Trend Micro, profile picture
Uploaded byTrend Micro
PDF, PPTX981 views

Who owns security in the cloud

The document discusses security challenges in cloud computing and two scenarios for securing data in the cloud. Extending a company's perimeter into the public cloud involves creating VPN tunnels and applying security tools to cloud servers. Extending the cloud into a company's perimeter involves a cloud provider installing a node on-site. Both scenarios require log monitoring, encryption, firewalls and understanding the provider's security capabilities. The key is properly securing cloud servers as if they were internal servers and clarifying security responsibilities between customers and providers.

Embed presentation

Download as PDF, PPTX
Who Owns Security in the Cloud? Dave Asprey • VP Cloud Security Trend Micro Confidential 7/25/2011 Copyright 2011 Trend Micro Inc. 1
Cloud Computing in the 21st Century Cloud computing accounts Infrastructure as a Service for unparalleled benefits in… (IaaS) • Simplified, pay-per-use IT • Efficiencies Outsourced networking, storage, server, and • Cost savings operational elements • Scalability • Offers greater autonomy than Software as a Service (SaaS) for more security controls Trend Micro Confidential 7/25/2011 Copyright 2011 Trend Micro Inc. 2
Cloud Computing Challenges Numerous new compliance issues Potential areas of data security risk Invalidates traditional approaches to security Where does security responsibility and accountability lie? Trend Micro Confidential 7/25/2011 Copyright 2011 Trend Micro Inc. 3
Why use the Cloud? Public Cloud Benefits Private Cloud Benefits • OPEX (Operating Expense vs. CAPEX (Capital expense) • Avoids expenditure on hardware, • Increases flexibility software and other infrastructure services • Improves responsiveness • Firms dynamically scale according to to internal customers’ needs their computing needs in real-time • Improves business agility Trend Micro Confidential 7/25/2011 Copyright 2011 Trend Micro Inc. 4
Perimeter Security Isn’t Dead TWO SCENARIOS TO SECURING THE CLOUD Trend Micro Confidential 7/25/2011 Copyright 2011 Trend Micro Inc. 5
Perimeter Security Firewalls, intrusion prevention, Traditional perimeter standard security functionality security models and the cloud Additional security levels required in the cloud Perimeter security now Extend firms perimeter into the cloud becoming part of overall security architecture within the cloud Extend cloud inside firms perimeter Trend Micro Confidential 7/25/2011 Copyright 2011 Trend Micro Inc. 6
Extending your Perimeter to the Cloud: Scenario #1 Approach Benefits • Create an IPSec VPN tunnel • Simplified, pay-per-use IT to your public cloud Outsourced networking, provider’s servers storage, server, and • Enterprise-grade security in operational elements the public cloud server • Offers greater autonomy than • Security software and Software as a Service (SaaS) virtual appliances for more security controls Trend Micro Confidential 7/25/2011 Copyright 2011 Trend Micro Inc. 7
Scenario #1 Risks Mitigation • May introduce risks associated with the • Maintain access logs security of the secured cloud to your • Data encryption should be standard architecture • Cloud and internal servers should • Creates additional perimeter monitor for suspicious traffic to secure • Add an extra DMZ and firewall • Cloud servers subjected to new threats • Security on cloud servers • Not given cloud provider’s physical • IDS/IPS bi-directional firewall etc. or admin access logs • With critical data in the cloud • Shared storage • Look for strict adherence to • Public cloud providers are not as security best practices strict on security • Examine your provider’s SLAs and • Reimbursement for Data breach security policy • ISO 27001 and SAS70 II Trend Micro Confidential 7/25/2011 Copyright 2011 Trend Micro Inc. 8
Extending the Cloud into the Enterprise: Scenario #2 Approach • Cloud extends inside your perimeter • Involves agreeing to • an IaaS public cloud provider • Or cloud-based MSSP installing a cloud node on site. Benefits • Increasingly popular among larger enterprises • Well understood model Trend Micro Confidential 7/25/2011 Copyright 2011 Trend Micro Inc. 9
Scenario #2 Risks • Lack of visibility into physical and/or access logs remain • Liability for negligence • Reimbursement for cost of service only • Providers have access to your network and application data • Must be trusted Trend Micro Confidential 7/25/2011 Copyright 2011 Trend Micro Inc. 10
How to Manage the Gaps in your Cloud Security Policies? Secure your cloud servers as you secure internal servers – IDS/IPS, DLP tools – bi-directional firewall – Encryption Vital to understand how much network monitoring and access your provider allows Encryption of data is important Accelerated speed in which servers are created in the private cloud Must be properly managed by IT Trend Micro Confidential 7/25/2011 Copyright 2011 Trend Micro Inc. 11
Securing the Cloud Successfully Store encryption keys in a separate location Enterprises Not accessible to the cloud provider Deploy all security tool in the cloud Be transparent regarding… security policies Cloud providers procedures network traffic Clarify SLAs so… customers are clear on security features Private cloud Create a central authorization process environments Be prepared Trend Micro Confidential 7/25/2011 Copyright 2011 Trend Micro Inc.
Thank you To read more on Securing Your Journey to the Cloud, visit www.cloudjourney.com Trend Micro Confidential 7/25/2011 Copyright 2011 Trend Micro Inc. 13

