1-1_presentationCybersecurity framework v1-1_presentation
Cybersecurity framework v1-1_presentation
 
Dressing up the ICS Kill Chain
Dressing up the ICS Kill ChainDressing up the ICS Kill Chain
Dressing up the ICS Kill Chain
 
Symantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec Cloud Security Threat Report
Symantec Cloud Security Threat Report
 
Key Security Insights: Examining 2014 to predict emerging threats
Key Security Insights: Examining 2014 to predict emerging threats Key Security Insights: Examining 2014 to predict emerging threats
Key Security Insights: Examining 2014 to predict emerging threats
 
Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...
Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...
Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...
 

Similar to 3 Reasons Why the Cloud is More Secure than Your Server

BATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdfBATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdfBATbern
 
HITRUST CSF in the Cloud
HITRUST CSF in the CloudHITRUST CSF in the Cloud
HITRUST CSF in the CloudOnRamp
 
RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...
RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...
RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...RightScale
 
Webinar compiled powerpoint
Webinar compiled powerpointWebinar compiled powerpoint
Webinar compiled powerpointCloudPassage
 
MBT Webinar: Does the security of your business data keep you up at night?
MBT Webinar: Does the security of your business data keep you up at night? MBT Webinar: Does the security of your business data keep you up at night?
MBT Webinar: Does the security of your business data keep you up at night? Jorge García
 
System Security on Cloud
System Security on CloudSystem Security on Cloud
System Security on CloudTu Pham
 
Transforming cloud security into an advantage
Transforming cloud security into an advantageTransforming cloud security into an advantage
Transforming cloud security into an advantageMoshe Ferber
 
talk6securingcloudamarprusty-191030091632.pptx
talk6securingcloudamarprusty-191030091632.pptxtalk6securingcloudamarprusty-191030091632.pptx
talk6securingcloudamarprusty-191030091632.pptxTrongMinhHoang1
 
Cloud Security: A matter of trust?
Cloud Security: A matter of trust?Cloud Security: A matter of trust?
Cloud Security: A matter of trust?Mark Williams
 
AFAC session 2 - September 8, 2014
AFAC session 2 - September 8, 2014AFAC session 2 - September 8, 2014
AFAC session 2 - September 8, 2014KBIZEAU
 
Software Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE projectSoftware Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE projectATMOSPHERE .
 
Trust, security and privacy issues with cloud erp
Trust, security and privacy issues with cloud erpTrust, security and privacy issues with cloud erp
Trust, security and privacy issues with cloud erpHarshit Garg
 
Security & Compliance in the Cloud [2019]
Security & Compliance in the Cloud [2019]Security & Compliance in the Cloud [2019]
Security & Compliance in the Cloud [2019]Tudor Damian
 
Guide to security patterns for cloud systems and data security in aws and azure
Guide to security patterns for cloud systems and data security in aws and azureGuide to security patterns for cloud systems and data security in aws and azure
Guide to security patterns for cloud systems and data security in aws and azureAbdul Khan
 
SLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshopSLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshopSLVA Information Security
 
Secure DevOPS Implementation Guidance
Secure DevOPS Implementation GuidanceSecure DevOPS Implementation Guidance
Secure DevOPS Implementation GuidanceTej Luthra
 
Chapter_5_Security_CC.pptx
Chapter_5_Security_CC.pptxChapter_5_Security_CC.pptx
Chapter_5_Security_CC.pptxLokNathRegmi1
 

Similar to 3 Reasons Why the Cloud is More Secure than Your Server (20)

BATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdfBATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdf
 
HITRUST CSF in the Cloud
HITRUST CSF in the CloudHITRUST CSF in the Cloud
HITRUST CSF in the Cloud
 
RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...
RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...
RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...
 
Webinar compiled powerpoint
Webinar compiled powerpointWebinar compiled powerpoint
Webinar compiled powerpoint
 
MBT Webinar: Does the security of your business data keep you up at night?
MBT Webinar: Does the security of your business data keep you up at night? MBT Webinar: Does the security of your business data keep you up at night?
MBT Webinar: Does the security of your business data keep you up at night?
 
