SlideShare une entreprise Scribd logo

New Solutions for Security and Compliance in the Cloud

Online Tech
Online Tech

This webinar reviews data security challenges in cloud environments as well as introduce new solutions for meeting security and compliance in virtualized and cloud infrastructure.

Technologie
1  sur  15
Télécharger pour lire hors ligne
vShield Data Security (vSDS) Overview June 14, 2011 Gargi Mitra Keeling, vShield Product Management Confidential © 2009 VMware Inc. All rights reserved
Agenda •Data Security Challenges in Cloud Environments •vShield Data Security Overview • Introducing vShield Data Security • How it works • Benefits •vCenter Configuration Manager Overview 2 Confidential
You probably already know this… Compliance and Governance Drive Data Security Regional Privacy Laws Regulatory Compliance Personal Health Personally Identifiable Cardholder Data (PCI) Information (PHI) Information (PII) Governance Intellectual Property Acceptable Use Customer Data Frameworks and Best Practices 3 Confidential
…and you’re probably already doing this… Secure Data on Physical Systems Data Loss / Leak E-Discovery Prevention (DLP) Data in Data at Data in Motion Rest Use Access Control Encryption 4 Confidential
…But these days, your data could be anywhere. Storage Array Local Disk (data on virtual disks) Physical (no virtualization, local disk or Cloud Storage storage array) (storage ‘blobs’) Cloud Deployment Models View / VDI – View / VDI – CIFS(data on file Linked Clones shares) (data on virtual disks) 5 Confidential
…And if you’re here today, you probably know this firsthand. Over 10.8 million virtual machines on SAN!! -- VMware Data explosion in the virtual data center! The number of virtual machines VMware View $3.63 Billion double every year revenue in 2011 -- Gartner – Wall Street 6 Confidential
Data Security for Virtual and Cloud Infrastructure There’s much to do But before you worry about applying all of this data security… …to your virtual environments… 7 Confidential
First things first. Do you know where your sensitive data is stored in virtual infrastructure and cloud environments? 8 Confidential
vShield Data Security Overview Coming Soon – September 2011 vShield 5.0 Release 9 Confidential
Introducing vShield Data Security (vSDS) Discovery of Sensitive Data in the Virtual Data Center PCI PHI PII Cardholder Data Personal Health Information Personally Identifiable Information 1 Define policies: Choose from built in templates for standards and regulations governing most common types of sensitive data • PII Personally Identifiable Information • PCI-DSS Payment Card Industry Standard • PHI Patient Health information Run Scans: Continuous scan of running virtual 2 machines to discover sensitive data in unstructured files, based on policy. Analyze Results: Generate actionable reports on 3 type and location of sensitive data, with virtualization context (logical containers, for example) 10 1 Confidential
vShield Data Security How it works vShield Endpoint virtual  Solution Components appliance for data security • vShield Endpoint Virtual Appliance (vSEP-VA) for data security (included) Powered by • Thin Agent in every guest virtual machine (included with VM Tools) • vShield Endpoint ESX hypervisor module per host  Features • Define policies, run scans, and analyze reports of discovered sensitive data throughout the vDC • Role-based access control for data security policies – definition, operation, report analysis 11
vShield Data Security Benefits  Visibility • Enable regulatory compliance within vDC with visibility into PCI, PII, PHI  Manageability • Deployment and operation optimized for virtual data centers  Proven Technology • RSA DLP deployed thousands of data centers • vShield Endpoint performance gains validated by 3rd parties 12
VMware vCenter Configuration Manager Configuration and Compliance Solution Overview 13
vCenter Configuration Manager Overview  Drive IT Compliance to lower risk • Ensure compliance with various industry and regulatory standards on a continuous basis • Quickly remediate problems  Mitigate outages through approved change processes • Detailed understanding and tracking of changes • Control change by following your Closed Loop Change Mgmt Process Harden your environment and reduce potential threats and breaches Compliance Through Unified Patching and Provisioning • Provision Linux, Windows and ESX images • Assess and Patch Windows, UNIX, MAC, etc  Control your virtual infrastructure • Fight VM Sprawl & Decommissioning Issues • Improved Virtual Troubleshooting • Single Pane of Glass 14
Manage & Measure Compliance Automated & Continuous Enterprise Compliance Posture  Deep Collection and Visibility SOX HIPAA FISMA • Virtual and Physical Machines • Desktops and Servers DISA GLBA ISO 27002 PCI • Spans a large array or OSs CIS NERC/  Built in compliance tool kits NIST PCI DSS FERC VMware • Regulatory Virtualization Hardening Guidelines • SOX, HIPAA, GLBA, FISMA, DISA, ISO 27002 • Industry CIS Benchmarks • PCI DSS • Security • NERC/FERC  CIS Certified Benchmarks • vSphere Hardening • VMware Best Practices  DISA NIST • CIS Benchmark  Security Hardening Guides  Vendor Specific Hardening Guidelines Dashboards provide “At-a-Glance” 15 health

