Srinivas Thimmaiah, profile picture
Uploaded bySrinivas Thimmaiah
PPTX, PDF47 views

Cloud Security - Reality or Illusion

The document discusses cloud security and the risks associated with cloud adoption. It begins with an introduction to cloud computing models including infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service (SaaS). The document then outlines public, private, community, and hybrid cloud deployment models and trends in cloud adoption for 2017. It identifies policy/organization, technical, legal, and generic risks of cloud computing and concludes with recommendations around effective onboarding, vendor analysis, risk management and contract management when adopting cloud services.

Embed presentation

Download to read offline
Cloud Security Reality or Illusion By:Srinivas Thimmaiah Date: 11 Mar 2017 Srinivas Thimmaiah | Cloud Security | 11 Mar 2017 1
About me Srinivas Thimmaiah | Cloud Security | 11 Mar 2017 Page 2 An seasoned Information Security professional, speaker & blogger having around 13+ years of rich and insightful work experience in the areas of Information Security Assurance, Governance, Risk Management, BCM, Supplier Management, Awareness, IT Security, operational excellence and also in influencing team members and management. CISM, ISO 27001 certified, CISCO certified Information Security & IT Security experienced professional.
Agenda  Cloud Ecosystem  Whatis Cloud computing  Cloudservices  Deploymentmodels  Cloud adoption trends 2017  Cloud Risks  Conclusion Srinivas Thimmaiah | Cloud Security | 11 Mar 2017 Page 3
CloudEcosystem Cloud computing is the delivery of computing services—servers, storage, databases, networking, software, analytics and more—over the Internet (“the cloud”). Srinivas Thimmaiah | Cloud Security | 11 Mar 2017 Page 4 Source: Microsoft Rapid Elasticity Broad Network Access Measure service On-demand self-service Resource pooling Characteristics of Cloud Computing
CloudEcosystem Srinivas Thimmaiah | Cloud Security | 11 Mar 2017 Page 5 Cloud Service Models Infrastructure as a Service Platform as a Service Software as a Service Application platform or middleware as a service on which developers can build and deploy custom applications Compute, storage, IT infra as a service, rather than as dedicated capability End-user applications delivered as a service rather than on-premises software SaaS (consume) PaaS (build) IaaS (host)
CloudEcosystem Srinivas Thimmaiah | Cloud Security | 11 Mar 2017 Page 6 Public Private CommunityHybrid Cloud Deployment Models
CloudEcosystem Srinivas Thimmaiah | Cloud Security | 11 Mar 2017 Page 7 Public Private CommunityHybrid Cloud Deployment Models  Provisioned by general public  Exists on the premise of the cloud provider  May be owned, managed by business, government or a combination Organizations Google Zoho Salesforce Microsoft AmazonYahoo Rackspace
Public Private CommunityHybrid CloudEcosystem Srinivas Thimmaiah | Cloud Security | 11 Mar 2017 Page 8 Cloud Deployment Models  Provisioned for single organization  May exist on or off site  May be managed by organization or outsourced