System Security on Cloud
System Security on CloudSystem Security on Cloud
System Security on Cloud
 
Transforming cloud security into an advantage
Transforming cloud security into an advantageTransforming cloud security into an advantage
Transforming cloud security into an advantage
 
talk6securingcloudamarprusty-191030091632.pptx
talk6securingcloudamarprusty-191030091632.pptxtalk6securingcloudamarprusty-191030091632.pptx
talk6securingcloudamarprusty-191030091632.pptx
 
Cloud Security: A matter of trust?
Cloud Security: A matter of trust?Cloud Security: A matter of trust?
Cloud Security: A matter of trust?
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
 
AFAC session 2 - September 8, 2014
AFAC session 2 - September 8, 2014AFAC session 2 - September 8, 2014
AFAC session 2 - September 8, 2014
 
Software Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE projectSoftware Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE project
 
Trust, security and privacy issues with cloud erp
Trust, security and privacy issues with cloud erpTrust, security and privacy issues with cloud erp
Trust, security and privacy issues with cloud erp
 
GRC Dynamics in Securing Cloud
GRC Dynamics in Securing CloudGRC Dynamics in Securing Cloud
GRC Dynamics in Securing Cloud
 
Security & Compliance in the Cloud [2019]
Security & Compliance in the Cloud [2019]Security & Compliance in the Cloud [2019]
Security & Compliance in the Cloud [2019]
 
Guide to security patterns for cloud systems and data security in aws and azure
Guide to security patterns for cloud systems and data security in aws and azureGuide to security patterns for cloud systems and data security in aws and azure
Guide to security patterns for cloud systems and data security in aws and azure
 
SLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshopSLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshop
 
Secure DevOPS Implementation Guidance
Secure DevOPS Implementation GuidanceSecure DevOPS Implementation Guidance
Secure DevOPS Implementation Guidance
 
Chapter_5_Security_CC.pptx
Chapter_5_Security_CC.pptxChapter_5_Security_CC.pptx
Chapter_5_Security_CC.pptx
 

More from Clio - Cloud-Based Legal Technology

Webinar Slide Deck_ How To Use Google’s Local Services Ads_ The Most Cost-Eff...
Webinar Slide Deck_ How To Use Google’s Local Services Ads_ The Most Cost-Eff...Webinar Slide Deck_ How To Use Google’s Local Services Ads_ The Most Cost-Eff...
Webinar Slide Deck_ How To Use Google’s Local Services Ads_ The Most Cost-Eff...Clio - Cloud-Based Legal Technology
 
How Clio Customers Take a Stress-Free Summer: Streamlining Client Intake
How Clio Customers Take a Stress-Free Summer: Streamlining Client IntakeHow Clio Customers Take a Stress-Free Summer: Streamlining Client Intake
How Clio Customers Take a Stress-Free Summer: Streamlining Client IntakeClio - Cloud-Based Legal Technology
 
Clio App Spotlight: How Clio and Klyant integrate to provide a compliant and ...
Clio App Spotlight: How Clio and Klyant integrate to provide a compliant and ...Clio App Spotlight: How Clio and Klyant integrate to provide a compliant and ...
Clio App Spotlight: How Clio and Klyant integrate to provide a compliant and ...Clio - Cloud-Based Legal Technology
 

More from Clio - Cloud-Based Legal Technology (20)

Webinar Slide Deck_ How To Use Google’s Local Services Ads_ The Most Cost-Eff...
Webinar Slide Deck_ How To Use Google’s Local Services Ads_ The Most Cost-Eff...Webinar Slide Deck_ How To Use Google’s Local Services Ads_ The Most Cost-Eff...
Webinar Slide Deck_ How To Use Google’s Local Services Ads_ The Most Cost-Eff...
 
How Automating Client Intake Increases Client Confidence
How Automating Client Intake Increases Client ConfidenceHow Automating Client Intake Increases Client Confidence
How Automating Client Intake Increases Client Confidence
 
How Clio Customers Take a Stress-Free Summer: Streamlining Client Intake
How Clio Customers Take a Stress-Free Summer: Streamlining Client IntakeHow Clio Customers Take a Stress-Free Summer: Streamlining Client Intake
How Clio Customers Take a Stress-Free Summer: Streamlining Client Intake
 
2023 Legal Trends for Solo Law Firms
2023 Legal Trends for Solo Law Firms2023 Legal Trends for Solo Law Firms
2023 Legal Trends for Solo Law Firms
 
