SlideShare une entreprise Scribd logo

A Question of Trust: How Service Providers Can Attract More Customers by Delivering True Security in the Cloud

SafeNet
SafeNet

Offering an outsourced, elastic, pay-as-you-go computing infrastructure, cloud computing services can deliver clear cut benefi ts to a host of companies. Today, however, security concerns are a big barrier to many clients’ adoption of cloud services. To boost market share and gain competitive distinction, cloud service providers need to add the security infrastructure that safeguards clients’ sensitive data and fosters trust. This white paper outlines the path cloud providers can take to start building trust into cloud deployments, and details the approaches and capabilities organizations need to make this transition a reality.

Technologie
1  sur  9
Télécharger pour lire hors ligne
A Question of Trust: How Service Providers Can Attract More Customers by Delivering True Security in the Cloud by Russ Dietz WHITE PAPER Executive Summary Offering an outsourced, elastic, pay-as-you-go computing infrastructure, cloud computing services can deliver clear cut benefits to a host of companies. Today, however, security concerns are a big barrier to many clients’ adoption of cloud services. To boost market share and gain competitive distinction, cloud service providers need to add the security infrastructure that safeguards clients’ sensitive data and fosters trust. This white paper outlines the path cloud providers can take to start building trust into cloud deployments, and details the approaches and capabilities organizations need to make this transition a reality. Introduction As high as the rate of adoption for cloud-based services like SaaS has been, the surface has only been scratched in terms of the full business potential cloud service providers can realize. But to realize this potential, cloud providers must overcome a significant obstacle—security. Today, issues of risk, data privacy, and compliance are the chief inhibitors to most organizations’ adoption of cloud services. In fact, a Gartner report cited data location risk, data loss risk, and data security (privacy) risk as three of the top five barriers to cloud-computing adoption. While security can be seen as an obstacle to the broad adoption of cloud computing, it can, in fact, be an enabler. By finding a way to effectively safeguard data in the cloud, cloud providers can begin to fully maximize the market potential of cloud offerings. To get there, both enterprises and cloud providers will be going through a transition, one that can be viewed in terms of trust. As enterprises kick off their initial deployments, they’ll do so with a minimum of trust in their cloud provider’s infrastructures. Over time, that trust will be cemented by solutions and processes that lead to limited and, ultimately, compliant trust, making cloud security a true win/win for enterprises and providers alike. A Question of Trust: 1 How Service Providers Can Attract More Customers by Delivering TrueSecurity in the Cloud White Paper
In the following pages, we’ll walk through this transition in more detail, and then show what this means for cloud providers in the months and years ahead. Then, the document will outline some of the specific areas cloud providers can target in their efforts to optimize the security and utility of their cloud initiatives. Finally, we’ll outline some of the most important capabilities organizations will need to support these efforts. (Note: In the following pages, unless otherwise specified, when discussing the cloud, we will be referring to the public cloud. While private clouds present their own specific security challenges, given their internal deployments, the nature of security will more closely resemble those of current data center deployments. It is the public cloud, and the changing nature of the client and cloud service provider relationship, that are the focus of this document.) Step 1: Minimal Trust In spite of efforts by cloud providers to date, for most enterprises today, security in the cloud is viewed in a fairly straightforward way—don’t assume there is any. Organizations that have gone forward with cloud deployments have thus taken full ownership and responsibility for security. This can play out in several ways: • A business can segment its data into two classifications—sensitive and non-sensitive. Non-sensitive data can be transferred into the cloud as is; for example, for disaster recovery or archival purposes. Sensitive data on the other hand will either be kept out of the cloud entirely or it will be protected, generally through encryption, before it is exposed to the cloud. Further, that information will stay secured through those mechanisms the entire time it resides in the cloud. • An organization may opt to use SaaS offerings but only for applications that do not involve personally identifiable information (PII), or other types of data subject to regulation or privacy laws. • A business can migrate the processing of non-sensitive applications to the cloud. For example, this can take the form of “cloud bursting,” an approach in which an organization will migrate an application to the cloud when the processing capacity of its corporate cloud or data center is exceeded. This can be a cost-effective way for organizations to handle seasonal or peak demands for processing. For example, a media company can adopt this approach for video streaming when its internal infrastructure hits capacity. Each of these scenarios can present organizations with near term benefits—they enable an organization to quickly leverage many of the benefits and strengths of cloud computing, without compromising security or compliance. These scenarios represent the bulk of cloud deployments done to date. Step 2. Limited Trust In order for cloud providers to expand their addressable market, both in terms of clients and applications, they will need to support clients’ efforts to migrate their own security mechanisms to the cloud. This next step in the transition to a trusted cloud will inherently require more of an upfront investment than prior cloud approaches, and also require a deeper, more collaborative relationship between clients and providers. As enterprises take their existing encryption solutions and run them in the cloud, they’ll retain full control over security ownership. From the service providers’ standpoint, these deployments will be structured similarly to traditional hosting provider models. Specific deployment approaches can include the following: • Deploying physical security systems in a virtual private cloud • Running a virtual service within a hybrid, multi-tenant cloud environment • Federating cloud user directories with internally-managed identity and access management systems A Question of Trust: 2 How Service Providers Can Attract More Customers by Delivering TrueSecurity in the Cloud White Paper
Here, data protection can be conducted in the cloud, yet still within the enterprise’s control. As a result, by supporting these types of deployments, organizations will become more fully invested in cloud offerings and seek to take greater advantage of the cloud’s benefits, which will be a landmark phase in the maturity of the cloud computing market .. Step 3. Compliant Trust In this ultimate phase of the cloud’s evolution, cloud providers gain the controls they need to deliver trust as a service, so enterprises can specify security policies and have confidence in the cloud provider’s infrastructure and capabilities for executing these policies. Here, the enterprise, as the information owner, still holds control over security, but more in a virtual, rather than operational, way. In this scenario, the enterprise sets security policies and owns the core key materials, credentials, identities, and other elements that are used by the cloud providers to protect information, which gives them the final say in how security is handled. The cloud provider will have the sophisticated security infrastructure in place to meet client’s security objectives, including robust encryption, secure key management, granular access controls, and more. Enterprises can leverage the cloud and get the level of security needed to stay compliant with all pertinent regulatory mandates and security policies. As a result, almost any business service or application can subsequently be a potential candidate for migration to cloud services. Four Key Areas for Implementing Cloud Security As they make the move to supporting compliant trust, what capabilities will service providers require, and how will they differ from traditional approaches? The sections below outline some specific areas for applying security measures to cloud environments and the capabilities required to employ these measures. With these initiatives, service providers can begin to gain the control, visibility, and efficiency they need to both ensure security and leverage the business benefits of cloud services. Protected Infrastructure Most cloud providers will have infrastructures comprised of a number of sites, all interconnected through a wide area network (WAN). Given the dynamic, processing-intensive environments they build, cloud providers typically require high performance, low latency, dedicated transmission circuits between these distributed sites. Cloud providers often turn to telecom carriers and other service providers for these circuits. While many assume an increase in security from a dedicated “private” circuit that isn’t shared by the entire world, the truth is that private only means dedicated switching or virtual circuit connections, which does not in any way guarantee data integrity or security. To build a trusted infrastructure, service providers need to employ encryption to secure the transport of data across their WANs, while at the same time, ensuring high speed and low latency communications between these distributed sites. This requires encryption solutions that combine “wire-speed” performance with robust security capabilities, including tamper-resistant hardware and support for robust, industry-standard encryption algorithms. In addition, a secure, centralized solution is required to manage these disparate encryption platforms so users can efficiently define and distribute integrated policies. A Question of Trust: 3 How Service Providers Can Attract More Customers by Delivering TrueSecurity in the Cloud White Paper
Cloud Ops Center Cloud Driven by a need to use the Data Center A cloud’s elastic storage, without exposing data to the cloud’s Enterprise vulnerabilities, enterprises can Carrier Backbone perform secure storage in the cloud, effectively using the cloud for the backup, disaster recovery, and archival of data. Cloud Cloud Data Center B VPC Center C Figure 1 To build a trusted infrastructure, service providers need to employ encryption to secure the transport of data across their WANs, while at the same time, ensuring high speed and low latency communications between these distributed sites. Secure Access Controls Ensuring that only authorized users gain access to cloud-based resources is an absolute requirement for cloud providers. Providers need to ensure proper access controls for users at client sites, and, just as importantly, for administrators within the service provider’s organization. On the client side, providers need to support multi-factor authentication in much the same way as a secure organization requires multiple credentials (i.e., a key fob and a password) to enter highly restricted physical areas. By coupling multi-factor authentication at the user level with centralized security policy management, cloud providers can much more simply set up new users, and terminate access when an employee leaves or a threat arises. Cloud providers multi-factor authentication mechanisms, such as tokens, need to be coordinated with the clients’ public key infrastructure (PKI); if not, the cloud service imposes too much additional overhead in terms of security administration to be useful for the client. Further, operational changes need to be transparent to end users if these services are to be optimal for client organizations. On the cloud provider side, robust, token-based, multi-factor authentication is also required. This is a critical requirement if cloud providers are to meet SAS 70 requirements. By locking down the management console, cloud providers can ensure that services and sensitive client data won’t be compromised. In addition, it provides critical safeguards against internal attacks. A Question of Trust: 4 How Service Providers Can Attract More Customers by Delivering TrueSecurity in the Cloud White Paper
