Contenu connexe
Similaire à Od webcast-cloud-fraud final (20)
Od webcast-cloud-fraud final
- 2. Cloud Security Executive Speaker Panel
Cloud Sourcing and Benchmarking Advisor
Ben Trowbridge GAIL COURY Marc Boroditsky
CEO VP Risk Management VP I.D. Mgmt. Solutions
2 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
2
- 3. Cloud Security Can be a Challenge. But Why?
Can Our Data Be Safe and
Secure in the Cloud?
3 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
3
- 4. Top Cloud Security Concerns*
1. Data access from mobile devices
2. Access control and I.D. Mgmt.
Top 4:
Identity Mgmt.
3. On going compliance concerns Related
4. Co-mingling of customers’ data
Co. A Data
Co. B Data
Co. C Data
5. Security standards and certifications
*CSO Online Article Feb 20, 2011
4 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
4
- 5. Evaluating Your Cloud Provider’s Security
Best Practices Cloud Sourcing Methodology
??
Security
• Where does security fit within your
Cloud Sourcing Methodology overall cloud sourcing methodology?
Cloud
Provider
Security
• Best practices when evaluating a cloud
provider’s security
• Cloud security pitfalls to avoid
5 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
5
- 6. Identity Restores Control and Reduces Risk
HIGH
MED-
HIGH
Public Cloud
RISK
Private Hosted Cloud
MED-
LOW
87%
Security main barrier to
Private In House Cloud cloud adoption
Source: IDC Enterprise Panel, 3Q09
LOW
Enterprise
CONTROL
HIGH LOW
1990 1995 2000 2005 2008
6 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
6
- 7. Identity Bridges the Gap
Adaptive Access
Administration • Context / Risk Aware
• Role Mgmt • Anomaly detection
Access • Provisioning • Access certification
Scalable Repository • Single-sign on • Identity Analytics
• Identity Synch • Password policy • Certification
• Identity Virtualization • Authorization policy Risk Management
• Reporting Audit
Administration
AuthN and AuthZ
Identity
Tools Point Solutions Platform Intelligence
7 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
7
- 8. Case
Study
Oracle IDM & Authentication Cloud Service
PeopleSoft | Internet-Facing Employee Self-Service
Easy for Users | Hosted and Managed by Oracle Cloud Services
Multi-Factor Authentication
• What you have – your computing device
• What you know – password
• What you are – knowledge questions
Anti-Fraud Features
• Personalized image, phrase, timestamp
• Device fingerprint & Virtualized keyboard
• Adaptive rules (device, location, time…)
8 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
8
- 9. Case
Study
Oracle IDM & Authentication Cloud Service
Dashboard for:
• Logins
• Failed Logins
• KBA Challenges
• Blocked Logins
• Alerts
• Drilldown
• and much more
9 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
9
- 10. Cloud Security Executive Speaker Panel
Cloud Sourcing and
Benchmarking
Advisor
Ben Trowbridge, CEO
Gail Coury, VP Risk Mgmt.
Marc Boroditsky, VP ID Mgmt.
10 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
10