CloudEcosystem Srinivas Thimmaiah | Cloud Security | 11 Mar 2017 Page 9 Public Private Community Cloud Hybrid  Provisioned for exclusive use by a specific community  May be managed by one or more of the community organizations  May be managed by community organization or outsourced Cloud Deployment Models Community of Organizations
CloudEcosystem Srinivas Thimmaiah | Cloud Security | 11 Mar 2017 Page 10 Public Private CommunityHybrid  Combination of two or more distinct cloud infrastructures Cloud Deployment Models Public Cloud Private Cloud Organization
Cloudadoptiontrends of2017 Srinivas Thimmaiah | Cloud Security | 11 Mar 2017 Page 11 Source: Rightscale 2016 State of the Cloud Report Public Cloud Private Cloud Hybrid Cloud Any Cloud 88% 89% 89% 63% 77% 72% 58% 71% 67% 93% 95% 95%
CloudRisks Srinivas Thimmaiah | Cloud Security | 11 Mar 2017 Page 12 Risks Policy & Organization Risks Technical Risks Legal Risks Generic Risks Source: csaguide
CloudRisks Srinivas Thimmaiah | Cloud Security | 11 Mar 2017 Page 13 Lock-in Loss of governance Compliance challenges Loss of business reputation due to cotenant activities Cloud service termination or failure Cloud provider acquisition Supply chain failure Policy & Organization risks Source: csaguide
CloudRisks Srinivas Thimmaiah | Cloud Security | 11 Mar 2017 Page 14 Resource exhaustion (under or over provisioning) Isolation failure Cloud provider malicious insider – abuse of high privilege roles Management interface compromise (manipulation, availability of infrastructure) Intercepting data in transit Insecure of ineffective deletion of data Data leakage on up/download, intra-cloud Distributed denial of service (DDOS) Economic denial of service (EDOS) Loss of encryption keys Undertaking malicious probes or scans Compromise server engine Technical risks Source: csaguide
CloudRisks Srinivas Thimmaiah | Cloud Security | 11 Mar 2017 Page 15 Risk from changes of jurisdiction Licensing risks Data protection risks Subpoena and e-discovery Legal risks Source: csaguide
CloudRisks Srinivas Thimmaiah | Cloud Security | 11 Mar 2017 Page 16 Modifying network traffic Privilege escalation Loss or compromise of security logs Network management (i.e, network congestion/mis-connection/non-optimal use) Backup lost, stolen Unauthorized access to premises Natural disaster Theft of computer equipment Network breaks Social engineering attacks Loss or compromise of operational logs Generic risks Source: csaguide
Conclusion Srinivas Thimmaiah | Cloud Security | 11 Mar 2017 Page 17  Effective onboarding process  Vendor analysis  Risk management  Contract Management  Justification for cloud adoption  Re-visit the services  Monitoring the services Source: From Body to Spirit; From Illusion to Reality
Srinivas Thimmaiah | Cloud Security | 11 Mar 2017 Page 18
Srinivas Thimmaiah | Cloud Security | 11 Mar 2017 Page 19
Srinivas Thimmaiah | Cloud Security | 11 Mar 2017 Page 20 https://www.google.co.in/search?q=road+with+car&biw=1920&bih=935&source=lnms&tbm=isch&sa=X&ved= 0ahUKEwiGx- W6va_SAhVI_iwKHULgBTwQ_AUIBigB#tbm=isch&q=cloud+security+icon&*&imgrc=QnwqNekhOpC6-M: https://www.google.co.in/search?q=road+with+car&biw=1920&bih=935&source=lnms&tbm=isch&sa=X&ved= 0ahUKEwiGx- W6va_SAhVI_iwKHULgBTwQ_AUIBigB#tbm=isch&q=cars+on+highway&*&imgrc=WRHPKYuTO2knwM: References