Increase Your Profits While Reducing Burnout
Increase Your Profits While Reducing BurnoutIncrease Your Profits While Reducing Burnout
Increase Your Profits While Reducing Burnout
 
90-Day Goal Setting for Legal Professionals
90-Day Goal Setting for Legal Professionals90-Day Goal Setting for Legal Professionals
90-Day Goal Setting for Legal Professionals
 
Insights from the 2022 Legal Trends Report - Slides.pdf
Insights from the 2022 Legal Trends Report - Slides.pdfInsights from the 2022 Legal Trends Report - Slides.pdf
Insights from the 2022 Legal Trends Report - Slides.pdf
 
How to Refine Your Law Firm Business Model
How to Refine Your Law Firm Business ModelHow to Refine Your Law Firm Business Model
How to Refine Your Law Firm Business Model
 
Legal Tech Roundup: Tools and Services Your Firm Needs in 2023
Legal Tech Roundup: Tools and Services Your Firm Needs in 2023Legal Tech Roundup: Tools and Services Your Firm Needs in 2023
Legal Tech Roundup: Tools and Services Your Firm Needs in 2023
 
2022 in Review: What's Working for Your Firm and What Isn't
2022 in Review: What's Working for Your Firm and What Isn't2022 in Review: What's Working for Your Firm and What Isn't
2022 in Review: What's Working for Your Firm and What Isn't
 
Watch How Family Lawyers Use Clio
Watch How Family Lawyers Use ClioWatch How Family Lawyers Use Clio
Watch How Family Lawyers Use Clio
 
Reclaim Your Time in 2023 with Clio’s Newest Features
Reclaim Your Time in 2023 with Clio’s Newest FeaturesReclaim Your Time in 2023 with Clio’s Newest Features
Reclaim Your Time in 2023 with Clio’s Newest Features
 
How to Grow a Law Firm_ From Startup to Success
How to Grow a Law Firm_ From Startup to SuccessHow to Grow a Law Firm_ From Startup to Success
How to Grow a Law Firm_ From Startup to Success
 
Customer Research: How to Gauge Client Satisfaction
Customer Research: How to Gauge Client SatisfactionCustomer Research: How to Gauge Client Satisfaction
Customer Research: How to Gauge Client Satisfaction
 
Cloud Software: The Key to Staff Success and Satisfaction
Cloud Software: The Key to Staff Success and SatisfactionCloud Software: The Key to Staff Success and Satisfaction
Cloud Software: The Key to Staff Success and Satisfaction
 
How to Generate New Business With Client Reviews
How to Generate New Business With Client ReviewsHow to Generate New Business With Client Reviews
How to Generate New Business With Client Reviews
 
Clio App Spotlight: How Clio and Klyant integrate to provide a compliant and ...
Clio App Spotlight: How Clio and Klyant integrate to provide a compliant and ...Clio App Spotlight: How Clio and Klyant integrate to provide a compliant and ...
Clio App Spotlight: How Clio and Klyant integrate to provide a compliant and ...
 
Key Insights from the 2022 Legal Trends Report
Key Insights from the 2022 Legal Trends ReportKey Insights from the 2022 Legal Trends Report
Key Insights from the 2022 Legal Trends Report
 
Billing Week Stress to Collections Success Webinar.pdf
Billing Week Stress to Collections Success Webinar.pdfBilling Week Stress to Collections Success Webinar.pdf
Billing Week Stress to Collections Success Webinar.pdf
 
Streamline Your Court Interactions With Technology
Streamline Your Court Interactions With TechnologyStreamline Your Court Interactions With Technology
Streamline Your Court Interactions With Technology
 

Recently uploaded

Sports Writing for PISAYyyyyyyyyyyyyyy.pptx
Sports Writing for PISAYyyyyyyyyyyyyyy.pptxSports Writing for PISAYyyyyyyyyyyyyyy.pptx
Sports Writing for PISAYyyyyyyyyyyyyyy.pptxmarielouisetulaytay
 
Law360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
Law360 - How Duty Of Candor Figures In USPTO AI Ethics GuidanceLaw360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
Law360 - How Duty Of Candor Figures In USPTO AI Ethics GuidanceMichael Cicero
 
SecuritiesContracts(Regulation)Act,1956.pdf
SecuritiesContracts(Regulation)Act,1956.pdfSecuritiesContracts(Regulation)Act,1956.pdf
SecuritiesContracts(Regulation)Act,1956.pdfDrNiteshSaraswat
 
