SlideShare a Scribd company logo

Cloud Security @ TIM - Current Practises and Future Challanges

Michele Vecchione
Michele Vecchione

1st Workshop of the Project Cluster on Data Protection, Security and Privacy in the Cloud. 23 February 2016, Napoli, Italy

Technology
1 of 15
Download to read offline
GRUPPO TELECOM ITALIA Cloud Security @ TIM Current Practises and Future Challanges Michele Vecchione @ TIM 1st Workshop of the Project Cluster on Data Protection, Security and Privacy in the Cloud. 23 February 2016, Napoli, Italy
2 The TIM Group in shortThe TIM Group in shortThe TIM Group in shortThe TIM Group in short
3 TIMTIMTIMTIM CloudCloudCloudCloud StrategyStrategyStrategyStrategy versus OTTversus OTTversus OTTversus OTT PlayersPlayersPlayersPlayers CLOUD e strategia Tim Distinctive Factors of our Cloud Business Model Three Distinctive factors differenciate TIM cloud offering from OTT players: Proximity, Compliance to Security&Privacy and Excellence in Quality of experience high high high Proximity Quality of Experience Compliance& Security OTT TELCO TelcoTelcoTelcoTelco OTTOTTOTTOTT Proximity Direct Sales PreSales Force, CRM Exploitation, Customisation, Local Infrastructures Product Centric Self Service Quality of Experience E2E control SLA Low latency Remote No direct network control Compliance& Security EU regulation SOC/NOC Consultancy Rely upon Internet or third parties Lower privacy rules
4 CloudCloudCloudCloud adoptionadoptionadoptionadoption inininin ItalyItalyItalyItaly CLOUD e strategia Tim There is space to grow…. … BUT there are some concerns Building a secure cloud for hosting Enterprise SAAS is a TOP Priority
5 TIM Cloud Infrastructure: Data Centers A Secure Physical Infrastructure Titolo della Relazione Nome del Relatore, Nome Struttura RegionalRegionalRegionalRegional Service CentersService CentersService CentersService Centers NationalNationalNationalNational DCsDCsDCsDCs IDC CesanoIDC CesanoIDC CesanoIDC Cesano MadernoMadernoMadernoMaderno IDC RozzanoIDC RozzanoIDC RozzanoIDC Rozzano DC BolognaDC BolognaDC BolognaDC Bologna DC PadovaDC PadovaDC PadovaDC Padova DC BariDC BariDC BariDC Bari PalermPalermPalermPalerm oooo FirenFirenFirenFiren zezezeze TorinTorinTorinTorin oooo NapolNapolNapolNapol iiii DC OrioloDC OrioloDC OrioloDC Oriolo RomanoRomanoRomanoRomano IDC PomeziaIDC PomeziaIDC PomeziaIDC Pomezia Nord Est AreaNord Est AreaNord Est AreaNord Est Area BolognaBolognaBolognaBolognaPadovaPadovaPadovaPadova Systems rooms # Systems Rooms available area • Production Systems rooms area • TLC Systems rooms area Installed/Active Servers # • Managed Servers # 15151515 23232323 >4.100>4.100>4.100>4.100 >4.300>4.300>4.300>4.300 >3.600 >3.300 >250 >280 >1.100>1.100>1.100>1.100 >950>950>950>950 >900 >600 Nord Ovest AreaNord Ovest AreaNord Ovest AreaNord Ovest Area CesanoCesanoCesanoCesanoRozzanoRozzanoRozzanoRozzano Systems rooms # Systems Rooms available area • Production Systems rooms area • TLC Systems rooms area Installed/Active Servers # • Managed Servers # 16161616 11111111 >4.800>4.800>4.800>4.800 >3.500>3.500>3.500>3.500 >4.500 >2.800 >280 >200 >4.700>4.700>4.700>4.700 >2.200>2.200>2.200>2.200 >1.300 >1.500 Center/South AreaCenter/South AreaCenter/South AreaCenter/South Area OrioloOrioloOrioloOriolo Systems rooms # Systems Rooms available area • Production Systems rooms area • TLC Systems rooms area Installed/Active Servers # • Managed Servers # 13131313 16161616 >3.400>3.400>3.400>3.400 >6.600>6.600>6.600>6.600 >2.900 >6.100 >400 >400 >3.200>3.200>3.200>3.200 >5.400>5.400>5.400>5.400 >3.000 >3.000 BariBariBariBariPomeziaPomeziaPomeziaPomezia 6666 >2.000>2.000>2.000>2.000 >1.800 >90 >800>800>800>800 >700 AciliaAciliaAciliaAcilia Work in progressWork in progressWork in progressWork in progress ACILIAACILIAACILIAACILIA Data Center TIER 4Data Center TIER 4Data Center TIER 4Data Center TIER 4 Area Size Production System Rooms (6 m Height) Hi Density power supply Network supports >>>>4.0000 mq4.0000 mq4.0000 mq4.0000 mq >3.500 mq Fino a 15 Kw/mq SDN, NFV, NFV, NFV, NFV
6 LogicalLogicalLogicalLogical Security: 1)Security: 1)Security: 1)Security: 1) ClarifyClarifyClarifyClarify ResponsabilitiesResponsabilitiesResponsabilitiesResponsabilities accordingaccordingaccordingaccording totototo thethethethe choosenchoosenchoosenchoosen Service Model and Distribution ModelService Model and Distribution ModelService Model and Distribution ModelService Model and Distribution Model
7 LogicalLogicalLogicalLogical Security: 2)Security: 2)Security: 2)Security: 2) ImplementImplementImplementImplement SecuritySecuritySecuritySecurity accordingaccordingaccordingaccording totototo ResponsabilityResponsabilityResponsabilityResponsability Cloud Service Provider Scope: • Expose clear security levels of cloud SEs • Inform customer about Certifications, Policies, Processes, Responsabilities, Security Plan, L. 196 obligations, and Checks (ex PT and VA) in charge to TIM • Contractually sign obligations and SLA TIM Customer Customer Scope: • Assist customer in understanding residual risk • Consult the customer to secure its area of responsability • Provide addictional Security Services and tools to mitigate its own risk
8 LogicalLogicalLogicalLogical Security: 3) SecuritySecurity: 3) SecuritySecurity: 3) SecuritySecurity: 3) Security asasasas a service toa service toa service toa service to supportsupportsupportsupport SAASSAASSAASSAAS TIM Security Competence Center TIM Security Operation Center
