SlideShare une entreprise Scribd logo

CLUSIR DU 12 JUIN

N
ndelannoy

PRESENTATION OBS SUR LA SECURITE DU CLOUD COMPUTING

Technologie
1  sur  46
Télécharger pour lire hors ligne
cloud computing security Jean-François AUDENARD – Orange Business Services - Cloud Security Advisor Présentation CLUSIR – InfoNord – Club RSSI v1r0 – June 12th, 2012
agenda Sécurité et cycle de vie des données – Les challenges de la sécurité des données dans le cloud – Des opportunités mais aussi un retour aux fondamentaux – Sécurité « adhérente aux données » : principes & approche La sécurité du cloud chez Orange Business Services – Notre approche « SecuredByDesign » – Modèle d’intégration de la sécurité dans les projets Cloud – Entretenir et améliorer la sécurité au quotidien Questions/réponses 2 Cloud Security – 12 Juin 2012 Orange Business Services
context 3 Cloud Security – 12 Juin 2012 Orange Business Services
Our customers are targets Flame – 1Q2012 CISCO – Global Threat Report – 2Q2011 4 Cloud Security – 12 Juin 2012 Orange Business Services
Cloud concentrate everything Datacenters Customer’s data Revenues Risks Hacker’s greed Security (good news !) 5 Cloud Security – 12 Juin 2012 Orange Business Services
Threats follows the data Enterprise Internal network/IT Cloud Services Providers (CSP) Threats / Attackers 6 Cloud Security – 12 Juin 2012 Orange Business Services
expectations 7 Cloud Security – 12 Juin 2012 Orange Business Services
Cloud security is a must have All big analysts firms agree ! 8 Cloud Security – 12 Juin 2012 Orange Business Services
An expectation AND a business accelerator <…> As counterintuitive as this may seem, enterprises actually expect cloud security to be superior to what they employ for traditional IT services. Current Analysis’ survey of ‘Cloud Services 2011 – Enterprise Adoption Plans and Trends’ in August 2011 found that one of the drivers for cloud adoption is actually more security <…> security. Highly secure cloud services will boost our business 9 Cloud Security – 12 Juin 2012 Orange Business Services
Compliance As a customer – Internal compliance – vertical compliance (PCI-DSS, …) As a service provider – Telco’s legal obligations Rising trend on personal information's – Data breach notifications Nothing specific related to cloud 10 Cloud Security – 12 Juin 2012 Orange Business Services
What’s really new 11 Cloud Security – 12 Juin 2012 Orange Business Services
Question : what really changes with cloud ? Cloud is not more or less secure : the security posture evolves …the cloud’s economies of scale – Risks are transferred and flexibility are both a friend – New risk appear and a foe from a security point of view. The massive concentrations of resources and data present a Underlying cloud technologies are not more attractive target to attackers, but cloud-based defenses new can be more robust, scalable and cost-effective… Concentration brings new Source: Enisa opportunities (but increased risks too). Answer : Cloud require security excellence & associated transparency transparency 12 Cloud Security – 12 Juin 2012 Orange Business Services
Cloud specific vulnerabilities NIST On-demand self-service Ubiquitous network access Resource polling Rapid elasticity Virtualization Measured service Direct Hyper-jacking vulnerabilities VM-Escape VM sprawl VM Theft 13 Cloud Security – 12 Juin 2012 Orange Business Services
Direct vulnerabilities they’re the visible top of the iceberg associated risks may hit both – the provider – its customers Identified during risk assessment phase the provider must manage them the provider must demonstrate them 14 Cloud Security – 12 Juin 2012 Orange Business Services
Vulnerabilities are an opportunity ? ? ? ? ? ? ? ? ? ? ? 15 Cloud Security – 12 Juin 2012 Orange Business Services
Yes : Thanks to cloud-specific vulnerabilities Indirect vulnerabilities NIST Inability to monitor traffic On-demand self-service Limited network zoning Single point of failure Ubiquitous network access Forbidden network vulns scans Resource polling Rapid elasticity Virtualization Measured service Direct Hyper-jacking vulnerabilities VM-Escape VM sprawl VM Theft 16 Cloud Security – 12 Juin 2012 Orange Business Services
Indirect vulnerabilities is seen as regressions or limitations A security control may be either – difficult to instantiate – impossible to implement associated risks are customer’s centric an opportunity for – provider’s differentiation – premium services catalog 17 Cloud Security – 12 Juin 2012 Orange Business Services
Securing the cloud(S) S 18 Cloud Security – 12 Juin 2012 Orange Business Services
Appropriate level of engagement Cloud Service Provider Management Customer’s Management increased responsibilities for Responsibilities between parties the Cloud Service Provider Applications middleware Operating systems increased criticality VM Hypervisor (VMM) high- high-level of shared resources Servers & network Datacenter aS aS aS Ia Pa Sa 19 Cloud Security – 12 Juin 2012 Orange Business Services
Cloud models & security Security is under customer’s control private cloud community Internal risk & cloud compliance still shared apply here ! infrastructure hybrid cloud Dedicated infrastructure/staff/processes public cloud Security controlled by the provider 20 Cloud Security – 12 Juin 2012 Orange Business Services
Building & maintaining Trust 21 Cloud Security – 12 Juin 2012 Orange Business Services
Trust must be both external & internal Regulation/standards bodies specifics government standards regulations • Applicable laws • “Cloud-ready” regulations Internal stakeholders • certification bodies Cloud Providers Executives enterprise Business Units Risk Managers, CISO • Certifications • Cloud service catalog • Security SLAs Corporate IT •Risks assessment • Transparency • Security SLAs • Adherence to Employees standards • Policies 22 Cloud Security – 12 Juin 2012 Orange Business Services
with the cloud data is living everywhere Business Units virtual datacenter access to the corporate application application VM VM VM Corporate IT VM VM VM VM administration VM/data transfers VM VM cloud infrastructure VM VM VM VM templates 23 Cloud Security – 12 Juin 2012 Orange Business Services
in the cloud data is living everywhere : risk too Business Units virtual datacenter access to the corporate access control poor application application injections SQL toxic data malware device theft/loss sniffing DDoS Impersonation VM VM VMsprawl VM Corporate IT VM Malware security patches VM VM VM administration VM/data transfers disgruntled admin VM VM cloud rogue admin infrastructure VM VM VM theft of credentials isolation failure weak release mgt data location VM templates 24 Cloud Security – 12 Juin 2012 Orange Business Services
the data security lifecyle generation of new content or significant modification of existing content Create permanent destruction & committing data to content discovery storage Destroy Store Archive Use data-transfer to long-term user interacting with the storage data (cloud & endpoint) Share exchange of data between users, customers and partners 25 Cloud Security – 12 Juin 2012 Orange Business Services
simultaneous and multiples data lifecycles Business Units Create Destroy Store virtual datacenter access to the corporate Archive Use application application Share Create Destroy Store Archive Use VM VM VM Share Corporate IT VM Create Destroy Store VM VM VM administration VM/data transfers Archive Use Create Share Destroy Store VM VM cloud infrastructure VM VM VM Archive Use VM templates Share 26 Cloud Security – 12 Juin 2012 Orange Business Services