Test Identification Parade & Dying Declaration.pptx
Test Identification Parade & Dying Declaration.pptxTest Identification Parade & Dying Declaration.pptx
Test Identification Parade & Dying Declaration.pptxsrikarna235
 
Indian Contract Act-1872-presentation.pptx
Indian Contract Act-1872-presentation.pptxIndian Contract Act-1872-presentation.pptx
Indian Contract Act-1872-presentation.pptxSauravAnand68
 
John Hustaix - The Legal Profession: A History
John Hustaix - The Legal Profession: A HistoryJohn Hustaix - The Legal Profession: A History
John Hustaix - The Legal Profession: A HistoryJohn Hustaix
 
Succession (Articles 774-1116 Civil Code
Succession (Articles 774-1116 Civil CodeSuccession (Articles 774-1116 Civil Code
Succession (Articles 774-1116 Civil CodeMelvinPernez2
 
The Prevention Of Corruption Act Presentation.pptx
The Prevention Of Corruption Act Presentation.pptxThe Prevention Of Corruption Act Presentation.pptx
The Prevention Of Corruption Act Presentation.pptxNeeteshKumar71
 
Rights of under-trial Prisoners in India
Rights of under-trial Prisoners in IndiaRights of under-trial Prisoners in India
Rights of under-trial Prisoners in IndiaAbheet Mangleek
 
如何办理美国加州大学欧文分校毕业证(本硕)UCI学位证书
如何办理美国加州大学欧文分校毕业证(本硕)UCI学位证书如何办理美国加州大学欧文分校毕业证(本硕)UCI学位证书
如何办理美国加州大学欧文分校毕业证(本硕)UCI学位证书Fir L
 
如何办理(UCD毕业证书)加州大学戴维斯分校毕业证学位证书
如何办理(UCD毕业证书)加州大学戴维斯分校毕业证学位证书如何办理(UCD毕业证书)加州大学戴维斯分校毕业证学位证书
如何办理(UCD毕业证书)加州大学戴维斯分校毕业证学位证书SD DS
 
如何办理(Rice毕业证书)莱斯大学毕业证学位证书
如何办理(Rice毕业证书)莱斯大学毕业证学位证书如何办理(Rice毕业证书)莱斯大学毕业证学位证书
如何办理(Rice毕业证书)莱斯大学毕业证学位证书SD DS
 
VIETNAM – LATEST GUIDE TO CONTRACT MANUFACTURING AND TOLLING AGREEMENTS
VIETNAM – LATEST GUIDE TO CONTRACT MANUFACTURING AND TOLLING AGREEMENTSVIETNAM – LATEST GUIDE TO CONTRACT MANUFACTURING AND TOLLING AGREEMENTS
VIETNAM – LATEST GUIDE TO CONTRACT MANUFACTURING AND TOLLING AGREEMENTSDr. Oliver Massmann
 
An Introduction guidance of the European Union Law 2020_EU Seminar 4.pptx
An Introduction guidance of the European Union Law 2020_EU Seminar 4.pptxAn Introduction guidance of the European Union Law 2020_EU Seminar 4.pptx
An Introduction guidance of the European Union Law 2020_EU Seminar 4.pptxKUHANARASARATNAM1
 
如何办理佛蒙特大学毕业证学位证书
如何办理佛蒙特大学毕业证学位证书 如何办理佛蒙特大学毕业证学位证书
如何办理佛蒙特大学毕业证学位证书Fir sss
 
Comparison of GenAI benchmarking models for legal use cases
Comparison of GenAI benchmarking models for legal use casesComparison of GenAI benchmarking models for legal use cases
Comparison of GenAI benchmarking models for legal use casesritwikv20
 
定制(WMU毕业证书)美国西密歇根大学毕业证成绩单原版一比一
定制(WMU毕业证书)美国西密歇根大学毕业证成绩单原版一比一定制(WMU毕业证书)美国西密歇根大学毕业证成绩单原版一比一
定制(WMU毕业证书)美国西密歇根大学毕业证成绩单原版一比一jr6r07mb
 
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一st Las
 
昆士兰科技大学毕业证学位证成绩单-补办步骤澳洲毕业证书
昆士兰科技大学毕业证学位证成绩单-补办步骤澳洲毕业证书昆士兰科技大学毕业证学位证成绩单-补办步骤澳洲毕业证书
昆士兰科技大学毕业证学位证成绩单-补办步骤澳洲毕业证书1k98h0e1
 