More Related Content

PDF
What is micro segmentation?
byMir Mustafa Ali
 
PPTX
Rik Ferguson
byCloudExpoEurope
 
PPSX
CertainSafe MicroTokenization Technology Detailed Overview
bySteven Russo
 
PDF
Cloud Security - Kloudlearn
byKloudLearn
 
PPTX
Encryption in the Public Cloud: 16 Bits of Advice for Security Techniques
byTrend Micro
 
PPTX
Where to Store the Cloud Encryption Keys - InterOp 2012
byTrend Micro
 
PDF
Skip the Security Slow Lane with VMware Cloud on AWS
byTrend Micro
 
PDF
Automated Security for the Real-time Enterprise with VMware NSX and Trend Mic...
byTrend Micro
 
What is micro segmentation?
byMir Mustafa Ali
 
Rik Ferguson
byCloudExpoEurope
 
CertainSafe MicroTokenization Technology Detailed Overview
bySteven Russo
 
Cloud Security - Kloudlearn
byKloudLearn
 
Encryption in the Public Cloud: 16 Bits of Advice for Security Techniques
byTrend Micro
 
Where to Store the Cloud Encryption Keys - InterOp 2012
byTrend Micro
 
Skip the Security Slow Lane with VMware Cloud on AWS
byTrend Micro
 
Automated Security for the Real-time Enterprise with VMware NSX and Trend Mic...
byTrend Micro
 

What's hot

PPTX
cloud security ppt
byDevyani Vaidya
 
PDF
Cloud Security - Made simple
bySameer Paradia
 
PDF
Introduction to Kaspersky Endpoint Security for Businesss
byAndrew Wong
 
PDF
TrendMicro - Security Designed for the Software-Defined Data Center
byVMUG IT
 
PPTX
Trend Micro: Security Challenges and Solutions for the Cloud (Saas) & Cloud S...
byIngram Micro Cloud
 
PDF
Cyber Security and Cloud Computing
byKeet Sugathadasa
 
PDF
Micro segmentation and zero trust for security and compliance - Guardicore an...
byYouAttestSlideshare
 
PPTX
The Top Cloud Security Issues
byHTS Hosting
 
PPTX
Best Data Center Physical Security using Cloud-Based AI Devices: Gain Total N...
bywww.securitysystems.best
 
PDF
How Zero Trust Makes the Mission Simple & Secure
byscoopnewsgroup
 
PPTX
Security As A Service
byGeorge Fares
 
PDF
Secure your workloads with microsegmentation
byRasool Irfan
 
PPTX
Lisa Guess - Embracing the Cloud
bycentralohioissa
 
PPTX
LIFT OFF 2017: AWS and Cloud Computing
byRobert Herjavec
 
PDF
Security in the Cloud: Tips on How to Protect Your Data
byProcore Technologies
 