Recommandé

Zenith Infotech Mirror Cloud Presentation. 112211
Zenith Infotech Mirror Cloud Presentation. 112211Zenith Infotech Mirror Cloud Presentation. 112211
Zenith Infotech Mirror Cloud Presentation. 112211
hdmchughgmailcom
 
Business Intelligence In Cloud Computing A Tokenization Approach Final
Business Intelligence In Cloud Computing A Tokenization Approach FinalBusiness Intelligence In Cloud Computing A Tokenization Approach Final
Business Intelligence In Cloud Computing A Tokenization Approach Final
Hossam Hassanien
 
Come gestire l'encryption dei dati con SKLM
Come gestire l'encryption dei dati con SKLMCome gestire l'encryption dei dati con SKLM
Come gestire l'encryption dei dati con SKLM
Luigi Perrone
 
Bloombase transparent at-rest data encryption security for Dell EqualLogic
Bloombase transparent at-rest data encryption security for Dell EqualLogic Bloombase transparent at-rest data encryption security for Dell EqualLogic
Bloombase transparent at-rest data encryption security for Dell EqualLogic
Bloombase
 
infraxstructure: Emil Gągała "Ludzie, procesy, technika – czy wirtualizacja ...
infraxstructure: Emil Gągała "Ludzie, procesy, technika – czy wirtualizacja ...infraxstructure: Emil Gągała "Ludzie, procesy, technika – czy wirtualizacja ...
infraxstructure: Emil Gągała "Ludzie, procesy, technika – czy wirtualizacja ...
PROIDEA
 
Private cloud day session 5 a solution for private cloud security
Private cloud day session 5 a solution for private cloud securityPrivate cloud day session 5 a solution for private cloud security
Private cloud day session 5 a solution for private cloud security
Microsoft TechNet - Belgium and Luxembourg
 
[Case Study ~ 2011] Baptist Hospitals of Southest Texas
[Case Study ~ 2011] Baptist Hospitals of Southest Texas[Case Study ~ 2011] Baptist Hospitals of Southest Texas
[Case Study ~ 2011] Baptist Hospitals of Southest Texas
Trend Micro
 
Vmware Seminar Security & Compliance for the cloud with Trend Micro
Vmware Seminar Security & Compliance for the cloud with Trend MicroVmware Seminar Security & Compliance for the cloud with Trend Micro
Vmware Seminar Security & Compliance for the cloud with Trend Micro
Graeme Wood
 

Recommandé

Zenith Infotech Mirror Cloud Presentation. 112211
Zenith Infotech Mirror Cloud Presentation. 112211Zenith Infotech Mirror Cloud Presentation. 112211
Zenith Infotech Mirror Cloud Presentation. 112211
hdmchughgmailcom
 
Business Intelligence In Cloud Computing A Tokenization Approach Final
Business Intelligence In Cloud Computing A Tokenization Approach FinalBusiness Intelligence In Cloud Computing A Tokenization Approach Final
Business Intelligence In Cloud Computing A Tokenization Approach Final
Hossam Hassanien
 
