SlideShare a Scribd company logo

Cloud computing arma_nnj

Download as PPTX, PDF
S
scm24

This document provides an overview of cloud computing, including definitions of cloud computing models and service delivery models. It discusses the business case for cloud computing and provides guidance on security best practices and selecting a cloud service provider. It also presents a case study on conducting e-discovery from the cloud and discusses considerations around records and information management in the cloud.

TechnologyBusiness
1 of 42
Cloud Computing Steven C. Markey,MSIS,PMP, CISSP,CIPP, CISM,CISA,STS-EV,CCSK Principal, nControl, LLC Adjunct Professor President, Cloud Security Alliance – Delaware Valley Chapter (CSA-DelVal)
Cloud Computing • Presentation Overview – Cloud Overview • General • Business Case for Cloud Computing • Security Guidance • Selecting a Cloud Service Provider (CSP) • Records & Info Management (RIM) in the Cloud – Case Studies • e-Discovery IN the Cloud
Cloud Computing • General Overview – Why should you care about the “cloud”?
Cloud Computing Trends Numbers Numbers around CC are always impressive: 80% fortune companies 1000 will pay to use cloud computing services and 30% will pay for infrastructure. Gartner At this moment, the 5 major search engines together have 2.000.000 Market : computers 42 billon: IDC 95 billion: Merrill Lynch 33% of IT business will be in Cloud Computing Gartner Microsoft data centre in Chicago: 610.000 servers 8 8 Source: Open Group
Cloud Computing • What is Cloud Computing? – Re-Branded IT Business Model • Application Service Provider (ASP) • IT Outsourcing (ITO) – Formal Characteristics • Resource Pooling • Rapid Elasticity – Confusion • Hosting • Virtualization • Service Provider
Service Delivery Models Source: Swain Techs
Responsibility Source: Matthew Gardiner, Computer Associates
SaaS Providers
PaaS Providers
IaaS Providers
Private Cloud • Dedicated Clouds – Usually Hosted Internally • Use Chargeback/Shared Services Model – External Private Clouds Exist
Hosting Providers
Third Parties
Cloud Computing • Business Case for Cloud Computing – Time-to-Market – Global Presence – Focus on Core Competency – Elasticity – Cost-Benefit Analysis (CBA)
Cloud Computing • Partly Cloudy with a Chance of Risk! – The Cloud is Perceived as Risky Business • Lack of Control • Regulatory Compliance • Hacks, Outages, Disasters….Oh My! Source: Youtube
Cloud Computing • Security Guidance – Existing Certifications/Attestations • SAS 70 Type II/SSAE 16/ISAE 3402 • ISO 27001/2, 27036, 15489 • BITS Shared Assessments • PCI DSS • HIPAA/HITECH – Guidance Specifically for the Cloud • CSA Guide v3.0 • ENISA Cloud Computing Risk Assessment • NIST SP 800-144 Guidelines Security/Privacy for a Public Cloud
Cloud Computing • Selecting a CSP – Service Provider/Consumer Process Alignment – Portability/Interoperability – Contractual/Legal Agreements – Industry Tools
Cloud Computing • Service Provider/Consumer Process Alignment – Change/Configuration Management – Loading/Offloading – Disaster Recovery – Incident Response – Legal Hold/Litigation Response/e-Discovery • Electronic Discovery Reference Model (EDRM) – Records and Information Management (RIM) • Generally Accepted Recordkeeping Principles (GARP) • Information Governance Reference Model (IGRM) • Information Lifecycle Management (ILM)
Cloud Computing • Portability/Interoperability – Software – Data – Third Parties
Cloud Computing • Contractual/Legal Agreements – Service Level Agreements (SLA) • Up-Time • Jurisdiction • Data Ownership – Escrow Data – Include Metadata • Exit Clause • Testing – Disaster Recovery – Incident Response – Legal Hold/Litigation Response/e-Discovery
Cloud Computing • Contractual/Legal Agreements – Service Level Agreements (SLA) • Right to Audit – Vendor & Vendor’s Vendors – GARP-Specific
Cloud Computing • Industry Tools – Selection • Gravitant CloudWiz • VMware Cloud Readiness Self-Assessment Tool – Brokerage/Management • RightScale • CloudFloor • Skydera • enStratus
Cloud Computing • Industry Tools – Migration • Bit Titan MigrationWiz • Layer 2 SharePoint Cloud Connector • Metalogix StoragePoint • AvePoint DocAve Migrator
Source: Metalogix StoragePoint
Source: Metalogix StoragePoint
Source: AvePoint DocAve Migrator
Cloud Computing • RIM in the Cloud – Process • Self-Service Provisioning • CSP Brokerage, Monitoring & Metering • CSP Information Governance • CSP Adherence to Standards – NIST » SP 800-92: Log Management – ISO » 15489: Records Management » 23081: Records Metadata » 15386: Digital Archive » 30300/303001: RIM Management System » 17024: Conformity Assessment
Source: Flickr
Cloud Computing • RIM in the Cloud – People • More Empowered: Shadow IT, Consumerized IT – Millenials Expect Autonomy – Bring Your Own Device (BYOD) – Less Office Time, But Always On • Increased Roles & Responsibilities • Additional Tech/Analytical Skill-Sets Required – Technology • Commoditized • CSP Metadata • New Technologies: Non-Relational Database Architectures • New Paradigms: Big Data (Data Lakes & Cloud)
Cloud Computing • Case Study: e-Discovery FROM the Cloud – Background – Drivers – Technologies – Limitations – Risks – Lessons Learned – Next Steps
Cloud Computing • Case Study: e-Discovery FROM the Cloud – Background • Financial Services SMB – Capital Management (PA) • Recent Project: 2010 • IT: Managed Service Provider/Operations, Director – Drivers • Cost • Compliance – Technologies • Email: Exchange Server 2007, 2010/Office 365 • Discovery: Symantec Enterprise Vault (EV) v8.0/v9.0
Cloud Computing • Case Study: e-Discovery FROM the Cloud – Limitations • Budget • Skill-Sets • Resources – Risks • Software/System Interoperability • Vendor Management: Contractual/SLA Omissions • Disaster Recovery: Datacom • Legacy Email Availability, No More Archiving • Scope Creep
Cloud Computing • Case Study: e-Discovery FROM the Cloud – Lessons Learned • Limited Cost Savings – On-Site Exchange Box for Journaling – Upgrade to EV v9.0 to Support Exchange 2010 – Exchange Hosted Encryption (EHE) – Forefront Online Protection for Exchange (FOPE) • Exchange Journaling From the Cloud, Complicated – Microsoft Federation Gateway (MFG) • Leverage Interim Solution for BlackBerry Services – Shutdown BlackBerry Enterprise Server (BES) – Leverage AstraSync (Exchange ActiveSync)
Cloud Computing • Case Study: e-Discovery FROM the Cloud – Next Steps • Upgrade to EV v10.0 – Incorporate Social Media • Test BCP/DR e-Discovery Functionality • BlackBerry Office 365 – Looking at BES Balance (“Data Boxing”) • Leverage Office 365 for SharePoint, iOS & Android – Nix AstraSync, Reviewing Hosted AirWatch & MobileIron for MDM • Reviewing Cloud e-Discovery SaaS Solutions – Symantec Enterprise Vault.cloud – Microsoft Exchange Online Archiving (EOA)
Cloud Computing • Presentation Take Aways – Cloud = Re-Branded Business Model –With New Bells & Whistles (Big Data, etc.) – Paradigm Shift Towards Empowerment – Strategy & Due Diligence Are VERY Important –Must Consider the Business Ecosystem
Cloud Computing • References – CSA Guide: https://cloudsecurityalliance.org/research/security-guidance/ – BITS Enterprise Cloud Self-Assessment: http://sharedassessments.org/media/pdf-EnterpriseCloud-SA.pdf – ENISA Risk Assessment: http://www.enisa.europa.eu/act/rm/files/deliverables/cloud-computing-risk- assessment – NIST SP 800-144: http://csrc.nist.gov/publications/drafts/800-144/Draft-SP-800-144_cloud-computing.pdf – IGRM: http://www.edrm.net/projects/igrm – EDRM: http://www.edrm.net/ – MIKE2.0: http://mike2.openmethodology.org/ – VMware CRSA: http://getcloudready.vmware.com/crsa/ – Bit Titan MigrationWiz: https://www.migrationwiz.com/Secure/Default.aspx – Gravitant cloudWiz: http://www.gravitant.com/cloudwiz-home.html – RightScale: http://www.rightscale.com/ – CloudFloor: http://www.cloudfloor.com/ – Skydera: http://www.skydera.com/ – enStratus: http://enstratus.com/ – Layer 2: http://www.layer2.de/en/products/Pages/Cloud-Connector-for-SharePoint-2010-Office365.aspx – Metalogix StoragePoint: http://www.metalogix.com/Products/StoragePoint.aspx – AvePoint DocAve: http://www.avepoint.com/sharepoint-to-sharepoint-migration-docave/
Cloud Computing • Personal References – PenTest Magazine, "Scanning Your Cloud Environment": http://pentestmag.com/client-side-exploits-pentest- 082011/ – ISACA Journal, "Testing Your Incident Response Plan": http://www.isaca.org/Journal/Current- Issue/Pages/default.aspx – e-Discovery 2.0: In the Cloud: https://s3.amazonaws.com/nControl-Docs/CSA11_Session-SMarkey.ppt – Security in the Cloud: https://s3.amazonaws.com/nControl-Docs/Cloud_Computing-Security.ppt – System Architecture & Engineering for the Cloud: https://s3.amazonaws.com/nControl- Docs/Cloud_Computing-Architecture_Engineering.ppt – Cloud Computing Primer: https://s3.amazonaws.com/nControl-Docs/Cloud_Computing-Basic.ppt – Cloud Computing - Authentication & Encryption: https://s3.amazonaws.com/nControl- Docs/Cloud_Computing_Security-Session_II.ppt – Cloud Computing - Application & Virtualization Security: https://s3.amazonaws.com/nControl- Docs/Cloud_Computing_Security-Session_III.ppt – Securing Your ESI: https://s3.amazonaws.com/nControl-Docs/Securing_Your_ESI_v2.ppt
• Questions? • Contact – Email: steve@ncontrol-llc.com – Twitter: @markes1, @csdadelval2011 – LI: http://www.linkedin.com/in/smarkey – CSA-DelVal: http://www.csadelval.org/