9 Market Security Addictional Services Main Offered services TIM Security Operation Center AREAAREAAREAAREA PROTECTIONPROTECTIONPROTECTIONPROTECTION MAILMAILMAILMAIL PROTECTIONPROTECTIONPROTECTIONPROTECTION MSOCMSOCMSOCMSOC HOSTHOSTHOSTHOST PROTECTIONPROTECTIONPROTECTIONPROTECTION SECURITYSECURITYSECURITYSECURITY ASSESSMENTASSESSMENTASSESSMENTASSESSMENT SECURITYSECURITYSECURITYSECURITY MONITORINGMONITORINGMONITORINGMONITORING DDOSDDOSDDOSDDOS MITIGATIONMITIGATIONMITIGATIONMITIGATION Virtual appliances to protect mission critical Web Application, Data Bases o File Systems running into the TIM cloud or on premises Mail Relay service with Antispam & Antivirus Layer for customer with Mail Service offered by TIM or at Customer Premises Security Appliance Mgnt (IDS, IPS, Boundary Antivirus, Web Content Filtering, Antispam) Distributed Denial-of-Service Protection, to protect from attacks aiming to block the service to legitimate users. Periodic Vulnerability Assessments, Penetration Testing, Source Code Audit executed by the TIM SOC Monitoring of corporate anti-intrusion systems to identify and block potential attacks from internet as well as intranet users and prevent system violation • Cisco CCNA (Cisco Certified Network Associate) • Microsoft: “Microsoft Windows server” • SCJP - Sun Certified Java Programmer • ISO 20000 & 27001 Lead Auditor • ECDL Core • QCS - QualysGuard Certified Specialist • Certified Information Forensics Investigator – CIFI • EC-Council Certified Security Analyst – ECSA • EC-Council Licensed Penetration Tester – LTP • Certified Ethical Hacker – CEH v7 • Microsoft Certified Systems Engineer • CompTIA Security+ Certified (SYO-201) • Fortinet Certified Network and Security Associate (FCNSA) • Juniper Networks Certified Internet Associate (JNCIA-FWV) • QualysGuard Certified Specialist • Hands on Hacking Web Application (HOH) • Network and system security for company and public administration • Clavister Firewall Certification • IT Security & Digital Forensics (Master) • ISO 9000 • ISO 27001
10 The world is changing rapidly: new security challanges Where is my Perimeter? With Mobility and cloud, The company perimeter is now The Internet! New cloud security Access Layers are required to secure corporate Apps and data that are aware of used endpoint, access location, OS, Strong digital Identity, and used application . Titolo della Relazione Nome del Relatore, Nome Struttura How can I intelligently scan all of my Huge Cloud traffic? An enourmous amount of information about activity monitoring Logs (users, Admins), Anomalies detection (threads, usage, traffic, data scan) need to be handled every day. A big data approch must be undertaken. How I secure IoT? With IoT, Billions of low power and limited CPU devices with be connected to applications generating trillions of daily events. How I secure Smartphones? MDM and BYOD have low penetration. How do I secure these endpoints in a more easy way?
11 The world is changing rapidly: new security challanges How can IHow can IHow can IHow can I enforceenforceenforceenforce datadatadatadata protectionprotectionprotectionprotection usingusingusingusing cloudcloudcloudcloud???? Corporate applications needs to enforce data protection in different cloud deployment scenarios. How can I get visibility on Shadow Cloud? How can I get contextual access control and prevent data leakage on the cloud? How can IHow can IHow can IHow can I securesecuresecuresecure the agile and collaborativethe agile and collaborativethe agile and collaborativethe agile and collaborative developmentsdevelopmentsdevelopmentsdevelopments???? Devops is growing Fast. With continous Development, integration and delivery it is necessary to shift from a traditional SLDC security enforcement to a more dynamic security framework.
12 Our Vision: Creating an Digital Ecosystem around the TIM Cloud • Expose our Infrastructural assets (Network, BSS, CRM, Data Sets) • Aggregate and attract Extewrnal Communities (R&D, Start-ups, PPAA, System Integrators, ISV,..) • Broker Third Parties (Cloud providers, SW Vendors,..) • Enable an API economy • Expose Commercial Capabilities (sales force, resellers, payments) • Enable collaborative Dev for new generation of cloud- ready SAAS (Mashup, Devops. Micro services) • Sell IAAS, PAAS and SAAS • Monetise the community
13 New Security Requirements • In the new Cloud Ecosystem new security requirements arise: Titolo della Relazione Nome del Relatore, Nome Struttura • Secuity Pre-scan at Dev Stage • Automatic Testing at Build and Push Time • Secure microservices Registry • Scanning container at run time • WL/BL Container Registry • Signed containers • Centralise Log (Big Data) • Contextual Access Control • Ecrypt data in motion and data at rest • Orchestrate enviroments (Dev, Test, Prod) • Provide Dashboard for security Risk Ass • Discover Shadow cloud apps • Protect Mobile and IoT devices with client less approach • Provide SSO / Digital ID across apps • Multi Factor Strong Auth • IAM across apps
14 Conclusions • The trend of porting into the cloud existing legacy applications with well defined monolithic sw architecture will fade away with time • New security threads are continously arising from new emerging technologies such as IoT, PAAS, middleware frameworks, microservices, containers,.. • The new TIM cloud will quickly become a collaborative enviroment where a number of different entities will create together new services by aggregating capabilities under the form of API, Building blocks, micro-services offered by community members. Titolo della Relazione Nome del Relatore, Nome Struttura The scientific community need to help CPs with new Security Technologies, Solutions, Methodologies and Standards. The Cloud MUST Communicate SECURITY By Design!
GrazieThank You! Michele Vecchione TIM Director Vertical Platform Engineering Michele.vecchione@telecomitalia.it