PDF
Netpluz corp presentation 2020
byNetpluz Asia Pte Ltd
 
PPTX
Can Cloud Solutions Transform Network Security
byEC-Council
 
PDF
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
byPriyanka Aash
 
PPTX
LIFT OFF 2017: Ransomware and IR Overview
byRobert Herjavec
 
PDF
secureit-cloudsecurity-151130141528-lva1-app6892.pdf
byYounesChafi1
 
cloud security ppt
byDevyani Vaidya
 
Cloud Security - Made simple
bySameer Paradia
 
Introduction to Kaspersky Endpoint Security for Businesss
byAndrew Wong
 
TrendMicro - Security Designed for the Software-Defined Data Center
byVMUG IT
 
Trend Micro: Security Challenges and Solutions for the Cloud (Saas) & Cloud S...
byIngram Micro Cloud
 
Cyber Security and Cloud Computing
byKeet Sugathadasa
 
Micro segmentation and zero trust for security and compliance - Guardicore an...
byYouAttestSlideshare
 
The Top Cloud Security Issues
byHTS Hosting
 
Best Data Center Physical Security using Cloud-Based AI Devices: Gain Total N...
bywww.securitysystems.best
 
How Zero Trust Makes the Mission Simple & Secure
byscoopnewsgroup
 
Security As A Service
byGeorge Fares
 
Secure your workloads with microsegmentation
byRasool Irfan
 
Lisa Guess - Embracing the Cloud
bycentralohioissa
 
LIFT OFF 2017: AWS and Cloud Computing
byRobert Herjavec
 
Security in the Cloud: Tips on How to Protect Your Data
byProcore Technologies
 
Netpluz corp presentation 2020
byNetpluz Asia Pte Ltd
 
Can Cloud Solutions Transform Network Security
byEC-Council
 
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
byPriyanka Aash
 
LIFT OFF 2017: Ransomware and IR Overview
byRobert Herjavec
 
secureit-cloudsecurity-151130141528-lva1-app6892.pdf
byYounesChafi1
 

Viewers also liked

PPTX
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...
byAcrodex
 
PPTX
Microsoft
byIngram Micro Cloud
 
PDF
Captain, Where Is Your Ship – Compromising Vessel Tracking Systems
byTrend Micro
 
PDF
Criticità per la protezione dei dati personali connesse all’utilizzo di dispo...
byfestival ICT 2016
 
PDF
Migliorare il cash flow della propria azienda e dei propri clienti: i benefic...
byfestival ICT 2016
 
PPTX
Winnipeg Technology Innovation Day
byAcrodex
 
PPTX
Regina Technology Innovation Day
byAcrodex
 
PDF
Issa jason dablow
byISSA LA
 
PDF
Technical track chris calvert-1 30 pm-issa conference-calvert
byISSA LA
 
PPSX
Threat predictions 2011
byTrend Micro
 
PDF
Its time to grow up by Eric C.
byISSA LA
 
PDF
Turner.issa la.mobile vulns.150604
byISSA LA
 
PDF
Dark Web Impact on Hidden Services in the Tor-based Criminal Ecosystem Dr.
byTrend Micro
 
PDF
HBR APT framework
byTrend Micro
 
PDF
Microsoft power point closing presentation-greenberg
byISSA LA
 
PDF
The Web Advisor: restare vivi e aggiornati nel business digitale - festival I...
byfestival ICT 2016
 
PDF
Lo Zen e l'arte dell'UX Design Mobile - by Synesthesia - festival ICT 2015
byfestival ICT 2016
 
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...
byAcrodex
 
Microsoft
byIngram Micro Cloud
 
Captain, Where Is Your Ship – Compromising Vessel Tracking Systems
byTrend Micro
 
Criticità per la protezione dei dati personali connesse all’utilizzo di dispo...
byfestival ICT 2016
 
Migliorare il cash flow della propria azienda e dei propri clienti: i benefic...
byfestival ICT 2016
 
Winnipeg Technology Innovation Day
byAcrodex
 
Regina Technology Innovation Day
byAcrodex
 
Issa jason dablow
byISSA LA
 
Technical track chris calvert-1 30 pm-issa conference-calvert
byISSA LA
 
Threat predictions 2011
byTrend Micro
 
Its time to grow up by Eric C.
byISSA LA
 
Turner.issa la.mobile vulns.150604
byISSA LA
 
Dark Web Impact on Hidden Services in the Tor-based Criminal Ecosystem Dr.
byTrend Micro
 
