This document discusses data security in the cloud. It notes that encryption, along with centralized policy and key management, are essential for protecting sensitive data in cloud environments and meeting regulatory requirements. Centralized key management provides benefits like secure key storage, lifecycle management, separation of duties, and compliance with standards. Customers can choose between managing keys on-premise or using a key management as a service provider, but must consider tradeoffs in risk, cost, and separation of duties. Encryption combined with proper key management makes data more secure when migrating to cloud computing.
Overview of Identity and Access Management Product LineNovell
Attend the two-hour foundation session on the Identity and Access Management product line from Novell and start your BrainShare right! This session will deliver a high-level overview of the full Identity and Access Management product line. It will highlight how the products work together as an integrated solution, and the session has a modular format so you can attend the product overviews you are most interested in. The session will provide real life examples of integration-focused benefits, followed by a 25 minute overview and update on each of the products: Novell Identity Manager, Novell Access Manager and Novell SecureLogin.
Overview of Identity and Access Management Product LineNovell
Attend the two-hour foundation session on the Identity and Access Management product line from Novell and start your BrainShare right! This session will deliver a high-level overview of the full Identity and Access Management product line. It will highlight how the products work together as an integrated solution, and the session has a modular format so you can attend the product overviews you are most interested in. The session will provide real life examples of integration-focused benefits, followed by a 25 minute overview and update on each of the products: Novell Identity Manager, Novell Access Manager and Novell SecureLogin.
Building and Managing Cloud Applications and InfrastructureDarren Cunningham
While service-based infrastructure can improve TCO and streamline IT management, it also presents some challenges that need to be met head-on. How do you ensure your data is secure in transit and available when you need it? How do you manage and communicate with your infrastructure? How do you enable service quality metrics and disaster recovery? And, how do you integrate data from legacy systems with data from web-based systems? Join AT&T and Informatica as they share their experience in building and managing cloud applications and infrastructure.
Your Data Center Boundaries Don’t Exist Anymore! EMC
In the pre-cloud era, data centers were simpler to define and restrict. As organizations move to public, private, and hybrid clouds, they have to account for internal, industrial, and government compliance initiatives and oversight that impacts data center architecture and information flow. This session describes data center challenges in the Cloud Era and articulates real-life best practices to address those challenges.
Benefits and Functionality of Claims Processing SoftwareSteven M Richard
Claims processing software forms an important business function for various public entities, insurance companies, and privately held companies. It is highly beneficial in providing effective management and analysis of information related to claims.
Sira insights from cloud vendor risk assessmentsCary Sholer
This presentation was given to the Society of Risk Management Association in December 2012. Its purpose was to help information security and IT risk management professionals conduct risk assessments wisely on cloud service providers.
Windstream Hosted Solutions: Public Cloud SecurityJason Proctor
Cloud computing presents a number of unique benefits as compared to traditional or virtualized IT environments. Cloud computing shifts capital expenses (CAPEX) to operational expenses (OPEX) and introduces a new
level of speed, flexibility and scale to the IT organization. These benefits help overcome challenges faced by IT organizations, including rapidly changing technology, budget constraints and time-to-market pressures.
While cloud services can yield a number of advantages, this new model for computing also raises a few new questions.
Cloud computing is getting tons of press these days. Everyone has a different perspective and understanding of the technology, and there are myriad variations on the definition of the cloud- William Fellows and John Barr at the 451 Group define cloud computing as the intersection of grid, virtualization, SaaS, and utility computing models. James Staten of Forrester Research describes it as a pool of abstracted, highly scalable, and managed compute infrastructure capable of hosting end-customer applications and billed by consumption. Let's take it a step further and examine the core principles, or pillars, that uniquely define cloud computing.
In this on-demand webinar learn about:
- How cloud data encryption and tokenization can be applied in the cloud
- Use cases of enterprises implementing encryption and tokenization to protect data in the cloud
- A live demo of cloud encryption and tokenization technologies in action
Building and Managing Cloud Applications and InfrastructureDarren Cunningham
While service-based infrastructure can improve TCO and streamline IT management, it also presents some challenges that need to be met head-on. How do you ensure your data is secure in transit and available when you need it? How do you manage and communicate with your infrastructure? How do you enable service quality metrics and disaster recovery? And, how do you integrate data from legacy systems with data from web-based systems? Join AT&T and Informatica as they share their experience in building and managing cloud applications and infrastructure.
