SlideShare a Scribd company logo

Security Management in the Cloud

Download as PPTX, PDF
GaryArdito
GaryArdito

The document discusses how organizations can regain control over their hybrid cloud environments through identity and access management, visibility, and continuous compliance. It recommends starting with a strong identity fabric and leveraging identity context to gain awareness and visibility. Continuous monitoring is needed to maintain security and compliance across physical, virtual, and cloud systems through automation and real-time alerts. Role-based dashboards can provide the right visibility for different users. NetIQ provides expertise and products that can help power cloud service providers and enterprises in securing hybrid cloud environments.

Technology
1 of 29
Reigning in the Cloud: Regaining control of your Hybrid Cloud environment Gary Ardito Chief Architect, Cloud Service Provider Solutions Gary.Ardito@NetIQ.com
© 2012 NetIQ Corporation. All rights reserved.2 Who am I? o 30 years solving business problems with technology o 15 + years as as principal architect – solutions that matter – Fortune 500, .com, Non Profits, Olympic Games o Consulted on business inhibitors, technology enablers and risk mitigation – thought leadership to move businesses forward o Historical leader of Identity and Access Management Market o Market leading products across Identity, Access, SIEM, and Compliance Management o Enabling cloud adoption by powering both service providers and enterprises
© 2012 NetIQ Corporation. All rights reserved.3 Why are we here? o Cloud use is expanding and maturing … we are all moving to a hybrid cloud future o Mobile, Social, BYOD and the Internet Of Things are all reeking havoc with our security management o Current security management approaches are broken o Challenges exist for both Service Providers and Enterprises
© 2012 NetIQ Corporation. All rights reserved.4 The Intelligent combination of internal and external resources to deliver the right mix of cost savings, service levels and business agility. Start with the Hybrid Cloud
© 2012 NetIQ Corporation. All rights reserved.5 Add new computing contexts Users are driving change. Mobility BYOD Social IdentityCloud Enterprise Service Provider
© 2012 NetIQ Corporation. All rights reserved.6 With new and unprecedented challenges New, Persistent Threats Expanding Computing Environment Business / Mission Keeps Moving Staff Stretched Thin Constant change & complexity results in lack of control and visibility
© 2012 NetIQ Corporation. All rights reserved.7 How do we regain control?  Protection: Strongly enforce access, compliance, security and behavioral policies across all computing domains  Awareness: Capture activity with context for all events across the breadth of your computing environment  Visibility: Provide role-specific, business level dashboards exposing critical activity and patterns  Action: Policy based, real-time action based on appropriate remediation strategies
© 2012 NetIQ Corporation. All rights reserved.8 Physical Virtual Cloud Secure Measure Manage Identity, Access, and Compliance Operational and SLA Dashboards Migrations, DR, and Brokering FIREWALL INTERNAL CLOUD (on-premise) EXTERNAL CLOUD (off-premise) Hybrid Cloud Requires new management frameworks.
© 2012 NetIQ Corporation. All rights reserved.9 Hybrid Cloud Environment It starts with IDENTITY Access Mgmt Identity & Context Identity Management Awareness & Visibility
© 2012 NetIQ Corporation. All rights reserved.10 Who and what interacts with the computing environment? What behavior do I expect of each identity? • Benefits of an Identity fabric include: • Manages full lifecycle of user/device identities and privileges • Ensures that identities have the right access to right resources • Traces all activity to the identity responsible – contextual accountability • Keeps sensitive information protected regardless of location and method of access • Keeps security credentials protected Start with a Strong Identity Fabric
© 2012 NetIQ Corporation. All rights reserved.11 Go beyond with “Identity Context” • Deliver additional, rich context about users and events to security monitoring tools • See “who” the individual is; know if their activities are business-appropriate. – Integrate identity intelligence with security monitoring – Roles, access rights, permissions – Increase visibility and control across complex IT landscape – Cloud, mobile, virtual
© 2012 NetIQ Corporation. All rights reserved.12 Go further with “Identity Context” Speed response times to threats and reduce the compliance effort. • Identify when user activity is unusual, anomalous or outside normal business practices • Demonstrate that access is under control, meets compliance requirements Andy Anderson What actions have they been performing in those applications? What applications has this user been using? What privilege changes have been applied?
© 2012 NetIQ Corporation. All rights reserved.13 Leverage the Identity Fabric Access can be a service consumed from a cloud provider or provided within the organization Access control MUST include the following: - Federated Identity Controls - Multi domain - Cloud awareness - Audit history of cloud activity Then Access Management….
© 2012 NetIQ Corporation. All rights reserved.14 Problem… CLOUD RESOURCES • Separate accounts exist in cloud-based resources • Creating accounts in cloud services is a manual process, whether IT creates the account or if the user creates the account • Users must remember separate passwords for each cloud service, and often use their credentials • No compliance reporting of user activity in the cloud service Corporate credentials No single sign- on or strong authentication Manual process IT department No reporting
© 2012 NetIQ Corporation. All rights reserved.15 Solution… CLOUD RESOURCES • Provide an automated process to provision user accounts to the cloud resources • Provide secure single sign-on to the cloud services w/o the credentials leaving the security realm • Provide the ability for users to securely access the cloud service inside or outside of the organization • Provide compliance reporting of the users’ activities in the cloud service Corporate credentials Single sign-on and strong authentication Automatic process IT department Full reporting Cloud Access
© 2012 NetIQ Corporation. All rights reserved.16 Results… ENFORCED SECURITY to the Cloud without impacting existing infrastructure Onsite IAM Cloud Resources Provisioning / de-provisioning Compliance event reporting Strong AuthN SSO LDAP directories Federated
© 2012 NetIQ Corporation. All rights reserved.17 With Continuous Monitoring and Compliance • Maintain security and compliance processes to defend against attacks. • Implement a lifecycle approach to reduce risk from threats. – Define and refine processes – Good security should be the goal, not “passing the audit.” Policy Assess Evaluate Risk AuditRemediate
© 2012 NetIQ Corporation. All rights reserved.18 More On Continuous Compliance Need to close security and compliance gaps by combining user provisioning, access management, security monitoring, privileged user management. Provide process automation working in real time ensuring compliance with predefined policies. Provide both data correlation and anomaly detection to address known and unknown risk areas. Provide real-time event alerts and remediation based on policy.
© 2012 NetIQ Corporation. All rights reserved.19
© 2012 NetIQ Corporation. All rights reserved.20 NEEDED: both business and technical views of what’s happening across your hybrid cloud infrastructure. An effective visibility solution must include: Role-based dashboards based on the image required for the user to do their job Business metrics tie-in as basis of upcoming business decisions based on data provided Aggregation and analysis of events occurring on-premise and across all cloud environments And Visibility…
© 2012 NetIQ Corporation. All rights reserved.21 EFFECTIVE VISIBILITY solutions must include: • Integrate & correlate cross domain data into one centralized dashboard • Automatically model IT, application, & business services • Intuitive, role-based “service view” speeds problem isolation • Built-in impact & root-cause analysis to shorten resolution time by 50%, or more More on Visibility…
© 2012 NetIQ Corporation. All rights reserved.22 ADM SLM CMDB360 Asset Data Compliance Data Business Metrics Configuration DataIT Management Data Discovery Data • Integrates & correlates existing IT data into one centralized dashboard • Automatically models IT, application, & business services • Intuitive, role-based “service view” speeds problem isolation • Built-in impact & root- cause analysis shortens resolution time by 50%, or more Single Pane of Glass View
© 2012 NetIQ Corporation. All rights reserved.23 It’s possible: a secure, compliant multi-domain environment 1. You must start with a strong on-premise identity platform 2. You must architect for loosely coupled, federated access to cloud and on-premise services 3. You must leverage technologies designed to include cloud domains 4. You must select service providers that support your multi-domain management architecture.
© 2012 NetIQ Corporation. All rights reserved.24 About NetIQ • Provide expertise and experience in Identity, Access Management and Security Management • Help reduce number of privileged users • Reduce and manage privileges • Monitor users and look for unusual activity • Provide visibility into access rights to critical resources • Harden systems against attackers
© 2012 NetIQ Corporation. All rights reserved.25
© 2012 NetIQ Corporation. All rights reserved.26 Powering Cloud Service Providers NetIQ Cloud Manager NetIQ Services Director Monetizable As A Service Offerings Infrastructure Marketplace & Deployment Monitoring Identity Management Access Management SEIM Privileged User Mgmt Identity Management Access Management Compliance Management Infrastructure Disaster Recovery Migrating to Cloud SLA Dashboards Monitoring Governance
© 2012 NetIQ Corporation. All rights reserved.27
© 2012 NetIQ Corporation. All rights reserved.28 +1 713.548.1700 (Worldwide) 888.323.6768 (Toll-free) info@netiq.com NetIQ.com Worldwide Headquarters 1233 West Loop South Suite 810 Houston, TX 77027 USA http://community.netiq.com
This document could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein. These changes may be incorporated in new editions of this document. NetIQ Corporation may make improvements in or changes to the software described in this document at any time. Copyright © 2013 NetIQ Corporation. All rights reserved. ActiveAudit, ActiveView, Aegis, AppManager, Change Administrator, Change Guardian, Compliance Suite, the cube logo design, Directory and Resource Administrator, Directory Security Administrator, Domain Migration Administrator, Exchange Administrator, File Security Administrator, Group Policy Administrator, Group Policy Guardian, Group Policy Suite, IntelliPolicy, Knowledge Scripts, NetConnect, NetIQ, the NetIQ logo, PSAudit, PSDetect, PSPasswordManager, PSSecure, Secure Configuration Manager, Security Administration Suite, Security Manager, Server Consolidator, VigilEnt, and Vivinet are trademarks or registered trademarks of NetIQ Corporation or its subsidiaries in the United States and other countries.