use-case : a Virtual Machine (IaaS) VM VM 1 initial creation by corporate IT VM Create VM templates and instances are deleted 3 insertion in the VM template store 5 Destroy Store 4 Archive Use VM are instantiated and executed for business purposes Share 2 transfer to the cloud as an OVF container 27 Cloud Security – 12 Juin 2012 Orange Business Services
Create V VM M V 1 V M creation of the VM M V V V M M M template by corporate IT V M V M V M 1. classify Share 2. assign rights Risk-based decision for 2 transfer to the cloud as an OVF container moving specific workloads/applications in 1. activity monitoring & enforcement selected cloud(s) 2. encryption & 3. logical controls Tag VM templates with 4. application security labels to facilitate rights allocation/assignments watch when and where admin(s) are transferring templates logs accesses to admin VM interfaces VM VM secure data in motion using VM encryption secure admin interfaces/API 28 Cloud Security – 12 Juin 2012 Orange Business Services
3 insertion in the VM template store Store isolation between tenants & administrator 1. filesystem access controls separation of duties 2. encryption volume/media encryption 3. rights management Enforcement of rights created during “Create” phase (when data enters storage) 4. content discovery ensure data are located at the right place VM are instantiated and 4 executed for business purposes Use ! agent-based security & access log collection 1. activity monitoring & 2 perimeters of controls enforcement enforcement of rights created during 1) cloud-based controls 2. rights management “Create” phase (modification, export, 2) endpoint-based controls copying, …) 3. Logical controls application logic controls 4. application security application security 29 Cloud Security – 12 Juin 2012 Orange Business Services
VM are instantiated and 4 executed for business agent-based security & access log purposes Use 1. activity collection monitoring & enforcement of rights created during enforcement “Create” phase (modification, export, copying, …) 2. rights management Destroy application logic controls 3. Logical controls application security 4. application security 5 VM templates and instances are deleted 1. crypto-shredding 2. secure deletion 3. physical destruction VM VM VM VM VM 4. Content discovery VM VM VM VM VM delete the encryption keys overwrite data from 3 to 7 times with random pattern degaussing or physical destruction of storage devices ensure no copies or version of the date remain accessible 30 Cloud Security – 12 Juin 2012 Orange Business Services
Implementation rules transparency brings confidence change your mind for data-centric security leverage existing security frameworks & practices participate to research & standardization activities 31 Cloud Security – 12 Juin 2012 Orange Business Services
secure Infrastructure 6 lessons learnt from the fields Build security-in from the start of the project Select your Train your team compliance and educate frameworks & stick others to cloud with them security Take network & IT Integrate security convergence as an in opportunity existing processes Get intimate with cloud IT & ops 32 Cloud Security – 12 Juin 2012 Orange Business Services
SecureByDesign Cloud services April 18th, 2012 _ v1.1
trusted cloud computing approach trusted cloud offers today’ today’s focus cloud security security services « SecureByDesign » services delivered cloud platforms portfolio from the cloud pervasive and secure network connectivity to the cloud 34 Cloud Security – 12 Juin 2012 Orange Business Services
our secure development lifecycle High-Level Risks Assessment think Security Risk Legal Obligations Assessment Assessment Risks Mitigation Plan Security Implementation Assistance Security build & deploy Reviews Security Penetration Tests operate Operational security & continuous improvement 35 Cloud Security – 12 Juin 2012 Orange Business Services
CloudTrust : a tailored approach for secure cloud CloudTrust > per-service based > unified to the cloud-program > part of standard processes > bridge processes between BUs > risks/benefits based approach > cloud security architects > keep service definition >enhanced security value prop. > focuses on think/build/deploy > integrated operational security secure cloud services backed with highly reliable network connectivity with end-2-end SLAs 36 Cloud Security – 12 Juin 2012 Orange Business Services
maintaining & enhancing trust in cloud services Global security oversight on changes Incident Admin & third-parties management access management CISSM Legal obligations Vulnerabilities Periodic security Management reviews & audits Cloud Information Systems Security Manager 37 Cloud Security – 12 Juin 2012 Orange Business Services
end-2-end operational security CISSM cloud security architects • build security in right from the beginning • ensure continuous delivery model with smooth roll-out Orange Cloud Computing Services • global understanding and broad experience Flexible • leverage experiences and foster Computing Express Flexible new initiatives certifications Backup JCI ISO … 27K/20K • certified security professionals •active role in certifications activities and 27K ISMS • leverage processes to bolt security in private cloud • deliver telco-grade expertise to customer’s private cloud • tailored solutions for specific requirements 38 Cloud Security – 12 Juin 2012 Orange Business Services
Flexible Computing Express CISSM Service Providers Business VPN Business Secure Virtual Data Center Galerie VPN LB DDoS VM VM VM VM Protection (6 zones) Internal Private WAN Remote sites 2-factors Logs Auth VM Templates Datacenters Security patches Antivirus Backup Business VPN VPN-SSL Console DDoS Protection Firewalling Automated VA scans IPVPN network connectivity ISAE 3402 datacenters (SAS 70 Type 2) 39 Cloud Security – 12 Juin 2012 Orange Business Services
Flexible Computing Express standard security features V V V V vDC) Secure Virtual DataCenter (vDC) M M M M (6 • 6 dedicated/isolated VLANs zon es) • State-full firewalling (dedicated instance) • Load-balancing (dedicated instance) Secure management V V V V • VPN-SSL remote access M M M M (6 • web-based unified management (vDC, VLANs, FW, …) zone s) • Two-factors authentication • Access to firewall logs Security services zone V V V V M M M M • VM templates (Microsoft, Linux) • Security patches distribution servers • Antivirus signatures • Backup services 40 Cloud Security – 12 Juin 2012 Orange Business Services
additional security services security services store security services •Hardened VM templates Secure Virtual Data Center •Vulnerability scans & compliance LB •Encrypted VM & volumes VM VM VM VM •IDS/IPS •Database security (6 zones) •… professional services 2-factors Logs Auth •Vulnerabilities management VM Templates Security patches •OS & Applications Management Antivirus •Security audits Backup VPN-SSL Console •Penetration testing •… 41 Cloud Security – 12 Juin 2012 Orange Business Services
takeaways 42 Cloud Security – 12 Juin 2012 Orange Business Services
blogs : the direct link with our security experts http://blogs.orange-business.com/connecting-technology/security/ http://blogs.orange-business.com/securite/ 43 Cloud Security – 12 Juin 2012 Orange Business Services
continue the journey with us ! CSA EMEA Congress – 25-26th September 2012 - Amsterdam http://www.cloudsecuritycongress.com/ C&ESAR 2012 – 20-22th November – Rennes http://www.cesar-conference.org/ 44 Cloud Security – 12 Juin 2012 Orange Business Services
thank you business changes with
Contacts Jean-François AUDENARD - Cloud Security Advisor - 01 44 37 61 91 – 06 74 79 67 12 - jeanfrancois.audenard@orange.com - twitter: @jeffman78 Philippe LANDEAU – Business Development – 01 55 54 42 36 - 06 82 59 52 36 – philippe.landeau@orange.com 46 Cloud Security – 12 Juin 2012 Orange Business Services