Recommended

Uni palermo 3 3-2016 cloud 2.0
Uni palermo 3 3-2016 cloud 2.0Uni palermo 3 3-2016 cloud 2.0
Uni palermo 3 3-2016 cloud 2.0
Michele Vecchione
 
Cloud security privacy- org
Cloud security privacy- orgCloud security privacy- org
Cloud security privacy- org
Dharmalingam S
 
CLOUD SECURITY IN INSURANCE INDUSTRY WITH RESPECT TO INDIAN MARKET
CLOUD SECURITY IN INSURANCE INDUSTRY WITH RESPECT TO INDIAN MARKETCLOUD SECURITY IN INSURANCE INDUSTRY WITH RESPECT TO INDIAN MARKET
CLOUD SECURITY IN INSURANCE INDUSTRY WITH RESPECT TO INDIAN MARKET
Amity University | FMS - DU | IMT | Stratford University | KKMI International Institute | AIMA | DTU
 
Chap 6 cloud security
Chap 6 cloud securityChap 6 cloud security
Chap 6 cloud security
Raj Sarode
 
CSA & GRC Stack
CSA & GRC StackCSA & GRC Stack
CSA & GRC Stack
CloudSecurityAllianceAustralia
 
IoT architecture
IoT architectureIoT architecture
IoT architecture
Sumit Sharma
 
Cloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter PresentationCloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter Presentation
Venkateswar Reddy Melachervu
 
Security in cloud computing
Security in cloud computingSecurity in cloud computing
Security in cloud computing
veena venugopal
 

Recommended

Uni palermo 3 3-2016 cloud 2.0
Uni palermo 3 3-2016 cloud 2.0Uni palermo 3 3-2016 cloud 2.0
Uni palermo 3 3-2016 cloud 2.0
Michele Vecchione
 
Cloud security privacy- org
Cloud security privacy- orgCloud security privacy- org
Cloud security privacy- org
Dharmalingam S
 
CLOUD SECURITY IN INSURANCE INDUSTRY WITH RESPECT TO INDIAN MARKET
CLOUD SECURITY IN INSURANCE INDUSTRY WITH RESPECT TO INDIAN MARKETCLOUD SECURITY IN INSURANCE INDUSTRY WITH RESPECT TO INDIAN MARKET
CLOUD SECURITY IN INSURANCE INDUSTRY WITH RESPECT TO INDIAN MARKET
Amity University | FMS - DU | IMT | Stratford University | KKMI International Institute | AIMA | DTU
 
Chap 6 cloud security
Chap 6 cloud securityChap 6 cloud security
Chap 6 cloud security
Raj Sarode
 
CSA & GRC Stack
CSA & GRC StackCSA & GRC Stack
CSA & GRC Stack
CloudSecurityAllianceAustralia
 
IoT architecture
IoT architectureIoT architecture
IoT architecture
Sumit Sharma
 
Cloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter PresentationCloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter Presentation
Venkateswar Reddy Melachervu
 
Security in cloud computing
Security in cloud computingSecurity in cloud computing
Security in cloud computing
veena venugopal
 
SN-Security Architecture for Mobile Computing and IoT
SN-Security Architecture for Mobile Computing and IoTSN-Security Architecture for Mobile Computing and IoT
SN-Security Architecture for Mobile Computing and IoTSukumar Nayak
 
Challenges with Cloud Security by Ken Y Chan
Challenges with Cloud Security by Ken Y ChanChallenges with Cloud Security by Ken Y Chan
Challenges with Cloud Security by Ken Y Chan
Ken Chan
 
Data security in cloud environment
Data security in cloud environmentData security in cloud environment
Data security in cloud environment
Shivam Singh
 
Security as a Service Model for Cloud Environment
Security as a Service Model for Cloud EnvironmentSecurity as a Service Model for Cloud Environment
Security as a Service Model for Cloud Environment
KaashivInfoTech Company
 
Security As A Service In Cloud(SECaaS)
Security As A Service In Cloud(SECaaS)Security As A Service In Cloud(SECaaS)
Security As A Service In Cloud(SECaaS)أحلام انصارى
 
Cloud Security: challenges and perspectives.
Cloud Security: challenges and perspectives.Cloud Security: challenges and perspectives.
Cloud Security: challenges and perspectives.
EUBrasilCloudFORUM .
 
Cloud Security Demystified
Cloud Security DemystifiedCloud Security Demystified
Cloud Security Demystified
Michael Torres
 
CCSK Certificate of Cloud Computing Knowledge - overview
CCSK Certificate of Cloud Computing Knowledge - overviewCCSK Certificate of Cloud Computing Knowledge - overview
CCSK Certificate of Cloud Computing Knowledge - overview
Peter HJ van Eijk
 
CCSK, cloud security framework, Indonesia
CCSK, cloud security framework, IndonesiaCCSK, cloud security framework, Indonesia
CCSK, cloud security framework, Indonesia
Wise Pacific Venture
 
cloud security ppt
cloud security ppt cloud security ppt
cloud security ppt
Devyani Vaidya
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
AWS User Group Bengaluru
 
Cloud computing Risk management
Cloud computing Risk management Cloud computing Risk management
Cloud computing Risk management
Padma Jella
 
Cloud security
Cloud securityCloud security
Cloud security
BikashPokharel3
 
Cloud Security & Cloud Encryption Explained
Cloud Security & Cloud Encryption ExplainedCloud Security & Cloud Encryption Explained
Cloud Security & Cloud Encryption Explained
Porticor - The Cloud Security Experts
 
Cloud Security - Emerging Facets and Frontiers
Cloud Security - Emerging Facets and FrontiersCloud Security - Emerging Facets and Frontiers
Cloud Security - Emerging Facets and Frontiers
Gokul Alex
 
Cloud Security And Privacy
Cloud Security And PrivacyCloud Security And Privacy
Cloud Security And Privacy
tmather
 
Cloud Computing Security - Cloud Controls Security
Cloud Computing Security - Cloud Controls SecurityCloud Computing Security - Cloud Controls Security
Cloud Computing Security - Cloud Controls Security
Hari Kumar
 
2012 10 cloud security architecture
2012 10 cloud security architecture2012 10 cloud security architecture
2012 10 cloud security architectureVladimir Jirasek
 
Secaa s cat_10_network_security_implementation_guidance
Secaa s cat_10_network_security_implementation_guidanceSecaa s cat_10_network_security_implementation_guidance
Secaa s cat_10_network_security_implementation_guidancedrewz lin
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Security
Nithin Raj
 
Pronunciamiento a la opinión pública nacional e internacional
Pronunciamiento a la opinión pública nacional e internacionalPronunciamiento a la opinión pública nacional e internacional
Pronunciamiento a la opinión pública nacional e internacional
teleSUR TV
 
Carta descriptiva webquest
Carta descriptiva webquestCarta descriptiva webquest
Carta descriptiva webquest
Jesus Calzada
 

More Related Content

What's hot

SN-Security Architecture for Mobile Computing and IoT
SN-Security Architecture for Mobile Computing and IoTSN-Security Architecture for Mobile Computing and IoT
SN-Security Architecture for Mobile Computing and IoTSukumar Nayak
 
Challenges with Cloud Security by Ken Y Chan
Challenges with Cloud Security by Ken Y ChanChallenges with Cloud Security by Ken Y Chan
Challenges with Cloud Security by Ken Y Chan
Ken Chan
 
Data security in cloud environment
Data security in cloud environmentData security in cloud environment
Data security in cloud environment
Shivam Singh
 
Security as a Service Model for Cloud Environment
Security as a Service Model for Cloud EnvironmentSecurity as a Service Model for Cloud Environment
Security as a Service Model for Cloud Environment
KaashivInfoTech Company
 
Cloud Security: challenges and perspectives.
Cloud Security: challenges and perspectives.Cloud Security: challenges and perspectives.
Cloud Security: challenges and perspectives.
EUBrasilCloudFORUM .
 