Recommended

Leveraging Identity to Manage Change and Complexity
Leveraging Identity to Manage Change and ComplexityLeveraging Identity to Manage Change and Complexity
Leveraging Identity to Manage Change and Complexity
NetIQ
 
Building A Cloud-Ready Security Program
Building A Cloud-Ready Security ProgramBuilding A Cloud-Ready Security Program
Building A Cloud-Ready Security Program
NetIQ
 
From reactive to automated reducing costs through mature security processes i...
From reactive to automated reducing costs through mature security processes i...From reactive to automated reducing costs through mature security processes i...
From reactive to automated reducing costs through mature security processes i...
NetIQ
 
Cloud is not an option, but is security?
Cloud is not an option, but is security?Cloud is not an option, but is security?
Cloud is not an option, but is security?
Jody Keyser
 
Scrubbing Your Active Directory Squeaky Clean
Scrubbing Your Active Directory Squeaky CleanScrubbing Your Active Directory Squeaky Clean
Scrubbing Your Active Directory Squeaky Clean
NetIQ
 
A Smarter, More Secure Internet of Things
A Smarter, More Secure Internet of Things A Smarter, More Secure Internet of Things
A Smarter, More Secure Internet of Things
NetIQ
 
The Three Critical Steps for Effective BYOD Management
The Three Critical Steps for Effective BYOD Management The Three Critical Steps for Effective BYOD Management
The Three Critical Steps for Effective BYOD Management
Kaseya
 
5 Essential Tips for Creating An Effective BYOD Policy
5 Essential Tips for Creating An Effective BYOD Policy5 Essential Tips for Creating An Effective BYOD Policy
5 Essential Tips for Creating An Effective BYOD Policy
Kaseya
 

Recommended

Leveraging Identity to Manage Change and Complexity
Leveraging Identity to Manage Change and ComplexityLeveraging Identity to Manage Change and Complexity
Leveraging Identity to Manage Change and Complexity
NetIQ
 
Building A Cloud-Ready Security Program
Building A Cloud-Ready Security ProgramBuilding A Cloud-Ready Security Program
Building A Cloud-Ready Security Program
NetIQ
 
From reactive to automated reducing costs through mature security processes i...
From reactive to automated reducing costs through mature security processes i...From reactive to automated reducing costs through mature security processes i...
From reactive to automated reducing costs through mature security processes i...
NetIQ
 
