Spoke on Securing Data in the Cloud at GISEC on 23rd May 2017. Touched on the trends, perceptions, and various controls to protect data. Finally, discussed various approaches to secure data in the cloud
This document discusses cloud computing risks and security. It identifies several types of risks including unauthorized access to data, insecure interfaces, insider threats, technology sharing issues, data loss or leakage, hijacking, and unknown risk profiles. It also discusses how cloud service providers use methods like encryption, VPNs, logging, and data segregation to protect customer data and security. Finally, it outlines some advantages of cloud computing in establishing security through data centralization, incident response capabilities, and logging while also noting challenges around regulatory compliance, disaster recovery, and ensuring long-term data accessibility.
Cloud computing risk assesment presentationAhmad El Tawil
This document discusses risk assessment for cloud computing. It outlines the steps in risk assessment, which include threat identification, vulnerability identification, risk determination, and control recommendation. It also discusses assessing the security risks of cloud computing, including evaluating data location, recovery, viability, and support in reducing risk. Finally, it covers security and privacy challenges in cloud computing such as authentication, access control, secure service management, and privacy/data protection.
Risk management is essential for cloud computing due to security, privacy, availability and compliance risks. Organizations should thoroughly evaluate cloud vendors to ensure adequate controls over data access, regulatory compliance, privacy, disaster recovery, and contractual obligations. A risk-based approach is needed to determine which applications and data can be safely moved to the cloud. Major cloud providers like AWS have robust security and risk management programs, but due diligence is still required from organizations.
The document discusses the major security concerns organizations have regarding cloud environments. The top concerns include: data loss/leakage due to the ease of sharing data in the cloud (69% of organizations), data privacy and confidentiality (66%), accidental exposure of cloud credentials (44%), difficulty performing effective incident response in the cloud (44%), and legal/regulatory compliance challenges (42%). Other concerns include data sovereignty/residence/control, as organizations may not know where their data is physically stored.
Big data is growing exponentially and will reach 40ZB by 2020, doubling every two years. Most companies are using or planning to use big data, seeing it as an opportunity. Analytics of big data can provide insights to increase productivity and profits. However, big data also poses security and privacy challenges under regulations like GDPR which grant individuals more control over and access to their personal data. New technologies like AI and cloud are helping companies address these issues to transform with data while respecting privacy.
The document summarizes key points from a presentation on cloud security standards. It discusses the benefits of standards in promoting interoperability and regulatory compliance. It analyzes the current landscape of standards, including specifications, advisory standards, and security frameworks. It also provides recommendations for 10 steps customers can take to evaluate a cloud provider's security, including ensuring governance and compliance, auditing processes, managing access controls, and assessing physical infrastructure security. The document recommends cloud security standards and certifications customers should expect providers to support.
Overview of Data Loss Prevention Policies in Office 365Dock 365
Presentation about identifying, monitoring, and automatically protect sensitive information across Office 365.
With a DLP Policy, you can:
- Identify sensitive information across many locations, such as SharePoint Online and OneDrive for Business.
- Prevent the accidental sharing of sensitive information.
- Monitor and protect sensitive information in the desktop versions of Excel 2016, PowerPoint 2016, and Word 2016.
- Help users learn how to stay compliant without interrupting their workflow.
- View DLP reports showing content that matches your organization's DLP policies.
Visit www.mydock365.com to learn more about SharePoint with Dock.
Webinar presented live on February 27, 2018.
Introducing the OMG’s Data Residency Maturity Model
With the rise of managed IT services and cloud computing, sensitive data is regularly moved across countries and jurisdictions, which can be in direct conflict with various international, national or local regulations dictating where certain types of data can be stored (e.g., the European Union’ General Data Protection Regulation, or GDPR). Data residency is also a consideration of data owners responsible for protecting and securing data from unintended access.
The Object Management Group® (OMG®), a technology standards consortium, launched a working group in 2015 to address the challenges of data residency and define a standards roadmap to help stakeholders manage the location of their data and metadata.
Given the complexity of the issue, a stepwise improvement plan is necessary. This webinar will introduce a new Data Residency Maturity Model (DRMM) proposed in December 2017. Similar to the Capability Maturity Model (CMM) invented in 1990 at the Software Engineering Institute (SEI), the DRMM contains five maturity levels aimed at helping an organization improve their practices and governance of data residency. The OMG seeks feedback on the DRMM and calls on all interested parties to contribute to this work.
This document discusses cloud computing risks and security. It identifies several types of risks including unauthorized access to data, insecure interfaces, insider threats, technology sharing issues, data loss or leakage, hijacking, and unknown risk profiles. It also discusses how cloud service providers use methods like encryption, VPNs, logging, and data segregation to protect customer data and security. Finally, it outlines some advantages of cloud computing in establishing security through data centralization, incident response capabilities, and logging while also noting challenges around regulatory compliance, disaster recovery, and ensuring long-term data accessibility.
Cloud computing risk assesment presentationAhmad El Tawil
This document discusses risk assessment for cloud computing. It outlines the steps in risk assessment, which include threat identification, vulnerability identification, risk determination, and control recommendation. It also discusses assessing the security risks of cloud computing, including evaluating data location, recovery, viability, and support in reducing risk. Finally, it covers security and privacy challenges in cloud computing such as authentication, access control, secure service management, and privacy/data protection.
Risk management is essential for cloud computing due to security, privacy, availability and compliance risks. Organizations should thoroughly evaluate cloud vendors to ensure adequate controls over data access, regulatory compliance, privacy, disaster recovery, and contractual obligations. A risk-based approach is needed to determine which applications and data can be safely moved to the cloud. Major cloud providers like AWS have robust security and risk management programs, but due diligence is still required from organizations.