Workstations An efficient cloud security Cloud-provider deployment scenario requires a Certificate-Based (PKI) pin centralized, hardened security Cloud Provider appliance, which is used to pin manage cryptographic keys, Certificate-Based (PKI) access control, and other OTP security policies. Figure 2 Robust, token-based, multi-factor authentication is a critical requirement if cloud providers are to meet SAS 70 requirements. By locking down the management console, cloud providers can ensure that services and sensitive client data won’t be compromised. Data and ID Protection Protecting client data and identities are also vital requirements. Further, these data protection mechanisms need to adhere to a host of regulations with which clients must comply. Inherent in this is an ability to isolate the processes and data of multiple tenants in virtualized cloud environments. To achieve these objectives, service providers need a host of capabilities: • Hardware Security Modules (HSMs). Service providers need HSMs to protect their TLS/SSL identities [more to add here?]. To meet many clients’ security requirements, these HSMs should be FIPS 140-2 Level 3 certified. • Granular encryption. Cloud providers need to be able to selectively encrypt sensitive data according to clients’ security requirements. This means being able to encrypt data at the column level in databases and to partition database security by different clients. This also requires file encryption so organizations can encrypt specific sensitive client files, including spreadsheets and documents. • Central, secure policy management. To efficiently govern these security mechanisms, cloud providers need to be able to centrally manage security policy, across disparate systems and regions. Further, given the vital nature of these administrative systems, the utmost security needs to be employed to ensure they are never compromised. A Question of Trust: 5 How Service Providers Can Attract More Customers by Delivering TrueSecurity in the Cloud White Paper
Enterprise A Enterprise B ProtectFile By offering a means to streamline end user access and access control administration, federated access initiatives can help optimize security while reducing corporate security costs. FIPS 140-2 140 Level 3 Zone A Zone B Figure 3 To efficiently govern these security mechanisms, cloud providers need to be able to centrally manage security policy across disparate systems and regions. Virtual Encryption as a Service To fully leverage their potential business opportunities, cloud providers need a way to take the unparalleled security offered by sophisticated, hardware-based encryption solutions, and virtualize those offerings. This enables the delivery of symmetric encryption, file encryption, secure key management, and a host of other capabilities and services within cloud environments. When cloud providers deliver virtual encryption as a service, they can implement database, application, and file encryption—all managed through a single, virtual platform that combines cryptographic key management, policy management, and encryption processing. Because the platform is virtualized, it can be integrated cost-effectively and seamlessly within the cloud provider’s infrastructure. Further, by combining the security benefits of these technologies with the cloud delivery model, security implementations can be far less expensive (and much more attractive) than traditional in-house deployments, putting state-of-the-art security capabilities within reach of even small and medium businesses for the first time—and dramatically expanding the service provider’s addressable market. To deliver virtual encryption-as-a-service deployments, cloud providers will leverage a host of robust security mechanisms, including centralized key management, granular encryption, and access control within their infrastructures. To support virtual encryption as a service, many cloud customers will deploy multi-factor authentication tokens and token management systems in their environments, which can ensure the appropriate access controls are applied to security services and protected data. A Question of Trust: 6 How Service Providers Can Attract More Customers by Delivering TrueSecurity in the Cloud White Paper
Certificate-Based (PKI) When cloud providers deliver SMB Cloud Provider virtual encryption as a service, Certificate-Based (PKI) they can implement database, application, and file encryption— all managed through a single, virtual platform that combines cryptographic key management, policy management, and Figure 4 By providing virtual encryption as a service, smaller organizations can gain access to robust security encryption processing. mechanisms that may have been cost prohibitive in the past. SafeNet: Delivering the Trusted Cloud Platform Introduction—Overview of SafeNet Cloud Solutions With SafeNet’s security offerings, organizations can fully leverage the business benefits of cloud environments—while ensuring trust, compliance, and privacy. SafeNet offers intelligent, data- centric solutions that persistently protect data throughout the information lifecycle and evolve to support changing cloud delivery models—from today’s SaaS and private clouds to the evolving demands of hybrid and public clouds. Cryptography as a Service SafeNet offers a broad set of solutions that enable both enterprises and cloud providers to leverage cryptography as a service. SafeNet solutions offer the unparalleled combination of features—including central key and policy management, robust encryption support, flexible integration, and more—that make cryptography as a service practical, efficient, and secure. SafeNet offers these security solutions: • Token management systems and multi-factor tokens that ensure stringent, granular end user access controls • Hardware security modules, including the Luna SA product line, that enable centralized, FIPS- and Common Criteria-certified storage of cryptographic keys • DataSecure, which offers file, application, and database encryption—all managed through a hardened appliance that centralizes encryption processing, keys, logging, auditing, and policy administration Together, these solutions deliver the critical capabilities required for a robust, cost-effective, and secure cryptography-as-a-service implementation. A Question of Trust: 7 How Service Providers Can Attract More Customers by Delivering TrueSecurity in the Cloud White Paper
Cloud Database MFA SafeNet Tokens HSMs Cloud Storage Token Mgmt Elastic Compute System Certificate-Based (PKI) HSM Client ProtectFile ProtectApp ProtectDB Enterprise Cloud Provider Certificate-Based (PKI) MFA for End-Users DataSecure Luna SA Root of Trust Federated Key Mgmt DataSecure & User Directories Figure 5 SafeNet’s HSMs and DataSecure products offer FIPS- and Common Criteria-certified, hardware-based protection of cryptographic keys and controls that help ensure regulatory compliance in cloud deployments. Trusted Cloud Computing While the benefits being offered by cloud providers today are undeniable, many potential customers continue to perceive that the dynamic nature of cloud computing can pose significant risks. Today, someone can take an application instance running for one organization, then move it to another location, and run it for another organization—and that application could thus enable unauthorized users and processes to access sensitive data. With SafeNet, you can control applications and services within the cloud environment, and providers can ensure their clients that applications only run on intended platforms for intended customers. SafeNet enables organizations to control the instances of the high-value virtual machines, ensuring they are only invoked in the right circumstances. SafeNet delivers the solutions that enable organizations to do rights management for virtual machines: • Software rights management solutions and tokens for authenticating virtual machines • The ProtectFile file encryption solution, which enables pre-boot authentication of virtual machines • DataSecure, which delivers central policy management of all file, application, and database encryption processing SRM APP SRM Tokens Two-Factor Activation Licensing PaaS Provider APP Virtual Resource Enterprise Administrators OTP IaaS Provider DataSecure Software eTokens Key-Management Two-Factor Pre-Boot Certificate-Based (PKI) ProtectFile Figure6 SafeNet offers the products and capabilities enterprises need to control instances of virtual machines running in the cloud, including where they are located and when they can be invoked, so they can safeguard trust in their cloud deployments. A Question of Trust: 8 How Service Providers Can Attract More Customers by Delivering TrueSecurity in the Cloud White Paper
Conclusion In terms of potential, the sky truly is the limit when it comes to the market opportunity cloud computing can offer. However, the full magnitude of this opportunity can only be realized when security is efficiently, persistently, and effectively employed to safeguard sensitive data. With its sophisticated, data-centric security solutions, SafeNet enables cloud providers to offer the agility customers need to leverage cloud environments most effectively, without making any compromises in security, privacy, or compliance. To Learn More about Cloud Security To provide business and security leaders with more information on secure cloud computing, SafeNet has introduced a series of white board videos, webinars and white papers. These resources outline how cloud security is expected to evolve, and describe what organizations need to do to prepare for, and take advantage of, these changes. For more information, please visit www.safenet-inc.com/safecloud. About SafeNet Founded in 1983, SafeNet is a global leader in information security. SafeNet protects its customers’ most valuable assets, including identities, transactions, communications, data and software licensing, throughout the data lifecycle. More than 25,000 customers across both commercial enterprises and government agencies and in over 100 countries trust their information security needs to SafeNet. Contact Us: For all office locations and contact information, please visit www.safenet-inc.com Follow Us: www.safenet-inc.com/connected ©2010 SafeNet, Inc. All rights reserved. SafeNet and SafeNet logo are registered trademarks of SafeNet. All other product names are trademarks of their respective owners. WP (EN)-08.30.10 A Question of Trust: 9 How Service Providers Can Attract More Customers by Delivering TrueSecurity in the Cloud White Paper