Cloud is not an option, but is security?
Cloud is not an option, but is security?Cloud is not an option, but is security?
Cloud is not an option, but is security?
Jody Keyser
 
Scrubbing Your Active Directory Squeaky Clean
Scrubbing Your Active Directory Squeaky CleanScrubbing Your Active Directory Squeaky Clean
Scrubbing Your Active Directory Squeaky Clean
NetIQ
 
A Smarter, More Secure Internet of Things
A Smarter, More Secure Internet of Things A Smarter, More Secure Internet of Things
A Smarter, More Secure Internet of Things
NetIQ
 
The Three Critical Steps for Effective BYOD Management
The Three Critical Steps for Effective BYOD Management The Three Critical Steps for Effective BYOD Management
The Three Critical Steps for Effective BYOD Management
Kaseya
 
5 Essential Tips for Creating An Effective BYOD Policy
5 Essential Tips for Creating An Effective BYOD Policy5 Essential Tips for Creating An Effective BYOD Policy
5 Essential Tips for Creating An Effective BYOD Policy
Kaseya
 
Manage risk by protecting apps, data and usage
Manage risk by protecting apps, data and usageManage risk by protecting apps, data and usage
Manage risk by protecting apps, data and usage
Citrix
 
Mt26 identity management as a service
Mt26 identity management as a serviceMt26 identity management as a service
Mt26 identity management as a service
Dell World
 
IT Risk Management & Compliance
IT Risk Management & ComplianceIT Risk Management & Compliance
IT Risk Management & Compliancerhanna11
 
Csa summit cualquier aplicación, desde cualquier dispositivo, en cualquier ...
Csa summit cualquier aplicación, desde cualquier dispositivo, en cualquier ...Csa summit cualquier aplicación, desde cualquier dispositivo, en cualquier ...
Csa summit cualquier aplicación, desde cualquier dispositivo, en cualquier ...
CSA Argentina
 
Industry 4.0 : How to Build Relevant IT Skills
Industry 4.0 : How to Build Relevant IT SkillsIndustry 4.0 : How to Build Relevant IT Skills
Industry 4.0 : How to Build Relevant IT Skills
Eryk Budi Pratama
 
Smart Analytics for The Big Unknown
Smart Analytics for The Big UnknownSmart Analytics for The Big Unknown
Smart Analytics for The Big Unknown
Adrian Dumitrescu
 
MT82 IoT Security Starts at Edge
MT82 IoT Security Starts at EdgeMT82 IoT Security Starts at Edge
MT82 IoT Security Starts at Edge
Dell EMC World
 
IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,
Information Security Awareness Group
 
Building an Effective Identity Management Strategy
Building an Effective Identity Management StrategyBuilding an Effective Identity Management Strategy
Building an Effective Identity Management Strategy
NetIQ
 
Cloud Services & the Development of ISO/IEC 27018
Cloud Services & the Development of ISO/IEC 27018Cloud Services & the Development of ISO/IEC 27018
Cloud Services & the Development of ISO/IEC 27018
Corporacion Colombia Digital
 
Cloud computing - Risks and Mitigation - GTS
Cloud computing - Risks and Mitigation - GTSCloud computing - Risks and Mitigation - GTS
Cloud computing - Risks and Mitigation - GTS
Anchises Moraes
 
2011 IIA Pittsburgh Grant Thornton LLP Presentation (Nov 2011)
2011 IIA Pittsburgh Grant Thornton LLP Presentation (Nov 2011)2011 IIA Pittsburgh Grant Thornton LLP Presentation (Nov 2011)
2011 IIA Pittsburgh Grant Thornton LLP Presentation (Nov 2011)
Danny Miller
 
Getting Your IT Security Learners Ready for the Cloud with CCSK Certification
Getting Your IT Security Learners Ready for the Cloud with CCSK CertificationGetting Your IT Security Learners Ready for the Cloud with CCSK Certification
Getting Your IT Security Learners Ready for the Cloud with CCSK Certification
ITpreneurs
 
Modern Architectures
Modern ArchitecturesModern Architectures
Modern Architectures
SecureAuth
 
7.5 steps to overlaying byod & iot
7.5 steps to overlaying byod & iot7.5 steps to overlaying byod & iot
7.5 steps to overlaying byod & iot
Caston Thomas
 
Security Strategies for Success
Security Strategies for SuccessSecurity Strategies for Success
Security Strategies for Success
Citrix
 
Matrix Vision Deck
Matrix Vision DeckMatrix Vision Deck
Matrix Vision DeckAbu Turay
 
IT Service & Asset Management Better Together
IT Service & Asset Management Better TogetherIT Service & Asset Management Better Together
IT Service & Asset Management Better Together
Ivanti
 
Csa summit seguridad en el sddc
Csa summit seguridad en el sddcCsa summit seguridad en el sddc
Csa summit seguridad en el sddc
CSA Argentina
 
Enterprise Digital Assistants: How they can support you in your Credit, Colle...
Enterprise Digital Assistants: How they can support you in your Credit, Colle...Enterprise Digital Assistants: How they can support you in your Credit, Colle...
Enterprise Digital Assistants: How they can support you in your Credit, Colle...
emagia
 
Cloud security management by newvem
Cloud security management by newvemCloud security management by newvem
Cloud security management by newvem
Newvewm
 
Integrated Cloud Security
Integrated Cloud SecurityIntegrated Cloud Security
Integrated Cloud Security
OneLogin
 

More Related Content

What's hot

Manage risk by protecting apps, data and usage
Manage risk by protecting apps, data and usageManage risk by protecting apps, data and usage
Manage risk by protecting apps, data and usage
Citrix
 
Mt26 identity management as a service
Mt26 identity management as a serviceMt26 identity management as a service
Mt26 identity management as a service
Dell World
 
IT Risk Management & Compliance
IT Risk Management & ComplianceIT Risk Management & Compliance
IT Risk Management & Compliancerhanna11
 
Csa summit cualquier aplicación, desde cualquier dispositivo, en cualquier ...
Csa summit cualquier aplicación, desde cualquier dispositivo, en cualquier ...Csa summit cualquier aplicación, desde cualquier dispositivo, en cualquier ...
Csa summit cualquier aplicación, desde cualquier dispositivo, en cualquier ...
CSA Argentina
 