Recommended

Bd cloud v3
Bd cloud v3Bd cloud v3
Bd cloud v3scm24
 
Securing your esi_piedmont
Securing your esi_piedmontSecuring your esi_piedmont
Securing your esi_piedmontscm24
 
Maximizing your share_point_investment_final
Maximizing your share_point_investment_finalMaximizing your share_point_investment_final
Maximizing your share_point_investment_finalscm24
 
Cw13 cloud computing & big data by ahmed aamer
Cw13 cloud computing & big data by ahmed aamerCw13 cloud computing & big data by ahmed aamer
Cw13 cloud computing & big data by ahmed aamerinevitablecloud
 
Cloud Capacity Management
Cloud Capacity ManagementCloud Capacity Management
Cloud Capacity Management
Metron
 
Capacity Management in a Cloud Computing World
Capacity Management in a Cloud Computing WorldCapacity Management in a Cloud Computing World
Capacity Management in a Cloud Computing WorldDavid Linthicum
 
Cloud Capacity Management
Cloud Capacity ManagementCloud Capacity Management
Cloud Capacity Management
Precisely
 
Cloud_Computing_IIMC_v1
Cloud_Computing_IIMC_v1Cloud_Computing_IIMC_v1
Cloud_Computing_IIMC_v1Steve Markey
 