Recommandé

Collaborating Using Cloud Services
Collaborating Using Cloud ServicesCollaborating Using Cloud Services
Collaborating Using Cloud ServicesDr. Sunil Kr. Pandey
 
Cloud Computing Security Issues
Cloud Computing Security Issues Cloud Computing Security Issues
Cloud Computing Security Issues Discover Cloud Computing
 
Privacy Issues In Cloud Computing
Privacy Issues In Cloud ComputingPrivacy Issues In Cloud Computing
Privacy Issues In Cloud Computingiosrjce
 
Cloud Services: Types of Cloud
Cloud Services: Types of CloudCloud Services: Types of Cloud
Cloud Services: Types of CloudDr. Sunil Kr. Pandey
 
DALIM SOFTWARE GmbH Keynote TechLab DAM NY 2017
DALIM SOFTWARE GmbH Keynote TechLab DAM NY 2017DALIM SOFTWARE GmbH Keynote TechLab DAM NY 2017
DALIM SOFTWARE GmbH Keynote TechLab DAM NY 2017Activo Consulting
 
DAM 2018 Review, What's next 2019 ?
DAM 2018 Review, What's next 2019 ?DAM 2018 Review, What's next 2019 ?
DAM 2018 Review, What's next 2019 ?Activo Consulting
 
Authentication cloud
Authentication cloudAuthentication cloud
Authentication cloudvidhya dharmarajan
 
MULTI-CLOUD ARCHITECTURE
MULTI-CLOUD ARCHITECTUREMULTI-CLOUD ARCHITECTURE
MULTI-CLOUD ARCHITECTUREMaganathin Veeraragaloo
 

Recommandé

Collaborating Using Cloud Services
Collaborating Using Cloud ServicesCollaborating Using Cloud Services
Collaborating Using Cloud ServicesDr. Sunil Kr. Pandey
 
Cloud Computing Security Issues
Cloud Computing Security Issues Cloud Computing Security Issues
Cloud Computing Security Issues Discover Cloud Computing
 
Privacy Issues In Cloud Computing
Privacy Issues In Cloud ComputingPrivacy Issues In Cloud Computing
Privacy Issues In Cloud Computingiosrjce
 
Cloud Services: Types of Cloud
Cloud Services: Types of CloudCloud Services: Types of Cloud
Cloud Services: Types of CloudDr. Sunil Kr. Pandey
 
DALIM SOFTWARE GmbH Keynote TechLab DAM NY 2017
DALIM SOFTWARE GmbH Keynote TechLab DAM NY 2017DALIM SOFTWARE GmbH Keynote TechLab DAM NY 2017
DALIM SOFTWARE GmbH Keynote TechLab DAM NY 2017Activo Consulting
 
DAM 2018 Review, What's next 2019 ?
DAM 2018 Review, What's next 2019 ?DAM 2018 Review, What's next 2019 ?
DAM 2018 Review, What's next 2019 ?Activo Consulting
 
Authentication cloud
Authentication cloudAuthentication cloud
Authentication cloudvidhya dharmarajan
 
MULTI-CLOUD ARCHITECTURE
MULTI-CLOUD ARCHITECTUREMULTI-CLOUD ARCHITECTURE
MULTI-CLOUD ARCHITECTUREMaganathin Veeraragaloo
 
Digital Asset Management with ES4
Digital Asset Management with ES4Digital Asset Management with ES4
Digital Asset Management with ES4Activo Consulting
 
Authentication and Privacy in Cloud
Authentication and Privacy in CloudAuthentication and Privacy in Cloud
Authentication and Privacy in CloudMphasis
 
Cloud security
Cloud security Cloud security
Cloud security Mohamed Shalash
 
Cloud computing-security-issues
Cloud computing-security-issuesCloud computing-security-issues
Cloud computing-security-issuesAleem Mohammed
 
Cloud Computing Security Issues
Cloud Computing Security IssuesCloud Computing Security Issues
Cloud Computing Security IssuesStelios Krasadakis
 
Security Problem With Cloud Computing
Security Problem With Cloud ComputingSecurity Problem With Cloud Computing
Security Problem With Cloud ComputingMartin Bioh
 
PRISMACLOUD Cloud Security and Privacy by Design
PRISMACLOUD Cloud Security and Privacy by DesignPRISMACLOUD Cloud Security and Privacy by Design
PRISMACLOUD Cloud Security and Privacy by DesignPRISMACLOUD Project
 
Ensuring PCI DSS Compliance in the Cloud
Ensuring PCI DSS Compliance in the CloudEnsuring PCI DSS Compliance in the Cloud
Ensuring PCI DSS Compliance in the CloudCognizant
 
Cloud Computing - Security Benefits and Risks
Cloud Computing - Security Benefits and RisksCloud Computing - Security Benefits and Risks
Cloud Computing - Security Benefits and RisksWilliam McBorrough
 
Improve network safety through better visibility – Netmagic
Improve network safety through better visibility – NetmagicImprove network safety through better visibility – Netmagic
Improve network safety through better visibility – NetmagicNetmagic Solutions Pvt. Ltd.
 
Data Security and Privacy in Cloud Computing
Data Security and Privacy in Cloud ComputingData Security and Privacy in Cloud Computing
Data Security and Privacy in Cloud ComputingGaurav kumar rai - student
 
Security for Effective Data Storage in Multi Clouds
Security for Effective Data Storage in Multi CloudsSecurity for Effective Data Storage in Multi Clouds
Security for Effective Data Storage in Multi CloudsEditor IJCATR
 
Open Digital Framework from TMFORUM
Open Digital Framework from TMFORUMOpen Digital Framework from TMFORUM
Open Digital Framework from TMFORUMMaganathin Veeraragaloo
 
Cloud Security (Domain1- 5)
Cloud Security (Domain1- 5)Cloud Security (Domain1- 5)
Cloud Security (Domain1- 5)Maganathin Veeraragaloo
 
A Secure Framework for Cloud Computing With Multi-cloud Service Providers
A Secure Framework for Cloud Computing With Multi-cloud Service ProvidersA Secure Framework for Cloud Computing With Multi-cloud Service Providers
A Secure Framework for Cloud Computing With Multi-cloud Service Providersiosrjce
 
Cloud Computing Security Organization Assessments Service Categories Responsi...
Cloud Computing Security Organization Assessments Service Categories Responsi...Cloud Computing Security Organization Assessments Service Categories Responsi...
Cloud Computing Security Organization Assessments Service Categories Responsi...SlideTeam
 
Security in cloud computing
Security in cloud computingSecurity in cloud computing
Security in cloud computingveena venugopal
 
Moving to the Cloud When & Where
Moving to the Cloud When & WhereMoving to the Cloud When & Where
Moving to the Cloud When & WhereMohammed Sajjad Ali
 
SecSecuring Software as a Service Model of Cloud Computing: Issues and Solutions
SecSecuring Software as a Service Model of Cloud Computing: Issues and SolutionsSecSecuring Software as a Service Model of Cloud Computing: Issues and Solutions
SecSecuring Software as a Service Model of Cloud Computing: Issues and Solutionsijccsa
 
Myths About Cloud Computing
Myths About Cloud ComputingMyths About Cloud Computing
Myths About Cloud ComputingGo4hosting Web Hosting Provider
 
Building trust for cloud customers - the value of cif certification
Building trust for cloud customers - the value of cif certificationBuilding trust for cloud customers - the value of cif certification
Building trust for cloud customers - the value of cif certificationDavid Terrar
 
Trust_Measures_and_Indicators_for_Investors[1]
Trust_Measures_and_Indicators_for_Investors[1]Trust_Measures_and_Indicators_for_Investors[1]
Trust_Measures_and_Indicators_for_Investors[1]Alex Todd
 

Contenu connexe

Tendances

Digital Asset Management with ES4
Digital Asset Management with ES4Digital Asset Management with ES4
Digital Asset Management with ES4Activo Consulting
 
Authentication and Privacy in Cloud
Authentication and Privacy in CloudAuthentication and Privacy in Cloud
Authentication and Privacy in CloudMphasis
 
Cloud computing-security-issues
Cloud computing-security-issuesCloud computing-security-issues
Cloud computing-security-issuesAleem Mohammed
 
Cloud Computing Security Issues
Cloud Computing Security IssuesCloud Computing Security Issues
Cloud Computing Security IssuesStelios Krasadakis
 
Security Problem With Cloud Computing
Security Problem With Cloud ComputingSecurity Problem With Cloud Computing
Security Problem With Cloud ComputingMartin Bioh
 
PRISMACLOUD Cloud Security and Privacy by Design
PRISMACLOUD Cloud Security and Privacy by DesignPRISMACLOUD Cloud Security and Privacy by Design
PRISMACLOUD Cloud Security and Privacy by DesignPRISMACLOUD Project
 
Ensuring PCI DSS Compliance in the Cloud
Ensuring PCI DSS Compliance in the CloudEnsuring PCI DSS Compliance in the Cloud
Ensuring PCI DSS Compliance in the CloudCognizant
 
Cloud Computing - Security Benefits and Risks
Cloud Computing - Security Benefits and RisksCloud Computing - Security Benefits and Risks
Cloud Computing - Security Benefits and RisksWilliam McBorrough
 
Improve network safety through better visibility – Netmagic
Improve network safety through better visibility – NetmagicImprove network safety through better visibility – Netmagic
Improve network safety through better visibility – NetmagicNetmagic Solutions Pvt. Ltd.
 