Cloud Security Demystified
Cloud Security DemystifiedCloud Security Demystified
Cloud Security Demystified
Michael Torres
 
CCSK Certificate of Cloud Computing Knowledge - overview
CCSK Certificate of Cloud Computing Knowledge - overviewCCSK Certificate of Cloud Computing Knowledge - overview
CCSK Certificate of Cloud Computing Knowledge - overview
Peter HJ van Eijk
 
CCSK, cloud security framework, Indonesia
CCSK, cloud security framework, IndonesiaCCSK, cloud security framework, Indonesia
CCSK, cloud security framework, Indonesia
Wise Pacific Venture
 
cloud security ppt
cloud security ppt cloud security ppt
cloud security ppt
Devyani Vaidya
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
AWS User Group Bengaluru
 
Cloud computing Risk management
Cloud computing Risk management Cloud computing Risk management
Cloud computing Risk management
Padma Jella
 
Cloud security
Cloud securityCloud security
Cloud security
BikashPokharel3
 
Cloud Security & Cloud Encryption Explained
Cloud Security & Cloud Encryption ExplainedCloud Security & Cloud Encryption Explained
Cloud Security & Cloud Encryption Explained
Porticor - The Cloud Security Experts
 
Cloud Security - Emerging Facets and Frontiers
Cloud Security - Emerging Facets and FrontiersCloud Security - Emerging Facets and Frontiers
Cloud Security - Emerging Facets and Frontiers
Gokul Alex
 
Cloud Security And Privacy
Cloud Security And PrivacyCloud Security And Privacy
Cloud Security And Privacy
tmather
 
Cloud Computing Security - Cloud Controls Security
Cloud Computing Security - Cloud Controls SecurityCloud Computing Security - Cloud Controls Security
Cloud Computing Security - Cloud Controls Security
Hari Kumar
 
2012 10 cloud security architecture
2012 10 cloud security architecture2012 10 cloud security architecture
2012 10 cloud security architectureVladimir Jirasek
 
Secaa s cat_10_network_security_implementation_guidance
Secaa s cat_10_network_security_implementation_guidanceSecaa s cat_10_network_security_implementation_guidance
Secaa s cat_10_network_security_implementation_guidancedrewz lin
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Security
Nithin Raj
 

What's hot (20)

SN-Security Architecture for Mobile Computing and IoT
SN-Security Architecture for Mobile Computing and IoTSN-Security Architecture for Mobile Computing and IoT
SN-Security Architecture for Mobile Computing and IoT
 
Challenges with Cloud Security by Ken Y Chan
Challenges with Cloud Security by Ken Y ChanChallenges with Cloud Security by Ken Y Chan
Challenges with Cloud Security by Ken Y Chan
 
Data security in cloud environment
Data security in cloud environmentData security in cloud environment
Data security in cloud environment
 
Security as a Service Model for Cloud Environment
Security as a Service Model for Cloud EnvironmentSecurity as a Service Model for Cloud Environment
Security as a Service Model for Cloud Environment
 
Security As A Service In Cloud(SECaaS)
Security As A Service In Cloud(SECaaS)Security As A Service In Cloud(SECaaS)
Security As A Service In Cloud(SECaaS)
 
Cloud Security: challenges and perspectives.
Cloud Security: challenges and perspectives.Cloud Security: challenges and perspectives.
Cloud Security: challenges and perspectives.
 
Cloud Security Demystified
Cloud Security DemystifiedCloud Security Demystified
Cloud Security Demystified
 
CCSK Certificate of Cloud Computing Knowledge - overview
CCSK Certificate of Cloud Computing Knowledge - overviewCCSK Certificate of Cloud Computing Knowledge - overview
CCSK Certificate of Cloud Computing Knowledge - overview
 
CCSK, cloud security framework, Indonesia
CCSK, cloud security framework, IndonesiaCCSK, cloud security framework, Indonesia
CCSK, cloud security framework, Indonesia
 
cloud security ppt
cloud security ppt cloud security ppt
cloud security ppt
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
 
Cloud computing Risk management
Cloud computing Risk management Cloud computing Risk management
Cloud computing Risk management
 
Cloud security
Cloud securityCloud security
Cloud security
 
Cloud Security & Cloud Encryption Explained
Cloud Security & Cloud Encryption ExplainedCloud Security & Cloud Encryption Explained
Cloud Security & Cloud Encryption Explained
 
Cloud Security - Emerging Facets and Frontiers
Cloud Security - Emerging Facets and FrontiersCloud Security - Emerging Facets and Frontiers
Cloud Security - Emerging Facets and Frontiers
 
Cloud Security And Privacy
Cloud Security And PrivacyCloud Security And Privacy
Cloud Security And Privacy
 
Cloud Computing Security - Cloud Controls Security
Cloud Computing Security - Cloud Controls SecurityCloud Computing Security - Cloud Controls Security
Cloud Computing Security - Cloud Controls Security
 
2012 10 cloud security architecture
2012 10 cloud security architecture2012 10 cloud security architecture
2012 10 cloud security architecture
 
Secaa s cat_10_network_security_implementation_guidance
Secaa s cat_10_network_security_implementation_guidanceSecaa s cat_10_network_security_implementation_guidance
Secaa s cat_10_network_security_implementation_guidance
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Security
 

Viewers also liked

Pronunciamiento a la opinión pública nacional e internacional
Pronunciamiento a la opinión pública nacional e internacionalPronunciamiento a la opinión pública nacional e internacional
Pronunciamiento a la opinión pública nacional e internacional
teleSUR TV
 
Carta descriptiva webquest
Carta descriptiva webquestCarta descriptiva webquest
Carta descriptiva webquest
Jesus Calzada
 
Recommendation Letter.ORU-Dr. Guthrie
Recommendation Letter.ORU-Dr. GuthrieRecommendation Letter.ORU-Dr. Guthrie
Recommendation Letter.ORU-Dr. GuthrieDenise Putnam
 
Mary Elizabeth Bell CV
Mary Elizabeth Bell CVMary Elizabeth Bell CV
Mary Elizabeth Bell CVBeth Bell
 
Kepler monitoring l_dwarfs_spot
Kepler monitoring l_dwarfs_spotKepler monitoring l_dwarfs_spot
Kepler monitoring l_dwarfs_spot
Sérgio Sacani
 