The document discusses the major security concerns organizations have regarding cloud environments. The top concerns include: data loss/leakage due to the ease of sharing data in the cloud (69% of organizations), data privacy and confidentiality (66%), accidental exposure of cloud credentials (44%), difficulty performing effective incident response in the cloud (44%), and legal/regulatory compliance challenges (42%). Other concerns include data sovereignty/residence/control, as organizations may not know where their data is physically stored.
Big data is growing exponentially and will reach 40ZB by 2020, doubling every two years. Most companies are using or planning to use big data, seeing it as an opportunity. Analytics of big data can provide insights to increase productivity and profits. However, big data also poses security and privacy challenges under regulations like GDPR which grant individuals more control over and access to their personal data. New technologies like AI and cloud are helping companies address these issues to transform with data while respecting privacy.
The document summarizes key points from a presentation on cloud security standards. It discusses the benefits of standards in promoting interoperability and regulatory compliance. It analyzes the current landscape of standards, including specifications, advisory standards, and security frameworks. It also provides recommendations for 10 steps customers can take to evaluate a cloud provider's security, including ensuring governance and compliance, auditing processes, managing access controls, and assessing physical infrastructure security. The document recommends cloud security standards and certifications customers should expect providers to support.
Overview of Data Loss Prevention Policies in Office 365Dock 365
Presentation about identifying, monitoring, and automatically protect sensitive information across Office 365.
With a DLP Policy, you can:
- Identify sensitive information across many locations, such as SharePoint Online and OneDrive for Business.
- Prevent the accidental sharing of sensitive information.
- Monitor and protect sensitive information in the desktop versions of Excel 2016, PowerPoint 2016, and Word 2016.
- Help users learn how to stay compliant without interrupting their workflow.
- View DLP reports showing content that matches your organization's DLP policies.
Visit www.mydock365.com to learn more about SharePoint with Dock.
Webinar presented live on February 27, 2018.
Introducing the OMG’s Data Residency Maturity Model
With the rise of managed IT services and cloud computing, sensitive data is regularly moved across countries and jurisdictions, which can be in direct conflict with various international, national or local regulations dictating where certain types of data can be stored (e.g., the European Union’ General Data Protection Regulation, or GDPR). Data residency is also a consideration of data owners responsible for protecting and securing data from unintended access.
The Object Management Group® (OMG®), a technology standards consortium, launched a working group in 2015 to address the challenges of data residency and define a standards roadmap to help stakeholders manage the location of their data and metadata.
Given the complexity of the issue, a stepwise improvement plan is necessary. This webinar will introduce a new Data Residency Maturity Model (DRMM) proposed in December 2017. Similar to the Capability Maturity Model (CMM) invented in 1990 at the Software Engineering Institute (SEI), the DRMM contains five maturity levels aimed at helping an organization improve their practices and governance of data residency. The OMG seeks feedback on the DRMM and calls on all interested parties to contribute to this work.
Cloud Security - Emerging Facets and FrontiersGokul Alex
My session on Cloud Computing Security prepared for ISC2 Bangalore Chapter MeetUp. It is a walkthrough on the fundamental axioms of cloud security with reference to architecture standards, industry best practices and a coverage of some of the most pertinent attack vectors in the recent times. This presentation delves deeper into Cloud Security Reference Architectures, Cloud Security Operating Models, Cloud Firewalls, Cloud Identity Access Management Models, Cloud Malware Concepts etc.
Slide on Cloud Security. This defines the possible aspects on Cloud Security. Images are taken from different Websites which are mentioned on references section.
Webinar presented live on May 11, 2017.
As data is increasingly accessed and shared across geographic boundaries, a growing web of conflicting laws and regulations dictate where data can be transferred, stored, and shared, and how it is protected. The Object Management Group® (OMG®) and the Cloud Standards Customer Council™ (CSCC™) recently completed a significant effort to analyze and document the challenges posed by data residency. Data residency issues result from the storage and movement of data and metadata across geographies and jurisdictions.
Attend this webinar to learn more about data residency:
• How it may impact users and providers of IT services (including but not limited to the cloud)
• The complex web of laws and regulations that govern this area
• The relevant aspects – and limitations -- of current standards and potential areas of improvement
• How to contribute to future work
Read the OMG's paper, Data Residency Challenges and Opportunities for Standardization: http://www.omg.org/data-residency/
Read the CSCC's edition of the paper, Data Residency Challenges: http://www.cloud-council.org/deliverables/data-residency-challenges.htm
The introduction of cloud computing and cloud sourcing requires an appropriate cloud governance strcuture to ensure a secured computing environment and to comply with all relevant organizational information technology policies. As such, organizations need a set of cloud governance capabilities that are essential when effectively implementing and managing cloud services.
Webinar presented live on April 11, 2017.
The Cloud Standards Customer Council has published version 2.0 of the Impact of Cloud Computing on Healthcare whitepaper.
Over the past several years, the market dynamics of the healthcare industry have changed significantly with the growing impact of consumerism, digitalization, preventative healthcare and regulations. Attend this webinar to gain a fresh perspective on the current market dynamics, challenges and benefits of cloud computing on healthcare IT.