Security for Effective Data Storage in Multi Clouds
Security for Effective Data Storage in Multi CloudsSecurity for Effective Data Storage in Multi Clouds
Security for Effective Data Storage in Multi CloudsEditor IJCATR
 
A Secure Framework for Cloud Computing With Multi-cloud Service Providers
A Secure Framework for Cloud Computing With Multi-cloud Service ProvidersA Secure Framework for Cloud Computing With Multi-cloud Service Providers
A Secure Framework for Cloud Computing With Multi-cloud Service Providersiosrjce
 
Cloud Computing Security Organization Assessments Service Categories Responsi...
Cloud Computing Security Organization Assessments Service Categories Responsi...Cloud Computing Security Organization Assessments Service Categories Responsi...
Cloud Computing Security Organization Assessments Service Categories Responsi...SlideTeam
 
Security in cloud computing
Security in cloud computingSecurity in cloud computing
Security in cloud computingveena venugopal
 
Moving to the Cloud When & Where
Moving to the Cloud When & WhereMoving to the Cloud When & Where
Moving to the Cloud When & WhereMohammed Sajjad Ali
 
SecSecuring Software as a Service Model of Cloud Computing: Issues and Solutions
SecSecuring Software as a Service Model of Cloud Computing: Issues and SolutionsSecSecuring Software as a Service Model of Cloud Computing: Issues and Solutions
SecSecuring Software as a Service Model of Cloud Computing: Issues and Solutionsijccsa
 

Tendances (20)

Digital Asset Management with ES4
Digital Asset Management with ES4Digital Asset Management with ES4
Digital Asset Management with ES4
 
Authentication and Privacy in Cloud
Authentication and Privacy in CloudAuthentication and Privacy in Cloud
Authentication and Privacy in Cloud
 
Cloud security
Cloud security Cloud security
Cloud security
 
Cloud computing-security-issues
Cloud computing-security-issuesCloud computing-security-issues
Cloud computing-security-issues
 
Cloud Computing Security Issues
Cloud Computing Security IssuesCloud Computing Security Issues
Cloud Computing Security Issues
 
Security Problem With Cloud Computing
Security Problem With Cloud ComputingSecurity Problem With Cloud Computing
Security Problem With Cloud Computing
 
PRISMACLOUD Cloud Security and Privacy by Design
PRISMACLOUD Cloud Security and Privacy by DesignPRISMACLOUD Cloud Security and Privacy by Design
PRISMACLOUD Cloud Security and Privacy by Design
 
Ensuring PCI DSS Compliance in the Cloud
Ensuring PCI DSS Compliance in the CloudEnsuring PCI DSS Compliance in the Cloud
Ensuring PCI DSS Compliance in the Cloud
 
Cloud Computing - Security Benefits and Risks
Cloud Computing - Security Benefits and RisksCloud Computing - Security Benefits and Risks
Cloud Computing - Security Benefits and Risks
 
Improve network safety through better visibility – Netmagic
Improve network safety through better visibility – NetmagicImprove network safety through better visibility – Netmagic
Improve network safety through better visibility – Netmagic
 
Data Security and Privacy in Cloud Computing
Data Security and Privacy in Cloud ComputingData Security and Privacy in Cloud Computing
Data Security and Privacy in Cloud Computing
 
Security for Effective Data Storage in Multi Clouds
Security for Effective Data Storage in Multi CloudsSecurity for Effective Data Storage in Multi Clouds
Security for Effective Data Storage in Multi Clouds
 
Open Digital Framework from TMFORUM
Open Digital Framework from TMFORUMOpen Digital Framework from TMFORUM
Open Digital Framework from TMFORUM
 
Cloud Security (Domain1- 5)
Cloud Security (Domain1- 5)Cloud Security (Domain1- 5)
Cloud Security (Domain1- 5)
 
A Secure Framework for Cloud Computing With Multi-cloud Service Providers
A Secure Framework for Cloud Computing With Multi-cloud Service ProvidersA Secure Framework for Cloud Computing With Multi-cloud Service Providers
A Secure Framework for Cloud Computing With Multi-cloud Service Providers
 
Cloud Computing Security Organization Assessments Service Categories Responsi...
Cloud Computing Security Organization Assessments Service Categories Responsi...Cloud Computing Security Organization Assessments Service Categories Responsi...
Cloud Computing Security Organization Assessments Service Categories Responsi...
 
Security in cloud computing
Security in cloud computingSecurity in cloud computing
Security in cloud computing
 
Moving to the Cloud When & Where
Moving to the Cloud When & WhereMoving to the Cloud When & Where
Moving to the Cloud When & Where
 
SecSecuring Software as a Service Model of Cloud Computing: Issues and Solutions
SecSecuring Software as a Service Model of Cloud Computing: Issues and SolutionsSecSecuring Software as a Service Model of Cloud Computing: Issues and Solutions
SecSecuring Software as a Service Model of Cloud Computing: Issues and Solutions
 
Myths About Cloud Computing
Myths About Cloud ComputingMyths About Cloud Computing
Myths About Cloud Computing
 

En vedette

Building trust for cloud customers - the value of cif certification
Building trust for cloud customers - the value of cif certificationBuilding trust for cloud customers - the value of cif certification
Building trust for cloud customers - the value of cif certificationDavid Terrar
 
Trust_Measures_and_Indicators_for_Investors[1]
Trust_Measures_and_Indicators_for_Investors[1]Trust_Measures_and_Indicators_for_Investors[1]
Trust_Measures_and_Indicators_for_Investors[1]Alex Todd
 
Building Trust in the Cloud
Building Trust in the CloudBuilding Trust in the Cloud
Building Trust in the CloudDatabarracks
 
Confidence & The Cloud
Confidence & The CloudConfidence & The Cloud
Confidence & The CloudAlex Todd
 
The Challenges of Online Trust
The Challenges of Online TrustThe Challenges of Online Trust
The Challenges of Online TrustAlex Todd
 
Cloud Security: A matter of trust?
Cloud Security: A matter of trust?Cloud Security: A matter of trust?
Cloud Security: A matter of trust?Mark Williams
 
eIDAS Reference Guide
eIDAS Reference GuideeIDAS Reference Guide
eIDAS Reference GuideSafeNet
 

En vedette (7)

Building trust for cloud customers - the value of cif certification
Building trust for cloud customers - the value of cif certificationBuilding trust for cloud customers - the value of cif certification
Building trust for cloud customers - the value of cif certification
 
Trust_Measures_and_Indicators_for_Investors[1]
Trust_Measures_and_Indicators_for_Investors[1]Trust_Measures_and_Indicators_for_Investors[1]
Trust_Measures_and_Indicators_for_Investors[1]
 
Building Trust in the Cloud
Building Trust in the CloudBuilding Trust in the Cloud
Building Trust in the Cloud
 
Confidence & The Cloud
Confidence & The CloudConfidence & The Cloud
Confidence & The Cloud
 
The Challenges of Online Trust
The Challenges of Online TrustThe Challenges of Online Trust
The Challenges of Online Trust
 
Cloud Security: A matter of trust?
Cloud Security: A matter of trust?Cloud Security: A matter of trust?
Cloud Security: A matter of trust?
 
eIDAS Reference Guide
eIDAS Reference GuideeIDAS Reference Guide
eIDAS Reference Guide
 

Similaire à A Question of Trust: How Service Providers Can Attract More Customers by Delivering True Security in the Cloud

Hybrid & Multi-cloud Environment.pdf
Hybrid & Multi-cloud Environment.pdfHybrid & Multi-cloud Environment.pdf
Hybrid & Multi-cloud Environment.pdfmanoharparakh
 
Module 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDModule 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDSweta Kumari Barnwal
 
