Download as PDF, PPTX
Uploaded byBGA Cyber Security
ISTSEC 2013 - Bulut Bilişim ve Güvenlik
This document discusses cloud computing and security features of Microsoft Azure. It describes Azure's physical security measures, network security, platform integrity, data protection, and application security controls. Azure provides DDoS protection, storage redundancy, encryption, access controls, logging and more to help secure customer data and applications in the cloud. The trust center provides a single source of information about Azure's security, privacy and compliance.
More Related Content
![The Art of Cyber War [From Black Hat Brazil 2014]](https://cdn.slidesharecdn.com/ss_thumbnails/radware-cyberwar-blackhatinfosec-141203101033-conversion-gate01-thumbnail.jpg?width=640&height=640&fit=bounds)
![Yihan Lian & Zhibin Hu - Smarter Peach: Add Eyes to Peach Fuzzer [rooted2017]](https://cdn.slidesharecdn.com/ss_thumbnails/360cn-smarterpeachfuzzer-170509145032-thumbnail.jpg?width=640&height=640&fit=bounds)
![Insights of a brute-forcing botnet / VERONICA VALEROS [CISCO]](https://cdn.slidesharecdn.com/ss_thumbnails/valeros-securitysessionscz2016-160404194228-thumbnail.jpg?width=640&height=640&fit=bounds)
Similar to ISTSEC 2013 - Bulut Bilişim ve Güvenlik
![[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud](https://cdn.slidesharecdn.com/ss_thumbnails/fs0fswrr36f3q9puu3u6-signature-d4523b3bf020616e67040d2a940ba8bf9aeab187b20da49956548f98de22ea12-poli-180606121949-thumbnail.jpg?width=640&height=640&fit=bounds)
ISTSEC 2013 - Bulut Bilişim ve Güvenlik
- 1.
- 2. Bulut Bilişim |Özellikler The image part with relations hip ID rId12 was not found in the file.
- 3.
- 4. Bulut Hizmetleri Altyapın Hazır! Platformun Altyapınla Beraber Kurulu Geliyor ! Sadece Kullan ! Servis Olarak Altyapı Servis Olarak Platform Servis Olarak Yazılım Uygulama / Veri Uygulama / Veri Uygulama / Veri Uygulama / Veri Platform Platform Platform Platform Altyapı Altyapı Altyapı Altyapı Şirket İçi • Altyapı: Sunucu, Ağ, Güvenlik, Depo, Sanallaştırma..vs • Platform: Veritabanı, Web Hosting, Ortakatman,..vs • Uygulama: Exchange, Office.. • Sanal Makineler • Sanal Ağ • Servis Olarak Uygulama Yönetimi • Servis Olarak Veritabanı • Servis Olarak AD • Entegrasyon Servisleri • • • • Servis Olarak ERP Servis Olarak EPosta Servis Olarak CRM Servis Olarak DYS Sizin Yönettiğiniz Bulut Sağlayıcılarının Yönettiği
- 5.
- 6. Microsoft’un kapsamlı bulutçözümleri Microsoft Tek tutarlı Siz deneyim Bulut Hizmet Sağlayıcı
- 7. Unparalleled experience inonline security 7
- 8. Physical Security Network Security Platform Integrity Data Identity Application Protection andAccess Security Engineering System and Operational Security
- 9. Service security startswith the data center Perimeter Security Fire Suppression Multi-factor authentication Extensive Monitoring
- 10. ISO / IEC27001:2005 Certification SAS 70 Type I and II attestations (transitioning to SSAE 16/ISAE 3402 SOC 1, 2, and 3) HIPAA/HITECH PCI Data Security Standard Certification FISMA Certification and Accreditation Various State, Federal, and International Privacy Laws (95/46/EC—aka EU Data Protection Directive; California SB1386; etc.)
- 12. DDoS Protection inAzure • • • • • • • • DDoS attacks aiming to exhaust compute, memory, network bandwidth or other resources of a service Windows Azure network infrastructure deploys DDoS defense system Standard DDoS volumetric mitigation techniques such as SYN floods, rate limiting and connection limits Combined with SLBs to sanitize TCP/UDP traffic, including automated DDoS detection and mitigation On ongoing basis we validate that core Windows Azure services have adequate resilience to DDoS attacks DDoS protection for platform services also benefits tenant applications However, it is still possible for tenant applications to be targeted individually § Customers should actively monitor their applications § Customers should test their applications for interface specific attacks § Deploy third part web application firewalls e.g. https://www.barracuda.com/programs/azure If a customer notices their application is attacked, they should contact Azure Customer Support for assistance
- 13. Platform Integrity • ReducedOS footprint • Compute and Access Isolation § Isolation of the Host from the Guest VMs § Isolation of Guest VMs from one another § Host-mediated Guest VM access to network and disk • Anti-Malware • Patch management
- 14. Data Protection • Redundant storage § Replicated at least three times in the same datacenter § Geo-replication to different datacenter • • • • • • Storage accounts and keys Data backup Data deletion and destruction SQL Azure inherits SQL’s authentication/authorization system Data encryption in transit Data encryption at rest - IaaS customers may implement using .NET cryptographic services or EFS
- 15. Securing Engineering Systemand Operations • Strong Identity Assurance • Granular Access Control • Access to Customer Data is highly restricted • Logging and monitoring • Customers have access to logs of administrator actions affecting them
- 16.
- 17. http://www.windowsazure.com/en-us/support/trust-center/ • One location toaggregate content across Security, Privacy, and Compliance