Industry 4.0 : How to Build Relevant IT Skills
Industry 4.0 : How to Build Relevant IT SkillsIndustry 4.0 : How to Build Relevant IT Skills
Industry 4.0 : How to Build Relevant IT Skills
Eryk Budi Pratama
 
Smart Analytics for The Big Unknown
Smart Analytics for The Big UnknownSmart Analytics for The Big Unknown
Smart Analytics for The Big Unknown
Adrian Dumitrescu
 
MT82 IoT Security Starts at Edge
MT82 IoT Security Starts at EdgeMT82 IoT Security Starts at Edge
MT82 IoT Security Starts at Edge
Dell EMC World
 
IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,
Information Security Awareness Group
 
Building an Effective Identity Management Strategy
Building an Effective Identity Management StrategyBuilding an Effective Identity Management Strategy
Building an Effective Identity Management Strategy
NetIQ
 
Cloud Services & the Development of ISO/IEC 27018
Cloud Services & the Development of ISO/IEC 27018Cloud Services & the Development of ISO/IEC 27018
Cloud Services & the Development of ISO/IEC 27018
Corporacion Colombia Digital
 
Cloud computing - Risks and Mitigation - GTS
Cloud computing - Risks and Mitigation - GTSCloud computing - Risks and Mitigation - GTS
Cloud computing - Risks and Mitigation - GTS
Anchises Moraes
 
2011 IIA Pittsburgh Grant Thornton LLP Presentation (Nov 2011)
2011 IIA Pittsburgh Grant Thornton LLP Presentation (Nov 2011)2011 IIA Pittsburgh Grant Thornton LLP Presentation (Nov 2011)
2011 IIA Pittsburgh Grant Thornton LLP Presentation (Nov 2011)
Danny Miller
 
Getting Your IT Security Learners Ready for the Cloud with CCSK Certification
Getting Your IT Security Learners Ready for the Cloud with CCSK CertificationGetting Your IT Security Learners Ready for the Cloud with CCSK Certification
Getting Your IT Security Learners Ready for the Cloud with CCSK Certification
ITpreneurs
 
Modern Architectures
Modern ArchitecturesModern Architectures
Modern Architectures
SecureAuth
 
7.5 steps to overlaying byod & iot
7.5 steps to overlaying byod & iot7.5 steps to overlaying byod & iot
7.5 steps to overlaying byod & iot
Caston Thomas
 
Security Strategies for Success
Security Strategies for SuccessSecurity Strategies for Success
Security Strategies for Success
Citrix
 
Matrix Vision Deck
Matrix Vision DeckMatrix Vision Deck
Matrix Vision DeckAbu Turay
 
IT Service & Asset Management Better Together
IT Service & Asset Management Better TogetherIT Service & Asset Management Better Together
IT Service & Asset Management Better Together
Ivanti
 
Csa summit seguridad en el sddc
Csa summit seguridad en el sddcCsa summit seguridad en el sddc
Csa summit seguridad en el sddc
CSA Argentina
 
Enterprise Digital Assistants: How they can support you in your Credit, Colle...
Enterprise Digital Assistants: How they can support you in your Credit, Colle...Enterprise Digital Assistants: How they can support you in your Credit, Colle...
Enterprise Digital Assistants: How they can support you in your Credit, Colle...
emagia
 

What's hot (20)

Manage risk by protecting apps, data and usage
Manage risk by protecting apps, data and usageManage risk by protecting apps, data and usage
Manage risk by protecting apps, data and usage
 
Mt26 identity management as a service
Mt26 identity management as a serviceMt26 identity management as a service
Mt26 identity management as a service
 
IT Risk Management & Compliance
IT Risk Management & ComplianceIT Risk Management & Compliance
IT Risk Management & Compliance
 
Csa summit cualquier aplicación, desde cualquier dispositivo, en cualquier ...
Csa summit cualquier aplicación, desde cualquier dispositivo, en cualquier ...Csa summit cualquier aplicación, desde cualquier dispositivo, en cualquier ...
Csa summit cualquier aplicación, desde cualquier dispositivo, en cualquier ...
 
Industry 4.0 : How to Build Relevant IT Skills
Industry 4.0 : How to Build Relevant IT SkillsIndustry 4.0 : How to Build Relevant IT Skills
Industry 4.0 : How to Build Relevant IT Skills
 
Smart Analytics for The Big Unknown
Smart Analytics for The Big UnknownSmart Analytics for The Big Unknown
Smart Analytics for The Big Unknown
 
MT82 IoT Security Starts at Edge
MT82 IoT Security Starts at EdgeMT82 IoT Security Starts at Edge
MT82 IoT Security Starts at Edge
 
IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,
 
Building an Effective Identity Management Strategy
Building an Effective Identity Management StrategyBuilding an Effective Identity Management Strategy
Building an Effective Identity Management Strategy
 
Cloud Services & the Development of ISO/IEC 27018
Cloud Services & the Development of ISO/IEC 27018Cloud Services & the Development of ISO/IEC 27018
Cloud Services & the Development of ISO/IEC 27018
 
Cloud computing - Risks and Mitigation - GTS
Cloud computing - Risks and Mitigation - GTSCloud computing - Risks and Mitigation - GTS
Cloud computing - Risks and Mitigation - GTS
 
2011 IIA Pittsburgh Grant Thornton LLP Presentation (Nov 2011)
2011 IIA Pittsburgh Grant Thornton LLP Presentation (Nov 2011)2011 IIA Pittsburgh Grant Thornton LLP Presentation (Nov 2011)
2011 IIA Pittsburgh Grant Thornton LLP Presentation (Nov 2011)
 
Getting Your IT Security Learners Ready for the Cloud with CCSK Certification
Getting Your IT Security Learners Ready for the Cloud with CCSK CertificationGetting Your IT Security Learners Ready for the Cloud with CCSK Certification
Getting Your IT Security Learners Ready for the Cloud with CCSK Certification
 
Modern Architectures
Modern ArchitecturesModern Architectures
Modern Architectures
 