Invest Crowdfunding @MontrealNewTech v.en
Invest Crowdfunding @MontrealNewTech v.enInvest Crowdfunding @MontrealNewTech v.en
Invest Crowdfunding @MontrealNewTech v.en
Diana Yazidjian ✈️
 
Presentación beneficios de produccion
Presentación beneficios de produccionPresentación beneficios de produccion
Presentación beneficios de produccion
forestanny
 
Introduction to gcin & its internal
Introduction to gcin & its internalIntroduction to gcin & its internal
Introduction to gcin & its internalgueste04ab0
 
Crowdfunding Training - How to Raise $45k in 30 days.
Crowdfunding Training - How to Raise $45k in 30 days.Crowdfunding Training - How to Raise $45k in 30 days.
Crowdfunding Training - How to Raise $45k in 30 days.
Diana Yazidjian ✈️
 
Gastcollege Bitcoin en Blockchain
Gastcollege Bitcoin en BlockchainGastcollege Bitcoin en Blockchain
Gastcollege Bitcoin en Blockchain
Lykle de Vries
 
T3 (Annex) edafologia AG1012
T3 (Annex) edafologia AG1012T3 (Annex) edafologia AG1012
T3 (Annex) edafologia AG1012
Sergi Meseguer Costa
 
T3 Els processos que transformen les roques
T3 Els processos que transformen les roquesT3 Els processos que transformen les roques
T3 Els processos que transformen les roques
Sergi Meseguer Costa
 
T1 Edafologia AG1012
T1 Edafologia AG1012T1 Edafologia AG1012
T1 Edafologia AG1012
Sergi Meseguer Costa
 
Topical paincontrolmedication
Topical paincontrolmedicationTopical paincontrolmedication
Topical paincontrolmedication
piushjpatel
 
Jill Konrath - Optimize Me: Insanely More Productive Sales Strategies
Jill Konrath - Optimize Me: Insanely More Productive Sales StrategiesJill Konrath - Optimize Me: Insanely More Productive Sales Strategies
Jill Konrath - Optimize Me: Insanely More Productive Sales Strategies
INBOUND
 
Ultimo trabajo
Ultimo trabajoUltimo trabajo
Ultimo trabajo
DITHOR
 

Viewers also liked (20)

Pronunciamiento a la opinión pública nacional e internacional
Pronunciamiento a la opinión pública nacional e internacionalPronunciamiento a la opinión pública nacional e internacional
Pronunciamiento a la opinión pública nacional e internacional
 
Carta descriptiva webquest
Carta descriptiva webquestCarta descriptiva webquest
Carta descriptiva webquest
 
Recommendation Letter.ORU-Dr. Guthrie
Recommendation Letter.ORU-Dr. GuthrieRecommendation Letter.ORU-Dr. Guthrie
Recommendation Letter.ORU-Dr. Guthrie
 
Mary Elizabeth Bell CV
Mary Elizabeth Bell CVMary Elizabeth Bell CV
Mary Elizabeth Bell CV
 
Kepler monitoring l_dwarfs_spot
Kepler monitoring l_dwarfs_spotKepler monitoring l_dwarfs_spot
Kepler monitoring l_dwarfs_spot
 
Breea Willingham
Breea WillinghamBreea Willingham
Breea Willingham
 
Invest Crowdfunding @MontrealNewTech v.en
Invest Crowdfunding @MontrealNewTech v.enInvest Crowdfunding @MontrealNewTech v.en
Invest Crowdfunding @MontrealNewTech v.en
 
Presentación beneficios de produccion
Presentación beneficios de produccionPresentación beneficios de produccion
Presentación beneficios de produccion
 
Introduction to gcin & its internal
Introduction to gcin & its internalIntroduction to gcin & its internal
Introduction to gcin & its internal
 
WhoKnew April
WhoKnew AprilWhoKnew April
WhoKnew April
 
Doc2345
Doc2345Doc2345
Doc2345
 
MissLSUPurple
MissLSUPurpleMissLSUPurple
MissLSUPurple
 
Crowdfunding Training - How to Raise $45k in 30 days.
Crowdfunding Training - How to Raise $45k in 30 days.Crowdfunding Training - How to Raise $45k in 30 days.
Crowdfunding Training - How to Raise $45k in 30 days.
 
Gastcollege Bitcoin en Blockchain
Gastcollege Bitcoin en BlockchainGastcollege Bitcoin en Blockchain
Gastcollege Bitcoin en Blockchain
 
T3 (Annex) edafologia AG1012
T3 (Annex) edafologia AG1012T3 (Annex) edafologia AG1012
T3 (Annex) edafologia AG1012
 
T3 Els processos que transformen les roques
T3 Els processos que transformen les roquesT3 Els processos que transformen les roques
T3 Els processos que transformen les roques
 
T1 Edafologia AG1012
T1 Edafologia AG1012T1 Edafologia AG1012
T1 Edafologia AG1012
 
Topical paincontrolmedication
Topical paincontrolmedicationTopical paincontrolmedication
Topical paincontrolmedication
 
Jill Konrath - Optimize Me: Insanely More Productive Sales Strategies
Jill Konrath - Optimize Me: Insanely More Productive Sales StrategiesJill Konrath - Optimize Me: Insanely More Productive Sales Strategies
Jill Konrath - Optimize Me: Insanely More Productive Sales Strategies
 
Ultimo trabajo
Ultimo trabajoUltimo trabajo
Ultimo trabajo
 

Similar to Cloud Security @ TIM - Current Practises and Future Challanges

Rik Ferguson
Rik FergusonRik Ferguson
Rik Ferguson
CloudExpoEurope
 
TEUNO Summit - Presentaciones
TEUNO Summit - PresentacionesTEUNO Summit - Presentaciones
TEUNO Summit - Presentaciones
TEUNO
 
EMEA ENTERPRISE IT SOLUTIONS AND SECURITY SERVICES PROFILE.PDF
EMEA ENTERPRISE IT SOLUTIONS AND SECURITY SERVICES PROFILE.PDFEMEA ENTERPRISE IT SOLUTIONS AND SECURITY SERVICES PROFILE.PDF
EMEA ENTERPRISE IT SOLUTIONS AND SECURITY SERVICES PROFILE.PDFFaleh M.
 