Your Data Center Boundaries Don’t Exist Anymore! EMC
In the pre-cloud era, data centers were simpler to define and restrict. As organizations move to public, private, and hybrid clouds, they have to account for internal, industrial, and government compliance initiatives and oversight that impacts data center architecture and information flow. This session describes data center challenges in the Cloud Era and articulates real-life best practices to address those challenges.
Benefits and Functionality of Claims Processing SoftwareSteven M Richard
Claims processing software forms an important business function for various public entities, insurance companies, and privately held companies. It is highly beneficial in providing effective management and analysis of information related to claims.
Sira insights from cloud vendor risk assessmentsCary Sholer
This presentation was given to the Society of Risk Management Association in December 2012. Its purpose was to help information security and IT risk management professionals conduct risk assessments wisely on cloud service providers.
Windstream Hosted Solutions: Public Cloud SecurityJason Proctor
Cloud computing presents a number of unique benefits as compared to traditional or virtualized IT environments. Cloud computing shifts capital expenses (CAPEX) to operational expenses (OPEX) and introduces a new
level of speed, flexibility and scale to the IT organization. These benefits help overcome challenges faced by IT organizations, including rapidly changing technology, budget constraints and time-to-market pressures.
While cloud services can yield a number of advantages, this new model for computing also raises a few new questions.
Cloud computing is getting tons of press these days. Everyone has a different perspective and understanding of the technology, and there are myriad variations on the definition of the cloud- William Fellows and John Barr at the 451 Group define cloud computing as the intersection of grid, virtualization, SaaS, and utility computing models. James Staten of Forrester Research describes it as a pool of abstracted, highly scalable, and managed compute infrastructure capable of hosting end-customer applications and billed by consumption. Let's take it a step further and examine the core principles, or pillars, that uniquely define cloud computing.
In this on-demand webinar learn about:
- How cloud data encryption and tokenization can be applied in the cloud
- Use cases of enterprises implementing encryption and tokenization to protect data in the cloud
- A live demo of cloud encryption and tokenization technologies in action
This White Paper introduces company IT Management, Directors and The Board to the concept of Software as a Service (SaaS), explaining how and why software houses are adopting it as a business and supply strategy. It also introduces the SaaS Hotel™ brand from 1st Easy — its architecture and how it can help support and benefit software companies that have adopted or plan to adopt a SaaS delivery strategy.
Cloud Computing: A study of cloud architecture and its patternsIJERA Editor
Cloud computing is a general term for anything that involves delivering hosted services over the Internet. Cloud computing is a paradigm shift following the shift from mainframe to client–server in the early 1980s. Cloud computing can be defined as accessing third party software and services on web and paying as per usage. It facilitates scalability and virtualized resources over Internet as a service providing cost effective and scalable solution to customers. Cloud computing has evolved as a disruptive technology and picked up speed with the presence of many vendors in cloud computing space. The evolution of cloud computing from numerous technological approaches and business models such as SaaS, cluster computing, high performance computing, etc., signifies that the cloud IDM can be considered as a superset of all the corresponding issues from these paradigms and many more. In this paper we will discuss Life cycle management, Cloud architecture, Pattern in Cloud IDM, Volatility of Cloud relations.
Securing Your Cloud Applications with Novell Cloud Security ServiceNovell
As your company considers moving toward the cloud either by adopting more Software-as-a-Service applications or other cloud services, the complexity and management of security policies and identities increase. Learn how you can manage a multi-SaaS environment to consistently enforce your internal identity and policy roles in the cloud. Leverage your existing identity infrastructure to enable single sign-on, access the right resources and receive audit logs from the cloud
Unlocking the value of the cloud - The benefits of deploying asset and facili...Cyrus Sorab
SaaS adoption is impacting all businesses and sectors,
including those purchasing asset and facilities management
solutions. The predictable costs, ease of deployment, and
vendor-handled upgrades are increasingly appealing to
maintenance leaders who often struggle to justify the cost
savings necessary to warrant new expenditures. With SaaS,
small and medium-sized companies are finding improved data
security that exceeds their internal capabilities, while larger
businesses are drawn to the simple upgradability, which allows
them to attain new features without additional cost.
This buyer’s guide will dive into some of these features
and more, as a primer to getting started on your SaaS journey.
6. There Are Different Types of Public Clouds
Fully functional applications provided such as
SaaS CRM, ERP, email, Project Management,
Software s a Travel Services, etc.