The webinar presentation will cover:
- Benefits and key considerations of leveraging cloud computing for healthcare IT
- Specific IT trends in the healthcare industry that are addressed most effectively, both technically and economically, by cloud computing
- Guidance on how best to achieve the benefits of cloud computing
Read the whitepaper: http://www.cloud-council.org/deliverables/impact-of-cloud-computing-on-healthcare.htm
This presentation simplifies Cloud, Cloud Security and Cloud Security Certifications. This includes the following:
- Understanding Cloud
- Understanding Cloud Security using the Risk Management and Cloud Security Control Frameworks
- Cloud Security Certifications
- Key Definitions
IBM Cloud provides security across its infrastructure, platform, and software services. It addresses key cloud security challenges by taking a holistic approach to manage access, protect data, and gain visibility. IBM Cloud has over 40 global data centers connected by a secure, high-speed network to provide elastic, fast, and self-service cloud resources across North America, Europe, and Asia Pacific regions.
Cloud security involves securing the data, applications, and infrastructure associated with cloud computing. The document outlines some common cloud security issues like data breaches, data loss, account hijacking, insecure APIs, denial of service attacks, and back doors. It also discusses how cloud computing works using various deployment models and service models. Finally, it recommends questions users should ask cloud providers about data storage locations, security practices, inspection access, migration costs, disaster recovery documentation, and privacy policies.
The provision of infrastructure as a service (iaas) is one of the fastest growing areas of it & communications, with businesses across the uK facing the challenge of ‘doing more with less’.
The adoption of managed storage and servers in particular is helping organisations address the multiple challenges of reducing it spend; ensuring 99.99% application availability; enabling ‘on-demand’ capacity; consolidating server and storage infrastructure and reducing carbon footprint.
Cloud based delivery models are increasingly seen as a ‘must’ when it comes to data delivery and storage. intechnology’s purpose-built £100m infrastructure is optimised to support and drive that trend.
IT Solutions for 3 Common Small Business ProblemsBrooke Bordelon
Many time consuming IT problems can be side-stepped by establishing a solid network from the get-go rather than playing catch up with problems as they arise..find out how with these IT solutions.
Intro to Office 365 Security & Compliance CenterCraig Jahnke
This is a session I gave at SharePoint Saturday Atlanta --> The Office 365 Security & Compliance Center is your one-stop portal for protecting your data in Office 365. Microsoft has been adding many new features and services for those companies that have data protection or compliance needs, or want to audit user activity in their organization. Come to my session to learn how to get started with Security & Compliance Center, and find out you can better manage and secure you data.
Microsoft Azure Rights Management provides a comprehensive policy-based enterprise solution to help protect your valuable information, no matter whom you share it with. For $2.00 per user per month, you get Information Rights Management capabilities such as Do Not Forward and Company Confidential, as well as Office 365 Message Encryption, which allows you send encrypted emails to anyone!
Easily enforce policies to improve data security
Both Information Rights Management and Office 365 Message Encryption are policy based and designed to work with the Exchange transport rule engine. That means Microsoft Azure Rights Management allows you to set up complex policy restrictions easily, with just a single action.
Simple and convenient communication management
Information Rights Management is built to work across multiple workloads such as Exchange, SharePoint, and Office documents, and it makes it easier to set restrictions and provide permissions. Office 365 Message Encryption comes with a modern user interface that makes it easy to use.
These customers are front-runners in different industries, but all five were united by a need to rethink IAM. For large organizations with millions of customers, the stakes are simply too high to ignore the demands of the modern IT environment.
IDENTITY IS THE FIRST STEP TO TRUE NETWORK SECURITYForgeRock
SCOTT STEVENS, VP, Technology, WW Systems, Engineering, Palo Alto Networks and ALLAN FOSTER
VP, Technology & Standards, Office of the CTO, ForgeRock, at the European IRM Summit 2014.
This document provides an overview of security and compliance features in Office 365. It begins by outlining common business requirements around security, retention, policies, auditing, control and reporting of information. It then details the specific security features in Office 365 like physical security, network security, encryption, anti-spam/anti-virus, and customer data isolation. Compliance features are also summarized, including standards/certifications, privacy controls, retention policies, eDiscovery and litigation holds. Finally, best practices and additional resources are recommended.
Cloud Managed Services: Cloud InfrastructureThe TNS Group
One solution of cloud managed services is cloud infrastructure. This allows for increased mobility, instant scalability, cost efficiency, and a competitive edge.
This document discusses integrating electronic fax with business applications and devices to securely exchange information. It describes how fax is still widely used for critical business transactions in industries like healthcare, legal, utilities and manufacturing. Integrating fax with email, ERP systems, document management, MFP devices and electronic medical records can streamline workflows, improve compliance and increase productivity by automating the delivery of documents and forms. The benefits include faster processing, reduced costs, improved agility and a foundation for digital transformation.
The document discusses CloudWALL Italia's strategy of providing security solutions and services through a portfolio of cloud-based offerings. Their approach focuses on delivering innovative yet effective security technologies through the cloud in a modular, flexible and cost-effective way with low impact on existing infrastructures. This allows companies to address growing security risks and meet management costs in today's mobile, networked and cloud-based IT environments.
Cloud security what to expect (introduction to cloud security)Moshe Ferber
This document provides an overview of cloud security presented by Moshe Ferber, a certified cloud security professional. It introduces cloud computing models including SaaS, PaaS, and IaaS. For IaaS, the document discusses that while the underlying infrastructure is managed by the cloud provider, customers are responsible for the security of guest operating systems, applications, and data. It also covers key IaaS security considerations like virtual machine access control, network visibility limitations, and the division of security responsibilities between customers and providers.