Cisco Connect 2018 Malaysia - Secure data center and mobility solutions
Cisco Connect 2018 Malaysia - Secure data center and mobility solutionsCisco Connect 2018 Malaysia - Secure data center and mobility solutions
Cisco Connect 2018 Malaysia - Secure data center and mobility solutions
NetworkCollaborators
 
Artificial Intelligence in the Network
Artificial Intelligence in the Network Artificial Intelligence in the Network
Artificial Intelligence in the Network
Michelle Holley
 
2021 01-27 reducing risk of ransomware webinar
2021 01-27 reducing risk of ransomware webinar2021 01-27 reducing risk of ransomware webinar
2021 01-27 reducing risk of ransomware webinar
AlgoSec
 
Checkpoint Overview
Checkpoint OverviewCheckpoint Overview
Checkpoint Overview
Leonardo Antichi
 
MMPL corporate overview mail
MMPL corporate overview mailMMPL corporate overview mail
MMPL corporate overview mail
Medley India Infosolution Pvt Ltd
 
Drobics trustworthy io-t-for-industrial-applications
Drobics trustworthy io-t-for-industrial-applicationsDrobics trustworthy io-t-for-industrial-applications
Drobics trustworthy io-t-for-industrial-applications
Mario Drobics
 
Cisco Connect 2018 Thailand - Enabling the next gen data center transformatio...
Cisco Connect 2018 Thailand - Enabling the next gen data center transformatio...Cisco Connect 2018 Thailand - Enabling the next gen data center transformatio...
Cisco Connect 2018 Thailand - Enabling the next gen data center transformatio...
NetworkCollaborators
 
Smau Padova 2018 - Cisco
Smau Padova 2018 - CiscoSmau Padova 2018 - Cisco
Smau Padova 2018 - Cisco
SMAU
 
VMworld 2013: Network Function Virtualization in the Cloud: Case for Enterpri...
VMworld 2013: Network Function Virtualization in the Cloud: Case for Enterpri...VMworld 2013: Network Function Virtualization in the Cloud: Case for Enterpri...
VMworld 2013: Network Function Virtualization in the Cloud: Case for Enterpri...
VMworld
 
Cloud & Big Data - Digital Transformation in Banking
Cloud & Big Data - Digital Transformation in Banking Cloud & Big Data - Digital Transformation in Banking
Cloud & Big Data - Digital Transformation in Banking
Sutedjo Tjahjadi
 
Watchguard security proposal 2012
Watchguard security proposal 2012Watchguard security proposal 2012
Watchguard security proposal 2012Jimmy Saigon
 
Implementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommutersImplementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommuters
Rishabh Gupta
 
Plataforma de Operação e Simulação Cibernética
Plataforma de Operação e Simulação CibernéticaPlataforma de Operação e Simulação Cibernética
Plataforma de Operação e Simulação Cibernética
Hamilton Oliveira
 
Cisco Connect 2018 Malaysia - Secure data center-building a secure zero-trus...
Cisco Connect 2018 Malaysia - Secure data center-building a secure zero-trus...Cisco Connect 2018 Malaysia - Secure data center-building a secure zero-trus...
Cisco Connect 2018 Malaysia - Secure data center-building a secure zero-trus...
NetworkCollaborators
 
Streamline and Secure Your Network and Users
Streamline and Secure Your Network and UsersStreamline and Secure Your Network and Users
Streamline and Secure Your Network and Users
Frederik Lawson
 

Similar to Cloud Security @ TIM - Current Practises and Future Challanges (20)

Rik Ferguson
Rik FergusonRik Ferguson
Rik Ferguson
 
TEUNO Summit - Presentaciones
TEUNO Summit - PresentacionesTEUNO Summit - Presentaciones
TEUNO Summit - Presentaciones
 
EMEA ENTERPRISE IT SOLUTIONS AND SECURITY SERVICES PROFILE.PDF
EMEA ENTERPRISE IT SOLUTIONS AND SECURITY SERVICES PROFILE.PDFEMEA ENTERPRISE IT SOLUTIONS AND SECURITY SERVICES PROFILE.PDF
EMEA ENTERPRISE IT SOLUTIONS AND SECURITY SERVICES PROFILE.PDF
 
XTM moving security forward
XTM moving security forwardXTM moving security forward
XTM moving security forward
 
Cisco Connect 2018 Malaysia - Secure data center and mobility solutions
Cisco Connect 2018 Malaysia - Secure data center and mobility solutionsCisco Connect 2018 Malaysia - Secure data center and mobility solutions
Cisco Connect 2018 Malaysia - Secure data center and mobility solutions
 
Artificial Intelligence in the Network
Artificial Intelligence in the Network Artificial Intelligence in the Network
Artificial Intelligence in the Network
 
2021 01-27 reducing risk of ransomware webinar
2021 01-27 reducing risk of ransomware webinar2021 01-27 reducing risk of ransomware webinar
2021 01-27 reducing risk of ransomware webinar
 
Checkpoint Overview
Checkpoint OverviewCheckpoint Overview
Checkpoint Overview
 
MMPL corporate overview mail
MMPL corporate overview mailMMPL corporate overview mail
MMPL corporate overview mail
 
Drobics trustworthy io-t-for-industrial-applications
Drobics trustworthy io-t-for-industrial-applicationsDrobics trustworthy io-t-for-industrial-applications
Drobics trustworthy io-t-for-industrial-applications
 
Cisco Connect 2018 Thailand - Enabling the next gen data center transformatio...
Cisco Connect 2018 Thailand - Enabling the next gen data center transformatio...Cisco Connect 2018 Thailand - Enabling the next gen data center transformatio...
Cisco Connect 2018 Thailand - Enabling the next gen data center transformatio...
 
Smau Padova 2018 - Cisco
Smau Padova 2018 - CiscoSmau Padova 2018 - Cisco
Smau Padova 2018 - Cisco
 
VMworld 2013: Network Function Virtualization in the Cloud: Case for Enterpri...
VMworld 2013: Network Function Virtualization in the Cloud: Case for Enterpri...VMworld 2013: Network Function Virtualization in the Cloud: Case for Enterpri...
VMworld 2013: Network Function Virtualization in the Cloud: Case for Enterpri...
 
Cloud & Big Data - Digital Transformation in Banking
Cloud & Big Data - Digital Transformation in Banking Cloud & Big Data - Digital Transformation in Banking
Cloud & Big Data - Digital Transformation in Banking
 
Watchguard security proposal 2012
Watchguard security proposal 2012Watchguard security proposal 2012
Watchguard security proposal 2012
 
Implementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommutersImplementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommuters
 
Plataforma de Operação e Simulação Cibernética
Plataforma de Operação e Simulação CibernéticaPlataforma de Operação e Simulação Cibernética
Plataforma de Operação e Simulação Cibernética
 
Cisco Connect 2018 Malaysia - Secure data center-building a secure zero-trus...
Cisco Connect 2018 Malaysia - Secure data center-building a secure zero-trus...Cisco Connect 2018 Malaysia - Secure data center-building a secure zero-trus...
Cisco Connect 2018 Malaysia - Secure data center-building a secure zero-trus...
 