Recommandé

Cloud Security Strategy
Cloud Security StrategyCloud Security Strategy
Cloud Security StrategyCapgemini
 
Cloud Is Built, Now Who's Managing It?
Cloud Is Built, Now Who's Managing It?Cloud Is Built, Now Who's Managing It?
Cloud Is Built, Now Who's Managing It?doan_slideshares
 
Are you ready for the private cloud? [WHITEPAPER]
Are you ready for the private cloud? [WHITEPAPER]Are you ready for the private cloud? [WHITEPAPER]
Are you ready for the private cloud? [WHITEPAPER]KVH Co. Ltd.
 
Trend micro v2
Trend micro v2Trend micro v2
Trend micro v2JD Sherry
 
Trend micro deep security
Trend micro deep securityTrend micro deep security
Trend micro deep securityTrend Micro
 
Cloud security and adoption
Cloud security and adoptionCloud security and adoption
Cloud security and adoptionSudsanguan Ngamsuriyaroj
 
Cloud Cuckoo Land to Corporate Acceptance
Cloud Cuckoo Land to Corporate AcceptanceCloud Cuckoo Land to Corporate Acceptance
Cloud Cuckoo Land to Corporate AcceptanceMark Henshaw
 
The Complexities of Cloud Computing - The Rules are New, But is the Game
The Complexities of Cloud Computing - The Rules are New, But is the GameThe Complexities of Cloud Computing - The Rules are New, But is the Game
The Complexities of Cloud Computing - The Rules are New, But is the GameJanine Anthony Bowen, Esq.
 

Recommandé

Cloud Security Strategy
Cloud Security StrategyCloud Security Strategy
Cloud Security StrategyCapgemini
 
Cloud Is Built, Now Who's Managing It?
Cloud Is Built, Now Who's Managing It?Cloud Is Built, Now Who's Managing It?
Cloud Is Built, Now Who's Managing It?doan_slideshares
 
Are you ready for the private cloud? [WHITEPAPER]
Are you ready for the private cloud? [WHITEPAPER]Are you ready for the private cloud? [WHITEPAPER]
Are you ready for the private cloud? [WHITEPAPER]KVH Co. Ltd.
 
Trend micro v2
Trend micro v2Trend micro v2
Trend micro v2JD Sherry
 
Trend micro deep security
Trend micro deep securityTrend micro deep security
Trend micro deep securityTrend Micro
 
Cloud security and adoption
Cloud security and adoptionCloud security and adoption
Cloud security and adoptionSudsanguan Ngamsuriyaroj
 
Cloud Cuckoo Land to Corporate Acceptance
Cloud Cuckoo Land to Corporate AcceptanceCloud Cuckoo Land to Corporate Acceptance
Cloud Cuckoo Land to Corporate AcceptanceMark Henshaw
 
The Complexities of Cloud Computing - The Rules are New, But is the Game
The Complexities of Cloud Computing - The Rules are New, But is the GameThe Complexities of Cloud Computing - The Rules are New, But is the Game
The Complexities of Cloud Computing - The Rules are New, But is the GameJanine Anthony Bowen, Esq.
 
PCI and the Cloud
PCI and the CloudPCI and the Cloud
PCI and the CloudCloudPassage
 
Cloud risk management
Cloud risk managementCloud risk management
Cloud risk managementPrachyanun Nilsook
 
Cloud lockin and interoperability v2 indic threads cloud computing conferen...
Cloud lockin and interoperability v2 indic threads cloud computing conferen...Cloud lockin and interoperability v2 indic threads cloud computing conferen...
Cloud lockin and interoperability v2 indic threads cloud computing conferen...IndicThreads
 
Emc keynote 0945 1030
Emc keynote 0945 1030Emc keynote 0945 1030
Emc keynote 0945 1030Chiou-Nan Chen
 
Trend micro - Your journey to the cloud, where are you
Trend micro - Your journey to the cloud, where are youTrend micro - Your journey to the cloud, where are you
Trend micro - Your journey to the cloud, where are youGlobal Business Events
 
Presenter manual cloud computing (specially for summer interns)
Presenter manual cloud computing (specially for summer interns)Presenter manual cloud computing (specially for summer interns)
Presenter manual cloud computing (specially for summer interns)XPERT INFOTECH
 
Security of the Cloud
Security of the CloudSecurity of the Cloud
Security of the CloudEpoch Universal, Inc.
 
Whitepaper: Security of the Cloud
Whitepaper: Security of the CloudWhitepaper: Security of the Cloud
Whitepaper: Security of the CloudCloudSmartz
 
Cyber Threat Management Services
Cyber Threat Management ServicesCyber Threat Management Services
Cyber Threat Management ServicesMarlabs
 
Cloud provider transparency
Cloud provider transparencyCloud provider transparency
Cloud provider transparencyPrachyanun Nilsook
 
ClassCloud: switch your PC Classroom into Cloud Testbed
ClassCloud: switch your PC Classroom into Cloud TestbedClassCloud: switch your PC Classroom into Cloud Testbed
ClassCloud: switch your PC Classroom into Cloud TestbedJazz Yao-Tsung Wang
 
Moving target-defense
Moving target-defenseMoving target-defense
Moving target-defenseZsolt Nemeth
 
Security assessment for financial institutions
Security assessment for financial institutionsSecurity assessment for financial institutions
Security assessment for financial institutionsZsolt Nemeth
 
Get your house on order
Get your house on orderGet your house on order
Get your house on orderDekkinga, Ewout
 
10 security concerns cloud computing
10 security concerns cloud computing10 security concerns cloud computing
10 security concerns cloud computingHossam Zein
 
Seminar Presentation
Seminar PresentationSeminar Presentation
Seminar PresentationKiran Vadakkath
 
Cloud computing 2011 call for papers
Cloud computing 2011 call for papersCloud computing 2011 call for papers
Cloud computing 2011 call for paperspsundarau
 
Your Data Center Boundaries Don’t Exist Anymore!
Your Data Center Boundaries Don’t Exist Anymore! Your Data Center Boundaries Don’t Exist Anymore!
Your Data Center Boundaries Don’t Exist Anymore! EMC
 