HBR APT framework
byTrend Micro
 
Microsoft power point closing presentation-greenberg
byISSA LA
 
The Web Advisor: restare vivi e aggiornati nel business digitale - festival I...
byfestival ICT 2016
 
Lo Zen e l'arte dell'UX Design Mobile - by Synesthesia - festival ICT 2015
byfestival ICT 2016
 

Similar to Who owns security in the cloud

PDF
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
byUNIT4 IT Solutions
 
PDF
Info Sec 2010 Possibilities And Security Challenges Of Cloud Computing (Han...
byptaglephd
 
PPTX
Executive Briefing: Strategic Issues Surrounding Cloud Services
byWhitmeyerTuffin
 
PPT
Cloud Computing Security Issues
byDiscover Cloud Computing
 
PPTX
Lss implementing cyber security in the cloud, and from the cloud-feb14
byL S Subramanian
 
PPT
Cloudcomputingoct2009 100301142544-phpapp02
byabhisheknayak29
 
PPT
Trend micro - Your journey to the cloud, where are you
byGlobal Business Events
 
PPTX
Safe Net: Cloud Security Solutions
byASBIS SK
 
PPTX
Building a Secure Cloud with Identity Management
byOracleIDM
 
PDF
Security in the cloud planning guide
byYury Chemerkin
 
PDF
Cloud security ely kahn
byEly Kahn
 
PDF
Cloudsecurity
bydrewz lin
 
PDF
Presd1 10
byNiels Groeneveld
 
PPTX
What customers want the cloud to be - Jason Waxman GM at Intel, Cloud Slam 20...
byKhazret Sapenov
 
PDF
Enterprise Strategy for Cloud Security
byBob Rhubart
 
PDF
Peering Through the Cloud Forrester EMEA 2010
bygraywilliams
 
PDF
Security in a Cloudy Architecture
byBob Rhubart
 
PDF
Security of,for & by cloud
byLakshmi Subramanian
 
PDF
Building a Strong Foundation for Your Cloud with Identity Management
byNishant Kaushik
 
PDF
Cloud Computing Risk Management (IIA Webinar)
byBrian K. Dickard
 
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
byUNIT4 IT Solutions
 
Info Sec 2010 Possibilities And Security Challenges Of Cloud Computing (Han...
byptaglephd
 
Executive Briefing: Strategic Issues Surrounding Cloud Services
byWhitmeyerTuffin
 
Cloud Computing Security Issues
byDiscover Cloud Computing
 
Lss implementing cyber security in the cloud, and from the cloud-feb14
byL S Subramanian
 
Cloudcomputingoct2009 100301142544-phpapp02
byabhisheknayak29
 
Trend micro - Your journey to the cloud, where are you
byGlobal Business Events
 
Safe Net: Cloud Security Solutions
byASBIS SK
 
Building a Secure Cloud with Identity Management
byOracleIDM
 
Security in the cloud planning guide
byYury Chemerkin
 
Cloud security ely kahn
byEly Kahn
 
Cloudsecurity
bydrewz lin
 
Presd1 10
byNiels Groeneveld
 
What customers want the cloud to be - Jason Waxman GM at Intel, Cloud Slam 20...
byKhazret Sapenov
 
Enterprise Strategy for Cloud Security
byBob Rhubart
 
Peering Through the Cloud Forrester EMEA 2010
bygraywilliams
 
Security in a Cloudy Architecture
byBob Rhubart
 
Security of,for & by cloud
byLakshmi Subramanian
 
Building a Strong Foundation for Your Cloud with Identity Management
byNishant Kaushik
 