Legal And Regulatory Issues Cloud Computing...V2.0
Legal And Regulatory Issues Cloud Computing...V2.0Legal And Regulatory Issues Cloud Computing...V2.0
Legal And Regulatory Issues Cloud Computing...V2.0David Spinks
 
Whitepaper: Security of the Cloud
Whitepaper: Security of the CloudWhitepaper: Security of the Cloud
Whitepaper: Security of the CloudCloudSmartz
 
Cloud migration risks and challenges
Cloud migration risks and challengesCloud migration risks and challenges
Cloud migration risks and challengesPolestarsolutions
 
New Era in Insurance - Cloud Computing
New Era in Insurance - Cloud ComputingNew Era in Insurance - Cloud Computing
New Era in Insurance - Cloud ComputingNIIT Technologies
 
Security and Privacy Issues of Cloud Computing; Solutions and Secure Framework
Security and Privacy Issues of Cloud Computing; Solutions and Secure FrameworkSecurity and Privacy Issues of Cloud Computing; Solutions and Secure Framework
Security and Privacy Issues of Cloud Computing; Solutions and Secure FrameworkIOSR Journals
 
Pillars Of Cloud Computing: Decoding The Fundamentals
Pillars Of Cloud Computing: Decoding The FundamentalsPillars Of Cloud Computing: Decoding The Fundamentals
Pillars Of Cloud Computing: Decoding The FundamentalsCiente
 
ITU-T requirement for cloud and cloud deployment model
ITU-T requirement for cloud and cloud deployment modelITU-T requirement for cloud and cloud deployment model
ITU-T requirement for cloud and cloud deployment modelHitesh Mohapatra
 
What are the advantages of adopting public cloud
What are the advantages of adopting public cloudWhat are the advantages of adopting public cloud
What are the advantages of adopting public cloudNicole Khoo
 
Company concern risk migration
Company concern risk migrationCompany concern risk migration
Company concern risk migrationRaj Raj
 
Cloud Computing - A future prerogative
Cloud Computing - A future prerogativeCloud Computing - A future prerogative
Cloud Computing - A future prerogativeWayne Poggenpoel
 
Cloud computing seminar report
Cloud computing seminar reportCloud computing seminar report
Cloud computing seminar reportshafzonly
 
SaaS Security.pptx
SaaS Security.pptxSaaS Security.pptx
SaaS Security.pptxchelsi33
 
saassecurity-230424030940-08314322.pdf
saassecurity-230424030940-08314322.pdfsaassecurity-230424030940-08314322.pdf
saassecurity-230424030940-08314322.pdfSahilSingh316535
 
2014 2nd me cloud conference trust in the cloud v01
2014 2nd me cloud conference trust in the cloud v012014 2nd me cloud conference trust in the cloud v01
2014 2nd me cloud conference trust in the cloud v01promediakw
 

Similaire à A Question of Trust: How Service Providers Can Attract More Customers by Delivering True Security in the Cloud (20)

Hybrid & Multi-cloud Environment.pdf
Hybrid & Multi-cloud Environment.pdfHybrid & Multi-cloud Environment.pdf
Hybrid & Multi-cloud Environment.pdf
 
Module 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDModule 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUD
 
Legal And Regulatory Issues Cloud Computing...V2.0
Legal And Regulatory Issues Cloud Computing...V2.0Legal And Regulatory Issues Cloud Computing...V2.0
Legal And Regulatory Issues Cloud Computing...V2.0
 
Whitepaper: Security of the Cloud
Whitepaper: Security of the CloudWhitepaper: Security of the Cloud
Whitepaper: Security of the Cloud
 
Security of the Cloud
Security of the CloudSecurity of the Cloud
Security of the Cloud
 
An Intro to Cloud Computing
An Intro to Cloud ComputingAn Intro to Cloud Computing
An Intro to Cloud Computing
 
Cloud migration risks and challenges
Cloud migration risks and challengesCloud migration risks and challenges
Cloud migration risks and challenges
 
New Era in Insurance - Cloud Computing
New Era in Insurance - Cloud ComputingNew Era in Insurance - Cloud Computing
New Era in Insurance - Cloud Computing
 
Security and Privacy Issues of Cloud Computing; Solutions and Secure Framework
Security and Privacy Issues of Cloud Computing; Solutions and Secure FrameworkSecurity and Privacy Issues of Cloud Computing; Solutions and Secure Framework
Security and Privacy Issues of Cloud Computing; Solutions and Secure Framework
 
Cloud computing
Cloud computing Cloud computing
Cloud computing
 
Pillars Of Cloud Computing: Decoding The Fundamentals
Pillars Of Cloud Computing: Decoding The FundamentalsPillars Of Cloud Computing: Decoding The Fundamentals
Pillars Of Cloud Computing: Decoding The Fundamentals
 
ITU-T requirement for cloud and cloud deployment model
ITU-T requirement for cloud and cloud deployment modelITU-T requirement for cloud and cloud deployment model
ITU-T requirement for cloud and cloud deployment model
 
What are the advantages of adopting public cloud
What are the advantages of adopting public cloudWhat are the advantages of adopting public cloud
What are the advantages of adopting public cloud
 
Company concern risk migration
Company concern risk migrationCompany concern risk migration
Company concern risk migration
 
Cloud Computing - A future prerogative
Cloud Computing - A future prerogativeCloud Computing - A future prerogative
Cloud Computing - A future prerogative
 
Cloud computing seminar report
Cloud computing seminar reportCloud computing seminar report
Cloud computing seminar report
 
Cc unit 4 updated version
Cc unit 4 updated versionCc unit 4 updated version
Cc unit 4 updated version
 
SaaS Security.pptx
SaaS Security.pptxSaaS Security.pptx
SaaS Security.pptx
 
saassecurity-230424030940-08314322.pdf
saassecurity-230424030940-08314322.pdfsaassecurity-230424030940-08314322.pdf
saassecurity-230424030940-08314322.pdf
 
2014 2nd me cloud conference trust in the cloud v01
2014 2nd me cloud conference trust in the cloud v012014 2nd me cloud conference trust in the cloud v01
2014 2nd me cloud conference trust in the cloud v01
 

Plus de SafeNet

Whose Cloud is It Anyway - Data Security in the Cloud
Whose Cloud is It Anyway - Data Security in the CloudWhose Cloud is It Anyway - Data Security in the Cloud
Whose Cloud is It Anyway - Data Security in the CloudSafeNet
 
Whose Cloud Is It Anyway: Exploring Data Security Ownership and Control
Whose Cloud Is It Anyway: Exploring Data Security Ownership and ControlWhose Cloud Is It Anyway: Exploring Data Security Ownership and Control
Whose Cloud Is It Anyway: Exploring Data Security Ownership and ControlSafeNet
 
Cyber Security Management in a Highly Innovative World
Cyber Security Management in a Highly Innovative WorldCyber Security Management in a Highly Innovative World
Cyber Security Management in a Highly Innovative WorldSafeNet
 
Not Going Quietly: Gracefully Losing Control & Adapting to Cloud and Mobility
Not Going Quietly: Gracefully Losing Control & Adapting to Cloud and MobilityNot Going Quietly: Gracefully Losing Control & Adapting to Cloud and Mobility
Not Going Quietly: Gracefully Losing Control & Adapting to Cloud and MobilitySafeNet
 
ProtectV - Data Security for the Cloud
ProtectV - Data Security for the CloudProtectV - Data Security for the Cloud
ProtectV - Data Security for the CloudSafeNet
 
Cloud Monetization: A Step-by-Step Guide to Optimizing Your SaaS Business Model
Cloud Monetization: A Step-by-Step Guide to Optimizing Your SaaS Business ModelCloud Monetization: A Step-by-Step Guide to Optimizing Your SaaS Business Model
Cloud Monetization: A Step-by-Step Guide to Optimizing Your SaaS Business ModelSafeNet
 
SafeWord 2008 Migration Bundle Building a Fully Trusted Authentication Enviro...
SafeWord 2008 Migration Bundle Building a Fully Trusted Authentication Enviro...SafeWord 2008 Migration Bundle Building a Fully Trusted Authentication Enviro...
SafeWord 2008 Migration Bundle Building a Fully Trusted Authentication Enviro...SafeNet
 
A Single Strong Authentication Platform for Cloud and On-Premise Applications
A Single Strong Authentication Platform for Cloud and On-Premise ApplicationsA Single Strong Authentication Platform for Cloud and On-Premise Applications
A Single Strong Authentication Platform for Cloud and On-Premise ApplicationsSafeNet
 
Securing Digital Identities and Transactions in the Cloud Security Guide
Securing Digital Identities and Transactions in the Cloud Security GuideSecuring Digital Identities and Transactions in the Cloud Security Guide
Securing Digital Identities and Transactions in the Cloud Security GuideSafeNet
 