More Related Content

PDF
Maintaining Visibility and Control as Workers and Apps Scatter
byForcepoint LLC
 
PPTX
Cloudy with a Chance of...Visibility, Accountability & Security
byForcepoint LLC
 
PDF
Security Insights for Mission-Critical Networks
byForcepoint LLC
 
PPTX
Annoyance to Annihilation: Assessing Privacy Risk
byProtecture Ltd
 
PDF
Keynote session – Mitigate risks and stay compliant with Chris Bridgland and ...
byVeritas Technologies LLC
 
PPTX
C-Level tools for Cloud security
byVladimir Jirasek
 
PDF
Embracing the Millennial Tsunami
byForcepoint LLC
 
PPT
David Smith gfke 2014
byinnovationoecd
 
Maintaining Visibility and Control as Workers and Apps Scatter
byForcepoint LLC
 
Cloudy with a Chance of...Visibility, Accountability & Security
byForcepoint LLC
 
Security Insights for Mission-Critical Networks
byForcepoint LLC
 
Annoyance to Annihilation: Assessing Privacy Risk
byProtecture Ltd
 
Keynote session – Mitigate risks and stay compliant with Chris Bridgland and ...
byVeritas Technologies LLC
 
C-Level tools for Cloud security
byVladimir Jirasek
 
Embracing the Millennial Tsunami
byForcepoint LLC
 
David Smith gfke 2014
byinnovationoecd
 

What's hot

PPTX
2012 10 cloud security architecture
byVladimir Jirasek
 
PPTX
DDoS mitigation at Jisc
byJisc
 
PDF
CISO Application presentation - Babylon health security
byDinis Cruz
 
PPTX
An Inside-Out Approach to Security in Financial Services
byForcepoint LLC
 
PDF
Nils Puhlmann Ncoic Slides
byGovCloud Network
 
PDF
The benefits of police and industry investigation - NPCC Conference
byDinis Cruz
 
PDF
Worry free security breach - Gemalto
byHarry Gunns
 
PDF
Dell Solutions Tour 2015 - Security in the cloud, Ramses Gallego, Security St...
byKenneth de Brucq
 
PDF
7. Big data proposal to go lean in public
byMrsAlways RigHt
 
PDF
Fish Net Security Overview
bytbeckwith
 
PDF
Modern security using graphs, automation and data science
byDinis Cruz
 
PDF
Serverless Security Workflows - cyber talks - 19th nov 2019
byDinis Cruz
 
PPTX
Best cybersecurity services for organizations
bywilsonconsulting1
 
PDF
Jason Tooley – Welcome to Vision Solution Day EMEA
byVeritas Technologies LLC
 
PPTX
Netpluz Managed Cyber Security
byNetpluz Asia Pte Ltd
 
PDF
JNeiditz NLJ Trailblazers 2016
byJon Neiditz
 
PPTX
JoTechies - Azure Cloud Security
byJoTechies
 
PPTX
JoTechies - Infrastructure as a Service IaaS
byJoTechies
 
PPTX
Wilson Consulting Group
bywilsonconsulting1
 
PPTX
Cybersecurity Service Provider
byVishvendra Saini
 
2012 10 cloud security architecture
byVladimir Jirasek
 
DDoS mitigation at Jisc
byJisc
 
CISO Application presentation - Babylon health security
byDinis Cruz
 
An Inside-Out Approach to Security in Financial Services
byForcepoint LLC
 
Nils Puhlmann Ncoic Slides
byGovCloud Network
 
The benefits of police and industry investigation - NPCC Conference
byDinis Cruz
 
Worry free security breach - Gemalto
byHarry Gunns
 
Dell Solutions Tour 2015 - Security in the cloud, Ramses Gallego, Security St...
byKenneth de Brucq
 