Recently uploaded (20)

Sports Writing for PISAYyyyyyyyyyyyyyy.pptx
Sports Writing for PISAYyyyyyyyyyyyyyy.pptxSports Writing for PISAYyyyyyyyyyyyyyy.pptx
Sports Writing for PISAYyyyyyyyyyyyyyy.pptx
 
Law360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
Law360 - How Duty Of Candor Figures In USPTO AI Ethics GuidanceLaw360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
Law360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
 
SecuritiesContracts(Regulation)Act,1956.pdf
SecuritiesContracts(Regulation)Act,1956.pdfSecuritiesContracts(Regulation)Act,1956.pdf
SecuritiesContracts(Regulation)Act,1956.pdf
 
Test Identification Parade & Dying Declaration.pptx
Test Identification Parade & Dying Declaration.pptxTest Identification Parade & Dying Declaration.pptx
Test Identification Parade & Dying Declaration.pptx
 
Indian Contract Act-1872-presentation.pptx
Indian Contract Act-1872-presentation.pptxIndian Contract Act-1872-presentation.pptx
Indian Contract Act-1872-presentation.pptx
 
John Hustaix - The Legal Profession: A History
John Hustaix - The Legal Profession: A HistoryJohn Hustaix - The Legal Profession: A History
John Hustaix - The Legal Profession: A History
 
Succession (Articles 774-1116 Civil Code
Succession (Articles 774-1116 Civil CodeSuccession (Articles 774-1116 Civil Code
Succession (Articles 774-1116 Civil Code
 
The Prevention Of Corruption Act Presentation.pptx
The Prevention Of Corruption Act Presentation.pptxThe Prevention Of Corruption Act Presentation.pptx
The Prevention Of Corruption Act Presentation.pptx
 
young Call Girls in Pusa Road🔝 9953330565 🔝 escort Service
young Call Girls in Pusa Road🔝 9953330565 🔝 escort Serviceyoung Call Girls in Pusa Road🔝 9953330565 🔝 escort Service
young Call Girls in Pusa Road🔝 9953330565 🔝 escort Service
 
Rights of under-trial Prisoners in India
Rights of under-trial Prisoners in IndiaRights of under-trial Prisoners in India
Rights of under-trial Prisoners in India
 
如何办理美国加州大学欧文分校毕业证(本硕)UCI学位证书
如何办理美国加州大学欧文分校毕业证(本硕)UCI学位证书如何办理美国加州大学欧文分校毕业证(本硕)UCI学位证书
如何办理美国加州大学欧文分校毕业证(本硕)UCI学位证书
 
如何办理(UCD毕业证书)加州大学戴维斯分校毕业证学位证书
如何办理(UCD毕业证书)加州大学戴维斯分校毕业证学位证书如何办理(UCD毕业证书)加州大学戴维斯分校毕业证学位证书
如何办理(UCD毕业证书)加州大学戴维斯分校毕业证学位证书
 
如何办理(Rice毕业证书)莱斯大学毕业证学位证书
如何办理(Rice毕业证书)莱斯大学毕业证学位证书如何办理(Rice毕业证书)莱斯大学毕业证学位证书
如何办理(Rice毕业证书)莱斯大学毕业证学位证书
 
VIETNAM – LATEST GUIDE TO CONTRACT MANUFACTURING AND TOLLING AGREEMENTS
VIETNAM – LATEST GUIDE TO CONTRACT MANUFACTURING AND TOLLING AGREEMENTSVIETNAM – LATEST GUIDE TO CONTRACT MANUFACTURING AND TOLLING AGREEMENTS
VIETNAM – LATEST GUIDE TO CONTRACT MANUFACTURING AND TOLLING AGREEMENTS
 
An Introduction guidance of the European Union Law 2020_EU Seminar 4.pptx
An Introduction guidance of the European Union Law 2020_EU Seminar 4.pptxAn Introduction guidance of the European Union Law 2020_EU Seminar 4.pptx
An Introduction guidance of the European Union Law 2020_EU Seminar 4.pptx
 