Private Cloud vs Public Cloud vs Hybrid Cloud – Which is best?Viana Labs
The choice of Public, Private or Hybrid completely depends on the business requirements, applications that need to be used and amount of data volume/workload the business wants to load on cloud. If you are not sure which platform to choose then you contact our cloud expert team to provide you free consulting service on how to migrate from on premise to public/private or hybrid cloud platform.
Visit us : https://vianalabs.com/aws-support-services/
Guide to security patterns for cloud systems and data security in aws and azureAbdul Khan
Cloud has many advantages over the traditional on-premise infrastructure; however, this does bring many new concerns around issues of system security, communication security, data security, privacy, latency and availability. When designing and developing Cloud SaaS application, these security issues need to be addressed in order to ensure regulatory compliance, security and trusted environment in AWS and Azure.
The presentation provides real-world cloud security scenarios (problem statements) and proposed solutions for each security design pattern. Also covers the different security aspects of system including, data security to privacy and GDPR related problems.
This document discusses defense-in-depth strategies for securing databases in cloud environments. It describes how databases continue to be attractive targets for attackers due to the sensitive data they store. It then discusses how the hybrid cloud model raises new security concerns around data access and control. The document proposes a strategy of always-on encryption, centralized key management with Oracle Key Vault, configuration compliance monitoring, and restricting access to sensitive data with Oracle Database Vault to provide consistent security across on-premises and cloud databases.
Cloud Security - Emerging Facets and FrontiersGokul Alex
My session on Cloud Computing Security prepared for ISC2 Bangalore Chapter MeetUp. It is a walkthrough on the fundamental axioms of cloud security with reference to architecture standards, industry best practices and a coverage of some of the most pertinent attack vectors in the recent times. This presentation delves deeper into Cloud Security Reference Architectures, Cloud Security Operating Models, Cloud Firewalls, Cloud Identity Access Management Models, Cloud Malware Concepts etc.
Slide on Cloud Security. This defines the possible aspects on Cloud Security. Images are taken from different Websites which are mentioned on references section.
Webinar presented live on May 11, 2017.
As data is increasingly accessed and shared across geographic boundaries, a growing web of conflicting laws and regulations dictate where data can be transferred, stored, and shared, and how it is protected. The Object Management Group® (OMG®) and the Cloud Standards Customer Council™ (CSCC™) recently completed a significant effort to analyze and document the challenges posed by data residency. Data residency issues result from the storage and movement of data and metadata across geographies and jurisdictions.
Attend this webinar to learn more about data residency:
• How it may impact users and providers of IT services (including but not limited to the cloud)
• The complex web of laws and regulations that govern this area
• The relevant aspects – and limitations -- of current standards and potential areas of improvement
• How to contribute to future work
Read the OMG's paper, Data Residency Challenges and Opportunities for Standardization: http://www.omg.org/data-residency/
Read the CSCC's edition of the paper, Data Residency Challenges: http://www.cloud-council.org/deliverables/data-residency-challenges.htm
The introduction of cloud computing and cloud sourcing requires an appropriate cloud governance strcuture to ensure a secured computing environment and to comply with all relevant organizational information technology policies. As such, organizations need a set of cloud governance capabilities that are essential when effectively implementing and managing cloud services.
Webinar presented live on April 11, 2017.
The Cloud Standards Customer Council has published version 2.0 of the Impact of Cloud Computing on Healthcare whitepaper.
Over the past several years, the market dynamics of the healthcare industry have changed significantly with the growing impact of consumerism, digitalization, preventative healthcare and regulations. Attend this webinar to gain a fresh perspective on the current market dynamics, challenges and benefits of cloud computing on healthcare IT.
The webinar presentation will cover:
- Benefits and key considerations of leveraging cloud computing for healthcare IT
- Specific IT trends in the healthcare industry that are addressed most effectively, both technically and economically, by cloud computing
- Guidance on how best to achieve the benefits of cloud computing
Read the whitepaper: http://www.cloud-council.org/deliverables/impact-of-cloud-computing-on-healthcare.htm
This presentation simplifies Cloud, Cloud Security and Cloud Security Certifications. This includes the following:
- Understanding Cloud
- Understanding Cloud Security using the Risk Management and Cloud Security Control Frameworks
- Cloud Security Certifications
- Key Definitions
IBM Cloud provides security across its infrastructure, platform, and software services. It addresses key cloud security challenges by taking a holistic approach to manage access, protect data, and gain visibility. IBM Cloud has over 40 global data centers connected by a secure, high-speed network to provide elastic, fast, and self-service cloud resources across North America, Europe, and Asia Pacific regions.
Cloud security involves securing the data, applications, and infrastructure associated with cloud computing. The document outlines some common cloud security issues like data breaches, data loss, account hijacking, insecure APIs, denial of service attacks, and back doors. It also discusses how cloud computing works using various deployment models and service models. Finally, it recommends questions users should ask cloud providers about data storage locations, security practices, inspection access, migration costs, disaster recovery documentation, and privacy policies.
The provision of infrastructure as a service (iaas) is one of the fastest growing areas of it & communications, with businesses across the uK facing the challenge of ‘doing more with less’.
The adoption of managed storage and servers in particular is helping organisations address the multiple challenges of reducing it spend; ensuring 99.99% application availability; enabling ‘on-demand’ capacity; consolidating server and storage infrastructure and reducing carbon footprint.
Cloud based delivery models are increasingly seen as a ‘must’ when it comes to data delivery and storage. intechnology’s purpose-built £100m infrastructure is optimised to support and drive that trend.