7. Big data proposal to go lean in public
byMrsAlways RigHt
 
Fish Net Security Overview
bytbeckwith
 
Modern security using graphs, automation and data science
byDinis Cruz
 
Serverless Security Workflows - cyber talks - 19th nov 2019
byDinis Cruz
 
Best cybersecurity services for organizations
bywilsonconsulting1
 
Jason Tooley – Welcome to Vision Solution Day EMEA
byVeritas Technologies LLC
 
Netpluz Managed Cyber Security
byNetpluz Asia Pte Ltd
 
JNeiditz NLJ Trailblazers 2016
byJon Neiditz
 
JoTechies - Azure Cloud Security
byJoTechies
 
JoTechies - Infrastructure as a Service IaaS
byJoTechies
 
Wilson Consulting Group
bywilsonconsulting1
 
Cybersecurity Service Provider
byVishvendra Saini
 

Viewers also liked

PPTX
Ransomware - Friend or Foe
bySrinivas Thimmaiah
 
PPTX
3Com 1694-210-050-2.00
bysavomir
 
PDF
Edukits
byEsperanza Sosa Meza
 
PDF
200701041325040.leng4bu1al
byDamarys Morin
 
PPTX
Medicina röbotica
byDidi Platas
 
PPTX
3Com 03-0172-300
bysavomir
 
DOCX
CIO - The top 3 challenges
bySrinivas Thimmaiah
 
PDF
Compresor de archivos mzf
byMaria Zas
 
PPTX
Technology Enhanced Learning and Innovative pedagogy
byDavid Biggins
 
PPTX
Italialaiset maaliskuu
byLaila Bröcker
 
PPTX
Buscar v, filtros y macros
byStiven García Flórez
 
PPS
Da vincicode
byGoal Consultancy
 
PPTX
Evaluation Question 2
byj7ralph
 
PPTX
Question 1
bySayema Begum
 
Ransomware - Friend or Foe
bySrinivas Thimmaiah
 
3Com 1694-210-050-2.00
bysavomir
 
Edukits
byEsperanza Sosa Meza
 
200701041325040.leng4bu1al
byDamarys Morin
 
Medicina röbotica
byDidi Platas
 
3Com 03-0172-300
bysavomir
 
CIO - The top 3 challenges
bySrinivas Thimmaiah
 
Compresor de archivos mzf
byMaria Zas
 
Technology Enhanced Learning and Innovative pedagogy
byDavid Biggins
 
Italialaiset maaliskuu
byLaila Bröcker
 
Buscar v, filtros y macros
byStiven García Flórez
 
Da vincicode
byGoal Consultancy
 
Evaluation Question 2
byj7ralph
 
Question 1
bySayema Begum
 

Similar to Cloud Security - Reality or Illusion

PPTX
Cloud Seeding
byTrish McGinity, CCSK
 
PPTX
Cloud Computing dominated by AI in modern world
byDhruvPatel79152
 
PPTX
40369A Microsoft Cloud Fundamentals - Chapter 1
byAndersPistaceci1
 
PPT
Effectively and Securely Using the Cloud Computing Paradigm
byfanc1985
 
PDF
cloud1_aggy.pdf
byAkhileshKumar241470
 
PPT
Presentation on Effectively and Securely Using the Cloud Computing Paradigm v26
byBill Annibell
 
PPT
Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26
byTT L
 
PDF
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah Sheikh
byShah Sheikh
 
PDF
ISACA Cloud Computing Risks
byMarc Vael
 
PDF
Security Considerations When Using Cloud Infrastructure Services.pdf
byCiente
 
PDF
Securing the Cloud by Matthew Rosenquist 2016
byMatthew Rosenquist
 
PDF
Securing The Journey To The Cloud
byNiloufer Tamboly CISSP, CPA, CIA, CISA, CFE
 
PDF
Wp esg-5-considerations-hybrid-clouds
byFaisal Farooq
 
PPTX
Connections Cloud Talk
byBrian Schaeffer
 
PDF
Epaper
byAniaPaplaCardenal
 
PDF
Thin Air or Solid Ground? Practical Cloud Security
byDan Fitzgerald, CISSP, CIPM
 
PPTX
Cloud computing - Assessing the Security Risks - Jared Carstensen
byjaredcarst
 
PDF
Resetting Your Security Thinking for the Public Cloud
byMighty Guides, Inc.
 
PDF
Securing The Clouds with The Standard Best Practices-1.pdf
byChinatu Uzuegbu
 
PDF
How Secure Is Cloud
byWilliam Lam
 
Cloud Seeding
byTrish McGinity, CCSK
 
Cloud Computing dominated by AI in modern world
byDhruvPatel79152
 
40369A Microsoft Cloud Fundamentals - Chapter 1
byAndersPistaceci1
 
Effectively and Securely Using the Cloud Computing Paradigm
byfanc1985
 
cloud1_aggy.pdf
byAkhileshKumar241470
 
Presentation on Effectively and Securely Using the Cloud Computing Paradigm v26
byBill Annibell
 
Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26
byTT L
 
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah Sheikh
byShah Sheikh
 
ISACA Cloud Computing Risks
byMarc Vael
 
Security Considerations When Using Cloud Infrastructure Services.pdf
byCiente
 
Securing the Cloud by Matthew Rosenquist 2016
byMatthew Rosenquist
 
Securing The Journey To The Cloud
byNiloufer Tamboly CISSP, CPA, CIA, CISA, CFE
 
Wp esg-5-considerations-hybrid-clouds
byFaisal Farooq
 
Connections Cloud Talk
byBrian Schaeffer
 
Epaper
byAniaPaplaCardenal
 
Thin Air or Solid Ground? Practical Cloud Security
byDan Fitzgerald, CISSP, CIPM
 
Cloud computing - Assessing the Security Risks - Jared Carstensen
byjaredcarst
 
Resetting Your Security Thinking for the Public Cloud
byMighty Guides, Inc.
 
Securing The Clouds with The Standard Best Practices-1.pdf
byChinatu Uzuegbu
 
How Secure Is Cloud
byWilliam Lam
 

Recently uploaded

PPTX
CaseStudy-CloudMigration -For USE CASE -Customer Success Info -6-Aug-25.pptx
bywinlentech
 
PDF
ARTIFICIAL INTELLIGENCE DEVELOPMENT SERVICE
bydavidjohansen1597
 
PDF
ARTIFICIAL INTELLIGENCE DEVELOPMENT SERVICE
bydavidjohansen1597
 
PPTX
Lesson 5 - Cyber attack Pt 3 - Matsuhashi.pptx
byOmar Fernandez
 
PPTX
mc l2 Overview of Computer and Web-Technology.pptx
byavanikharde
 
PPT
Lecture_3 Network Securityeyeyggegeg.ppt
bysawsan202
 
PPT
Lecture_3 Network Securityyyeyeyyeeyyeywy.ppt
bysawsan202
 
PPTX
Bibhav Singh.pptx it's very useful for us it's in very good and very nice
byabhishekjaiswal5th33
 
PPT
html-forms in web development-courseICT.
bymadz33
 
PPTX
Abhishek Jaiswal.ppt.pptx for you it is very useful for me and I am sharing w...
byabhishekjaiswal5th33
 
PDF
Key Duties and Roles of an Ecommerce Developer Singapore
byHachi Web Solution
 
DOCX
BestMaker.ai: The Complete Brand Story, Founder's Vision, and AI Creative Pla...
byssuser7381d6
 
PDF
Design For Test - Getting Test Automation value from Design Expressions.
byDavid Harrison
 
PPTX
Ideathon template.pptx it is a ideathon template
bykonav71133
 
PPTX
SriLank SLT LTE Network Sharing V2.pptx
bynthuang
 
PPTX
Computer Science Degree for College .pptx
byHanenek1
 
PPTX
Types of Cryptograph Symmetric Ceaser cipher and also about Assymetric
byhamzaabdulqadeer11
 
PPT
Memory Organization In Assembly Language
byumairmuhammad0409
 
PPTX
PRITHVI theater, A true artist. Newzfeaturez.pptx
bysc05digital
 
PPTX
COĞRAFYA ödevi 70 sayfa güzeldir hayırlı olsun
bydtilter
 
CaseStudy-CloudMigration -For USE CASE -Customer Success Info -6-Aug-25.pptx
bywinlentech
 
ARTIFICIAL INTELLIGENCE DEVELOPMENT SERVICE
bydavidjohansen1597
 
ARTIFICIAL INTELLIGENCE DEVELOPMENT SERVICE
bydavidjohansen1597
 
Lesson 5 - Cyber attack Pt 3 - Matsuhashi.pptx
byOmar Fernandez
 
mc l2 Overview of Computer and Web-Technology.pptx
byavanikharde
 
Lecture_3 Network Securityeyeyggegeg.ppt
bysawsan202
 
Lecture_3 Network Securityyyeyeyyeeyyeywy.ppt
bysawsan202
 
Bibhav Singh.pptx it's very useful for us it's in very good and very nice
byabhishekjaiswal5th33
 
html-forms in web development-courseICT.
bymadz33
 
Abhishek Jaiswal.ppt.pptx for you it is very useful for me and I am sharing w...
byabhishekjaiswal5th33
 