Cloud Computing Risk Management (IIA Webinar)
byBrian K. Dickard
 

More from Trend Micro

PDF
Trend micro deep security
byTrend Micro
 
PDF
Cybercrime In The Deep Web
byTrend Micro
 
PPTX
Investigating Web Defacement Campaigns at Large
byTrend Micro
 
PDF
AIS Exposed: New vulnerabilities and attacks. (HITB AMS 2014)
byTrend Micro
 
PDF
Security Best Practices for Health Information Exchange
byTrend Micro
 
PDF
The Real Face Of KOOBFACE
byTrend Micro
 
PDF
Solutions for PCI DSS Compliance
byTrend Micro
 
PDF
[Case Study ~ 2011] Baptist Hospitals of Southest Texas
byTrend Micro
 
PDF
Countering the Advanced Persistent Threat Challenge with Deep Discovery
byTrend Micro
 
PDF
Behind the scene of malware operators. Insights and countermeasures. CONFiden...
byTrend Micro
 
PDF
PC Maker's Support Page Succumbs To Compromise
byTrend Micro
 
PDF
Web Threat Spotlight Issue 66: Zero-Day Adobe Flash Player Exploits in a Flash
byTrend Micro
 
PDF
The Custom Defense Against Targeted Attacks
byTrend Micro
 
PPTX
Industrial Remote Controllers Safety, Security, Vulnerabilities
byTrend Micro
 
PDF
Solutions for privacy, disclosure and encryption
byTrend Micro
 
PDF
Assuring regulatory compliance, ePHI protection, and secure healthcare delivery
byTrend Micro
 
PDF
Mobile Telephony Threats in Asia
byTrend Micro
 
PDF
Show me the Money -- The Monetization of KOOBFACE
byTrend Micro
 
PDF
FIFA Spam Targets Football Fanatics
byTrend Micro
 
PDF
The Heart of KOOBFACE
byTrend Micro
 
Trend micro deep security
byTrend Micro
 
Cybercrime In The Deep Web
byTrend Micro
 
Investigating Web Defacement Campaigns at Large
byTrend Micro
 
AIS Exposed: New vulnerabilities and attacks. (HITB AMS 2014)
byTrend Micro
 
Security Best Practices for Health Information Exchange
byTrend Micro
 
The Real Face Of KOOBFACE
byTrend Micro
 
Solutions for PCI DSS Compliance
byTrend Micro
 
[Case Study ~ 2011] Baptist Hospitals of Southest Texas
byTrend Micro
 
Countering the Advanced Persistent Threat Challenge with Deep Discovery
byTrend Micro
 
Behind the scene of malware operators. Insights and countermeasures. CONFiden...
byTrend Micro
 
PC Maker's Support Page Succumbs To Compromise
byTrend Micro
 
Web Threat Spotlight Issue 66: Zero-Day Adobe Flash Player Exploits in a Flash
byTrend Micro
 
The Custom Defense Against Targeted Attacks
byTrend Micro
 
Industrial Remote Controllers Safety, Security, Vulnerabilities
byTrend Micro
 
Solutions for privacy, disclosure and encryption
byTrend Micro
 
Assuring regulatory compliance, ePHI protection, and secure healthcare delivery
byTrend Micro
 
Mobile Telephony Threats in Asia
byTrend Micro
 
Show me the Money -- The Monetization of KOOBFACE
byTrend Micro
 
FIFA Spam Targets Football Fanatics
byTrend Micro
 
The Heart of KOOBFACE
byTrend Micro
 

Recently uploaded

PPTX
Building Cyber Resilience for 2026: Best Practices for a Secure, AI-Driven Bu...
byYasir Naveed Riaz
 
PDF
HCSP-Presales-Campus Network Planning and Design V2.0
byVeronica916344
 
PPTX
Why Most GenAI Projects Fail to Scale and How to Become One of the Success St...
byEarley Information Science
 
PDF
How to Evaluate a High Performance Database
byScyllaDB
 
PPTX
From Backup to Resilience: How MSPs Are Preparing for 2026
byMSP360
 
PDF
Workshop on Sustaining & Growing Open Source Communities - GAS2025
bySammy Fung
 
PDF
Day 5 - Red Team + Blue Team in the Cloud - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
PPTX
Emancipatory Information Retrieval: Radically Reorienting Information Retriev...
byBhaskar Mitra
 