IT Solutions for 3 Common Small Business ProblemsBrooke Bordelon
Many time consuming IT problems can be side-stepped by establishing a solid network from the get-go rather than playing catch up with problems as they arise..find out how with these IT solutions.
Intro to Office 365 Security & Compliance CenterCraig Jahnke
This is a session I gave at SharePoint Saturday Atlanta --> The Office 365 Security & Compliance Center is your one-stop portal for protecting your data in Office 365. Microsoft has been adding many new features and services for those companies that have data protection or compliance needs, or want to audit user activity in their organization. Come to my session to learn how to get started with Security & Compliance Center, and find out you can better manage and secure you data.
Microsoft Azure Rights Management provides a comprehensive policy-based enterprise solution to help protect your valuable information, no matter whom you share it with. For $2.00 per user per month, you get Information Rights Management capabilities such as Do Not Forward and Company Confidential, as well as Office 365 Message Encryption, which allows you send encrypted emails to anyone!
Easily enforce policies to improve data security
Both Information Rights Management and Office 365 Message Encryption are policy based and designed to work with the Exchange transport rule engine. That means Microsoft Azure Rights Management allows you to set up complex policy restrictions easily, with just a single action.
Simple and convenient communication management
Information Rights Management is built to work across multiple workloads such as Exchange, SharePoint, and Office documents, and it makes it easier to set restrictions and provide permissions. Office 365 Message Encryption comes with a modern user interface that makes it easy to use.
These customers are front-runners in different industries, but all five were united by a need to rethink IAM. For large organizations with millions of customers, the stakes are simply too high to ignore the demands of the modern IT environment.
IDENTITY IS THE FIRST STEP TO TRUE NETWORK SECURITYForgeRock
SCOTT STEVENS, VP, Technology, WW Systems, Engineering, Palo Alto Networks and ALLAN FOSTER
VP, Technology & Standards, Office of the CTO, ForgeRock, at the European IRM Summit 2014.
This document provides an overview of security and compliance features in Office 365. It begins by outlining common business requirements around security, retention, policies, auditing, control and reporting of information. It then details the specific security features in Office 365 like physical security, network security, encryption, anti-spam/anti-virus, and customer data isolation. Compliance features are also summarized, including standards/certifications, privacy controls, retention policies, eDiscovery and litigation holds. Finally, best practices and additional resources are recommended.
Cloud Managed Services: Cloud InfrastructureThe TNS Group
One solution of cloud managed services is cloud infrastructure. This allows for increased mobility, instant scalability, cost efficiency, and a competitive edge.
This document discusses integrating electronic fax with business applications and devices to securely exchange information. It describes how fax is still widely used for critical business transactions in industries like healthcare, legal, utilities and manufacturing. Integrating fax with email, ERP systems, document management, MFP devices and electronic medical records can streamline workflows, improve compliance and increase productivity by automating the delivery of documents and forms. The benefits include faster processing, reduced costs, improved agility and a foundation for digital transformation.
The document discusses CloudWALL Italia's strategy of providing security solutions and services through a portfolio of cloud-based offerings. Their approach focuses on delivering innovative yet effective security technologies through the cloud in a modular, flexible and cost-effective way with low impact on existing infrastructures. This allows companies to address growing security risks and meet management costs in today's mobile, networked and cloud-based IT environments.
Cloud security what to expect (introduction to cloud security)Moshe Ferber
This document provides an overview of cloud security presented by Moshe Ferber, a certified cloud security professional. It introduces cloud computing models including SaaS, PaaS, and IaaS. For IaaS, the document discusses that while the underlying infrastructure is managed by the cloud provider, customers are responsible for the security of guest operating systems, applications, and data. It also covers key IaaS security considerations like virtual machine access control, network visibility limitations, and the division of security responsibilities between customers and providers.
Private Cloud vs Public Cloud vs Hybrid Cloud – Which is best?Viana Labs
The choice of Public, Private or Hybrid completely depends on the business requirements, applications that need to be used and amount of data volume/workload the business wants to load on cloud. If you are not sure which platform to choose then you contact our cloud expert team to provide you free consulting service on how to migrate from on premise to public/private or hybrid cloud platform.
Visit us : https://vianalabs.com/aws-support-services/
Guide to security patterns for cloud systems and data security in aws and azureAbdul Khan
Cloud has many advantages over the traditional on-premise infrastructure; however, this does bring many new concerns around issues of system security, communication security, data security, privacy, latency and availability. When designing and developing Cloud SaaS application, these security issues need to be addressed in order to ensure regulatory compliance, security and trusted environment in AWS and Azure.
The presentation provides real-world cloud security scenarios (problem statements) and proposed solutions for each security design pattern. Also covers the different security aspects of system including, data security to privacy and GDPR related problems.
This document discusses defense-in-depth strategies for securing databases in cloud environments. It describes how databases continue to be attractive targets for attackers due to the sensitive data they store. It then discusses how the hybrid cloud model raises new security concerns around data access and control. The document proposes a strategy of always-on encryption, centralized key management with Oracle Key Vault, configuration compliance monitoring, and restricting access to sensitive data with Oracle Database Vault to provide consistent security across on-premises and cloud databases.
2014 2nd me cloud conference trust in the cloud v01promediakw
This document discusses building trust in the cloud by achieving a secure, trusted, and audit-ready (STAR) cloud environment. It explains that cloud adoption is increasing but many organizations have a gap between expected cloud controls and implemented controls. To close this gap, the document recommends evaluating cloud environments based on the EY Cloud Trust Model, which consists of six control domains: technology, data, organizational, operational, audit and compliance, and governance. Achieving control in these domains can help organizations move applications and data to the cloud in a secure and trusted manner.