如何办理佛蒙特大学毕业证学位证书
如何办理佛蒙特大学毕业证学位证书 如何办理佛蒙特大学毕业证学位证书
如何办理佛蒙特大学毕业证学位证书
 
Comparison of GenAI benchmarking models for legal use cases
Comparison of GenAI benchmarking models for legal use casesComparison of GenAI benchmarking models for legal use cases
Comparison of GenAI benchmarking models for legal use cases
 
定制(WMU毕业证书)美国西密歇根大学毕业证成绩单原版一比一
定制(WMU毕业证书)美国西密歇根大学毕业证成绩单原版一比一定制(WMU毕业证书)美国西密歇根大学毕业证成绩单原版一比一
定制(WMU毕业证书)美国西密歇根大学毕业证成绩单原版一比一
 
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
 
昆士兰科技大学毕业证学位证成绩单-补办步骤澳洲毕业证书
昆士兰科技大学毕业证学位证成绩单-补办步骤澳洲毕业证书昆士兰科技大学毕业证学位证成绩单-补办步骤澳洲毕业证书
昆士兰科技大学毕业证学位证成绩单-补办步骤澳洲毕业证书
 

3 Reasons Why the Cloud is More Secure than Your Server

  • 1. 3 Reasons Why the Cloud is More Secure than Your Server Joshua Lenon – Lawyer-in-Residence @joshualenon Doug Edmunds – Asst. Dean for Information Technology @unclawinfotech
  • 2. Agenda •  Cloud Overview (5 minutes) •  3 Reasons the Cloud is More Secure – Economies of Scale (5 minutes) – Cybersecurity Framework (10 minutes) •  Framework vs. Confidentiality Duties – Lightning Advancement (10 minutes) •  Guest: Doug Edmunds (20 minutes) •  Takeaways (5 minutes) •  Questions (5 minutes)
  • 3. Instructors Joshua Lenon •  Lawyer, admitted in New York •  Lawyer-in-Residence for Clio Doug Edmunds •  Assistant Dean for Information Technology at University of North Carolina at Chapel Hill - School of Law
  • 5. NIST Cloud Definition “Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction” Source:(NIST(Defini0on(of(Cloud(Compu0ng;(Special(Publica0on(800>145(
  • 8. 3 REASONS THE CLOUD IS MORE SECURE
  • 11. Law Firms Current Security •  47% have no documented disaster recovery plan •  Only 39% have intrusion detection system •  Only 36% have intrusion prevention system •  32% never have outside security assessments performed •  Only 14% have server logs •  2% have ISO 27001 certification Source:(2013(ILTA(Tech(Survey(
  • 12. Federal Labor Relation Authority (FLRA) Case Management System •  88% reduction in total cost of ownership over a five year period •  Eliminated up-front licensing cost of $273,000 •  Reduced annual maintenance from $77,000 to $16,800 •  Eliminated all hardware acquisition costs •  Secure access from any Internet connection •  Ability to operate and access case information from any location in the world, supporting the virtual enterprise Source:(Cloud.CIO.gov(
  • 14. Cybersecurity Framework •  “Framework for Improving Critical Infrastructure Cybersecurity” •  Published by NIST in February 2014 •  Provides Core, Tiers and Profiles
  • 16. Cybersecurity Framework: Tiers •  4 Tiers: – Tier 1: Partial – Tier 2: Risk Informed – Tier 3: Repeatable – Tier 4: Adaptive “Progression to higher Tiers is encouraged when such a change would reduce cybersecurity risk and be cost effective.”
  • 17. Cybersecurity Framework: Tiers •  Tier 3: Repeatable –  Formal risk management policies with reviews –  Organization-wide approach with training –  Collaborates with outside partners on risk management •  Tier 4: Adaptive –  Adapts security based on lessons & predictions –  Security is part of corporate culture with continuous improvement –  Actively shares information with partners
  • 18. Cybersecurity Framework: Profiles •  Current: security outcomes being achieved •  Target: outcomes needed to meet goals •  Compare Current and Target Profiles to identify gaps in security processes
  • 20. Model Rules of Professional Conduct •  Rule 1.1 – Competency – “lawyer should keep abreast of changes in the law and its practice, including the benefits and risks associated with relevant technology…” •  Rule 1.6 – Confidentiality – “lawyer shall not reveal information relating to the representation of a client unless the client gives informed consent, the disclosure is impliedly authorized in order to carry out the representation…”
  • 21. Model Rules of Professional Conduct •  Rule 5.3 - Responsibilities Regarding Nonlawyer Assistant – “person's [nonlawyer] conduct is compatible with the professional obligations of the lawyer…”
  • 22. Cloud Computing Ethics Opinions Source:(American(Bar(Associa0on(