PDF
Data Virtualization in Action: Scaling APIs and Apps with FME
bySafe Software
 
PPTX
Conversational Agents – Building Intelligent Assistants [Virtual Hands-on Wor...
byUiPathCommunity
 
PDF
Exam Prep Plan Overview: Amazon Web Services (AWS) Certified
byVICTOR MAESTRE RAMIREZ
 
PDF
10 Things AI-First Apps Do Differently by iProgrammer Solutions
byiProgrammer Solutions Private Limited
 
PPTX
UiPath Autonomous Agents | Building and Orchestrating Agents End-to-End
byUiPathCommunity
 
PDF
Real-Time Data Insight Using Microsoft Forms for Business
byElevate
 
PDF
Dev Dives: AI that builds with you - UiPath Autopilot for effortless RPA & AP...
byUiPathCommunity
 
PDF
DevFest El Jadida 2025 - Product Thinking
byElmehdi AMLOU
 
PDF
Cross-Cultural Agile Development -Challenges and Strategies for Overcoming Them-
byTakashi Makino
 
PDF
AI Powered Document Processing and Data Extraction
byRobert McDermott
 
PPTX
Software Analysis &Design ethiopia chap-2.pptx
byAbbas484771
 
DOCX
iRobot Post‑Mortem and Alternative Paths - Discussion Document for Boards and...
byDave Litwiller
 
Building Cyber Resilience for 2026: Best Practices for a Secure, AI-Driven Bu...
byYasir Naveed Riaz
 
HCSP-Presales-Campus Network Planning and Design V2.0
byVeronica916344
 
Why Most GenAI Projects Fail to Scale and How to Become One of the Success St...
byEarley Information Science
 
How to Evaluate a High Performance Database
byScyllaDB
 
From Backup to Resilience: How MSPs Are Preparing for 2026
byMSP360
 
Workshop on Sustaining & Growing Open Source Communities - GAS2025
bySammy Fung
 
Day 5 - Red Team + Blue Team in the Cloud - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
Emancipatory Information Retrieval: Radically Reorienting Information Retriev...
byBhaskar Mitra
 
Data Virtualization in Action: Scaling APIs and Apps with FME
bySafe Software
 
Conversational Agents – Building Intelligent Assistants [Virtual Hands-on Wor...
byUiPathCommunity
 
Exam Prep Plan Overview: Amazon Web Services (AWS) Certified
byVICTOR MAESTRE RAMIREZ
 
10 Things AI-First Apps Do Differently by iProgrammer Solutions
byiProgrammer Solutions Private Limited
 
UiPath Autonomous Agents | Building and Orchestrating Agents End-to-End
byUiPathCommunity
 
Real-Time Data Insight Using Microsoft Forms for Business
byElevate
 
Dev Dives: AI that builds with you - UiPath Autopilot for effortless RPA & AP...
byUiPathCommunity
 
DevFest El Jadida 2025 - Product Thinking
byElmehdi AMLOU
 
Cross-Cultural Agile Development -Challenges and Strategies for Overcoming Them-
byTakashi Makino
 
AI Powered Document Processing and Data Extraction
byRobert McDermott
 
Software Analysis &Design ethiopia chap-2.pptx
byAbbas484771
 
iRobot Post‑Mortem and Alternative Paths - Discussion Document for Boards and...
byDave Litwiller
 