Govern and Protect Your End User InformationDenodo
Watch this Fast Data Strategy session with speakers Clinton Cohagan, Chief Enterprise Data Architect, Lawrence Livermore National Lab & Nageswar Cherukupalli, Vice President & Group Manager, Infosys here: https://buff.ly/2k8f8M5
In its recent report “Predictions 2018: A year of reckoning”, Forrester predicts that 80% of firms affected by GDPR will not comply with the regulation by May 2018. Of those noncompliant firms, 50% will intentionally not comply.
Compliance doesn’t have to be this difficult! What if you have an opportunity to facilitate compliance with a mature technology and significant cost reduction? Data virtualization is a mature, cost-effective technology that enables privacy by design to facilitate compliance.
Attend this session to learn:
• How data virtualization provides a compliance foundation with data catalog, auditing, and data security.
• How you can enable single enterprise-wide data access layer with guardrails.
• Why data virtualization is a must-have capability for compliance use cases.
• How Denodo’s customers have facilitated compliance.
This document discusses security considerations for cloud computing. It covers security challenges like privacy, portability, interoperability, reliability and availability. It also discusses security planning, boundaries based on infrastructure as a service (IaaS), platform as a service (PaaS) and software as a service (SaaS) models. Additional topics include data security, software as a service security, security monitoring, and security architecture design.
The Cloud Standards Customer Council (CSCC) provides guidance to cloud standards bodies from a customer perspective. This document summarizes a webinar about the CSCC's Cloud Customer Architecture for Securing Workloads on Cloud Services. The webinar discussed key aspects of securing workloads in cloud environments, including identity and access management, infrastructure security, application security, data security, and governance. It also outlined the CSCC's series of cloud customer reference architectures and provided considerations for successfully securing workloads on cloud services.
Lions and Tigers and Cloud, Oh My! The Truth Behind Cloud Security and RisksSAP Ariba
The document discusses cloud security and risks. It summarizes a presentation on this topic from Accenture and Ariba. The presentation addresses common concerns about cloud security from the perspective of CIOs and CSOs. It discusses different cloud models and the similarities and differences between cloud and conventional security approaches. It provides recommendations for how organizations can evaluate cloud providers and implement cloud services securely.
The document discusses cloud computing, including its benefits, concerns, and security implications. It provides an overview of cloud concepts like deployment models, delivery models, and characteristics. While cloud computing promises cost savings and scalability, security is a shared responsibility and organizations must understand the risks of transferring control of their data and infrastructure to a third party provider. Proper security measures, policies, and vendor oversight are needed to help protect organizations in the cloud.
Cloud security for banks - the central bank of Israel regulations for cloud s...Moshe Ferber
This presentation discuss how the Israeli banks should cope with the Israeli central bank cloud regulations. In the slide we examine different articles inside the cloud regulation and discuss the challenges and controls to be used.
The document discusses cloud computing and security considerations for moving to the cloud. Some key points:
1) It defines cloud computing based on NIST definitions and emphasizes automation, elasticity, and flexible costing as core benefits of the cloud.
2) It notes that while cost savings are often cited, security and privacy are often overlooked but critical considerations for moving to the cloud.
3) It provides an overview of cloud security elements including identity and access management, data security, encryption, network security, and ensuring secure cloud architecture and design.
This document provides an overview of practical cloud security advice. It discusses security risks in cloud computing like unauthorized data exposure and loss of availability. It recommends technical controls like CASB for access monitoring, DLP for data protection, and IRM for persistent data protection. The document also stresses the importance of identity and access management, encryption, and secure configurations.
The document discusses strategies for IT executives to mitigate risks associated with cloud computing. It first outlines some key security and compliance questions around data confidentiality, compliance with regulations, data residency, auditability, and data breaches. It then describes four strategies to mitigate cloud risks: 1) using data encryption at rest, 2) implementing two-factor authentication, 3) eliminating shared accounts, and 4) insisting on a well-defined shared responsibility model with providers. The document stresses that properly managing risks can outweigh the benefits of cloud migration.
Introduction of Cloud Computing & Historical Background
Cloud Service Models & Cloud Deployment Models
Benefits of Cloud Computing
Risks and Challenges
Future Trends in Cloud Computing
Edge Computing, Serverless Computing, AI & Machine Learning in Cloud, Security and
Compliance
Needs and Obstacles for Cloud Deployment
Conclusion
The document discusses cloud security from the perspective of Wen-Pai Lu, a technical leader at Cisco. It defines cloud security as security products and solutions deployed within cloud computing environments ("in the cloud") or targeted at securing other cloud services ("for the cloud"). It also discusses security services delivered by cloud computing services ("by the cloud"). The document outlines many considerations for cloud security, including infrastructure security, applications and software, physical security, human risks, compliance, disaster recovery, threats, and perspectives from both enterprises and service providers.
Cloud computing- Benefits,Future and Challenges RohitKumar3153
The document discusses cloud computing, including:
- Cloud computing allows users to access computing resources like storage, processing, and security from any location through the internet.
- It works by running applications and storing data on remote servers owned by cloud computing companies, rather than on the user's local machine.
- Over 1 exabyte of data is currently stored in the cloud, and more than 50% of Global 1000 companies are expected to store customer data in the public cloud by the end of 2016.
- The cloud has front-end components like clients and user interfaces, and back-end components like computers, servers, and data storage systems.