  • 23. Framework vs. Ethics Opinions Framework helps map, measure, & migrate cost benefit analysis
  • 24. Cybersecurity Framework: Tiers •  Tier 3: Repeatable –  Formal risk management policies with reviews –  Organization-wide approach with training –  Collaborates with outside partners on risk management •  Tier 4: Adaptive –  Adapts security based on lessons & predictions –  Security is part of corporate culture with continuous improvement –  Actively shares information with partners
  • 25. Framework vs. Ethics Opinions Opinions fail to discuss regulatory requirements.
  • 26. Framework vs. Ethics Opinions Cloud services allow easier regulatory compliance
  • 28. 28% of solo and small firms have no process for updating their computers. Source:(2013(ILTA(Tech(Survey(
  • 29. Lightning Advancements •  Cloud Services move at the speed of the internet. •  Real-time monitoring and upgrades keep your Software-as-a-Service on the cutting edge.
  • 31. “When weaknesses are discovered in cryptographic systems, the system will not necessarily become suddenly insecure.” Source:(Bruce(Schneier,(‘Cryptanalysis(of(SHA>1’(
  • 32. “Such discoveries impel migration to more secure techniques, rather than signifying that everything encrypted with that system is immediately insecure.” Source:(Bruce(Schneier,(‘Cryptanalysis(of(SHA>1’(
  • 34. Carolina Law - Background •  Part of UNC-Chapel Hill, nation’s oldest degree-granting public university •  Law school founded 1845 •  Charter member of ABA – 1920 •  Approx. 740 students; 63 tenure track faculty; 35+ adjuncts •  6 clinics with 70-80 students per year
  • 35. Clinical Program - Challenges •  Aging hardware •  Bad software support •  Short staffing •  Limited funding •  Campus security policies •  Skepticism of university counsel Photo(source:(hMp://0nyurl.com/lk5hy4u(
  • 36. Old Model vs. New Model Time Matters - Local •  Poor support for Macs •  Software upgrades difficult •  No redundancy – single server in place •  Vendor difficult to reach •  Students frustrated, faculty jaded Clio - Cloud •  Operating system agnostic •  Software upgrades totally transparent •  Geolocation of data centers and fully redundant •  Excellent vendor support and self-help resources •  Students and faculty love it
  • 37. Security Local Solution •  Security = just one thing your organization does •  Cobbled together, piecemeal •  Few if any guarantees •  Knowledge deficient •  No formal access controls Cloud Solution •  Data center’s rep & business depend on it •  Multi-layered, robust •  Guarantees in Service Level Agreement •  Expertise •  Monitored, controlled environment
  • 38. Policies & Procedures •  Rule #1 - Cloud adoption should not be based solely on convenience •  Rule #2 – Implement consistent metadata/ tagging standards •  Rule #3 - Leverage version control •  Rule #4 - Require security awareness training •  Rule #5 – Prohibit “rogue agents”
  • 39. Mobility & Agility •  True anytime, anywhere access •  Security is “baked in” rather than “bolted on” •  Accessible across platforms/devices •  No downtime due to server outages Photo(source:(hMp://0nyurl.com/l7wgd45(
  • 41. Takeaways •  Cloud computing economies of scale provide security and service that cannot be matched by individual installations •  Organizations large and small are shifting to cloud-based services for increased savings •  Robust frameworks for measuring and mitigating risks are being developed for cloud services •  Cloud services are best suited for cutting edge implementations
  • 42. Action Items •  Read state ethics opinions on technology •  Commit to a cybersecurity review. – Document •  Cores •  Tiers for Firm and Vendors •  Current vs. Target Profiles •  Download the Cybersecurity Framework Core Exercise on GoClio.com/Blog
  • 43. ClioWeb Planning to move to the Cloud now? Try Clio for free & get 25% off your first 6 months
  • 45. Thank You Doug Edmunds edmunds@unc.edu @unclawinfotech linkedin.com/in/ dougedmunds Joshua Lenon joshua@goclio.com @JoshuaLenon linkedin.com/in/joshualenon