Tranter it project new quote
Tranter it project new quoteTranter it project new quote
Tranter it project new quote
 
Streamline and Secure Your Network and Users
Streamline and Secure Your Network and UsersStreamline and Secure Your Network and Users
Streamline and Secure Your Network and Users
 

Recently uploaded

Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Product School
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
OnBoard
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Tobias Schneck
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
Thijs Feryn
 
Generating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using SmithyGenerating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using Smithy
g2nightmarescribd
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
Product School
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
Dorra BARTAGUIZ
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
Product School
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Product School
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Thierry Lestable
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
Frank van Harmelen
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
Product School
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
Product School
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Inflectra
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 

Recently uploaded (20)

Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
 
Generating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using SmithyGenerating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using Smithy
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 

Cloud Security @ TIM - Current Practises and Future Challanges

  • 1. GRUPPO TELECOM ITALIA Cloud Security @ TIM Current Practises and Future Challanges Michele Vecchione @ TIM 1st Workshop of the Project Cluster on Data Protection, Security and Privacy in the Cloud. 23 February 2016, Napoli, Italy
  • 2. 2 The TIM Group in shortThe TIM Group in shortThe TIM Group in shortThe TIM Group in short
  • 3. 3 TIMTIMTIMTIM CloudCloudCloudCloud StrategyStrategyStrategyStrategy versus OTTversus OTTversus OTTversus OTT PlayersPlayersPlayersPlayers CLOUD e strategia Tim Distinctive Factors of our Cloud Business Model Three Distinctive factors differenciate TIM cloud offering from OTT players: Proximity, Compliance to Security&Privacy and Excellence in Quality of experience high high high Proximity Quality of Experience Compliance& Security OTT TELCO TelcoTelcoTelcoTelco OTTOTTOTTOTT Proximity Direct Sales PreSales Force, CRM Exploitation, Customisation, Local Infrastructures Product Centric Self Service Quality of Experience E2E control SLA Low latency Remote No direct network control Compliance& Security EU regulation SOC/NOC Consultancy Rely upon Internet or third parties Lower privacy rules
  • 4. 4 CloudCloudCloudCloud adoptionadoptionadoptionadoption inininin ItalyItalyItalyItaly CLOUD e strategia Tim There is space to grow…. … BUT there are some concerns Building a secure cloud for hosting Enterprise SAAS is a TOP Priority
  • 5. 5 TIM Cloud Infrastructure: Data Centers A Secure Physical Infrastructure Titolo della Relazione Nome del Relatore, Nome Struttura RegionalRegionalRegionalRegional Service CentersService CentersService CentersService Centers NationalNationalNationalNational DCsDCsDCsDCs IDC CesanoIDC CesanoIDC CesanoIDC Cesano MadernoMadernoMadernoMaderno IDC RozzanoIDC RozzanoIDC RozzanoIDC Rozzano DC BolognaDC BolognaDC BolognaDC Bologna DC PadovaDC PadovaDC PadovaDC Padova DC BariDC BariDC BariDC Bari PalermPalermPalermPalerm oooo FirenFirenFirenFiren zezezeze TorinTorinTorinTorin oooo NapolNapolNapolNapol iiii DC OrioloDC OrioloDC OrioloDC Oriolo RomanoRomanoRomanoRomano IDC PomeziaIDC PomeziaIDC PomeziaIDC Pomezia Nord Est AreaNord Est AreaNord Est AreaNord Est Area BolognaBolognaBolognaBolognaPadovaPadovaPadovaPadova Systems rooms # Systems Rooms available area • Production Systems rooms area • TLC Systems rooms area Installed/Active Servers # • Managed Servers # 15151515 23232323 >4.100>4.100>4.100>4.100 >4.300>4.300>4.300>4.300 >3.600 >3.300 >250 >280 >1.100>1.100>1.100>1.100 >950>950>950>950 >900 >600 Nord Ovest AreaNord Ovest AreaNord Ovest AreaNord Ovest Area CesanoCesanoCesanoCesanoRozzanoRozzanoRozzanoRozzano Systems rooms # Systems Rooms available area • Production Systems rooms area • TLC Systems rooms area Installed/Active Servers # • Managed Servers # 16161616 11111111 >4.800>4.800>4.800>4.800 >3.500>3.500>3.500>3.500 >4.500 >2.800 >280 >200 >4.700>4.700>4.700>4.700 >2.200>2.200>2.200>2.200 >1.300 >1.500 Center/South AreaCenter/South AreaCenter/South AreaCenter/South Area OrioloOrioloOrioloOriolo Systems rooms # Systems Rooms available area • Production Systems rooms area • TLC Systems rooms area Installed/Active Servers # • Managed Servers # 13131313 16161616 >3.400>3.400>3.400>3.400 >6.600>6.600>6.600>6.600 >2.900 >6.100 >400 >400 >3.200>3.200>3.200>3.200 >5.400>5.400>5.400>5.400 >3.000 >3.000 BariBariBariBariPomeziaPomeziaPomeziaPomezia 6666 >2.000>2.000>2.000>2.000 >1.800 >90 >800>800>800>800 >700 AciliaAciliaAciliaAcilia Work in progressWork in progressWork in progressWork in progress ACILIAACILIAACILIAACILIA Data Center TIER 4Data Center TIER 4Data Center TIER 4Data Center TIER 4 Area Size Production System Rooms (6 m Height) Hi Density power supply Network supports >>>>4.0000 mq4.0000 mq4.0000 mq4.0000 mq >3.500 mq Fino a 15 Kw/mq SDN, NFV, NFV, NFV, NFV
  • 6. 6 LogicalLogicalLogicalLogical Security: 1)Security: 1)Security: 1)Security: 1) ClarifyClarifyClarifyClarify ResponsabilitiesResponsabilitiesResponsabilitiesResponsabilities accordingaccordingaccordingaccording totototo thethethethe choosenchoosenchoosenchoosen Service Model and Distribution ModelService Model and Distribution ModelService Model and Distribution ModelService Model and Distribution Model
  • 7. 7 LogicalLogicalLogicalLogical Security: 2)Security: 2)Security: 2)Security: 2) ImplementImplementImplementImplement SecuritySecuritySecuritySecurity accordingaccordingaccordingaccording totototo ResponsabilityResponsabilityResponsabilityResponsability Cloud Service Provider Scope: • Expose clear security levels of cloud SEs • Inform customer about Certifications, Policies, Processes, Responsabilities, Security Plan, L. 196 obligations, and Checks (ex PT and VA) in charge to TIM • Contractually sign obligations and SLA TIM Customer Customer Scope: • Assist customer in understanding residual risk • Consult the customer to secure its area of responsability • Provide addictional Security Services and tools to mitigate its own risk