Who owns security in the cloud

  • 1.
    Who Owns Securityin the Cloud? Dave Asprey • VP Cloud Security Trend Micro Confidential 7/25/2011 Copyright 2011 Trend Micro Inc. 1
  • 2.
    Cloud Computing inthe 21st Century Cloud computing accounts Infrastructure as a Service for unparalleled benefits in… (IaaS) • Simplified, pay-per-use IT • Efficiencies Outsourced networking, storage, server, and • Cost savings operational elements • Scalability • Offers greater autonomy than Software as a Service (SaaS) for more security controls Trend Micro Confidential 7/25/2011 Copyright 2011 Trend Micro Inc. 2
  • 3.
    Cloud Computing Challenges Numerous new compliance issues Potential areas of data security risk Invalidates traditional approaches to security Where does security responsibility and accountability lie? Trend Micro Confidential 7/25/2011 Copyright 2011 Trend Micro Inc. 3
  • 4.
    Why use theCloud? Public Cloud Benefits Private Cloud Benefits • OPEX (Operating Expense vs. CAPEX (Capital expense) • Avoids expenditure on hardware, • Increases flexibility software and other infrastructure services • Improves responsiveness • Firms dynamically scale according to to internal customers’ needs their computing needs in real-time • Improves business agility Trend Micro Confidential 7/25/2011 Copyright 2011 Trend Micro Inc. 4
  • 5.
    Perimeter Security Isn’tDead TWO SCENARIOS TO SECURING THE CLOUD Trend Micro Confidential 7/25/2011 Copyright 2011 Trend Micro Inc. 5
  • 6.
    Perimeter Security Firewalls, intrusion prevention, Traditional perimeter standard security functionality security models and the cloud Additional security levels required in the cloud Perimeter security now Extend firms perimeter into the cloud becoming part of overall security architecture within the cloud Extend cloud inside firms perimeter Trend Micro Confidential 7/25/2011 Copyright 2011 Trend Micro Inc. 6
  • 7.
    Extending your Perimeterto the Cloud: Scenario #1 Approach Benefits • Create an IPSec VPN tunnel • Simplified, pay-per-use IT to your public cloud Outsourced networking, provider’s servers storage, server, and • Enterprise-grade security in operational elements the public cloud server • Offers greater autonomy than • Security software and Software as a Service (SaaS) virtual appliances for more security controls Trend Micro Confidential 7/25/2011 Copyright 2011 Trend Micro Inc. 7
  • 8.
    Scenario #1 Risks Mitigation • May introduce risks associated with the • Maintain access logs security of the secured cloud to your • Data encryption should be standard architecture • Cloud and internal servers should • Creates additional perimeter monitor for suspicious traffic to secure • Add an extra DMZ and firewall • Cloud servers subjected to new threats • Security on cloud servers • Not given cloud provider’s physical • IDS/IPS bi-directional firewall etc. or admin access logs • With critical data in the cloud • Shared storage • Look for strict adherence to • Public cloud providers are not as security best practices strict on security • Examine your provider’s SLAs and • Reimbursement for Data breach security policy • ISO 27001 and SAS70 II Trend Micro Confidential 7/25/2011 Copyright 2011 Trend Micro Inc. 8
  • 9.
    Extending the Cloudinto the Enterprise: Scenario #2 Approach • Cloud extends inside your perimeter • Involves agreeing to • an IaaS public cloud provider • Or cloud-based MSSP installing a cloud node on site. Benefits • Increasingly popular among larger enterprises • Well understood model Trend Micro Confidential 7/25/2011 Copyright 2011 Trend Micro Inc. 9
  • 10.
    Scenario #2 Risks • Lack of visibility into physical and/or access logs remain • Liability for negligence • Reimbursement for cost of service only • Providers have access to your network and application data • Must be trusted Trend Micro Confidential 7/25/2011 Copyright 2011 Trend Micro Inc. 10
  • 11.
    How to Managethe Gaps in your Cloud Security Policies? Secure your cloud servers as you secure internal servers – IDS/IPS, DLP tools – bi-directional firewall – Encryption Vital to understand how much network monitoring and access your provider allows Encryption of data is important Accelerated speed in which servers are created in the private cloud Must be properly managed by IT Trend Micro Confidential 7/25/2011 Copyright 2011 Trend Micro Inc. 11
  • 12.
    Securing the CloudSuccessfully Store encryption keys in a separate location Enterprises Not accessible to the cloud provider Deploy all security tool in the cloud Be transparent regarding… security policies Cloud providers procedures network traffic Clarify SLAs so… customers are clear on security features Private cloud Create a central authorization process environments Be prepared Trend Micro Confidential 7/25/2011 Copyright 2011 Trend Micro Inc.
  • 13.
    Thank you To readmore on Securing Your Journey to the Cloud, visit www.cloudjourney.com Trend Micro Confidential 7/25/2011 Copyright 2011 Trend Micro Inc. 13