Recommended

Bd cloud v3
Bd cloud v3Bd cloud v3
Bd cloud v3scm24
 
Securing your esi_piedmont
Securing your esi_piedmontSecuring your esi_piedmont
Securing your esi_piedmontscm24
 
Maximizing your share_point_investment_final
Maximizing your share_point_investment_finalMaximizing your share_point_investment_final
Maximizing your share_point_investment_finalscm24
 
Cw13 cloud computing & big data by ahmed aamer
Cw13 cloud computing & big data by ahmed aamerCw13 cloud computing & big data by ahmed aamer
Cw13 cloud computing & big data by ahmed aamerinevitablecloud
 
Cloud Capacity Management
Cloud Capacity ManagementCloud Capacity Management
Cloud Capacity Management
Metron
 
Capacity Management in a Cloud Computing World
Capacity Management in a Cloud Computing WorldCapacity Management in a Cloud Computing World
Capacity Management in a Cloud Computing WorldDavid Linthicum
 
Cloud Capacity Management
Cloud Capacity ManagementCloud Capacity Management
Cloud Capacity Management
Precisely
 
Cloud_Computing_IIMC_v1
Cloud_Computing_IIMC_v1Cloud_Computing_IIMC_v1
Cloud_Computing_IIMC_v1Steve Markey
 
AWS Cloud Use Cases - Ezhil Arasan Babaraj, CSS Corp
AWS Cloud Use Cases - Ezhil Arasan Babaraj, CSS CorpAWS Cloud Use Cases - Ezhil Arasan Babaraj, CSS Corp
AWS Cloud Use Cases - Ezhil Arasan Babaraj, CSS CorpAmazon Web Services
 
Intelligent Business Process Management Suites (iBPMS) - The Next-Generation ...
Intelligent Business Process Management Suites (iBPMS) - The Next-Generation ...Intelligent Business Process Management Suites (iBPMS) - The Next-Generation ...
Intelligent Business Process Management Suites (iBPMS) - The Next-Generation ...
Kai Wähner
 
Cloud Computing in Business and facts
Cloud Computing in Business and factsCloud Computing in Business and facts
Cloud Computing in Business and factsArun Ganesh
 
Cloud Computing and Big Data
Cloud Computing and Big DataCloud Computing and Big Data
Cloud Computing and Big Data
Robert Keahey
 
Security & privacy challenges in cloud computing
Security & privacy challenges in cloud computingSecurity & privacy challenges in cloud computing
Security & privacy challenges in cloud computing
kdore
 
AAF - Enterprise Architecture and Cloud Computing
AAF - Enterprise Architecture and Cloud ComputingAAF - Enterprise Architecture and Cloud Computing
AAF - Enterprise Architecture and Cloud Computing
Marc Caltabiano
 
Challenges in cloud computing to enable future internet of things v0.3
Challenges in cloud computing to enable future internet of things v0.3Challenges in cloud computing to enable future internet of things v0.3
Challenges in cloud computing to enable future internet of things v0.3Ignacio M. Llorente
 
Embracing Cloud in a Traditional Data Center
Embracing Cloud in a Traditional Data CenterEmbracing Cloud in a Traditional Data Center
Embracing Cloud in a Traditional Data Center
Brian Anderson
 
Advantages to Adoption the Microsoft Cloud - Microsoft Customer Executive Summit
Advantages to Adoption the Microsoft Cloud - Microsoft Customer Executive SummitAdvantages to Adoption the Microsoft Cloud - Microsoft Customer Executive Summit
Advantages to Adoption the Microsoft Cloud - Microsoft Customer Executive SummitRichard Harbridge
 
Leaders in the Cloud: Identifying Cloud Business Value for Customers
Leaders in the Cloud: Identifying Cloud Business Value for CustomersLeaders in the Cloud: Identifying Cloud Business Value for Customers
Leaders in the Cloud: Identifying Cloud Business Value for CustomersOpSource
 
Cloud computing overview
Cloud computing overviewCloud computing overview
Cloud computing overview
daklug
 
Cloud-Based Big Data Analytics
Cloud-Based Big Data AnalyticsCloud-Based Big Data Analytics
Cloud-Based Big Data Analytics
Sateeshreddy N
 
No sql now2011_review_of_adhoc_architectures
No sql now2011_review_of_adhoc_architecturesNo sql now2011_review_of_adhoc_architectures
No sql now2011_review_of_adhoc_architecturesNicholas Goodman
 
Big Data & The Cloud
Big Data & The CloudBig Data & The Cloud
Big Data & The Cloud
Amazon Web Services
 
The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...
The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...
The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...
gueste4e93e3
 
Introduction to Cloud Computing and Big Data
Introduction to Cloud Computing and Big DataIntroduction to Cloud Computing and Big Data
Introduction to Cloud Computing and Big Data
waheed751
 
Tci reference architecture_v2.0
Tci reference architecture_v2.0Tci reference architecture_v2.0
Tci reference architecture_v2.0
Sandeep Sharma IIMK Smart City,IoT,Bigdata,Cloud,BI,DW
 
Relationship between cloud computing and big data
Relationship between cloud computing and big dataRelationship between cloud computing and big data
Relationship between cloud computing and big data
Jazan University
 
Systems Advantage Forum : Autonomous DB e DBaaS
Systems Advantage Forum : Autonomous DB e DBaaS Systems Advantage Forum : Autonomous DB e DBaaS
Systems Advantage Forum : Autonomous DB e DBaaS
Riccardo Romani
 
Cloud Computing 101 Issue 1 (Sample)
Cloud Computing 101 Issue 1 (Sample)Cloud Computing 101 Issue 1 (Sample)
Cloud Computing 101 Issue 1 (Sample)
Alan Quayle
 