Key Duties and Roles of an Ecommerce Developer Singapore
byHachi Web Solution
 
BestMaker.ai: The Complete Brand Story, Founder's Vision, and AI Creative Pla...
byssuser7381d6
 
Design For Test - Getting Test Automation value from Design Expressions.
byDavid Harrison
 
Ideathon template.pptx it is a ideathon template
bykonav71133
 
SriLank SLT LTE Network Sharing V2.pptx
bynthuang
 
Computer Science Degree for College .pptx
byHanenek1
 
Types of Cryptograph Symmetric Ceaser cipher and also about Assymetric
byhamzaabdulqadeer11
 
Memory Organization In Assembly Language
byumairmuhammad0409
 
PRITHVI theater, A true artist. Newzfeaturez.pptx
bysc05digital
 
COĞRAFYA ödevi 70 sayfa güzeldir hayırlı olsun
bydtilter
 

Cloud Security - Reality or Illusion

  • 1.
    Cloud Security Reality orIllusion By:Srinivas Thimmaiah Date: 11 Mar 2017 Srinivas Thimmaiah | Cloud Security | 11 Mar 2017 1
  • 2.
    About me Srinivas Thimmaiah| Cloud Security | 11 Mar 2017 Page 2 An seasoned Information Security professional, speaker & blogger having around 13+ years of rich and insightful work experience in the areas of Information Security Assurance, Governance, Risk Management, BCM, Supplier Management, Awareness, IT Security, operational excellence and also in influencing team members and management. CISM, ISO 27001 certified, CISCO certified Information Security & IT Security experienced professional.
  • 3.
    Agenda  Cloud Ecosystem Whatis Cloud computing  Cloudservices  Deploymentmodels  Cloud adoption trends 2017  Cloud Risks  Conclusion Srinivas Thimmaiah | Cloud Security | 11 Mar 2017 Page 3
  • 4.
    CloudEcosystem Cloud computing isthe delivery of computing services—servers, storage, databases, networking, software, analytics and more—over the Internet (“the cloud”). Srinivas Thimmaiah | Cloud Security | 11 Mar 2017 Page 4 Source: Microsoft Rapid Elasticity Broad Network Access Measure service On-demand self-service Resource pooling Characteristics of Cloud Computing
  • 5.
    CloudEcosystem Srinivas Thimmaiah |Cloud Security | 11 Mar 2017 Page 5 Cloud Service Models Infrastructure as a Service Platform as a Service Software as a Service Application platform or middleware as a service on which developers can build and deploy custom applications Compute, storage, IT infra as a service, rather than as dedicated capability End-user applications delivered as a service rather than on-premises software SaaS (consume) PaaS (build) IaaS (host)
  • 6.
    CloudEcosystem Srinivas Thimmaiah |Cloud Security | 11 Mar 2017 Page 6 Public Private CommunityHybrid Cloud Deployment Models
  • 7.
    CloudEcosystem Srinivas Thimmaiah |Cloud Security | 11 Mar 2017 Page 7 Public Private CommunityHybrid Cloud Deployment Models  Provisioned by general public  Exists on the premise of the cloud provider  May be owned, managed by business, government or a combination Organizations Google Zoho Salesforce Microsoft AmazonYahoo Rackspace
  • 8.
    Public Private CommunityHybrid CloudEcosystem Srinivas Thimmaiah |Cloud Security | 11 Mar 2017 Page 8 Cloud Deployment Models  Provisioned for single organization  May exist on or off site  May be managed by organization or outsourced
  • 9.