Best Practices for Cloud Security
Best Practices for Cloud SecurityBest Practices for Cloud Security
Best Practices for Cloud SecurityIT@Intel
 
ASFWS 2013 - Sécurité et extension d’infrastructure vers le cloud: retour d’e...
ASFWS 2013 - Sécurité et extension d’infrastructure vers le cloud: retour d’e...ASFWS 2013 - Sécurité et extension d’infrastructure vers le cloud: retour d’e...
ASFWS 2013 - Sécurité et extension d’infrastructure vers le cloud: retour d’e...Cyber Security Alliance
 
Implémentation de la norme PCI DSS dans le Cloud (PFE Master Faculté des scie...
Implémentation de la norme PCI DSS dans le Cloud (PFE Master Faculté des scie...Implémentation de la norme PCI DSS dans le Cloud (PFE Master Faculté des scie...
Implémentation de la norme PCI DSS dans le Cloud (PFE Master Faculté des scie...Nouh Droussi
 
Sécurité et confidentialité des données sensibles dans le cloud computing une...
Sécurité et confidentialité des données sensibles dans le cloud computing une...Sécurité et confidentialité des données sensibles dans le cloud computing une...
Sécurité et confidentialité des données sensibles dans le cloud computing une...Bilal El Houdaigui
 

Contenu connexe

Tendances

Cloud lockin and interoperability v2 indic threads cloud computing conferen...
Cloud lockin and interoperability v2 indic threads cloud computing conferen...Cloud lockin and interoperability v2 indic threads cloud computing conferen...
Cloud lockin and interoperability v2 indic threads cloud computing conferen...IndicThreads
 
Trend micro - Your journey to the cloud, where are you
Trend micro - Your journey to the cloud, where are youTrend micro - Your journey to the cloud, where are you
Trend micro - Your journey to the cloud, where are youGlobal Business Events
 
Presenter manual cloud computing (specially for summer interns)
Presenter manual cloud computing (specially for summer interns)Presenter manual cloud computing (specially for summer interns)
Presenter manual cloud computing (specially for summer interns)XPERT INFOTECH
 
Whitepaper: Security of the Cloud
Whitepaper: Security of the CloudWhitepaper: Security of the Cloud
Whitepaper: Security of the CloudCloudSmartz
 
Cyber Threat Management Services
Cyber Threat Management ServicesCyber Threat Management Services
Cyber Threat Management ServicesMarlabs
 
ClassCloud: switch your PC Classroom into Cloud Testbed
ClassCloud: switch your PC Classroom into Cloud TestbedClassCloud: switch your PC Classroom into Cloud Testbed
ClassCloud: switch your PC Classroom into Cloud TestbedJazz Yao-Tsung Wang
 
Moving target-defense
Moving target-defenseMoving target-defense
Moving target-defenseZsolt Nemeth
 
Security assessment for financial institutions
Security assessment for financial institutionsSecurity assessment for financial institutions
Security assessment for financial institutionsZsolt Nemeth
 
10 security concerns cloud computing
10 security concerns cloud computing10 security concerns cloud computing
10 security concerns cloud computingHossam Zein
 
Cloud computing 2011 call for papers
Cloud computing 2011 call for papersCloud computing 2011 call for papers
Cloud computing 2011 call for paperspsundarau
 
Your Data Center Boundaries Don’t Exist Anymore!
Your Data Center Boundaries Don’t Exist Anymore! Your Data Center Boundaries Don’t Exist Anymore!
Your Data Center Boundaries Don’t Exist Anymore! EMC
 
Best Practices for Cloud Security
Best Practices for Cloud SecurityBest Practices for Cloud Security
Best Practices for Cloud SecurityIT@Intel
 

Tendances (19)

PCI and the Cloud
PCI and the CloudPCI and the Cloud
PCI and the Cloud
 
Cloud risk management
Cloud risk managementCloud risk management
Cloud risk management
 
Cloud lockin and interoperability v2 indic threads cloud computing conferen...
Cloud lockin and interoperability v2 indic threads cloud computing conferen...Cloud lockin and interoperability v2 indic threads cloud computing conferen...
Cloud lockin and interoperability v2 indic threads cloud computing conferen...
 
Emc keynote 0945 1030
Emc keynote 0945 1030Emc keynote 0945 1030
Emc keynote 0945 1030
 
Trend micro - Your journey to the cloud, where are you
Trend micro - Your journey to the cloud, where are youTrend micro - Your journey to the cloud, where are you
Trend micro - Your journey to the cloud, where are you
 
Presenter manual cloud computing (specially for summer interns)
Presenter manual cloud computing (specially for summer interns)Presenter manual cloud computing (specially for summer interns)
Presenter manual cloud computing (specially for summer interns)
 
Security of the Cloud
Security of the CloudSecurity of the Cloud
Security of the Cloud
 
Whitepaper: Security of the Cloud
Whitepaper: Security of the CloudWhitepaper: Security of the Cloud
Whitepaper: Security of the Cloud
 
Cyber Threat Management Services
Cyber Threat Management ServicesCyber Threat Management Services
Cyber Threat Management Services
 
Cloud provider transparency
Cloud provider transparencyCloud provider transparency
Cloud provider transparency
 
ClassCloud: switch your PC Classroom into Cloud Testbed
ClassCloud: switch your PC Classroom into Cloud TestbedClassCloud: switch your PC Classroom into Cloud Testbed
ClassCloud: switch your PC Classroom into Cloud Testbed
 
Moving target-defense
Moving target-defenseMoving target-defense
Moving target-defense
 
Security assessment for financial institutions
Security assessment for financial institutionsSecurity assessment for financial institutions
Security assessment for financial institutions
 
Get your house on order
Get your house on orderGet your house on order
Get your house on order
 
10 security concerns cloud computing
10 security concerns cloud computing10 security concerns cloud computing
10 security concerns cloud computing
 
Seminar Presentation
Seminar PresentationSeminar Presentation
Seminar Presentation
 
Cloud computing 2011 call for papers
Cloud computing 2011 call for papersCloud computing 2011 call for papers
Cloud computing 2011 call for papers
 
Your Data Center Boundaries Don’t Exist Anymore!
Your Data Center Boundaries Don’t Exist Anymore! Your Data Center Boundaries Don’t Exist Anymore!
Your Data Center Boundaries Don’t Exist Anymore!
 