Selecting csp iapp_summit_2012 - 5-february
Selecting csp iapp_summit_2012 - 5-februarySelecting csp iapp_summit_2012 - 5-february
Selecting csp iapp_summit_2012 - 5-februaryscm24
 
Financial impact of Cloud Computing
Financial impact of Cloud ComputingFinancial impact of Cloud Computing
Financial impact of Cloud Computing
krisbliesner
 

More Related Content

What's hot

AWS Cloud Use Cases - Ezhil Arasan Babaraj, CSS Corp
AWS Cloud Use Cases - Ezhil Arasan Babaraj, CSS CorpAWS Cloud Use Cases - Ezhil Arasan Babaraj, CSS Corp
AWS Cloud Use Cases - Ezhil Arasan Babaraj, CSS CorpAmazon Web Services
 
Intelligent Business Process Management Suites (iBPMS) - The Next-Generation ...
Intelligent Business Process Management Suites (iBPMS) - The Next-Generation ...Intelligent Business Process Management Suites (iBPMS) - The Next-Generation ...
Intelligent Business Process Management Suites (iBPMS) - The Next-Generation ...
Kai Wähner
 
Cloud Computing in Business and facts
Cloud Computing in Business and factsCloud Computing in Business and facts
Cloud Computing in Business and factsArun Ganesh
 
Cloud Computing and Big Data
Cloud Computing and Big DataCloud Computing and Big Data
Cloud Computing and Big Data
Robert Keahey
 
Security & privacy challenges in cloud computing
Security & privacy challenges in cloud computingSecurity & privacy challenges in cloud computing
Security & privacy challenges in cloud computing
kdore
 
AAF - Enterprise Architecture and Cloud Computing
AAF - Enterprise Architecture and Cloud ComputingAAF - Enterprise Architecture and Cloud Computing
AAF - Enterprise Architecture and Cloud Computing
Marc Caltabiano
 
Challenges in cloud computing to enable future internet of things v0.3
Challenges in cloud computing to enable future internet of things v0.3Challenges in cloud computing to enable future internet of things v0.3
Challenges in cloud computing to enable future internet of things v0.3Ignacio M. Llorente
 
Embracing Cloud in a Traditional Data Center
Embracing Cloud in a Traditional Data CenterEmbracing Cloud in a Traditional Data Center
Embracing Cloud in a Traditional Data Center
Brian Anderson
 
Advantages to Adoption the Microsoft Cloud - Microsoft Customer Executive Summit
Advantages to Adoption the Microsoft Cloud - Microsoft Customer Executive SummitAdvantages to Adoption the Microsoft Cloud - Microsoft Customer Executive Summit
Advantages to Adoption the Microsoft Cloud - Microsoft Customer Executive SummitRichard Harbridge
 
Leaders in the Cloud: Identifying Cloud Business Value for Customers
Leaders in the Cloud: Identifying Cloud Business Value for CustomersLeaders in the Cloud: Identifying Cloud Business Value for Customers
Leaders in the Cloud: Identifying Cloud Business Value for CustomersOpSource
 
Cloud computing overview
Cloud computing overviewCloud computing overview
Cloud computing overview
daklug
 
Cloud-Based Big Data Analytics
Cloud-Based Big Data AnalyticsCloud-Based Big Data Analytics
Cloud-Based Big Data Analytics
Sateeshreddy N
 
No sql now2011_review_of_adhoc_architectures
No sql now2011_review_of_adhoc_architecturesNo sql now2011_review_of_adhoc_architectures
No sql now2011_review_of_adhoc_architecturesNicholas Goodman
 
Big Data & The Cloud
Big Data & The CloudBig Data & The Cloud
Big Data & The Cloud
Amazon Web Services
 
The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...
The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...
The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...
gueste4e93e3
 
Introduction to Cloud Computing and Big Data
Introduction to Cloud Computing and Big DataIntroduction to Cloud Computing and Big Data
Introduction to Cloud Computing and Big Data
waheed751
 
Tci reference architecture_v2.0
Tci reference architecture_v2.0Tci reference architecture_v2.0
Tci reference architecture_v2.0
Sandeep Sharma IIMK Smart City,IoT,Bigdata,Cloud,BI,DW
 
Relationship between cloud computing and big data
Relationship between cloud computing and big dataRelationship between cloud computing and big data
Relationship between cloud computing and big data
Jazan University
 
Systems Advantage Forum : Autonomous DB e DBaaS
Systems Advantage Forum : Autonomous DB e DBaaS Systems Advantage Forum : Autonomous DB e DBaaS
Systems Advantage Forum : Autonomous DB e DBaaS
Riccardo Romani
 
Cloud Computing 101 Issue 1 (Sample)
Cloud Computing 101 Issue 1 (Sample)Cloud Computing 101 Issue 1 (Sample)
Cloud Computing 101 Issue 1 (Sample)
Alan Quayle
 

What's hot (20)

AWS Cloud Use Cases - Ezhil Arasan Babaraj, CSS Corp
AWS Cloud Use Cases - Ezhil Arasan Babaraj, CSS CorpAWS Cloud Use Cases - Ezhil Arasan Babaraj, CSS Corp
AWS Cloud Use Cases - Ezhil Arasan Babaraj, CSS Corp
 
Intelligent Business Process Management Suites (iBPMS) - The Next-Generation ...
Intelligent Business Process Management Suites (iBPMS) - The Next-Generation ...Intelligent Business Process Management Suites (iBPMS) - The Next-Generation ...
Intelligent Business Process Management Suites (iBPMS) - The Next-Generation ...
 