Come gestire l'encryption dei dati con SKLM
Come gestire l'encryption dei dati con SKLMCome gestire l'encryption dei dati con SKLM
Come gestire l'encryption dei dati con SKLM
Luigi Perrone
 
Bloombase transparent at-rest data encryption security for Dell EqualLogic
Bloombase transparent at-rest data encryption security for Dell EqualLogic Bloombase transparent at-rest data encryption security for Dell EqualLogic
Bloombase transparent at-rest data encryption security for Dell EqualLogic
Bloombase
 
infraxstructure: Emil Gągała "Ludzie, procesy, technika – czy wirtualizacja ...
infraxstructure: Emil Gągała "Ludzie, procesy, technika – czy wirtualizacja ...infraxstructure: Emil Gągała "Ludzie, procesy, technika – czy wirtualizacja ...
infraxstructure: Emil Gągała "Ludzie, procesy, technika – czy wirtualizacja ...
PROIDEA
 
Private cloud day session 5 a solution for private cloud security
Private cloud day session 5 a solution for private cloud securityPrivate cloud day session 5 a solution for private cloud security
Private cloud day session 5 a solution for private cloud security
Microsoft TechNet - Belgium and Luxembourg
 
[Case Study ~ 2011] Baptist Hospitals of Southest Texas
[Case Study ~ 2011] Baptist Hospitals of Southest Texas[Case Study ~ 2011] Baptist Hospitals of Southest Texas
[Case Study ~ 2011] Baptist Hospitals of Southest Texas
Trend Micro
 
Vmware Seminar Security & Compliance for the cloud with Trend Micro
Vmware Seminar Security & Compliance for the cloud with Trend MicroVmware Seminar Security & Compliance for the cloud with Trend Micro
Vmware Seminar Security & Compliance for the cloud with Trend Micro
Graeme Wood
 
Rightscale Webinar: PCI in Public Cloud
Rightscale Webinar: PCI in Public CloudRightscale Webinar: PCI in Public Cloud
Rightscale Webinar: PCI in Public Cloud
RightScale
 
Agentless backup is not a myth
Agentless backup is not a mythAgentless backup is not a myth
Agentless backup is not a myth
Global Micro Solutions
 
IBM Storwize V7000 Unified: Safeguarding your critical data
IBM Storwize V7000 Unified: Safeguarding your critical dataIBM Storwize V7000 Unified: Safeguarding your critical data
IBM Storwize V7000 Unified: Safeguarding your critical data
IBM India Smarter Computing
 
Symantec Introduces New Security Solutions to Counter Advanced Persistent Thr...
Symantec Introduces New Security Solutions to Counter Advanced Persistent Thr...Symantec Introduces New Security Solutions to Counter Advanced Persistent Thr...
Symantec Introduces New Security Solutions to Counter Advanced Persistent Thr...
Symantec
 
Document Security
Document SecurityDocument Security
Document Security
JohnTileyITQ
 
Security in the cloud planning guide
Security in the cloud planning guideSecurity in the cloud planning guide
Security in the cloud planning guide
Yury Chemerkin
 
The VDI InfoSec Conundrum
The VDI InfoSec ConundrumThe VDI InfoSec Conundrum
The VDI InfoSec Conundrum
VirtualTal
 
PCI-DSS Compliance in the Cloud
PCI-DSS Compliance in the CloudPCI-DSS Compliance in the Cloud
PCI-DSS Compliance in the Cloud
ControlCase
 
Dynamic access control sbc12 - thuan nguyen
Dynamic access control sbc12 - thuan nguyenDynamic access control sbc12 - thuan nguyen
Dynamic access control sbc12 - thuan nguyen
Thuan Ng
 
Security for v mware
Security for v mwareSecurity for v mware
Security for v mware
ReadWrite
 