Best Practices for Cloud Security
Best Practices for Cloud SecurityBest Practices for Cloud Security
Best Practices for Cloud Security
 

En vedette

ASFWS 2013 - Sécurité et extension d’infrastructure vers le cloud: retour d’e...
ASFWS 2013 - Sécurité et extension d’infrastructure vers le cloud: retour d’e...ASFWS 2013 - Sécurité et extension d’infrastructure vers le cloud: retour d’e...
ASFWS 2013 - Sécurité et extension d’infrastructure vers le cloud: retour d’e...Cyber Security Alliance
 
Implémentation de la norme PCI DSS dans le Cloud (PFE Master Faculté des scie...
Implémentation de la norme PCI DSS dans le Cloud (PFE Master Faculté des scie...Implémentation de la norme PCI DSS dans le Cloud (PFE Master Faculté des scie...
Implémentation de la norme PCI DSS dans le Cloud (PFE Master Faculté des scie...Nouh Droussi
 
Sécurité et confidentialité des données sensibles dans le cloud computing une...
Sécurité et confidentialité des données sensibles dans le cloud computing une...Sécurité et confidentialité des données sensibles dans le cloud computing une...
Sécurité et confidentialité des données sensibles dans le cloud computing une...Bilal El Houdaigui
 
Cybersécurité &amp; protection des données personnelles
Cybersécurité &amp; protection des données personnellesCybersécurité &amp; protection des données personnelles
Cybersécurité &amp; protection des données personnellesMohamed MDELLA
 
CESIN - Baromètre de la cyber-sécurité des entreprises - Vague 1 - Par Opinio...
CESIN - Baromètre de la cyber-sécurité des entreprises - Vague 1 - Par Opinio...CESIN - Baromètre de la cyber-sécurité des entreprises - Vague 1 - Par Opinio...
CESIN - Baromètre de la cyber-sécurité des entreprises - Vague 1 - Par Opinio...OpinionWay
 
Cloud Computing : Security and Forensics
Cloud Computing : Security and ForensicsCloud Computing : Security and Forensics
Cloud Computing : Security and ForensicsGovind Maheswaran
 
ANALYSE DE RISQUES
ANALYSE DE RISQUESANALYSE DE RISQUES
ANALYSE DE RISQUESndelannoy
 
Maîtrise de risques en gestion de projet
Maîtrise de risques en gestion de projetMaîtrise de risques en gestion de projet
Maîtrise de risques en gestion de projetChef De Projet Détendu
 
Presentation pfe ingenieur d etat securite reseau et systemes
Presentation pfe ingenieur d etat securite reseau et systemesPresentation pfe ingenieur d etat securite reseau et systemes
Presentation pfe ingenieur d etat securite reseau et systemesHicham Moujahid
 
Data security in cloud computing
Data security in cloud computingData security in cloud computing
Data security in cloud computingPrince Chandu
 
Hype vs. Reality: The AI Explainer
Hype vs. Reality: The AI ExplainerHype vs. Reality: The AI Explainer
Hype vs. Reality: The AI ExplainerLuminary Labs
 

En vedette (13)

ASFWS 2013 - Sécurité et extension d’infrastructure vers le cloud: retour d’e...
ASFWS 2013 - Sécurité et extension d’infrastructure vers le cloud: retour d’e...ASFWS 2013 - Sécurité et extension d’infrastructure vers le cloud: retour d’e...
ASFWS 2013 - Sécurité et extension d’infrastructure vers le cloud: retour d’e...
 
Implémentation de la norme PCI DSS dans le Cloud (PFE Master Faculté des scie...
Implémentation de la norme PCI DSS dans le Cloud (PFE Master Faculté des scie...Implémentation de la norme PCI DSS dans le Cloud (PFE Master Faculté des scie...
Implémentation de la norme PCI DSS dans le Cloud (PFE Master Faculté des scie...
 
Sécurité et confidentialité des données sensibles dans le cloud computing une...
Sécurité et confidentialité des données sensibles dans le cloud computing une...Sécurité et confidentialité des données sensibles dans le cloud computing une...
Sécurité et confidentialité des données sensibles dans le cloud computing une...
 
Cybersécurité &amp; protection des données personnelles
Cybersécurité &amp; protection des données personnellesCybersécurité &amp; protection des données personnelles
Cybersécurité &amp; protection des données personnelles
 
CESIN - Baromètre de la cyber-sécurité des entreprises - Vague 1 - Par Opinio...
CESIN - Baromètre de la cyber-sécurité des entreprises - Vague 1 - Par Opinio...CESIN - Baromètre de la cyber-sécurité des entreprises - Vague 1 - Par Opinio...
CESIN - Baromètre de la cyber-sécurité des entreprises - Vague 1 - Par Opinio...
 
Cloud & Sécurité
Cloud & SécuritéCloud & Sécurité
Cloud & Sécurité
 
Cloud Computing : Security and Forensics
Cloud Computing : Security and ForensicsCloud Computing : Security and Forensics
Cloud Computing : Security and Forensics
 
ANALYSE DE RISQUES
ANALYSE DE RISQUESANALYSE DE RISQUES
ANALYSE DE RISQUES
 
Maîtrise de risques en gestion de projet
Maîtrise de risques en gestion de projetMaîtrise de risques en gestion de projet
Maîtrise de risques en gestion de projet
 
Presentation pfe ingenieur d etat securite reseau et systemes
Presentation pfe ingenieur d etat securite reseau et systemesPresentation pfe ingenieur d etat securite reseau et systemes
Presentation pfe ingenieur d etat securite reseau et systemes
 
Cloud security ppt
Cloud security pptCloud security ppt
Cloud security ppt
 
Data security in cloud computing
Data security in cloud computingData security in cloud computing
Data security in cloud computing
 
Hype vs. Reality: The AI Explainer
Hype vs. Reality: The AI ExplainerHype vs. Reality: The AI Explainer
Hype vs. Reality: The AI Explainer
 

Similaire à CLUSIR DU 12 JUIN

Becoming the safe choice for the cloud by addressing cloud fraud & security t...
Becoming the safe choice for the cloud by addressing cloud fraud & security t...Becoming the safe choice for the cloud by addressing cloud fraud & security t...
Becoming the safe choice for the cloud by addressing cloud fraud & security t...cVidya Networks
 
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...Acrodex
 
Cloud securityperspectives cmg
Cloud securityperspectives cmgCloud securityperspectives cmg
Cloud securityperspectives cmgNeha Dhawan
 
Cloud security and security architecture
Cloud security and security architectureCloud security and security architecture
Cloud security and security architectureVladimir Jirasek
 
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performanceDeepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performanceUNIT4 IT Solutions
 
Smart, Data-Centric Security for the Post-PC Era
Smart, Data-Centric Security for the Post-PC EraSmart, Data-Centric Security for the Post-PC Era
Smart, Data-Centric Security for the Post-PC EraTrend Micro (EMEA) Limited
 
Out With the Old, In With the New – Reinvent and Justify Your 2013 Security S...
Out With the Old, In With the New – Reinvent and Justify Your 2013 Security S...Out With the Old, In With the New – Reinvent and Justify Your 2013 Security S...
Out With the Old, In With the New – Reinvent and Justify Your 2013 Security S...Skybox Security
 