Cloud Computing in Business and facts
Cloud Computing in Business and factsCloud Computing in Business and facts
Cloud Computing in Business and facts
 
Cloud Computing and Big Data
Cloud Computing and Big DataCloud Computing and Big Data
Cloud Computing and Big Data
 
Security & privacy challenges in cloud computing
Security & privacy challenges in cloud computingSecurity & privacy challenges in cloud computing
Security & privacy challenges in cloud computing
 
AAF - Enterprise Architecture and Cloud Computing
AAF - Enterprise Architecture and Cloud ComputingAAF - Enterprise Architecture and Cloud Computing
AAF - Enterprise Architecture and Cloud Computing
 
Challenges in cloud computing to enable future internet of things v0.3
Challenges in cloud computing to enable future internet of things v0.3Challenges in cloud computing to enable future internet of things v0.3
Challenges in cloud computing to enable future internet of things v0.3
 
Embracing Cloud in a Traditional Data Center
Embracing Cloud in a Traditional Data CenterEmbracing Cloud in a Traditional Data Center
Embracing Cloud in a Traditional Data Center
 
Advantages to Adoption the Microsoft Cloud - Microsoft Customer Executive Summit
Advantages to Adoption the Microsoft Cloud - Microsoft Customer Executive SummitAdvantages to Adoption the Microsoft Cloud - Microsoft Customer Executive Summit
Advantages to Adoption the Microsoft Cloud - Microsoft Customer Executive Summit
 
Leaders in the Cloud: Identifying Cloud Business Value for Customers
Leaders in the Cloud: Identifying Cloud Business Value for CustomersLeaders in the Cloud: Identifying Cloud Business Value for Customers
Leaders in the Cloud: Identifying Cloud Business Value for Customers
 
Cloud computing overview
Cloud computing overviewCloud computing overview
Cloud computing overview
 
Cloud-Based Big Data Analytics
Cloud-Based Big Data AnalyticsCloud-Based Big Data Analytics
Cloud-Based Big Data Analytics
 
No sql now2011_review_of_adhoc_architectures
No sql now2011_review_of_adhoc_architecturesNo sql now2011_review_of_adhoc_architectures
No sql now2011_review_of_adhoc_architectures
 
Big Data & The Cloud
Big Data & The CloudBig Data & The Cloud
Big Data & The Cloud
 
The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...
The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...
The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...
 
Introduction to Cloud Computing and Big Data
Introduction to Cloud Computing and Big DataIntroduction to Cloud Computing and Big Data
Introduction to Cloud Computing and Big Data
 
Tci reference architecture_v2.0
Tci reference architecture_v2.0Tci reference architecture_v2.0
Tci reference architecture_v2.0
 
Relationship between cloud computing and big data
Relationship between cloud computing and big dataRelationship between cloud computing and big data
Relationship between cloud computing and big data
 
Systems Advantage Forum : Autonomous DB e DBaaS
Systems Advantage Forum : Autonomous DB e DBaaS Systems Advantage Forum : Autonomous DB e DBaaS
Systems Advantage Forum : Autonomous DB e DBaaS
 
Cloud Computing 101 Issue 1 (Sample)
Cloud Computing 101 Issue 1 (Sample)Cloud Computing 101 Issue 1 (Sample)
Cloud Computing 101 Issue 1 (Sample)
 

Similar to Cloud computing arma_nnj

Selecting csp iapp_summit_2012 - 5-february
Selecting csp iapp_summit_2012 - 5-februarySelecting csp iapp_summit_2012 - 5-february
Selecting csp iapp_summit_2012 - 5-februaryscm24
 
Financial impact of Cloud Computing
Financial impact of Cloud ComputingFinancial impact of Cloud Computing
Financial impact of Cloud Computing
krisbliesner
 
Info Sec 2010 Possibilities And Security Challenges Of Cloud Computing (Han...
Info Sec 2010 Possibilities And Security Challenges Of Cloud Computing (Han...Info Sec 2010 Possibilities And Security Challenges Of Cloud Computing (Han...
Info Sec 2010 Possibilities And Security Challenges Of Cloud Computing (Han...
ptaglephd
 
Global IT BPM Market Perspective by Dolat Capital with special coverage on cl...
Global IT BPM Market Perspective by Dolat Capital with special coverage on cl...Global IT BPM Market Perspective by Dolat Capital with special coverage on cl...
Global IT BPM Market Perspective by Dolat Capital with special coverage on cl...
Mohit Agarwal, CFA
 
Plenary_three_Cloud_computing_-_is_social_housing_ready_for_it_-_Phil_Copperw...
Plenary_three_Cloud_computing_-_is_social_housing_ready_for_it_-_Phil_Copperw...Plenary_three_Cloud_computing_-_is_social_housing_ready_for_it_-_Phil_Copperw...
Plenary_three_Cloud_computing_-_is_social_housing_ready_for_it_-_Phil_Copperw...Phil Copperwheat
 
Cloud Computing Course Content
Cloud Computing Course ContentCloud Computing Course Content
Cloud Computing Course Content
Ashraf Ali
 
Lovett introducing cloud computing nov 2009
Lovett introducing cloud computing nov 2009Lovett introducing cloud computing nov 2009
Lovett introducing cloud computing nov 2009Hilde Lovett
 
Cloud Businesses: Strategic Considerations
Cloud Businesses: Strategic ConsiderationsCloud Businesses: Strategic Considerations
Cloud Businesses: Strategic Considerations
Tathagat Varma
 
Cloud Computing Course Overview
Cloud Computing Course OverviewCloud Computing Course Overview
Cloud Computing Course Overview
Ashraf Ali
 
Cloud Computing and Data Governance
Cloud Computing and Data GovernanceCloud Computing and Data Governance
Cloud Computing and Data GovernanceTrillium Software
 
Rio Info 2010 - Seminário de Tecnologia - Integracao de Servicos - Cesar Taur...
Rio Info 2010 - Seminário de Tecnologia - Integracao de Servicos - Cesar Taur...Rio Info 2010 - Seminário de Tecnologia - Integracao de Servicos - Cesar Taur...
Rio Info 2010 - Seminário de Tecnologia - Integracao de Servicos - Cesar Taur...
Rio Info
 