    CloudEcosystem Srinivas Thimmaiah |Cloud Security | 11 Mar 2017 Page 9 Public Private Community Cloud Hybrid  Provisioned for exclusive use by a specific community  May be managed by one or more of the community organizations  May be managed by community organization or outsourced Cloud Deployment Models Community of Organizations
  • 10.
    CloudEcosystem Srinivas Thimmaiah |Cloud Security | 11 Mar 2017 Page 10 Public Private CommunityHybrid  Combination of two or more distinct cloud infrastructures Cloud Deployment Models Public Cloud Private Cloud Organization
  • 11.
    Cloudadoptiontrends of2017 Srinivas Thimmaiah| Cloud Security | 11 Mar 2017 Page 11 Source: Rightscale 2016 State of the Cloud Report Public Cloud Private Cloud Hybrid Cloud Any Cloud 88% 89% 89% 63% 77% 72% 58% 71% 67% 93% 95% 95%
  • 12.
    CloudRisks Srinivas Thimmaiah |Cloud Security | 11 Mar 2017 Page 12 Risks Policy & Organization Risks Technical Risks Legal Risks Generic Risks Source: csaguide
  • 13.
    CloudRisks Srinivas Thimmaiah |Cloud Security | 11 Mar 2017 Page 13 Lock-in Loss of governance Compliance challenges Loss of business reputation due to cotenant activities Cloud service termination or failure Cloud provider acquisition Supply chain failure Policy & Organization risks Source: csaguide
  • 14.
    CloudRisks Srinivas Thimmaiah |Cloud Security | 11 Mar 2017 Page 14 Resource exhaustion (under or over provisioning) Isolation failure Cloud provider malicious insider – abuse of high privilege roles Management interface compromise (manipulation, availability of infrastructure) Intercepting data in transit Insecure of ineffective deletion of data Data leakage on up/download, intra-cloud Distributed denial of service (DDOS) Economic denial of service (EDOS) Loss of encryption keys Undertaking malicious probes or scans Compromise server engine Technical risks Source: csaguide
  • 15.
    CloudRisks Srinivas Thimmaiah |Cloud Security | 11 Mar 2017 Page 15 Risk from changes of jurisdiction Licensing risks Data protection risks Subpoena and e-discovery Legal risks Source: csaguide
  • 16.
    CloudRisks Srinivas Thimmaiah |Cloud Security | 11 Mar 2017 Page 16 Modifying network traffic Privilege escalation Loss or compromise of security logs Network management (i.e, network congestion/mis-connection/non-optimal use) Backup lost, stolen Unauthorized access to premises Natural disaster Theft of computer equipment Network breaks Social engineering attacks Loss or compromise of operational logs Generic risks Source: csaguide
  • 17.
    Conclusion Srinivas Thimmaiah |Cloud Security | 11 Mar 2017 Page 17  Effective onboarding process  Vendor analysis  Risk management  Contract Management  Justification for cloud adoption  Re-visit the services  Monitoring the services Source: From Body to Spirit; From Illusion to Reality
  • 18.
    Srinivas Thimmaiah |Cloud Security | 11 Mar 2017 Page 18
  • 19.
    Srinivas Thimmaiah |Cloud Security | 11 Mar 2017 Page 19
  • 20.
    Srinivas Thimmaiah |Cloud Security | 11 Mar 2017 Page 20 https://www.google.co.in/search?q=road+with+car&biw=1920&bih=935&source=lnms&tbm=isch&sa=X&ved= 0ahUKEwiGx- W6va_SAhVI_iwKHULgBTwQ_AUIBigB#tbm=isch&q=cloud+security+icon&*&imgrc=QnwqNekhOpC6-M: https://www.google.co.in/search?q=road+with+car&biw=1920&bih=935&source=lnms&tbm=isch&sa=X&ved= 0ahUKEwiGx- W6va_SAhVI_iwKHULgBTwQ_AUIBigB#tbm=isch&q=cars+on+highway&*&imgrc=WRHPKYuTO2knwM: References