  • 8. 8 LogicalLogicalLogicalLogical Security: 3) SecuritySecurity: 3) SecuritySecurity: 3) SecuritySecurity: 3) Security asasasas a service toa service toa service toa service to supportsupportsupportsupport SAASSAASSAASSAAS TIM Security Competence Center TIM Security Operation Center
  • 9. 9 Market Security Addictional Services Main Offered services TIM Security Operation Center AREAAREAAREAAREA PROTECTIONPROTECTIONPROTECTIONPROTECTION MAILMAILMAILMAIL PROTECTIONPROTECTIONPROTECTIONPROTECTION MSOCMSOCMSOCMSOC HOSTHOSTHOSTHOST PROTECTIONPROTECTIONPROTECTIONPROTECTION SECURITYSECURITYSECURITYSECURITY ASSESSMENTASSESSMENTASSESSMENTASSESSMENT SECURITYSECURITYSECURITYSECURITY MONITORINGMONITORINGMONITORINGMONITORING DDOSDDOSDDOSDDOS MITIGATIONMITIGATIONMITIGATIONMITIGATION Virtual appliances to protect mission critical Web Application, Data Bases o File Systems running into the TIM cloud or on premises Mail Relay service with Antispam & Antivirus Layer for customer with Mail Service offered by TIM or at Customer Premises Security Appliance Mgnt (IDS, IPS, Boundary Antivirus, Web Content Filtering, Antispam) Distributed Denial-of-Service Protection, to protect from attacks aiming to block the service to legitimate users. Periodic Vulnerability Assessments, Penetration Testing, Source Code Audit executed by the TIM SOC Monitoring of corporate anti-intrusion systems to identify and block potential attacks from internet as well as intranet users and prevent system violation • Cisco CCNA (Cisco Certified Network Associate) • Microsoft: “Microsoft Windows server” • SCJP - Sun Certified Java Programmer • ISO 20000 & 27001 Lead Auditor • ECDL Core • QCS - QualysGuard Certified Specialist • Certified Information Forensics Investigator – CIFI • EC-Council Certified Security Analyst – ECSA • EC-Council Licensed Penetration Tester – LTP • Certified Ethical Hacker – CEH v7 • Microsoft Certified Systems Engineer • CompTIA Security+ Certified (SYO-201) • Fortinet Certified Network and Security Associate (FCNSA) • Juniper Networks Certified Internet Associate (JNCIA-FWV) • QualysGuard Certified Specialist • Hands on Hacking Web Application (HOH) • Network and system security for company and public administration • Clavister Firewall Certification • IT Security & Digital Forensics (Master) • ISO 9000 • ISO 27001
  • 10. 10 The world is changing rapidly: new security challanges Where is my Perimeter? With Mobility and cloud, The company perimeter is now The Internet! New cloud security Access Layers are required to secure corporate Apps and data that are aware of used endpoint, access location, OS, Strong digital Identity, and used application . Titolo della Relazione Nome del Relatore, Nome Struttura How can I intelligently scan all of my Huge Cloud traffic? An enourmous amount of information about activity monitoring Logs (users, Admins), Anomalies detection (threads, usage, traffic, data scan) need to be handled every day. A big data approch must be undertaken. How I secure IoT? With IoT, Billions of low power and limited CPU devices with be connected to applications generating trillions of daily events. How I secure Smartphones? MDM and BYOD have low penetration. How do I secure these endpoints in a more easy way?
  • 11. 11 The world is changing rapidly: new security challanges How can IHow can IHow can IHow can I enforceenforceenforceenforce datadatadatadata protectionprotectionprotectionprotection usingusingusingusing cloudcloudcloudcloud???? Corporate applications needs to enforce data protection in different cloud deployment scenarios. How can I get visibility on Shadow Cloud? How can I get contextual access control and prevent data leakage on the cloud? How can IHow can IHow can IHow can I securesecuresecuresecure the agile and collaborativethe agile and collaborativethe agile and collaborativethe agile and collaborative developmentsdevelopmentsdevelopmentsdevelopments???? Devops is growing Fast. With continous Development, integration and delivery it is necessary to shift from a traditional SLDC security enforcement to a more dynamic security framework.
  • 12. 12 Our Vision: Creating an Digital Ecosystem around the TIM Cloud • Expose our Infrastructural assets (Network, BSS, CRM, Data Sets) • Aggregate and attract Extewrnal Communities (R&D, Start-ups, PPAA, System Integrators, ISV,..) • Broker Third Parties (Cloud providers, SW Vendors,..) • Enable an API economy • Expose Commercial Capabilities (sales force, resellers, payments) • Enable collaborative Dev for new generation of cloud- ready SAAS (Mashup, Devops. Micro services) • Sell IAAS, PAAS and SAAS • Monetise the community
  • 13. 13 New Security Requirements • In the new Cloud Ecosystem new security requirements arise: Titolo della Relazione Nome del Relatore, Nome Struttura • Secuity Pre-scan at Dev Stage • Automatic Testing at Build and Push Time • Secure microservices Registry • Scanning container at run time • WL/BL Container Registry • Signed containers • Centralise Log (Big Data) • Contextual Access Control • Ecrypt data in motion and data at rest • Orchestrate enviroments (Dev, Test, Prod) • Provide Dashboard for security Risk Ass • Discover Shadow cloud apps • Protect Mobile and IoT devices with client less approach • Provide SSO / Digital ID across apps • Multi Factor Strong Auth • IAM across apps
  • 14. 14 Conclusions • The trend of porting into the cloud existing legacy applications with well defined monolithic sw architecture will fade away with time • New security threads are continously arising from new emerging technologies such as IoT, PAAS, middleware frameworks, microservices, containers,.. • The new TIM cloud will quickly become a collaborative enviroment where a number of different entities will create together new services by aggregating capabilities under the form of API, Building blocks, micro-services offered by community members. Titolo della Relazione Nome del Relatore, Nome Struttura The scientific community need to help CPs with new Security Technologies, Solutions, Methodologies and Standards. The Cloud MUST Communicate SECURITY By Design!
  • 15. GrazieThank You! Michele Vecchione TIM Director Vertical Platform Engineering Michele.vecchione@telecomitalia.it