The Ultimate Guide to Cloud Migration - A Whitepaper by RapidValue
The Ultimate Guide to Cloud Migration - A Whitepaper by RapidValueThe Ultimate Guide to Cloud Migration - A Whitepaper by RapidValue
The Ultimate Guide to Cloud Migration - A Whitepaper by RapidValue
RapidValue
 
Taiye Lambo - Auditing the cloud
Taiye Lambo - Auditing the cloudTaiye Lambo - Auditing the cloud
Taiye Lambo - Auditing the cloudnooralmousa
 
Cloud computing – An Overview
Cloud computing – An OverviewCloud computing – An Overview
Cloud computing – An Overview
Kannan Subbiah
 
Cloud Computing 101 Workshop Sample
Cloud Computing 101 Workshop SampleCloud Computing 101 Workshop Sample
Cloud Computing 101 Workshop Sample
Alan Quayle
 
Cisco Connect 2018 Thailand - Secure, intelligent platform for the digital bu...
Cisco Connect 2018 Thailand - Secure, intelligent platform for the digital bu...Cisco Connect 2018 Thailand - Secure, intelligent platform for the digital bu...
Cisco Connect 2018 Thailand - Secure, intelligent platform for the digital bu...
NetworkCollaborators
 
How Cloud Computing will change how you and your team will run IT
How Cloud Computing will change how you and your team will run ITHow Cloud Computing will change how you and your team will run IT
How Cloud Computing will change how you and your team will run IT
Peter HJ van Eijk
 
Basics of cloud computing & salesforce.com
Basics of cloud computing & salesforce.comBasics of cloud computing & salesforce.com
Basics of cloud computing & salesforce.comDeepu S Nath
 
E discovery 2-cloud_v5
E discovery 2-cloud_v5E discovery 2-cloud_v5
E discovery 2-cloud_v5scm24
 
Trend and Future of Cloud Computing
Trend and Future of Cloud ComputingTrend and Future of Cloud Computing
Trend and Future of Cloud Computing
hybrid cloud
 

Similar to Cloud computing arma_nnj (20)

Selecting csp iapp_summit_2012 - 5-february
Selecting csp iapp_summit_2012 - 5-februarySelecting csp iapp_summit_2012 - 5-february
Selecting csp iapp_summit_2012 - 5-february
 
Financial impact of Cloud Computing
Financial impact of Cloud ComputingFinancial impact of Cloud Computing
Financial impact of Cloud Computing
 
Info Sec 2010 Possibilities And Security Challenges Of Cloud Computing (Han...
Info Sec 2010 Possibilities And Security Challenges Of Cloud Computing (Han...Info Sec 2010 Possibilities And Security Challenges Of Cloud Computing (Han...
Info Sec 2010 Possibilities And Security Challenges Of Cloud Computing (Han...
 
Global IT BPM Market Perspective by Dolat Capital with special coverage on cl...
Global IT BPM Market Perspective by Dolat Capital with special coverage on cl...Global IT BPM Market Perspective by Dolat Capital with special coverage on cl...
Global IT BPM Market Perspective by Dolat Capital with special coverage on cl...
 
Plenary_three_Cloud_computing_-_is_social_housing_ready_for_it_-_Phil_Copperw...
Plenary_three_Cloud_computing_-_is_social_housing_ready_for_it_-_Phil_Copperw...Plenary_three_Cloud_computing_-_is_social_housing_ready_for_it_-_Phil_Copperw...
Plenary_three_Cloud_computing_-_is_social_housing_ready_for_it_-_Phil_Copperw...
 
Cloud Computing Course Content
Cloud Computing Course ContentCloud Computing Course Content
Cloud Computing Course Content
 
Lovett introducing cloud computing nov 2009
Lovett introducing cloud computing nov 2009Lovett introducing cloud computing nov 2009
Lovett introducing cloud computing nov 2009
 
Cloud Businesses: Strategic Considerations
Cloud Businesses: Strategic ConsiderationsCloud Businesses: Strategic Considerations
Cloud Businesses: Strategic Considerations
 
Cloud Computing Course Overview
Cloud Computing Course OverviewCloud Computing Course Overview
Cloud Computing Course Overview
 
Cloud Computing and Data Governance
Cloud Computing and Data GovernanceCloud Computing and Data Governance
Cloud Computing and Data Governance
 
Rio Info 2010 - Seminário de Tecnologia - Integracao de Servicos - Cesar Taur...
Rio Info 2010 - Seminário de Tecnologia - Integracao de Servicos - Cesar Taur...Rio Info 2010 - Seminário de Tecnologia - Integracao de Servicos - Cesar Taur...
Rio Info 2010 - Seminário de Tecnologia - Integracao de Servicos - Cesar Taur...
 
The Ultimate Guide to Cloud Migration - A Whitepaper by RapidValue
The Ultimate Guide to Cloud Migration - A Whitepaper by RapidValueThe Ultimate Guide to Cloud Migration - A Whitepaper by RapidValue
The Ultimate Guide to Cloud Migration - A Whitepaper by RapidValue
 
Taiye Lambo - Auditing the cloud
Taiye Lambo - Auditing the cloudTaiye Lambo - Auditing the cloud
Taiye Lambo - Auditing the cloud
 
Cloud computing – An Overview
Cloud computing – An OverviewCloud computing – An Overview
Cloud computing – An Overview
 
Cloud Computing 101 Workshop Sample
Cloud Computing 101 Workshop SampleCloud Computing 101 Workshop Sample
Cloud Computing 101 Workshop Sample
 
Cisco Connect 2018 Thailand - Secure, intelligent platform for the digital bu...
Cisco Connect 2018 Thailand - Secure, intelligent platform for the digital bu...Cisco Connect 2018 Thailand - Secure, intelligent platform for the digital bu...
Cisco Connect 2018 Thailand - Secure, intelligent platform for the digital bu...
 