Securing Network-Attached HSMs: The SafeNet Luna SA Three-Layer Authenticatio...
Securing Network-Attached HSMs: The SafeNet Luna SA Three-Layer Authenticatio...Securing Network-Attached HSMs: The SafeNet Luna SA Three-Layer Authenticatio...
Securing Network-Attached HSMs: The SafeNet Luna SA Three-Layer Authenticatio...SafeNet
 
Introduction to PKI & SafeNet Luna Hardware Security Modules with Microsoft W...
Introduction to PKI & SafeNet Luna Hardware Security Modules with Microsoft W...Introduction to PKI & SafeNet Luna Hardware Security Modules with Microsoft W...
Introduction to PKI & SafeNet Luna Hardware Security Modules with Microsoft W...SafeNet
 
Cloud Computing and the Federal Government: Maximizing Trust Supporting the M...
Cloud Computing and the Federal Government: Maximizing Trust Supporting the M...Cloud Computing and the Federal Government: Maximizing Trust Supporting the M...
Cloud Computing and the Federal Government: Maximizing Trust Supporting the M...SafeNet
 
Hardware Security Modules: Critical to Information Risk Management
Hardware Security Modules: Critical to Information Risk ManagementHardware Security Modules: Critical to Information Risk Management
Hardware Security Modules: Critical to Information Risk ManagementSafeNet
 
Strong Authentication: Securing Identities and Enabling Business
Strong Authentication: Securing Identities and Enabling BusinessStrong Authentication: Securing Identities and Enabling Business
Strong Authentication: Securing Identities and Enabling BusinessSafeNet
 
Building Trust into eInvoicing: Key Requirements and Strategies
Building Trust into eInvoicing: Key Requirements and StrategiesBuilding Trust into eInvoicing: Key Requirements and Strategies
Building Trust into eInvoicing: Key Requirements and StrategiesSafeNet
 
Payment Card Security: 12-Steps to Meeting PCI-DSS Compliance with SafeNet
Payment Card Security: 12-Steps to Meeting PCI-DSS Compliance with SafeNetPayment Card Security: 12-Steps to Meeting PCI-DSS Compliance with SafeNet
Payment Card Security: 12-Steps to Meeting PCI-DSS Compliance with SafeNetSafeNet
 
E-Passport: Deploying Hardware Security Modules to Ensure Data Authenticity a...
E-Passport: Deploying Hardware Security Modules to Ensure Data Authenticity a...E-Passport: Deploying Hardware Security Modules to Ensure Data Authenticity a...
E-Passport: Deploying Hardware Security Modules to Ensure Data Authenticity a...SafeNet
 
SafeNet DataSecure vs. Native SQL Server Encryption
SafeNet DataSecure vs. Native SQL Server EncryptionSafeNet DataSecure vs. Native SQL Server Encryption
SafeNet DataSecure vs. Native SQL Server EncryptionSafeNet
 
Building Trust into DNS: Key Strategies
Building Trust into DNS: Key StrategiesBuilding Trust into DNS: Key Strategies
Building Trust into DNS: Key StrategiesSafeNet
 
Charting Your Path to Enterprise Key Management
Charting Your Path to Enterprise Key ManagementCharting Your Path to Enterprise Key Management
Charting Your Path to Enterprise Key ManagementSafeNet
 

Plus de SafeNet (20)

Whose Cloud is It Anyway - Data Security in the Cloud
Whose Cloud is It Anyway - Data Security in the CloudWhose Cloud is It Anyway - Data Security in the Cloud
Whose Cloud is It Anyway - Data Security in the Cloud
 
Whose Cloud Is It Anyway: Exploring Data Security Ownership and Control
Whose Cloud Is It Anyway: Exploring Data Security Ownership and ControlWhose Cloud Is It Anyway: Exploring Data Security Ownership and Control
Whose Cloud Is It Anyway: Exploring Data Security Ownership and Control
 
Cyber Security Management in a Highly Innovative World
Cyber Security Management in a Highly Innovative WorldCyber Security Management in a Highly Innovative World
Cyber Security Management in a Highly Innovative World
 
Not Going Quietly: Gracefully Losing Control & Adapting to Cloud and Mobility
Not Going Quietly: Gracefully Losing Control & Adapting to Cloud and MobilityNot Going Quietly: Gracefully Losing Control & Adapting to Cloud and Mobility
Not Going Quietly: Gracefully Losing Control & Adapting to Cloud and Mobility
 
ProtectV - Data Security for the Cloud
ProtectV - Data Security for the CloudProtectV - Data Security for the Cloud
ProtectV - Data Security for the Cloud
 
Cloud Monetization: A Step-by-Step Guide to Optimizing Your SaaS Business Model
Cloud Monetization: A Step-by-Step Guide to Optimizing Your SaaS Business ModelCloud Monetization: A Step-by-Step Guide to Optimizing Your SaaS Business Model
Cloud Monetization: A Step-by-Step Guide to Optimizing Your SaaS Business Model
 
SafeWord 2008 Migration Bundle Building a Fully Trusted Authentication Enviro...
SafeWord 2008 Migration Bundle Building a Fully Trusted Authentication Enviro...SafeWord 2008 Migration Bundle Building a Fully Trusted Authentication Enviro...
SafeWord 2008 Migration Bundle Building a Fully Trusted Authentication Enviro...
 
A Single Strong Authentication Platform for Cloud and On-Premise Applications
A Single Strong Authentication Platform for Cloud and On-Premise ApplicationsA Single Strong Authentication Platform for Cloud and On-Premise Applications
A Single Strong Authentication Platform for Cloud and On-Premise Applications
 
Securing Digital Identities and Transactions in the Cloud Security Guide
Securing Digital Identities and Transactions in the Cloud Security GuideSecuring Digital Identities and Transactions in the Cloud Security Guide
Securing Digital Identities and Transactions in the Cloud Security Guide
 
Securing Network-Attached HSMs: The SafeNet Luna SA Three-Layer Authenticatio...
Securing Network-Attached HSMs: The SafeNet Luna SA Three-Layer Authenticatio...Securing Network-Attached HSMs: The SafeNet Luna SA Three-Layer Authenticatio...
Securing Network-Attached HSMs: The SafeNet Luna SA Three-Layer Authenticatio...
 
Introduction to PKI & SafeNet Luna Hardware Security Modules with Microsoft W...
Introduction to PKI & SafeNet Luna Hardware Security Modules with Microsoft W...Introduction to PKI & SafeNet Luna Hardware Security Modules with Microsoft W...
Introduction to PKI & SafeNet Luna Hardware Security Modules with Microsoft W...
 
Cloud Computing and the Federal Government: Maximizing Trust Supporting the M...
Cloud Computing and the Federal Government: Maximizing Trust Supporting the M...Cloud Computing and the Federal Government: Maximizing Trust Supporting the M...
Cloud Computing and the Federal Government: Maximizing Trust Supporting the M...
 
Hardware Security Modules: Critical to Information Risk Management
Hardware Security Modules: Critical to Information Risk ManagementHardware Security Modules: Critical to Information Risk Management
Hardware Security Modules: Critical to Information Risk Management
 
Strong Authentication: Securing Identities and Enabling Business
Strong Authentication: Securing Identities and Enabling BusinessStrong Authentication: Securing Identities and Enabling Business
Strong Authentication: Securing Identities and Enabling Business
 
Building Trust into eInvoicing: Key Requirements and Strategies
Building Trust into eInvoicing: Key Requirements and StrategiesBuilding Trust into eInvoicing: Key Requirements and Strategies
Building Trust into eInvoicing: Key Requirements and Strategies
 
Payment Card Security: 12-Steps to Meeting PCI-DSS Compliance with SafeNet
Payment Card Security: 12-Steps to Meeting PCI-DSS Compliance with SafeNetPayment Card Security: 12-Steps to Meeting PCI-DSS Compliance with SafeNet
Payment Card Security: 12-Steps to Meeting PCI-DSS Compliance with SafeNet
 
E-Passport: Deploying Hardware Security Modules to Ensure Data Authenticity a...
E-Passport: Deploying Hardware Security Modules to Ensure Data Authenticity a...E-Passport: Deploying Hardware Security Modules to Ensure Data Authenticity a...
E-Passport: Deploying Hardware Security Modules to Ensure Data Authenticity a...
 