Seguridad en SQL Azure Windows azure
Seguridad en SQL Azure Windows azureSeguridad en SQL Azure Windows azure
Seguridad en SQL Azure Windows azure
Eduardo Castro
 
Dell - Storage 12sept2012
Dell - Storage 12sept2012Dell - Storage 12sept2012
Dell - Storage 12sept2012
Agora Group
 
Security Lock Down Your Computer Like the National Security Agency (NSA)
Security Lock Down Your Computer Like the National Security Agency (NSA)Security Lock Down Your Computer Like the National Security Agency (NSA)
Security Lock Down Your Computer Like the National Security Agency (NSA)
José Ferreiro
 
Asigra Story
Asigra StoryAsigra Story
Asigra Story
AsigraCloudBackup
 
Remote Access Outgoing VDI Gateway
Remote Access Outgoing VDI GatewayRemote Access Outgoing VDI Gateway
Remote Access Outgoing VDI Gateway
ObserveIT
 
Cisco entel summit2010
Cisco entel summit2010Cisco entel summit2010
Cisco entel summit2010
Entel
 
Security and Privacy in the AWS Cloud - AWS India Summit 2012
Security and Privacy in the AWS Cloud - AWS India Summit 2012Security and Privacy in the AWS Cloud - AWS India Summit 2012
Security and Privacy in the AWS Cloud - AWS India Summit 2012
Amazon Web Services
 
Product Manual Momentus 7200 Rpm Fde
Product Manual Momentus 7200 Rpm FdeProduct Manual Momentus 7200 Rpm Fde
Product Manual Momentus 7200 Rpm Fde
harshadthakar
 
SafeNet DataSecure vs. Native SQL Server Encryption
SafeNet DataSecure vs. Native SQL Server EncryptionSafeNet DataSecure vs. Native SQL Server Encryption
SafeNet DataSecure vs. Native SQL Server Encryption
SafeNet
 
марко Safe net@rainbow-informzashita - februar 2012
марко Safe net@rainbow-informzashita - februar 2012марко Safe net@rainbow-informzashita - februar 2012
марко Safe net@rainbow-informzashita - februar 2012
Валерий Коржов
 
Vss Security And Compliance For The Cloud
Vss Security And Compliance For The CloudVss Security And Compliance For The Cloud
Vss Security And Compliance For The Cloud
Graeme Wood
 
Desktop as a Service DaaS in India by BSNL SIS
Desktop as a Service DaaS in India by BSNL SISDesktop as a Service DaaS in India by BSNL SIS
Desktop as a Service DaaS in India by BSNL SIS
SATYAVEER PAL
 

Contenu connexe

Tendances

Rightscale Webinar: PCI in Public Cloud
Rightscale Webinar: PCI in Public CloudRightscale Webinar: PCI in Public Cloud
Rightscale Webinar: PCI in Public Cloud
RightScale
 
Security in the cloud planning guide
Security in the cloud planning guideSecurity in the cloud planning guide
Security in the cloud planning guide
Yury Chemerkin
 
Dynamic access control sbc12 - thuan nguyen
Dynamic access control sbc12 - thuan nguyenDynamic access control sbc12 - thuan nguyen
Dynamic access control sbc12 - thuan nguyen
Thuan Ng
 
Security for v mware
Security for v mwareSecurity for v mware
Security for v mware
ReadWrite
 
Dell - Storage 12sept2012
Dell - Storage 12sept2012Dell - Storage 12sept2012
Dell - Storage 12sept2012
Agora Group
 
Product Manual Momentus 7200 Rpm Fde
Product Manual Momentus 7200 Rpm FdeProduct Manual Momentus 7200 Rpm Fde
Product Manual Momentus 7200 Rpm Fde
harshadthakar
 

Tendances (20)

Rightscale Webinar: PCI in Public Cloud
Rightscale Webinar: PCI in Public CloudRightscale Webinar: PCI in Public Cloud
Rightscale Webinar: PCI in Public Cloud
 