How Cloud Computing will change how you and your team will run IT
How Cloud Computing will change how you and your team will run ITHow Cloud Computing will change how you and your team will run IT
How Cloud Computing will change how you and your team will run IT
 
Basics of cloud computing & salesforce.com
Basics of cloud computing & salesforce.comBasics of cloud computing & salesforce.com
Basics of cloud computing & salesforce.com
 
E discovery 2-cloud_v5
E discovery 2-cloud_v5E discovery 2-cloud_v5
E discovery 2-cloud_v5
 
Trend and Future of Cloud Computing
Trend and Future of Cloud ComputingTrend and Future of Cloud Computing
Trend and Future of Cloud Computing
 

Recently uploaded

Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Nexer Digital
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Quotidiano Piemontese
 
Large Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial ApplicationsLarge Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial Applications
Rohit Gautam
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
Aftab Hussain
 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Malak Abu Hammad
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
Neo4j
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
Neo4j
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
Neo4j
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
SOFTTECHHUB
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
Matthew Sinclair
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
Neo4j
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 
GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
ThomasParaiso2
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
Kumud Singh
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
Alpen-Adria-Universität
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
SOFTTECHHUB
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
Octavian Nadolu
 

Recently uploaded (20)

Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
 
Large Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial ApplicationsLarge Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial Applications
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 
GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
 