This document summarizes 10 key security concerns for cloud computing: 1) data location; 2) access controls; 3) regulatory requirements; 4) audit rights; 5) employee training; 6) data classification; 7) service level agreements; 8) long-term viability; 9) security breach response; and 10) disaster recovery plans. It also briefly outlines cloud computing models and benefits, as well as potential security attacks against cloud systems like denial of service attacks and authentication attacks.
Migrating Critical Applications To The Cloud - ISACA Seattle - SanitizedNorm Barber
The document discusses considerations for migrating applications to the cloud. It begins with an introduction of the speaker, Norm Barber, and his background in IT security. It then covers four premises related to cloud adoption: 1) Adoption is accelerating around platform as a service (PaaS), 2) Adopting DevOps practices is occurring concurrently, 3) IT risk management is evolving with the cloud, and 4) Moving applications to the cloud is an ongoing process rather than a one-time event. The document argues that technology is needed to help manage compliance as applications, cloud platforms, and risk management practices change over time. It provides an example case study of a client migrating applications to Azure PaaS and using tools
Migrating Critical Applications to the Cloud - isaca seattle - sanitizedUnifyCloud
The magnitude of the migration effort to the Cloud, the complexity of both customized apps and Cloud environments, and the requirement for ongoing app-level monitoring suggests the need for what Gartner calls a “programmable security infrastructure capable of supporting security policy ‘toolchains’.”
Cloud Security for Regulated Firms - Securing my cloud and proving itHentsū
As a regulated cloud user, security and compliance are two of your primary concerns, a workshop on how to keep secure and demonstrate your compliance to key stakeholders.
Specifically, what can be done to secure cloud resources and show compliance for auditors, investors, DDQs, SSAE16, covering:
- Strategies for securing data in transit and at rest
- Federating with your internal directory for role based access to your cloud
- Capturing and processing audit logs for security event notifications
- Fun with Infrastructure as Code – detecting and reverting misconfigurations and manual changes
Similar to Securing Data in the Cloud - GISEC2017 (20)
Introducing Milvus Lite: Easy-to-Install, Easy-to-Use vector database for you...Zilliz
Join us to introduce Milvus Lite, a vector database that can run on notebooks and laptops, share the same API with Milvus, and integrate with every popular GenAI framework. This webinar is perfect for developers seeking easy-to-use, well-integrated vector databases for their GenAI apps.
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
Full-RAG: A modern architecture for hyper-personalizationZilliz
Mike Del Balso, CEO & Co-Founder at Tecton, presents "Full RAG," a novel approach to AI recommendation systems, aiming to push beyond the limitations of traditional models through a deep integration of contextual insights and real-time data, leveraging the Retrieval-Augmented Generation architecture. This talk will outline Full RAG's potential to significantly enhance personalization, address engineering challenges such as data management and model training, and introduce data enrichment with reranking as a key solution. Attendees will gain crucial insights into the importance of hyperpersonalization in AI, the capabilities of Full RAG for advanced personalization, and strategies for managing complex data integrations for deploying cutting-edge AI solutions.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfMalak Abu Hammad
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
Building RAG with self-deployed Milvus vector database and Snowpark Container...Zilliz
This talk will give hands-on advice on building RAG applications with an open-source Milvus database deployed as a docker container. We will also introduce the integration of Milvus with Snowpark Container Services.
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
1. Securing Data in the Cloud
By Sohaib Mahmood (CISSP, SABSA, CCSK, CRISC)
Lead Security Consultant
2. Founding Partners
• Alibaba Cloud was established in 2009, with R & D
centers and operations in Hangzhou, Beijing and
Silicon Valley. Alibaba Cloud is a strategic business unit
of Alibaba Group.
• Alibaba Cloud’s goal is to create the world's leading
cloud computing services platform. Alibaba Cloud is
committed to creating a public, open cloud computing
services platform.
• Alibaba Cloud provides a cloud platform for 20+
Alibaba business units in addition to serving over
2,300,000 customers.
• Meraas was established to make a positive
contribution to the National economy
• By creating a portfolio of investments in various
industry sectors, Meraas seeks to generate long term
wealth enhancement to the economic and social
development of Dubai.
• In order to capitalize on opportunities in Dubai and
beyond, Meraas is pioneering several initiatives in
various macroeconomic sectors including:
• Retail
• Leisure & Entertainment
• Hospitality
• Food & Beverage
•Healthcare
•Residential
•Technology
4. 01
Cloud SaaS
Software as
a Service
Application and information clouds.
Use provider’s applications over a network, cloud
provider examples are Google Apps, Salesforce
.
03
Cloud IaaS
Infrastructure
as a Service Infrastructure clouds.
Rent processing, storage, network capacity
Examples are Alibaba Cloud, AWS
02
Cloud PaaS
Platform as
a Service
Development clouds.
Deploy customer-created applications to a cloud,
cloud provider examples Windows Azure, Google
App Engine
Cloud Computing Models
5. Can Clouds be Secure?
“Public cloud workloads can be at least as
secure as those in your own data center,
likely better.”