Agentless backup is not a myth
Agentless backup is not a mythAgentless backup is not a myth
Agentless backup is not a myth
 
IBM Storwize V7000 Unified: Safeguarding your critical data
IBM Storwize V7000 Unified: Safeguarding your critical dataIBM Storwize V7000 Unified: Safeguarding your critical data
IBM Storwize V7000 Unified: Safeguarding your critical data
 
Symantec Introduces New Security Solutions to Counter Advanced Persistent Thr...
Symantec Introduces New Security Solutions to Counter Advanced Persistent Thr...Symantec Introduces New Security Solutions to Counter Advanced Persistent Thr...
Symantec Introduces New Security Solutions to Counter Advanced Persistent Thr...
 
Document Security
Document SecurityDocument Security
Document Security
 
Security in the cloud planning guide
Security in the cloud planning guideSecurity in the cloud planning guide
Security in the cloud planning guide
 
The VDI InfoSec Conundrum
The VDI InfoSec ConundrumThe VDI InfoSec Conundrum
The VDI InfoSec Conundrum
 
PCI-DSS Compliance in the Cloud
PCI-DSS Compliance in the CloudPCI-DSS Compliance in the Cloud
PCI-DSS Compliance in the Cloud
 
Dynamic access control sbc12 - thuan nguyen
Dynamic access control sbc12 - thuan nguyenDynamic access control sbc12 - thuan nguyen
Dynamic access control sbc12 - thuan nguyen
 
Security for v mware
Security for v mwareSecurity for v mware
Security for v mware
 
Seguridad en SQL Azure Windows azure
Seguridad en SQL Azure Windows azureSeguridad en SQL Azure Windows azure
Seguridad en SQL Azure Windows azure
 
Dell - Storage 12sept2012
Dell - Storage 12sept2012Dell - Storage 12sept2012
Dell - Storage 12sept2012
 
Security Lock Down Your Computer Like the National Security Agency (NSA)
Security Lock Down Your Computer Like the National Security Agency (NSA)Security Lock Down Your Computer Like the National Security Agency (NSA)
Security Lock Down Your Computer Like the National Security Agency (NSA)
 
Asigra Story
Asigra StoryAsigra Story
Asigra Story
 
Remote Access Outgoing VDI Gateway
Remote Access Outgoing VDI GatewayRemote Access Outgoing VDI Gateway
Remote Access Outgoing VDI Gateway
 
Cisco entel summit2010
Cisco entel summit2010Cisco entel summit2010
Cisco entel summit2010
 
Security and Privacy in the AWS Cloud - AWS India Summit 2012
Security and Privacy in the AWS Cloud - AWS India Summit 2012Security and Privacy in the AWS Cloud - AWS India Summit 2012
Security and Privacy in the AWS Cloud - AWS India Summit 2012
 
Product Manual Momentus 7200 Rpm Fde
Product Manual Momentus 7200 Rpm FdeProduct Manual Momentus 7200 Rpm Fde
Product Manual Momentus 7200 Rpm Fde
 
SafeNet DataSecure vs. Native SQL Server Encryption
SafeNet DataSecure vs. Native SQL Server EncryptionSafeNet DataSecure vs. Native SQL Server Encryption
SafeNet DataSecure vs. Native SQL Server Encryption
 
марко Safe net@rainbow-informzashita - februar 2012
марко Safe net@rainbow-informzashita - februar 2012марко Safe net@rainbow-informzashita - februar 2012
марко Safe net@rainbow-informzashita - februar 2012
 

Similaire à New Solutions for Security and Compliance in the Cloud

Enterprise Security in Cloud
Enterprise Security in CloudEnterprise Security in Cloud
Enterprise Security in Cloud
Lenin Aboagye
 
Ppt security-database-overview-11g r2
Ppt security-database-overview-11g r2Ppt security-database-overview-11g r2
Ppt security-database-overview-11g r2
Oracle BH
 