SafeNet DataSecure vs. Native SQL Server Encryption
SafeNet DataSecure vs. Native SQL Server EncryptionSafeNet DataSecure vs. Native SQL Server Encryption
SafeNet DataSecure vs. Native SQL Server Encryption
 
Building Trust into DNS: Key Strategies
Building Trust into DNS: Key StrategiesBuilding Trust into DNS: Key Strategies
Building Trust into DNS: Key Strategies
 
Charting Your Path to Enterprise Key Management
Charting Your Path to Enterprise Key ManagementCharting Your Path to Enterprise Key Management
Charting Your Path to Enterprise Key Management
 

Dernier

Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 

Dernier (20)

Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 

A Question of Trust: How Service Providers Can Attract More Customers by Delivering True Security in the Cloud

  • 1. A Question of Trust: How Service Providers Can Attract More Customers by Delivering True Security in the Cloud by Russ Dietz WHITE PAPER Executive Summary Offering an outsourced, elastic, pay-as-you-go computing infrastructure, cloud computing services can deliver clear cut benefits to a host of companies. Today, however, security concerns are a big barrier to many clients’ adoption of cloud services. To boost market share and gain competitive distinction, cloud service providers need to add the security infrastructure that safeguards clients’ sensitive data and fosters trust. This white paper outlines the path cloud providers can take to start building trust into cloud deployments, and details the approaches and capabilities organizations need to make this transition a reality. Introduction As high as the rate of adoption for cloud-based services like SaaS has been, the surface has only been scratched in terms of the full business potential cloud service providers can realize. But to realize this potential, cloud providers must overcome a significant obstacle—security. Today, issues of risk, data privacy, and compliance are the chief inhibitors to most organizations’ adoption of cloud services. In fact, a Gartner report cited data location risk, data loss risk, and data security (privacy) risk as three of the top five barriers to cloud-computing adoption. While security can be seen as an obstacle to the broad adoption of cloud computing, it can, in fact, be an enabler. By finding a way to effectively safeguard data in the cloud, cloud providers can begin to fully maximize the market potential of cloud offerings. To get there, both enterprises and cloud providers will be going through a transition, one that can be viewed in terms of trust. As enterprises kick off their initial deployments, they’ll do so with a minimum of trust in their cloud provider’s infrastructures. Over time, that trust will be cemented by solutions and processes that lead to limited and, ultimately, compliant trust, making cloud security a true win/win for enterprises and providers alike. A Question of Trust: 1 How Service Providers Can Attract More Customers by Delivering TrueSecurity in the Cloud White Paper
  • 2. In the following pages, we’ll walk through this transition in more detail, and then show what this means for cloud providers in the months and years ahead. Then, the document will outline some of the specific areas cloud providers can target in their efforts to optimize the security and utility of their cloud initiatives. Finally, we’ll outline some of the most important capabilities organizations will need to support these efforts. (Note: In the following pages, unless otherwise specified, when discussing the cloud, we will be referring to the public cloud. While private clouds present their own specific security challenges, given their internal deployments, the nature of security will more closely resemble those of current data center deployments. It is the public cloud, and the changing nature of the client and cloud service provider relationship, that are the focus of this document.) Step 1: Minimal Trust In spite of efforts by cloud providers to date, for most enterprises today, security in the cloud is viewed in a fairly straightforward way—don’t assume there is any. Organizations that have gone forward with cloud deployments have thus taken full ownership and responsibility for security. This can play out in several ways: • A business can segment its data into two classifications—sensitive and non-sensitive. Non-sensitive data can be transferred into the cloud as is; for example, for disaster recovery or archival purposes. Sensitive data on the other hand will either be kept out of the cloud entirely or it will be protected, generally through encryption, before it is exposed to the cloud. Further, that information will stay secured through those mechanisms the entire time it resides in the cloud. • An organization may opt to use SaaS offerings but only for applications that do not involve personally identifiable information (PII), or other types of data subject to regulation or privacy laws. • A business can migrate the processing of non-sensitive applications to the cloud. For example, this can take the form of “cloud bursting,” an approach in which an organization will migrate an application to the cloud when the processing capacity of its corporate cloud or data center is exceeded. This can be a cost-effective way for organizations to handle seasonal or peak demands for processing. For example, a media company can adopt this approach for video streaming when its internal infrastructure hits capacity. Each of these scenarios can present organizations with near term benefits—they enable an organization to quickly leverage many of the benefits and strengths of cloud computing, without compromising security or compliance. These scenarios represent the bulk of cloud deployments done to date. Step 2. Limited Trust In order for cloud providers to expand their addressable market, both in terms of clients and applications, they will need to support clients’ efforts to migrate their own security mechanisms to the cloud. This next step in the transition to a trusted cloud will inherently require more of an upfront investment than prior cloud approaches, and also require a deeper, more collaborative relationship between clients and providers. As enterprises take their existing encryption solutions and run them in the cloud, they’ll retain full control over security ownership. From the service providers’ standpoint, these deployments will be structured similarly to traditional hosting provider models. Specific deployment approaches can include the following: • Deploying physical security systems in a virtual private cloud • Running a virtual service within a hybrid, multi-tenant cloud environment • Federating cloud user directories with internally-managed identity and access management systems A Question of Trust: 2 How Service Providers Can Attract More Customers by Delivering TrueSecurity in the Cloud White Paper
  • 3. Here, data protection can be conducted in the cloud, yet still within the enterprise’s control. As a result, by supporting these types of deployments, organizations will become more fully invested in cloud offerings and seek to take greater advantage of the cloud’s benefits, which will be a landmark phase in the maturity of the cloud computing market .. Step 3. Compliant Trust In this ultimate phase of the cloud’s evolution, cloud providers gain the controls they need to deliver trust as a service, so enterprises can specify security policies and have confidence in the cloud provider’s infrastructure and capabilities for executing these policies. Here, the enterprise, as the information owner, still holds control over security, but more in a virtual, rather than operational, way. In this scenario, the enterprise sets security policies and owns the core key materials, credentials, identities, and other elements that are used by the cloud providers to protect information, which gives them the final say in how security is handled. The cloud provider will have the sophisticated security infrastructure in place to meet client’s security objectives, including robust encryption, secure key management, granular access controls, and more. Enterprises can leverage the cloud and get the level of security needed to stay compliant with all pertinent regulatory mandates and security policies. As a result, almost any business service or application can subsequently be a potential candidate for migration to cloud services. Four Key Areas for Implementing Cloud Security As they make the move to supporting compliant trust, what capabilities will service providers require, and how will they differ from traditional approaches? The sections below outline some specific areas for applying security measures to cloud environments and the capabilities required to employ these measures. With these initiatives, service providers can begin to gain the control, visibility, and efficiency they need to both ensure security and leverage the business benefits of cloud services. Protected Infrastructure Most cloud providers will have infrastructures comprised of a number of sites, all interconnected through a wide area network (WAN). Given the dynamic, processing-intensive environments they build, cloud providers typically require high performance, low latency, dedicated transmission circuits between these distributed sites. Cloud providers often turn to telecom carriers and other service providers for these circuits. While many assume an increase in security from a dedicated “private” circuit that isn’t shared by the entire world, the truth is that private only means dedicated switching or virtual circuit connections, which does not in any way guarantee data integrity or security. To build a trusted infrastructure, service providers need to employ encryption to secure the transport of data across their WANs, while at the same time, ensuring high speed and low latency communications between these distributed sites. This requires encryption solutions that combine “wire-speed” performance with robust security capabilities, including tamper-resistant hardware and support for robust, industry-standard encryption algorithms. In addition, a secure, centralized solution is required to manage these disparate encryption platforms so users can efficiently define and distribute integrated policies. A Question of Trust: 3 How Service Providers Can Attract More Customers by Delivering TrueSecurity in the Cloud White Paper
  • 4. Cloud Ops Center Cloud Driven by a need to use the Data Center A cloud’s elastic storage, without exposing data to the cloud’s Enterprise vulnerabilities, enterprises can Carrier Backbone perform secure storage in the cloud, effectively using the cloud for the backup, disaster recovery, and archival of data. Cloud Cloud Data Center B VPC Center C Figure 1 To build a trusted infrastructure, service providers need to employ encryption to secure the transport of data across their WANs, while at the same time, ensuring high speed and low latency communications between these distributed sites. Secure Access Controls Ensuring that only authorized users gain access to cloud-based resources is an absolute requirement for cloud providers. Providers need to ensure proper access controls for users at client sites, and, just as importantly, for administrators within the service provider’s organization. On the client side, providers need to support multi-factor authentication in much the same way as a secure organization requires multiple credentials (i.e., a key fob and a password) to enter highly restricted physical areas. By coupling multi-factor authentication at the user level with centralized security policy management, cloud providers can much more simply set up new users, and terminate access when an employee leaves or a threat arises. Cloud providers multi-factor authentication mechanisms, such as tokens, need to be coordinated with the clients’ public key infrastructure (PKI); if not, the cloud service imposes too much additional overhead in terms of security administration to be useful for the client. Further, operational changes need to be transparent to end users if these services are to be optimal for client organizations. On the cloud provider side, robust, token-based, multi-factor authentication is also required. This is a critical requirement if cloud providers are to meet SAS 70 requirements. By locking down the management console, cloud providers can ensure that services and sensitive client data won’t be compromised. In addition, it provides critical safeguards against internal attacks. A Question of Trust: 4 How Service Providers Can Attract More Customers by Delivering TrueSecurity in the Cloud White Paper