7.5 steps to overlaying byod & iot
7.5 steps to overlaying byod & iot7.5 steps to overlaying byod & iot
7.5 steps to overlaying byod & iot
 
Security Strategies for Success
Security Strategies for SuccessSecurity Strategies for Success
Security Strategies for Success
 
Matrix Vision Deck
Matrix Vision DeckMatrix Vision Deck
Matrix Vision Deck
 
IT Service & Asset Management Better Together
IT Service & Asset Management Better TogetherIT Service & Asset Management Better Together
IT Service & Asset Management Better Together
 
Csa summit seguridad en el sddc
Csa summit seguridad en el sddcCsa summit seguridad en el sddc
Csa summit seguridad en el sddc
 
Enterprise Digital Assistants: How they can support you in your Credit, Colle...
Enterprise Digital Assistants: How they can support you in your Credit, Colle...Enterprise Digital Assistants: How they can support you in your Credit, Colle...
Enterprise Digital Assistants: How they can support you in your Credit, Colle...
 

Viewers also liked

Cloud security management by newvem
Cloud security management by newvemCloud security management by newvem
Cloud security management by newvem
Newvewm
 
Integrated Cloud Security
Integrated Cloud SecurityIntegrated Cloud Security
Integrated Cloud Security
OneLogin
 
Enterprise Cloud Risk And Security
Enterprise Cloud Risk And SecurityEnterprise Cloud Risk And Security
Enterprise Cloud Risk And Security
Mark Masterson
 
Data security in the cloud
Data security in the cloud Data security in the cloud
Data security in the cloud
IBM Security
 
AWS Summit Seoul 2015 - 국내 사례로 본 클라우드 운영 최적화 (이주완-메가존)
AWS Summit Seoul 2015 - 국내 사례로 본 클라우드 운영 최적화 (이주완-메가존)AWS Summit Seoul 2015 - 국내 사례로 본 클라우드 운영 최적화 (이주완-메가존)
AWS Summit Seoul 2015 - 국내 사례로 본 클라우드 운영 최적화 (이주완-메가존)
Amazon Web Services Korea
 
External Analysis Strategic Management Ljmu
External Analysis Strategic Management LjmuExternal Analysis Strategic Management Ljmu
External Analysis Strategic Management Ljmu
snoozed
 
Cloud security ppt
Cloud security pptCloud security ppt
Cloud security ppt
Venkatesh Chary
 

Viewers also liked (7)

Cloud security management by newvem
Cloud security management by newvemCloud security management by newvem
Cloud security management by newvem
 
Integrated Cloud Security
Integrated Cloud SecurityIntegrated Cloud Security
Integrated Cloud Security
 
Enterprise Cloud Risk And Security
Enterprise Cloud Risk And SecurityEnterprise Cloud Risk And Security
Enterprise Cloud Risk And Security
 
Data security in the cloud
Data security in the cloud Data security in the cloud
Data security in the cloud
 
AWS Summit Seoul 2015 - 국내 사례로 본 클라우드 운영 최적화 (이주완-메가존)
AWS Summit Seoul 2015 - 국내 사례로 본 클라우드 운영 최적화 (이주완-메가존)AWS Summit Seoul 2015 - 국내 사례로 본 클라우드 운영 최적화 (이주완-메가존)
AWS Summit Seoul 2015 - 국내 사례로 본 클라우드 운영 최적화 (이주완-메가존)
 
External Analysis Strategic Management Ljmu
External Analysis Strategic Management LjmuExternal Analysis Strategic Management Ljmu
External Analysis Strategic Management Ljmu
 
Cloud security ppt
Cloud security pptCloud security ppt
Cloud security ppt
 

Similar to Security Management in the Cloud

May 2013 Federal Cloud Computing Summit Keynote by David Cearly
May 2013 Federal Cloud Computing Summit Keynote by David CearlyMay 2013 Federal Cloud Computing Summit Keynote by David Cearly
May 2013 Federal Cloud Computing Summit Keynote by David Cearly
Tim Harvey
 
Becomming a cloud governance ninja linthicum interop fall 2013
Becomming a cloud governance ninja linthicum interop fall 2013Becomming a cloud governance ninja linthicum interop fall 2013
Becomming a cloud governance ninja linthicum interop fall 2013David Linthicum
 
Security for Cloud Computing: 10 Steps to Ensure Success V3.0
Security for Cloud Computing: 10 Steps to Ensure Success V3.0Security for Cloud Computing: 10 Steps to Ensure Success V3.0
Security for Cloud Computing: 10 Steps to Ensure Success V3.0
Cloud Standards Customer Council
 
Migrating Critical Applications To The Cloud - ISACA Seattle - Sanitized
Migrating Critical Applications To The Cloud - ISACA Seattle - SanitizedMigrating Critical Applications To The Cloud - ISACA Seattle - Sanitized
Migrating Critical Applications To The Cloud - ISACA Seattle - SanitizedNorm Barber
 
Migrating Critical Applications to the Cloud - isaca seattle - sanitized
Migrating Critical Applications to the Cloud - isaca seattle - sanitizedMigrating Critical Applications to the Cloud - isaca seattle - sanitized
Migrating Critical Applications to the Cloud - isaca seattle - sanitized
UnifyCloud
 
cloud computing - isaca conference 2012
cloud computing - isaca conference 2012cloud computing - isaca conference 2012
cloud computing - isaca conference 2012Jonathan Houston
 
The Identity-infused Enterprise
The Identity-infused EnterpriseThe Identity-infused Enterprise
The Identity-infused Enterprise
Novell
 
Moving Enterprise Applications to the Cloud
Moving Enterprise Applications to the CloudMoving Enterprise Applications to the Cloud
Moving Enterprise Applications to the Cloud
VISI
 
Performing One Audit Using Zero Trust Principles
Performing One Audit Using Zero Trust PrinciplesPerforming One Audit Using Zero Trust Principles
Performing One Audit Using Zero Trust Principles
ControlCase
 