Cloud computing arma_nnj

  • 1. Cloud Computing Steven C. Markey,MSIS,PMP, CISSP,CIPP, CISM,CISA,STS-EV,CCSK Principal, nControl, LLC Adjunct Professor President, Cloud Security Alliance – Delaware Valley Chapter (CSA-DelVal)
  • 2. Cloud Computing • Presentation Overview – Cloud Overview • General • Business Case for Cloud Computing • Security Guidance • Selecting a Cloud Service Provider (CSP) • Records & Info Management (RIM) in the Cloud – Case Studies • e-Discovery IN the Cloud
  • 3. Cloud Computing • General Overview – Why should you care about the “cloud”?
  • 4. Cloud Computing Trends Numbers Numbers around CC are always impressive: 80% fortune companies 1000 will pay to use cloud computing services and 30% will pay for infrastructure. Gartner At this moment, the 5 major search engines together have 2.000.000 Market : computers 42 billon: IDC 95 billion: Merrill Lynch 33% of IT business will be in Cloud Computing Gartner Microsoft data centre in Chicago: 610.000 servers 8 8 Source: Open Group
  • 5. Cloud Computing • What is Cloud Computing? – Re-Branded IT Business Model • Application Service Provider (ASP) • IT Outsourcing (ITO) – Formal Characteristics • Resource Pooling • Rapid Elasticity – Confusion • Hosting • Virtualization • Service Provider
  • 6.
  • 7. Service Delivery Models Source: Swain Techs
  • 8. Responsibility Source: Matthew Gardiner, Computer Associates
  • 12. Private Cloud • Dedicated Clouds – Usually Hosted Internally • Use Chargeback/Shared Services Model – External Private Clouds Exist
  • 15. Cloud Computing • Business Case for Cloud Computing – Time-to-Market – Global Presence – Focus on Core Competency – Elasticity – Cost-Benefit Analysis (CBA)
  • 16. Cloud Computing • Partly Cloudy with a Chance of Risk! – The Cloud is Perceived as Risky Business • Lack of Control • Regulatory Compliance • Hacks, Outages, Disasters….Oh My! Source: Youtube
  • 17. Cloud Computing • Security Guidance – Existing Certifications/Attestations • SAS 70 Type II/SSAE 16/ISAE 3402 • ISO 27001/2, 27036, 15489 • BITS Shared Assessments • PCI DSS • HIPAA/HITECH – Guidance Specifically for the Cloud • CSA Guide v3.0 • ENISA Cloud Computing Risk Assessment • NIST SP 800-144 Guidelines Security/Privacy for a Public Cloud
  • 18. Cloud Computing • Selecting a CSP – Service Provider/Consumer Process Alignment – Portability/Interoperability – Contractual/Legal Agreements – Industry Tools
  • 19. Cloud Computing • Service Provider/Consumer Process Alignment – Change/Configuration Management – Loading/Offloading – Disaster Recovery – Incident Response – Legal Hold/Litigation Response/e-Discovery • Electronic Discovery Reference Model (EDRM) – Records and Information Management (RIM) • Generally Accepted Recordkeeping Principles (GARP) • Information Governance Reference Model (IGRM) • Information Lifecycle Management (ILM)
  • 20. Cloud Computing • Portability/Interoperability – Software – Data – Third Parties
  • 21. Cloud Computing • Contractual/Legal Agreements – Service Level Agreements (SLA) • Up-Time • Jurisdiction • Data Ownership – Escrow Data – Include Metadata • Exit Clause • Testing – Disaster Recovery – Incident Response – Legal Hold/Litigation Response/e-Discovery
  • 22. Cloud Computing • Contractual/Legal Agreements – Service Level Agreements (SLA) • Right to Audit – Vendor & Vendor’s Vendors – GARP-Specific
  • 23. Cloud Computing • Industry Tools – Selection • Gravitant CloudWiz • VMware Cloud Readiness Self-Assessment Tool – Brokerage/Management • RightScale • CloudFloor • Skydera • enStratus
  • 24. Cloud Computing • Industry Tools – Migration • Bit Titan MigrationWiz • Layer 2 SharePoint Cloud Connector • Metalogix StoragePoint • AvePoint DocAve Migrator
  • 25.
  • 26.
  • 30. Cloud Computing • RIM in the Cloud – Process • Self-Service Provisioning • CSP Brokerage, Monitoring & Metering • CSP Information Governance • CSP Adherence to Standards – NIST » SP 800-92: Log Management – ISO » 15489: Records Management » 23081: Records Metadata » 15386: Digital Archive » 30300/303001: RIM Management System » 17024: Conformity Assessment
  • 32. Cloud Computing • RIM in the Cloud – People • More Empowered: Shadow IT, Consumerized IT – Millenials Expect Autonomy – Bring Your Own Device (BYOD) – Less Office Time, But Always On • Increased Roles & Responsibilities • Additional Tech/Analytical Skill-Sets Required – Technology • Commoditized • CSP Metadata • New Technologies: Non-Relational Database Architectures • New Paradigms: Big Data (Data Lakes & Cloud)
  • 33.
  • 34. Cloud Computing • Case Study: e-Discovery FROM the Cloud – Background – Drivers – Technologies – Limitations – Risks – Lessons Learned – Next Steps
  • 35. Cloud Computing • Case Study: e-Discovery FROM the Cloud – Background • Financial Services SMB – Capital Management (PA) • Recent Project: 2010 • IT: Managed Service Provider/Operations, Director – Drivers • Cost • Compliance – Technologies • Email: Exchange Server 2007, 2010/Office 365 • Discovery: Symantec Enterprise Vault (EV) v8.0/v9.0
  • 36. Cloud Computing • Case Study: e-Discovery FROM the Cloud – Limitations • Budget • Skill-Sets • Resources – Risks • Software/System Interoperability • Vendor Management: Contractual/SLA Omissions • Disaster Recovery: Datacom • Legacy Email Availability, No More Archiving • Scope Creep
  • 37. Cloud Computing • Case Study: e-Discovery FROM the Cloud – Lessons Learned • Limited Cost Savings – On-Site Exchange Box for Journaling – Upgrade to EV v9.0 to Support Exchange 2010 – Exchange Hosted Encryption (EHE) – Forefront Online Protection for Exchange (FOPE) • Exchange Journaling From the Cloud, Complicated – Microsoft Federation Gateway (MFG) • Leverage Interim Solution for BlackBerry Services – Shutdown BlackBerry Enterprise Server (BES) – Leverage AstraSync (Exchange ActiveSync)
  • 38. Cloud Computing • Case Study: e-Discovery FROM the Cloud – Next Steps • Upgrade to EV v10.0 – Incorporate Social Media • Test BCP/DR e-Discovery Functionality • BlackBerry Office 365 – Looking at BES Balance (“Data Boxing”) • Leverage Office 365 for SharePoint, iOS & Android – Nix AstraSync, Reviewing Hosted AirWatch & MobileIron for MDM • Reviewing Cloud e-Discovery SaaS Solutions – Symantec Enterprise Vault.cloud – Microsoft Exchange Online Archiving (EOA)
  • 39. Cloud Computing • Presentation Take Aways – Cloud = Re-Branded Business Model –With New Bells & Whistles (Big Data, etc.) – Paradigm Shift Towards Empowerment – Strategy & Due Diligence Are VERY Important –Must Consider the Business Ecosystem
  • 40. Cloud Computing • References – CSA Guide: https://cloudsecurityalliance.org/research/security-guidance/ – BITS Enterprise Cloud Self-Assessment: http://sharedassessments.org/media/pdf-EnterpriseCloud-SA.pdf – ENISA Risk Assessment: http://www.enisa.europa.eu/act/rm/files/deliverables/cloud-computing-risk- assessment – NIST SP 800-144: http://csrc.nist.gov/publications/drafts/800-144/Draft-SP-800-144_cloud-computing.pdf – IGRM: http://www.edrm.net/projects/igrm – EDRM: http://www.edrm.net/ – MIKE2.0: http://mike2.openmethodology.org/ – VMware CRSA: http://getcloudready.vmware.com/crsa/ – Bit Titan MigrationWiz: https://www.migrationwiz.com/Secure/Default.aspx – Gravitant cloudWiz: http://www.gravitant.com/cloudwiz-home.html – RightScale: http://www.rightscale.com/ – CloudFloor: http://www.cloudfloor.com/ – Skydera: http://www.skydera.com/ – enStratus: http://enstratus.com/ – Layer 2: http://www.layer2.de/en/products/Pages/Cloud-Connector-for-SharePoint-2010-Office365.aspx – Metalogix StoragePoint: http://www.metalogix.com/Products/StoragePoint.aspx – AvePoint DocAve: http://www.avepoint.com/sharepoint-to-sharepoint-migration-docave/
  • 41. Cloud Computing • Personal References – PenTest Magazine, "Scanning Your Cloud Environment": http://pentestmag.com/client-side-exploits-pentest- 082011/ – ISACA Journal, "Testing Your Incident Response Plan": http://www.isaca.org/Journal/Current- Issue/Pages/default.aspx – e-Discovery 2.0: In the Cloud: https://s3.amazonaws.com/nControl-Docs/CSA11_Session-SMarkey.ppt – Security in the Cloud: https://s3.amazonaws.com/nControl-Docs/Cloud_Computing-Security.ppt – System Architecture & Engineering for the Cloud: https://s3.amazonaws.com/nControl- Docs/Cloud_Computing-Architecture_Engineering.ppt – Cloud Computing Primer: https://s3.amazonaws.com/nControl-Docs/Cloud_Computing-Basic.ppt – Cloud Computing - Authentication & Encryption: https://s3.amazonaws.com/nControl- Docs/Cloud_Computing_Security-Session_II.ppt – Cloud Computing - Application & Virtualization Security: https://s3.amazonaws.com/nControl- Docs/Cloud_Computing_Security-Session_III.ppt – Securing Your ESI: https://s3.amazonaws.com/nControl-Docs/Securing_Your_ESI_v2.ppt
  • 42. • Questions? • Contact – Email: steve@ncontrol-llc.com – Twitter: @markes1, @csdadelval2011 – LI: http://www.linkedin.com/in/smarkey – CSA-DelVal: http://www.csadelval.org/

Editor's Notes

  1. CAS: Content-Addressable Storage / Associative Storage
  2. CAS: Content-Addressable Storage / Associative Storage