Neil McDonald – Garter Security and Risk Management Summit
London Sept 2015
6. Cloud Security is a Shared Responsibility
Compute Storage Networking Cloud InfraCloud Infra
Data Security
Server Side
Encryption
Client-side
Encryption
Platform, Applications, Identity & Access Management
Operating System, Network & Firewall Configuration
Customers
Security and
compliance IN
the Cloud
Security OF the
Cloud
Cloud
Service
Provider
SaaS
•CSP owns application
•Client owns data and access
rights
IaaS/PaaS
• CSP owns network and
hypervisors
• Client owns “above the
hypervisor”
7. Treacherous 12 - Cloud Computing Top Threats
1. Data Breaches
2. Weak Identity, Credential and Access Management
3. Insecure APIs
4. System and Application Vulnerabilities
5. Account Hijacking
6. Malicious Insiders
7. Advanced Persistent Threats (APTs)
8. Data Loss
9. Insufficient Due Diligence
10. Abuse and Nefarious Use of Cloud Services
11. Denial of Service
12. Shared Technology Issues
By Cloud Security Alliance
8. Trends in Cloud Data Security & Governance
Perception about Cloud Data
Governance
Courtesy: Gemalto Cloud Data Security Report 2016
In 2016, Survey was held globally from respondents who have adopted cloud in one form or another
9. Trends in Cloud Data Security & Governance
Primary Types of Data Stored in the cloud 2016 v 2014
Courtesy: Gemalto Cloud Data Security Report 2016
In 2016, Survey was held globally from respondents who have adopted cloud in one form or another
10. Trends in Cloud Data Security & Governance
How Data is protected in the cloud - 2016 v 2014
Courtesy: Gemalto Cloud Data Security Report 2016
In 2016, Survey was held globally from respondents who have adopted cloud in one form or another
11. Trends in Cloud Data Security & Governance
Use of Data De identification tools to secure data in the cloud
Courtesy: Gemalto Cloud Data Security Report 2016
In 2016, Survey was held globally from respondents who have adopted cloud in one form or another
12. Trends in Cloud Data Security & Governance
How Encryption is applied - 2016 v 2014
Courtesy: Gemalto Cloud Data Security Report 2016
In 2016, Survey was held globally from respondents who have adopted cloud in one form or another
13. Traditional Data States Apply in Clouds too…
TEXT HERE
Data At Rest
Cloud Storage Encryption. Different Cloud
Storage types will require different data at rest
encryption requirements
Data In Motion
When Data travels between cloud consumer
environment & service provider or WITHIN cloud
service provider environment .
Data In Use
Most critical area of the lot as it poses privacy,
compliance and security challenges. Typical
Application usages are Banking Application,
advanced data analytics CRM etc.
Data In
Motion
14. Cloud Concerns in Data Context
Oversharing of sensitive data
Administrative Oversight
Compliance & Regulated Data
Data Sovereignty
Cloud Sprawl (Cloud to Cloud Sharing)
15. Data At Rest
There are various Encryption controls available with pros and cons
File/Folder Encryption
Full Disk Encryption
Full Virtual Machine Encryption
Special Encryption (DB, Email)
16. Data In Motion
Encryption of Data in Motion needs to be considered in two places
• Between Cloud Service Provide & Consumer Environment
• Within CSP internal environment
Various Controls Available
TLS/SSL
VPN
Virtual Private Computing (VPC)
17. Data In Use
Most challenging case because of the nature of cloud and processing applications
Need to satisfy compliance, data residency and sovereignty requirements
Controls Available
Encryption (Format Preserving Encryption)
Tokenization
Masking
18. Approaches to Data Governance, Security & Privacy
Ask your service Provider lots of questions. Due Diligence
Data Classification
Evolving traditional Data Controls like DLP & Data Access Governance to
protect Cloud Data making use of emerging technologies like CASB
Policies Enforcement
Leverage mitigating controls like Access Controls (MFA) to cater for Cloud data
Data De-identification
Compliance Enforcement
User Awareness & Coaching
19. What Future Holds?
Mobile Device Accessing Cloud Data
Internet of Things Data
Smart Cities
Cyber incidents (Ransomware) impacting cloud adoption
4 years ago in meetings we were being told the cloud was insecure, very boring
Lets change this quote around “If you do it right, the public cloud can be more secure than your own datacentre”
That is the key, that is what today is about – how do you do it right
All of these threats affect Data directly or indirectly. Some affect availability, some integrity and some confidentiality
Oversharing - Users may accidentally share sensitive content such as source code, confidential information, or client records too broadly (i.e., with the whole company or publicly). Users may also re-share content with unexpected consequences, leading to risky exposure, and financial liability for the organization.
Administrative Oversight - Due to the challenges of managing data repositories, organizations may inadvertently share data with employees or contractors who have left the company or discover inherited folder permissions that are inappropriate. Without proper monitoring, such oversights can risk data exposure.
Compliance & Regulated data - Cloud apps pose a special concern with compliance regulated data. Are users uploading customer or employee personally identifiable information (PII) or consumer payment card information (PCI) into cloud apps? If so, how is this content being shared and secured? Inappropriate sharing of such content may lead to compliance violations and financial penalties.
Data Sovereignty - Corporations with a global footprint increasingly find themselves grappling with strict data residency and sovereignty challenges that require certain types of data to remain within a defined geographic border. How do organizations ensure use of this restricted data is not violating corporate policies or applicable regulations? Smart Cities Example
Cloud Sprawl - In addition to tracking what users are uploading or downloading from cloud apps, there are also cloud-to-cloud transactions that may expose corporations to liability. Box and office 365 example
There are pros and cons of each control and method Processing Speed, Cost (Talk about Format Preserving Encryption FPE),
Many Cloud Security Provider provide basic encryption.
P
There are pros and cons of each control and method Processing Speed, Cost (Talk about Format Preserving Encryption FPE),
Many Cloud Security Provider provide basic encryption.
P
Data in motion and at rest have provided cornerstone for encryption solution but encryption in use go against the basic premise of the first two. Data has to stay protected