Cloud Security: What you need to know about IBM SmartCloud Security
Cloud Security: What you need to know about IBM SmartCloud SecurityCloud Security: What you need to know about IBM SmartCloud Security
Cloud Security: What you need to know about IBM SmartCloud Security
IBM Security
 
chapitre1-cloud security basics-23 (1).pptx
chapitre1-cloud security basics-23 (1).pptxchapitre1-cloud security basics-23 (1).pptx
chapitre1-cloud security basics-23 (1).pptx
GhofraneFerchichi2
 
Zero Trust and Data Security
Zero Trust and Data SecurityZero Trust and Data Security
Zero Trust and Data Security
Career Communications Group
 
Cloud Visibility & Cloud Data Loss Prevention Approaches
Cloud Visibility & Cloud Data Loss Prevention Approaches Cloud Visibility & Cloud Data Loss Prevention Approaches
Cloud Visibility & Cloud Data Loss Prevention Approaches
CipherCloud
 
Getting Started with ThousandEyes Proof of Concepts
Getting Started with ThousandEyes Proof of ConceptsGetting Started with ThousandEyes Proof of Concepts
Getting Started with ThousandEyes Proof of Concepts
ThousandEyes
 
Getting Started With ThousandEyes Proof of Concepts: End User Digital Experience
Getting Started With ThousandEyes Proof of Concepts: End User Digital ExperienceGetting Started With ThousandEyes Proof of Concepts: End User Digital Experience
Getting Started With ThousandEyes Proof of Concepts: End User Digital Experience
ThousandEyes
 
Security in Cloud Computing
Security in Cloud ComputingSecurity in Cloud Computing
Security in Cloud Computing
Ashish Patel
 
Developing a cloud strategy - Presentation Nexon ABC Event
Developing a cloud strategy - Presentation Nexon ABC EventDeveloping a cloud strategy - Presentation Nexon ABC Event
Developing a cloud strategy - Presentation Nexon ABC Event
Nexon Asia Pacific
 
Bt idc event cloud adoption in ireland
Bt idc event cloud adoption in irelandBt idc event cloud adoption in ireland
Bt idc event cloud adoption in ireland
Fiona Sexton
 
Cloud Options for a Modern Architecture
Cloud Options for a Modern ArchitectureCloud Options for a Modern Architecture
Cloud Options for a Modern Architecture
Prolifics
 
Cloud Computing Risk Management (Multi Venue)
Cloud Computing Risk Management (Multi Venue)Cloud Computing Risk Management (Multi Venue)
Cloud Computing Risk Management (Multi Venue)Brian K. Dickard
 

Similar to Security Management in the Cloud (20)

May 2013 Federal Cloud Computing Summit Keynote by David Cearly
May 2013 Federal Cloud Computing Summit Keynote by David CearlyMay 2013 Federal Cloud Computing Summit Keynote by David Cearly
May 2013 Federal Cloud Computing Summit Keynote by David Cearly
 
Becomming a cloud governance ninja linthicum interop fall 2013
Becomming a cloud governance ninja linthicum interop fall 2013Becomming a cloud governance ninja linthicum interop fall 2013
Becomming a cloud governance ninja linthicum interop fall 2013
 
Security for Cloud Computing: 10 Steps to Ensure Success V3.0
Security for Cloud Computing: 10 Steps to Ensure Success V3.0Security for Cloud Computing: 10 Steps to Ensure Success V3.0
Security for Cloud Computing: 10 Steps to Ensure Success V3.0
 
Migrating Critical Applications To The Cloud - ISACA Seattle - Sanitized
Migrating Critical Applications To The Cloud - ISACA Seattle - SanitizedMigrating Critical Applications To The Cloud - ISACA Seattle - Sanitized
Migrating Critical Applications To The Cloud - ISACA Seattle - Sanitized
 
Migrating Critical Applications to the Cloud - isaca seattle - sanitized
Migrating Critical Applications to the Cloud - isaca seattle - sanitizedMigrating Critical Applications to the Cloud - isaca seattle - sanitized
Migrating Critical Applications to the Cloud - isaca seattle - sanitized
 
cloud computing - isaca conference 2012
cloud computing - isaca conference 2012cloud computing - isaca conference 2012
cloud computing - isaca conference 2012
 
The Identity-infused Enterprise
The Identity-infused EnterpriseThe Identity-infused Enterprise
The Identity-infused Enterprise
 
Moving Enterprise Applications to the Cloud
Moving Enterprise Applications to the CloudMoving Enterprise Applications to the Cloud
Moving Enterprise Applications to the Cloud
 
Performing One Audit Using Zero Trust Principles
Performing One Audit Using Zero Trust PrinciplesPerforming One Audit Using Zero Trust Principles
Performing One Audit Using Zero Trust Principles
 
Cloud Security: What you need to know about IBM SmartCloud Security
Cloud Security: What you need to know about IBM SmartCloud SecurityCloud Security: What you need to know about IBM SmartCloud Security
Cloud Security: What you need to know about IBM SmartCloud Security
 
chapitre1-cloud security basics-23 (1).pptx
chapitre1-cloud security basics-23 (1).pptxchapitre1-cloud security basics-23 (1).pptx
chapitre1-cloud security basics-23 (1).pptx
 
Zero Trust and Data Security
Zero Trust and Data SecurityZero Trust and Data Security
Zero Trust and Data Security
 
Cloud Visibility & Cloud Data Loss Prevention Approaches
Cloud Visibility & Cloud Data Loss Prevention Approaches Cloud Visibility & Cloud Data Loss Prevention Approaches
Cloud Visibility & Cloud Data Loss Prevention Approaches
 
Getting Started with ThousandEyes Proof of Concepts
Getting Started with ThousandEyes Proof of ConceptsGetting Started with ThousandEyes Proof of Concepts
Getting Started with ThousandEyes Proof of Concepts
 
Getting Started With ThousandEyes Proof of Concepts: End User Digital Experience
Getting Started With ThousandEyes Proof of Concepts: End User Digital ExperienceGetting Started With ThousandEyes Proof of Concepts: End User Digital Experience
Getting Started With ThousandEyes Proof of Concepts: End User Digital Experience
 
Security in Cloud Computing
Security in Cloud ComputingSecurity in Cloud Computing
Security in Cloud Computing
 