How Adopting the Cloud Can Improve Your Security.
How Adopting the Cloud Can Improve Your Security.How Adopting the Cloud Can Improve Your Security.
How Adopting the Cloud Can Improve Your Security.martin_lee1969
 
What customers want the cloud to be - Jason Waxman GM at Intel, Cloud Slam 20...
What customers want the cloud to be - Jason Waxman GM at Intel, Cloud Slam 20...What customers want the cloud to be - Jason Waxman GM at Intel, Cloud Slam 20...
What customers want the cloud to be - Jason Waxman GM at Intel, Cloud Slam 20...Khazret Sapenov
 
Building a Strong Foundation for Your Cloud with Identity Management
Building a Strong Foundation for Your Cloud with Identity ManagementBuilding a Strong Foundation for Your Cloud with Identity Management
Building a Strong Foundation for Your Cloud with Identity ManagementNishant Kaushik
 
Vendor classification & rating
Vendor classification & ratingVendor classification & rating
Vendor classification & ratingAmit Puri
 
Cloud Computing Webinar: Legal &amp; Regulatory Update for 2012
Cloud Computing Webinar: Legal &amp; Regulatory Update for 2012Cloud Computing Webinar: Legal &amp; Regulatory Update for 2012
Cloud Computing Webinar: Legal &amp; Regulatory Update for 2012itandlaw
 
Application-Aware Network Performance Management
Application-Aware Network Performance ManagementApplication-Aware Network Performance Management
Application-Aware Network Performance ManagementRiverbed Technology
 
The Cloud according to VMware
The Cloud according to VMwareThe Cloud according to VMware
The Cloud according to VMwareOpSource
 
AWS Summit 2011: Cloud Compliance 101: No PhD required - SafeNet
AWS Summit 2011: Cloud Compliance 101: No PhD required - SafeNetAWS Summit 2011: Cloud Compliance 101: No PhD required - SafeNet
AWS Summit 2011: Cloud Compliance 101: No PhD required - SafeNetAmazon Web Services
 

Similaire à CLUSIR DU 12 JUIN (20)

Security of,for & by cloud
Security of,for & by cloudSecurity of,for & by cloud
Security of,for & by cloud
 
Becoming the safe choice for the cloud by addressing cloud fraud & security t...
Becoming the safe choice for the cloud by addressing cloud fraud & security t...Becoming the safe choice for the cloud by addressing cloud fraud & security t...
Becoming the safe choice for the cloud by addressing cloud fraud & security t...
 
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...
 
Cloud securityperspectives cmg
Cloud securityperspectives cmgCloud securityperspectives cmg
Cloud securityperspectives cmg
 
Cloud security and security architecture
Cloud security and security architectureCloud security and security architecture
Cloud security and security architecture
 
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performanceDeepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
 
Smart cloud - single to multi cloud
Smart cloud - single to multi cloud Smart cloud - single to multi cloud
Smart cloud - single to multi cloud
 
Smart, Data-Centric Security for the Post-PC Era
Smart, Data-Centric Security for the Post-PC EraSmart, Data-Centric Security for the Post-PC Era
Smart, Data-Centric Security for the Post-PC Era
 
Out With the Old, In With the New – Reinvent and Justify Your 2013 Security S...
Out With the Old, In With the New – Reinvent and Justify Your 2013 Security S...Out With the Old, In With the New – Reinvent and Justify Your 2013 Security S...
Out With the Old, In With the New – Reinvent and Justify Your 2013 Security S...
 
How Adopting the Cloud Can Improve Your Security.
How Adopting the Cloud Can Improve Your Security.How Adopting the Cloud Can Improve Your Security.
How Adopting the Cloud Can Improve Your Security.
 
What customers want the cloud to be - Jason Waxman GM at Intel, Cloud Slam 20...
What customers want the cloud to be - Jason Waxman GM at Intel, Cloud Slam 20...What customers want the cloud to be - Jason Waxman GM at Intel, Cloud Slam 20...
What customers want the cloud to be - Jason Waxman GM at Intel, Cloud Slam 20...
 
Building a Strong Foundation for Your Cloud with Identity Management
Building a Strong Foundation for Your Cloud with Identity ManagementBuilding a Strong Foundation for Your Cloud with Identity Management
Building a Strong Foundation for Your Cloud with Identity Management
 
Datacenter 2014: Symantec - Peter Schjøtt
Datacenter 2014: Symantec - Peter SchjøttDatacenter 2014: Symantec - Peter Schjøtt
Datacenter 2014: Symantec - Peter Schjøtt
 
Vendor classification & rating
Vendor classification & ratingVendor classification & rating
Vendor classification & rating
 
Cloud Computing Webinar: Legal &amp; Regulatory Update for 2012
Cloud Computing Webinar: Legal &amp; Regulatory Update for 2012Cloud Computing Webinar: Legal &amp; Regulatory Update for 2012
Cloud Computing Webinar: Legal &amp; Regulatory Update for 2012
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Security
 
null Bangalore meet - Cloud Computing and Security
null Bangalore meet - Cloud Computing and Securitynull Bangalore meet - Cloud Computing and Security
null Bangalore meet - Cloud Computing and Security
 
Application-Aware Network Performance Management
Application-Aware Network Performance ManagementApplication-Aware Network Performance Management
Application-Aware Network Performance Management
 
The Cloud according to VMware
The Cloud according to VMwareThe Cloud according to VMware
The Cloud according to VMware
 
AWS Summit 2011: Cloud Compliance 101: No PhD required - SafeNet
AWS Summit 2011: Cloud Compliance 101: No PhD required - SafeNetAWS Summit 2011: Cloud Compliance 101: No PhD required - SafeNet
AWS Summit 2011: Cloud Compliance 101: No PhD required - SafeNet
 

Dernier

08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 

Dernier (20)