Service
PaaS Operating environments included such as
Platform as a Service Windows/.NET, Linux/J2EE, applications of
choice deployed
Virtual Data Centers
IaaS
Infrastructure
Virtual platform on which required operating
Cloud Centers
as a Service environment and application are deployed.
Also includes storage as a service offerings
Data Centers
6
7. Market Landscape
Gartner September 2012
Public cloud services market is forecast to grow
19.6 percent in 2012 to $109 billion
Business process as a service (BPaaS) represents
77 percent of the total market
Infrastructure as a service (IaaS) is forecast to be
$6.2 billion in 2012 and growing at a rate of 45.4
percent
The total public cloud services market is forecast
to grow to $206.6 billion in 2016
7
10. Cloud Adoption Need for Data Security
Data = Cash
• Reputation, Compliance, Penalties
Layers of Network Security Applied Today
• Next Gen Firewalls, VPNs, IPS, SIEM, DAM/DAP,
Move to Include Data Security
• Encryption, Key and Policy Management
12. Why does encryption make data secure in
the cloud?
Cloud is inherently multi-tenant
All infrastructure i.e. compute and storage are shared among different customers
(serially)
In the event there is a physical theft at the service provider facilities unprotected
data is left vulnerable
In the event there is unauthorized access (malicious or inadvertent) unprotected
data ends up in the wrong hands
Sensitive data must be protected to meet regulatory
requirements
Payment Card Industry (PCI) Data Security Standard (DSS)
HIPAA HITECH
Safe Harbor
Enable governance for hybrid clouds
Seamlessly manage private and public clouds by complying with the corporate
regulatory and security standards
13. Two Different Perspectives
Cloud Service Provider
• Want to provide assurances to their
customers that the service is secure
• This is a competitive differentiator
Cloud Service Provider Customer
• Some will trust that their data is being
properly secured
• Some will demand that they maintain
complete control of their data
15. 3 Components of Data Security in the Cloud
Policy
Management
Key
Management
Encryption
16. Encryption, Policy and Key Management
Policy and key management are extremely
important aspects of encryption
Keys are used to encrypt/decrypt data
Policies, which are tied to business need, define
how keys are distributed and authorized for use
Enterprises typically have several encryption
solutions and keys are not centrally managed
Centralized policy and key management is essential
to meet the business needs, governance and
regulatory requirements
17. Centralized Key Management
Benefits
Central repository for secure storage of keys
Key life cycle management (creation, deletion, expiry
notification, reporting)
Policies (define how keys will be used)
Separation of duties
Secure backup
Compliance with standards such as FIPS 140-2
Manage encryption solutions using industry standards
e.g. PKCS #11, KMIP
18. Centralized Key Management
Key Management: As a service or On Premise?
Approach Tradeoffs
Custodianship Risk Cost Separation of Multi-
duties Tenancy
On-Premise
solution High (can be
Low Lines of
Customer amortized across Yes
(customized) business
large deployment)
Key
Management
Yes. But only if data is
as a Service Depends on not managed by key Multiple
Service Provider Low
the SLA management service customers
provider
19. Understanding Data Security with Software
as a Service (SaaS)
Doing your research: Data security due diligence
Customer does not control how information is handled but can effect it
The risk: data security threats
Data exposure
By SaaS provider
By IaaS partner
By customer through application controls
SaaS touch points: SaaS controls that customer can effect
Data handling and protection agreements in contractual negotiations
Security administration for access controls
Solutions
Data encryption used by SaaS providers to fulfill customer requirements
Tokenization by on-premise network appliances (Cloud Gateways)
20. Understanding Data Security for
Infrastructure as a Service (IaaS)
Doing your research: data security due diligence
Customer does not control how infrastructure security is handled
Customer responsible for data security
The risk: data security threats
Data exposure
By IaaS provider
By customer through application controls
IaaS touch points: IaaS controls that customer can effect
Data handling and protection agreements in contractual negotiations
Security administration for access controls
Encryption/Key Management for data protection
Solutions
Customer encrypts data; Customer is custodian of keys
Customer encrypts data; Different service provider for key management
21. Summary
Cloud computing is a pervasive trend with
compelling economics
Ensuring data security and privacy is necessary to
embracing cloud computing
Encryption protects data and makes it safer to
migrate to cloud
Policies, separation of duties and key management
are the underpinnings of encryption
Tradeoffs in risk, costs and compliance to
regulations must be considered in choosing a
solution