Developing a cloud strategy - Presentation Nexon ABC Event
Developing a cloud strategy - Presentation Nexon ABC EventDeveloping a cloud strategy - Presentation Nexon ABC Event
Developing a cloud strategy - Presentation Nexon ABC Event
 
Bt idc event cloud adoption in ireland
Bt idc event cloud adoption in irelandBt idc event cloud adoption in ireland
Bt idc event cloud adoption in ireland
 
Cloud Options for a Modern Architecture
Cloud Options for a Modern ArchitectureCloud Options for a Modern Architecture
Cloud Options for a Modern Architecture
 
Cloud Computing Risk Management (Multi Venue)
Cloud Computing Risk Management (Multi Venue)Cloud Computing Risk Management (Multi Venue)
Cloud Computing Risk Management (Multi Venue)
 

Recently uploaded

DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
OnBoard
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
DianaGray10
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
Paul Groth
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
UiPathCommunity
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Ramesh Iyer
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
CatarinaPereira64715
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Product School
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Tobias Schneck
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
Product School
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Product School
 
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxIOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
Abida Shariff
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
Elena Simperl
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
Product School
 

Recently uploaded (20)

DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
 
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxIOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
 

Security Management in the Cloud

  • 1. Reigning in the Cloud: Regaining control of your Hybrid Cloud environment Gary Ardito Chief Architect, Cloud Service Provider Solutions Gary.Ardito@NetIQ.com
  • 2. © 2012 NetIQ Corporation. All rights reserved.2 Who am I? o 30 years solving business problems with technology o 15 + years as as principal architect – solutions that matter – Fortune 500, .com, Non Profits, Olympic Games o Consulted on business inhibitors, technology enablers and risk mitigation – thought leadership to move businesses forward o Historical leader of Identity and Access Management Market o Market leading products across Identity, Access, SIEM, and Compliance Management o Enabling cloud adoption by powering both service providers and enterprises
  • 3. © 2012 NetIQ Corporation. All rights reserved.3 Why are we here? o Cloud use is expanding and maturing … we are all moving to a hybrid cloud future o Mobile, Social, BYOD and the Internet Of Things are all reeking havoc with our security management o Current security management approaches are broken o Challenges exist for both Service Providers and Enterprises
  • 4. © 2012 NetIQ Corporation. All rights reserved.4 The Intelligent combination of internal and external resources to deliver the right mix of cost savings, service levels and business agility. Start with the Hybrid Cloud
  • 5. © 2012 NetIQ Corporation. All rights reserved.5 Add new computing contexts Users are driving change. Mobility BYOD Social IdentityCloud Enterprise Service Provider
  • 6. © 2012 NetIQ Corporation. All rights reserved.6 With new and unprecedented challenges New, Persistent Threats Expanding Computing Environment Business / Mission Keeps Moving Staff Stretched Thin Constant change & complexity results in lack of control and visibility
  • 7. © 2012 NetIQ Corporation. All rights reserved.7 How do we regain control?  Protection: Strongly enforce access, compliance, security and behavioral policies across all computing domains  Awareness: Capture activity with context for all events across the breadth of your computing environment  Visibility: Provide role-specific, business level dashboards exposing critical activity and patterns  Action: Policy based, real-time action based on appropriate remediation strategies
  • 8. © 2012 NetIQ Corporation. All rights reserved.8 Physical Virtual Cloud Secure Measure Manage Identity, Access, and Compliance Operational and SLA Dashboards Migrations, DR, and Brokering FIREWALL INTERNAL CLOUD (on-premise) EXTERNAL CLOUD (off-premise) Hybrid Cloud Requires new management frameworks.
  • 9. © 2012 NetIQ Corporation. All rights reserved.9 Hybrid Cloud Environment It starts with IDENTITY Access Mgmt Identity & Context Identity Management Awareness & Visibility
  • 10. © 2012 NetIQ Corporation. All rights reserved.10 Who and what interacts with the computing environment? What behavior do I expect of each identity? • Benefits of an Identity fabric include: • Manages full lifecycle of user/device identities and privileges • Ensures that identities have the right access to right resources • Traces all activity to the identity responsible – contextual accountability • Keeps sensitive information protected regardless of location and method of access • Keeps security credentials protected Start with a Strong Identity Fabric
  • 11. © 2012 NetIQ Corporation. All rights reserved.11 Go beyond with “Identity Context” • Deliver additional, rich context about users and events to security monitoring tools • See “who” the individual is; know if their activities are business-appropriate. – Integrate identity intelligence with security monitoring – Roles, access rights, permissions – Increase visibility and control across complex IT landscape – Cloud, mobile, virtual
  • 12. © 2012 NetIQ Corporation. All rights reserved.12 Go further with “Identity Context” Speed response times to threats and reduce the compliance effort. • Identify when user activity is unusual, anomalous or outside normal business practices • Demonstrate that access is under control, meets compliance requirements Andy Anderson What actions have they been performing in those applications? What applications has this user been using? What privilege changes have been applied?
  • 13. © 2012 NetIQ Corporation. All rights reserved.13 Leverage the Identity Fabric Access can be a service consumed from a cloud provider or provided within the organization Access control MUST include the following: - Federated Identity Controls - Multi domain - Cloud awareness - Audit history of cloud activity Then Access Management….
  • 14. © 2012 NetIQ Corporation. All rights reserved.14 Problem… CLOUD RESOURCES • Separate accounts exist in cloud-based resources • Creating accounts in cloud services is a manual process, whether IT creates the account or if the user creates the account • Users must remember separate passwords for each cloud service, and often use their credentials • No compliance reporting of user activity in the cloud service Corporate credentials No single sign- on or strong authentication Manual process IT department No reporting
  • 15. © 2012 NetIQ Corporation. All rights reserved.15 Solution… CLOUD RESOURCES • Provide an automated process to provision user accounts to the cloud resources • Provide secure single sign-on to the cloud services w/o the credentials leaving the security realm • Provide the ability for users to securely access the cloud service inside or outside of the organization • Provide compliance reporting of the users’ activities in the cloud service Corporate credentials Single sign-on and strong authentication Automatic process IT department Full reporting Cloud Access
  • 16. © 2012 NetIQ Corporation. All rights reserved.16 Results… ENFORCED SECURITY to the Cloud without impacting existing infrastructure Onsite IAM Cloud Resources Provisioning / de-provisioning Compliance event reporting Strong AuthN SSO LDAP directories Federated
  • 17. © 2012 NetIQ Corporation. All rights reserved.17 With Continuous Monitoring and Compliance • Maintain security and compliance processes to defend against attacks. • Implement a lifecycle approach to reduce risk from threats. – Define and refine processes – Good security should be the goal, not “passing the audit.” Policy Assess Evaluate Risk AuditRemediate
  • 18. © 2012 NetIQ Corporation. All rights reserved.18 More On Continuous Compliance Need to close security and compliance gaps by combining user provisioning, access management, security monitoring, privileged user management. Provide process automation working in real time ensuring compliance with predefined policies. Provide both data correlation and anomaly detection to address known and unknown risk areas. Provide real-time event alerts and remediation based on policy.
  • 19. © 2012 NetIQ Corporation. All rights reserved.19
  • 20. © 2012 NetIQ Corporation. All rights reserved.20 NEEDED: both business and technical views of what’s happening across your hybrid cloud infrastructure. An effective visibility solution must include: Role-based dashboards based on the image required for the user to do their job Business metrics tie-in as basis of upcoming business decisions based on data provided Aggregation and analysis of events occurring on-premise and across all cloud environments And Visibility…
  • 21. © 2012 NetIQ Corporation. All rights reserved.21 EFFECTIVE VISIBILITY solutions must include: • Integrate & correlate cross domain data into one centralized dashboard • Automatically model IT, application, & business services • Intuitive, role-based “service view” speeds problem isolation • Built-in impact & root-cause analysis to shorten resolution time by 50%, or more More on Visibility…
  • 22. © 2012 NetIQ Corporation. All rights reserved.22 ADM SLM CMDB360 Asset Data Compliance Data Business Metrics Configuration DataIT Management Data Discovery Data • Integrates & correlates existing IT data into one centralized dashboard • Automatically models IT, application, & business services • Intuitive, role-based “service view” speeds problem isolation • Built-in impact & root- cause analysis shortens resolution time by 50%, or more Single Pane of Glass View
  • 23. © 2012 NetIQ Corporation. All rights reserved.23 It’s possible: a secure, compliant multi-domain environment 1. You must start with a strong on-premise identity platform 2. You must architect for loosely coupled, federated access to cloud and on-premise services 3. You must leverage technologies designed to include cloud domains 4. You must select service providers that support your multi-domain management architecture.
  • 24. © 2012 NetIQ Corporation. All rights reserved.24 About NetIQ • Provide expertise and experience in Identity, Access Management and Security Management • Help reduce number of privileged users • Reduce and manage privileges • Monitor users and look for unusual activity • Provide visibility into access rights to critical resources • Harden systems against attackers
  • 25. © 2012 NetIQ Corporation. All rights reserved.25
  • 26. © 2012 NetIQ Corporation. All rights reserved.26 Powering Cloud Service Providers NetIQ Cloud Manager NetIQ Services Director Monetizable As A Service Offerings Infrastructure Marketplace & Deployment Monitoring Identity Management Access Management SEIM Privileged User Mgmt Identity Management Access Management Compliance Management Infrastructure Disaster Recovery Migrating to Cloud SLA Dashboards Monitoring Governance
  • 27. © 2012 NetIQ Corporation. All rights reserved.27
  • 28. © 2012 NetIQ Corporation. All rights reserved.28 +1 713.548.1700 (Worldwide) 888.323.6768 (Toll-free) info@netiq.com NetIQ.com Worldwide Headquarters 1233 West Loop South Suite 810 Houston, TX 77027 USA http://community.netiq.com
  • 29. This document could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein. These changes may be incorporated in new editions of this document. NetIQ Corporation may make improvements in or changes to the software described in this document at any time. Copyright © 2013 NetIQ Corporation. All rights reserved. ActiveAudit, ActiveView, Aegis, AppManager, Change Administrator, Change Guardian, Compliance Suite, the cube logo design, Directory and Resource Administrator, Directory Security Administrator, Domain Migration Administrator, Exchange Administrator, File Security Administrator, Group Policy Administrator, Group Policy Guardian, Group Policy Suite, IntelliPolicy, Knowledge Scripts, NetConnect, NetIQ, the NetIQ logo, PSAudit, PSDetect, PSPasswordManager, PSSecure, Secure Configuration Manager, Security Administration Suite, Security Manager, Server Consolidator, VigilEnt, and Vivinet are trademarks or registered trademarks of NetIQ Corporation or its subsidiaries in the United States and other countries.