08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 

CLUSIR DU 12 JUIN

  • 1. cloud computing security Jean-François AUDENARD – Orange Business Services - Cloud Security Advisor Présentation CLUSIR – InfoNord – Club RSSI v1r0 – June 12th, 2012
  • 2. agenda Sécurité et cycle de vie des données – Les challenges de la sécurité des données dans le cloud – Des opportunités mais aussi un retour aux fondamentaux – Sécurité « adhérente aux données » : principes & approche La sécurité du cloud chez Orange Business Services – Notre approche « SecuredByDesign » – Modèle d’intégration de la sécurité dans les projets Cloud – Entretenir et améliorer la sécurité au quotidien Questions/réponses 2 Cloud Security – 12 Juin 2012 Orange Business Services
  • 3. context 3 Cloud Security – 12 Juin 2012 Orange Business Services
  • 4. Our customers are targets Flame – 1Q2012 CISCO – Global Threat Report – 2Q2011 4 Cloud Security – 12 Juin 2012 Orange Business Services
  • 5. Cloud concentrate everything Datacenters Customer’s data Revenues Risks Hacker’s greed Security (good news !) 5 Cloud Security – 12 Juin 2012 Orange Business Services
  • 6. Threats follows the data Enterprise Internal network/IT Cloud Services Providers (CSP) Threats / Attackers 6 Cloud Security – 12 Juin 2012 Orange Business Services
  • 7. expectations 7 Cloud Security – 12 Juin 2012 Orange Business Services
  • 8. Cloud security is a must have All big analysts firms agree ! 8 Cloud Security – 12 Juin 2012 Orange Business Services
  • 9. An expectation AND a business accelerator <…> As counterintuitive as this may seem, enterprises actually expect cloud security to be superior to what they employ for traditional IT services. Current Analysis’ survey of ‘Cloud Services 2011 – Enterprise Adoption Plans and Trends’ in August 2011 found that one of the drivers for cloud adoption is actually more security <…> security. Highly secure cloud services will boost our business 9 Cloud Security – 12 Juin 2012 Orange Business Services
  • 10. Compliance As a customer – Internal compliance – vertical compliance (PCI-DSS, …) As a service provider – Telco’s legal obligations Rising trend on personal information's – Data breach notifications Nothing specific related to cloud 10 Cloud Security – 12 Juin 2012 Orange Business Services
  • 11. What’s really new 11 Cloud Security – 12 Juin 2012 Orange Business Services
  • 12. Question : what really changes with cloud ? Cloud is not more or less secure : the security posture evolves …the cloud’s economies of scale – Risks are transferred and flexibility are both a friend – New risk appear and a foe from a security point of view. The massive concentrations of resources and data present a Underlying cloud technologies are not more attractive target to attackers, but cloud-based defenses new can be more robust, scalable and cost-effective… Concentration brings new Source: Enisa opportunities (but increased risks too). Answer : Cloud require security excellence & associated transparency transparency 12 Cloud Security – 12 Juin 2012 Orange Business Services
  • 13. Cloud specific vulnerabilities NIST On-demand self-service Ubiquitous network access Resource polling Rapid elasticity Virtualization Measured service Direct Hyper-jacking vulnerabilities VM-Escape VM sprawl VM Theft 13 Cloud Security – 12 Juin 2012 Orange Business Services
  • 14. Direct vulnerabilities they’re the visible top of the iceberg associated risks may hit both – the provider – its customers Identified during risk assessment phase the provider must manage them the provider must demonstrate them 14 Cloud Security – 12 Juin 2012 Orange Business Services
  • 15. Vulnerabilities are an opportunity ? ? ? ? ? ? ? ? ? ? ? 15 Cloud Security – 12 Juin 2012 Orange Business Services
  • 16. Yes : Thanks to cloud-specific vulnerabilities Indirect vulnerabilities NIST Inability to monitor traffic On-demand self-service Limited network zoning Single point of failure Ubiquitous network access Forbidden network vulns scans Resource polling Rapid elasticity Virtualization Measured service Direct Hyper-jacking vulnerabilities VM-Escape VM sprawl VM Theft 16 Cloud Security – 12 Juin 2012 Orange Business Services
  • 17. Indirect vulnerabilities is seen as regressions or limitations A security control may be either – difficult to instantiate – impossible to implement associated risks are customer’s centric an opportunity for – provider’s differentiation – premium services catalog 17 Cloud Security – 12 Juin 2012 Orange Business Services
  • 18. Securing the cloud(S) S 18 Cloud Security – 12 Juin 2012 Orange Business Services
  • 19. Appropriate level of engagement Cloud Service Provider Management Customer’s Management increased responsibilities for Responsibilities between parties the Cloud Service Provider Applications middleware Operating systems increased criticality VM Hypervisor (VMM) high- high-level of shared resources Servers & network Datacenter aS aS aS Ia Pa Sa 19 Cloud Security – 12 Juin 2012 Orange Business Services
  • 20. Cloud models & security Security is under customer’s control private cloud community Internal risk & cloud compliance still shared apply here ! infrastructure hybrid cloud Dedicated infrastructure/staff/processes public cloud Security controlled by the provider 20 Cloud Security – 12 Juin 2012 Orange Business Services
  • 21. Building & maintaining Trust 21 Cloud Security – 12 Juin 2012 Orange Business Services
  • 22. Trust must be both external & internal Regulation/standards bodies specifics government standards regulations • Applicable laws • “Cloud-ready” regulations Internal stakeholders • certification bodies Cloud Providers Executives enterprise Business Units Risk Managers, CISO • Certifications • Cloud service catalog • Security SLAs Corporate IT •Risks assessment • Transparency • Security SLAs • Adherence to Employees standards • Policies 22 Cloud Security – 12 Juin 2012 Orange Business Services
  • 23. with the cloud data is living everywhere Business Units virtual datacenter access to the corporate application application VM VM VM Corporate IT VM VM VM VM administration VM/data transfers VM VM cloud infrastructure VM VM VM VM templates 23 Cloud Security – 12 Juin 2012 Orange Business Services
  • 24. in the cloud data is living everywhere : risk too Business Units virtual datacenter access to the corporate access control poor application application injections SQL toxic data malware device theft/loss sniffing DDoS Impersonation VM VM VMsprawl VM Corporate IT VM Malware security patches VM VM VM administration VM/data transfers disgruntled admin VM VM cloud rogue admin infrastructure VM VM VM theft of credentials isolation failure weak release mgt data location VM templates 24 Cloud Security – 12 Juin 2012 Orange Business Services
  • 25. the data security lifecyle generation of new content or significant modification of existing content Create permanent destruction & committing data to content discovery storage Destroy Store Archive Use data-transfer to long-term user interacting with the storage data (cloud & endpoint) Share exchange of data between users, customers and partners 25 Cloud Security – 12 Juin 2012 Orange Business Services
  • 26. simultaneous and multiples data lifecycles Business Units Create Destroy Store virtual datacenter access to the corporate Archive Use application application Share Create Destroy Store Archive Use VM VM VM Share Corporate IT VM Create Destroy Store VM VM VM administration VM/data transfers Archive Use Create Share Destroy Store VM VM cloud infrastructure VM VM VM Archive Use VM templates Share 26 Cloud Security – 12 Juin 2012 Orange Business Services