  • 5. Workstations An efficient cloud security Cloud-provider deployment scenario requires a Certificate-Based (PKI) pin centralized, hardened security Cloud Provider appliance, which is used to pin manage cryptographic keys, Certificate-Based (PKI) access control, and other OTP security policies. Figure 2 Robust, token-based, multi-factor authentication is a critical requirement if cloud providers are to meet SAS 70 requirements. By locking down the management console, cloud providers can ensure that services and sensitive client data won’t be compromised. Data and ID Protection Protecting client data and identities are also vital requirements. Further, these data protection mechanisms need to adhere to a host of regulations with which clients must comply. Inherent in this is an ability to isolate the processes and data of multiple tenants in virtualized cloud environments. To achieve these objectives, service providers need a host of capabilities: • Hardware Security Modules (HSMs). Service providers need HSMs to protect their TLS/SSL identities [more to add here?]. To meet many clients’ security requirements, these HSMs should be FIPS 140-2 Level 3 certified. • Granular encryption. Cloud providers need to be able to selectively encrypt sensitive data according to clients’ security requirements. This means being able to encrypt data at the column level in databases and to partition database security by different clients. This also requires file encryption so organizations can encrypt specific sensitive client files, including spreadsheets and documents. • Central, secure policy management. To efficiently govern these security mechanisms, cloud providers need to be able to centrally manage security policy, across disparate systems and regions. Further, given the vital nature of these administrative systems, the utmost security needs to be employed to ensure they are never compromised. A Question of Trust: 5 How Service Providers Can Attract More Customers by Delivering TrueSecurity in the Cloud White Paper
  • 6. Enterprise A Enterprise B ProtectFile By offering a means to streamline end user access and access control administration, federated access initiatives can help optimize security while reducing corporate security costs. FIPS 140-2 140 Level 3 Zone A Zone B Figure 3 To efficiently govern these security mechanisms, cloud providers need to be able to centrally manage security policy across disparate systems and regions. Virtual Encryption as a Service To fully leverage their potential business opportunities, cloud providers need a way to take the unparalleled security offered by sophisticated, hardware-based encryption solutions, and virtualize those offerings. This enables the delivery of symmetric encryption, file encryption, secure key management, and a host of other capabilities and services within cloud environments. When cloud providers deliver virtual encryption as a service, they can implement database, application, and file encryption—all managed through a single, virtual platform that combines cryptographic key management, policy management, and encryption processing. Because the platform is virtualized, it can be integrated cost-effectively and seamlessly within the cloud provider’s infrastructure. Further, by combining the security benefits of these technologies with the cloud delivery model, security implementations can be far less expensive (and much more attractive) than traditional in-house deployments, putting state-of-the-art security capabilities within reach of even small and medium businesses for the first time—and dramatically expanding the service provider’s addressable market. To deliver virtual encryption-as-a-service deployments, cloud providers will leverage a host of robust security mechanisms, including centralized key management, granular encryption, and access control within their infrastructures. To support virtual encryption as a service, many cloud customers will deploy multi-factor authentication tokens and token management systems in their environments, which can ensure the appropriate access controls are applied to security services and protected data. A Question of Trust: 6 How Service Providers Can Attract More Customers by Delivering TrueSecurity in the Cloud White Paper
  • 7. Certificate-Based (PKI) When cloud providers deliver SMB Cloud Provider virtual encryption as a service, Certificate-Based (PKI) they can implement database, application, and file encryption— all managed through a single, virtual platform that combines cryptographic key management, policy management, and Figure 4 By providing virtual encryption as a service, smaller organizations can gain access to robust security encryption processing. mechanisms that may have been cost prohibitive in the past. SafeNet: Delivering the Trusted Cloud Platform Introduction—Overview of SafeNet Cloud Solutions With SafeNet’s security offerings, organizations can fully leverage the business benefits of cloud environments—while ensuring trust, compliance, and privacy. SafeNet offers intelligent, data- centric solutions that persistently protect data throughout the information lifecycle and evolve to support changing cloud delivery models—from today’s SaaS and private clouds to the evolving demands of hybrid and public clouds. Cryptography as a Service SafeNet offers a broad set of solutions that enable both enterprises and cloud providers to leverage cryptography as a service. SafeNet solutions offer the unparalleled combination of features—including central key and policy management, robust encryption support, flexible integration, and more—that make cryptography as a service practical, efficient, and secure. SafeNet offers these security solutions: • Token management systems and multi-factor tokens that ensure stringent, granular end user access controls • Hardware security modules, including the Luna SA product line, that enable centralized, FIPS- and Common Criteria-certified storage of cryptographic keys • DataSecure, which offers file, application, and database encryption—all managed through a hardened appliance that centralizes encryption processing, keys, logging, auditing, and policy administration Together, these solutions deliver the critical capabilities required for a robust, cost-effective, and secure cryptography-as-a-service implementation. A Question of Trust: 7 How Service Providers Can Attract More Customers by Delivering TrueSecurity in the Cloud White Paper
  • 8. Cloud Database MFA SafeNet Tokens HSMs Cloud Storage Token Mgmt Elastic Compute System Certificate-Based (PKI) HSM Client ProtectFile ProtectApp ProtectDB Enterprise Cloud Provider Certificate-Based (PKI) MFA for End-Users DataSecure Luna SA Root of Trust Federated Key Mgmt DataSecure & User Directories Figure 5 SafeNet’s HSMs and DataSecure products offer FIPS- and Common Criteria-certified, hardware-based protection of cryptographic keys and controls that help ensure regulatory compliance in cloud deployments. Trusted Cloud Computing While the benefits being offered by cloud providers today are undeniable, many potential customers continue to perceive that the dynamic nature of cloud computing can pose significant risks. Today, someone can take an application instance running for one organization, then move it to another location, and run it for another organization—and that application could thus enable unauthorized users and processes to access sensitive data. With SafeNet, you can control applications and services within the cloud environment, and providers can ensure their clients that applications only run on intended platforms for intended customers. SafeNet enables organizations to control the instances of the high-value virtual machines, ensuring they are only invoked in the right circumstances. SafeNet delivers the solutions that enable organizations to do rights management for virtual machines: • Software rights management solutions and tokens for authenticating virtual machines • The ProtectFile file encryption solution, which enables pre-boot authentication of virtual machines • DataSecure, which delivers central policy management of all file, application, and database encryption processing SRM APP SRM Tokens Two-Factor Activation Licensing PaaS Provider APP Virtual Resource Enterprise Administrators OTP IaaS Provider DataSecure Software eTokens Key-Management Two-Factor Pre-Boot Certificate-Based (PKI) ProtectFile Figure6 SafeNet offers the products and capabilities enterprises need to control instances of virtual machines running in the cloud, including where they are located and when they can be invoked, so they can safeguard trust in their cloud deployments. A Question of Trust: 8 How Service Providers Can Attract More Customers by Delivering TrueSecurity in the Cloud White Paper
  • 9. Conclusion In terms of potential, the sky truly is the limit when it comes to the market opportunity cloud computing can offer. However, the full magnitude of this opportunity can only be realized when security is efficiently, persistently, and effectively employed to safeguard sensitive data. With its sophisticated, data-centric security solutions, SafeNet enables cloud providers to offer the agility customers need to leverage cloud environments most effectively, without making any compromises in security, privacy, or compliance. To Learn More about Cloud Security To provide business and security leaders with more information on secure cloud computing, SafeNet has introduced a series of white board videos, webinars and white papers. These resources outline how cloud security is expected to evolve, and describe what organizations need to do to prepare for, and take advantage of, these changes. For more information, please visit www.safenet-inc.com/safecloud. About SafeNet Founded in 1983, SafeNet is a global leader in information security. SafeNet protects its customers’ most valuable assets, including identities, transactions, communications, data and software licensing, throughout the data lifecycle. More than 25,000 customers across both commercial enterprises and government agencies and in over 100 countries trust their information security needs to SafeNet. Contact Us: For all office locations and contact information, please visit www.safenet-inc.com Follow Us: www.safenet-inc.com/connected ©2010 SafeNet, Inc. All rights reserved. SafeNet and SafeNet logo are registered trademarks of SafeNet. All other product names are trademarks of their respective owners. WP (EN)-08.30.10 A Question of Trust: 9 How Service Providers Can Attract More Customers by Delivering TrueSecurity in the Cloud White Paper