Editor's Notes

  1. Market Trends are Driving Change.
  2. 1 - Threat vectors constantly expanding – targeted attacks are well funded, patient, will use social media to identify insiders with ‘trusted’ access and find means to assume their ‘privileged’ credentials – often with very simple methods such as phishing email. Attacks are methodical, targeted and patient in their approach – quietly seek footholds towards targets of value. In the Heartland Payment Systems hack, hackers spent 6 months lurking within Heartland’s corporate network, patiently identifying key users with privileged access to key resources BEFORE they made their move to enter Heartland’s processing systems.Groups now using Dropbox and WordPress to distribute malware and initial command and control staging. When attackers get inside and assume access privileges of a trusted user, it can be very, very difficult to discern activity that is normal and proper from that which is maliciously working to gain stronger footholds of unauthorized control. John Kindervag tells story of hackers who gained admin access to a little used and poorly tuned enterprise network. It was later discovered that the hackers actually improved the configuration and performance of that network to boost the efficiency of their exfiltration operations. On the surface, such administration work sounds reasonable enough, but--maybe not.2 – The computing environment is constantly changing---- virtualization, cloud, BYOD/mobility. Often, security as an afterthought.3 – IT Security resources are likely stretched too thin, across multiple projects with conflicting priorities----and with less budget and time. 4 - With or without you, the business is going to keep moving forward --and will always side with productivity over security. ….constant change coupled with constant complexity adds up to loss of control and visibility – putting information assets at significant risk.