  • 27. use-case : a Virtual Machine (IaaS) VM VM 1 initial creation by corporate IT VM Create VM templates and instances are deleted 3 insertion in the VM template store 5 Destroy Store 4 Archive Use VM are instantiated and executed for business purposes Share 2 transfer to the cloud as an OVF container 27 Cloud Security – 12 Juin 2012 Orange Business Services
  • 28. Create V VM M V 1 V M creation of the VM M V V V M M M template by corporate IT V M V M V M 1. classify Share 2. assign rights Risk-based decision for 2 transfer to the cloud as an OVF container moving specific workloads/applications in 1. activity monitoring & enforcement selected cloud(s) 2. encryption & 3. logical controls Tag VM templates with 4. application security labels to facilitate rights allocation/assignments watch when and where admin(s) are transferring templates logs accesses to admin VM interfaces VM VM secure data in motion using VM encryption secure admin interfaces/API 28 Cloud Security – 12 Juin 2012 Orange Business Services
  • 29. 3 insertion in the VM template store Store isolation between tenants & administrator 1. filesystem access controls separation of duties 2. encryption volume/media encryption 3. rights management Enforcement of rights created during “Create” phase (when data enters storage) 4. content discovery ensure data are located at the right place VM are instantiated and 4 executed for business purposes Use ! agent-based security & access log collection 1. activity monitoring & 2 perimeters of controls enforcement enforcement of rights created during 1) cloud-based controls 2. rights management “Create” phase (modification, export, 2) endpoint-based controls copying, …) 3. Logical controls application logic controls 4. application security application security 29 Cloud Security – 12 Juin 2012 Orange Business Services
  • 30. VM are instantiated and 4 executed for business agent-based security & access log purposes Use 1. activity collection monitoring & enforcement of rights created during enforcement “Create” phase (modification, export, copying, …) 2. rights management Destroy application logic controls 3. Logical controls application security 4. application security 5 VM templates and instances are deleted 1. crypto-shredding 2. secure deletion 3. physical destruction VM VM VM VM VM 4. Content discovery VM VM VM VM VM delete the encryption keys overwrite data from 3 to 7 times with random pattern degaussing or physical destruction of storage devices ensure no copies or version of the date remain accessible 30 Cloud Security – 12 Juin 2012 Orange Business Services
  • 31. Implementation rules transparency brings confidence change your mind for data-centric security leverage existing security frameworks & practices participate to research & standardization activities 31 Cloud Security – 12 Juin 2012 Orange Business Services
  • 32. secure Infrastructure 6 lessons learnt from the fields Build security-in from the start of the project Select your Train your team compliance and educate frameworks & stick others to cloud with them security Take network & IT Integrate security convergence as an in opportunity existing processes Get intimate with cloud IT & ops 32 Cloud Security – 12 Juin 2012 Orange Business Services
  • 34. trusted cloud computing approach trusted cloud offers today’ today’s focus cloud security security services « SecureByDesign » services delivered cloud platforms portfolio from the cloud pervasive and secure network connectivity to the cloud 34 Cloud Security – 12 Juin 2012 Orange Business Services
  • 35. our secure development lifecycle High-Level Risks Assessment think Security Risk Legal Obligations Assessment Assessment Risks Mitigation Plan Security Implementation Assistance Security build & deploy Reviews Security Penetration Tests operate Operational security & continuous improvement 35 Cloud Security – 12 Juin 2012 Orange Business Services
  • 36. CloudTrust : a tailored approach for secure cloud CloudTrust > per-service based > unified to the cloud-program > part of standard processes > bridge processes between BUs > risks/benefits based approach > cloud security architects > keep service definition >enhanced security value prop. > focuses on think/build/deploy > integrated operational security secure cloud services backed with highly reliable network connectivity with end-2-end SLAs 36 Cloud Security – 12 Juin 2012 Orange Business Services
  • 37. maintaining & enhancing trust in cloud services Global security oversight on changes Incident Admin & third-parties management access management CISSM Legal obligations Vulnerabilities Periodic security Management reviews & audits Cloud Information Systems Security Manager 37 Cloud Security – 12 Juin 2012 Orange Business Services
  • 38. end-2-end operational security CISSM cloud security architects • build security in right from the beginning • ensure continuous delivery model with smooth roll-out Orange Cloud Computing Services • global understanding and broad experience Flexible • leverage experiences and foster Computing Express Flexible new initiatives certifications Backup JCI ISO … 27K/20K • certified security professionals •active role in certifications activities and 27K ISMS • leverage processes to bolt security in private cloud • deliver telco-grade expertise to customer’s private cloud • tailored solutions for specific requirements 38 Cloud Security – 12 Juin 2012 Orange Business Services
  • 39. Flexible Computing Express CISSM Service Providers Business VPN Business Secure Virtual Data Center Galerie VPN LB DDoS VM VM VM VM Protection (6 zones) Internal Private WAN Remote sites 2-factors Logs Auth VM Templates Datacenters Security patches Antivirus Backup Business VPN VPN-SSL Console DDoS Protection Firewalling Automated VA scans IPVPN network connectivity ISAE 3402 datacenters (SAS 70 Type 2) 39 Cloud Security – 12 Juin 2012 Orange Business Services
  • 40. Flexible Computing Express standard security features V V V V vDC) Secure Virtual DataCenter (vDC) M M M M (6 • 6 dedicated/isolated VLANs zon es) • State-full firewalling (dedicated instance) • Load-balancing (dedicated instance) Secure management V V V V • VPN-SSL remote access M M M M (6 • web-based unified management (vDC, VLANs, FW, …) zone s) • Two-factors authentication • Access to firewall logs Security services zone V V V V M M M M • VM templates (Microsoft, Linux) • Security patches distribution servers • Antivirus signatures • Backup services 40 Cloud Security – 12 Juin 2012 Orange Business Services
  • 41. additional security services security services store security services •Hardened VM templates Secure Virtual Data Center •Vulnerability scans & compliance LB •Encrypted VM & volumes VM VM VM VM •IDS/IPS •Database security (6 zones) •… professional services 2-factors Logs Auth •Vulnerabilities management VM Templates Security patches •OS & Applications Management Antivirus •Security audits Backup VPN-SSL Console •Penetration testing •… 41 Cloud Security – 12 Juin 2012 Orange Business Services
  • 42. takeaways 42 Cloud Security – 12 Juin 2012 Orange Business Services
  • 43. blogs : the direct link with our security experts http://blogs.orange-business.com/connecting-technology/security/ http://blogs.orange-business.com/securite/ 43 Cloud Security – 12 Juin 2012 Orange Business Services
  • 44. continue the journey with us ! CSA EMEA Congress – 25-26th September 2012 - Amsterdam http://www.cloudsecuritycongress.com/ C&ESAR 2012 – 20-22th November – Rennes http://www.cesar-conference.org/ 44 Cloud Security – 12 Juin 2012 Orange Business Services
  • 46. Contacts Jean-François AUDENARD - Cloud Security Advisor - 01 44 37 61 91 – 06 74 79 67 12 - jeanfrancois.audenard@orange.com - twitter: @jeffman78 Philippe LANDEAU – Business Development – 01 55 54 42 36 - 06 82 59 52 36 – philippe.landeau@orange.com 46 Cloud Security – 12 Juin 2012 Orange Business Services