Daniel künzli cloudgateway.next
Daniel künzli cloudgateway.nextDaniel künzli cloudgateway.next
Daniel künzli cloudgateway.next
Digicomp Academy AG
 
Will your cloud be compliant
Will your cloud be compliantWill your cloud be compliant
Will your cloud be compliant
Evgeniya Shumakher
 
Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1
Anindya Ghosh,
 
Unique Ways Veritas can Supercharge your AWS Investment - Session Sponsored b...
Unique Ways Veritas can Supercharge your AWS Investment - Session Sponsored b...Unique Ways Veritas can Supercharge your AWS Investment - Session Sponsored b...
Unique Ways Veritas can Supercharge your AWS Investment - Session Sponsored b...
Amazon Web Services
 
Data Power For Pci Webinar Aug 2012
Data Power For Pci Webinar Aug 2012Data Power For Pci Webinar Aug 2012
Data Power For Pci Webinar Aug 2012
gaborvodics
 
Windows 7 security enhancements
Windows 7 security enhancementsWindows 7 security enhancements
Windows 7 security enhancements
Narenda Wicaksono
 
Forecast 2012 Panel: Security POC NAB, Terremark, Trapezoid
Forecast 2012 Panel: Security POC NAB, Terremark, TrapezoidForecast 2012 Panel: Security POC NAB, Terremark, Trapezoid
Forecast 2012 Panel: Security POC NAB, Terremark, Trapezoid
Open Data Center Alliance
 
Kaspersky Labs - Hyperconverged Presentation.pptx
Kaspersky Labs - Hyperconverged Presentation.pptxKaspersky Labs - Hyperconverged Presentation.pptx
Kaspersky Labs - Hyperconverged Presentation.pptx
amalouwarda1
 

Similaire à New Solutions for Security and Compliance in the Cloud (20)

Vss Security And Compliance For The Cloud
Vss Security And Compliance For The CloudVss Security And Compliance For The Cloud
Vss Security And Compliance For The Cloud
 
Desktop as a Service DaaS in India by BSNL SIS
Desktop as a Service DaaS in India by BSNL SISDesktop as a Service DaaS in India by BSNL SIS
Desktop as a Service DaaS in India by BSNL SIS
 
Enterprise Security in Cloud
Enterprise Security in CloudEnterprise Security in Cloud
Enterprise Security in Cloud
 
Enterprise Security in Hybrid Cloud ISACA-SV 2012
Enterprise Security in Hybrid Cloud ISACA-SV 2012Enterprise Security in Hybrid Cloud ISACA-SV 2012
Enterprise Security in Hybrid Cloud ISACA-SV 2012
 
Ppt security-database-overview-11g r2
Ppt security-database-overview-11g r2Ppt security-database-overview-11g r2
Ppt security-database-overview-11g r2
 
RSA 2012 Virtualization Security February 2012
RSA 2012 Virtualization Security February 2012RSA 2012 Virtualization Security February 2012
RSA 2012 Virtualization Security February 2012
 
Daniel künzli cloudgateway.next
Daniel künzli cloudgateway.nextDaniel künzli cloudgateway.next
Daniel künzli cloudgateway.next
 
Will your cloud be compliant
Will your cloud be compliantWill your cloud be compliant
Will your cloud be compliant
 
Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1
 
Unique Ways Veritas can Supercharge your AWS Investment - Session Sponsored b...
Unique Ways Veritas can Supercharge your AWS Investment - Session Sponsored b...Unique Ways Veritas can Supercharge your AWS Investment - Session Sponsored b...
Unique Ways Veritas can Supercharge your AWS Investment - Session Sponsored b...
 
Data Power For Pci Webinar Aug 2012
Data Power For Pci Webinar Aug 2012Data Power For Pci Webinar Aug 2012
Data Power For Pci Webinar Aug 2012
 
Understanding the Cloud
Understanding the CloudUnderstanding the Cloud
Understanding the Cloud
 
Post-Quantum Security with NVIDIA DPUs and Morpheus
Post-Quantum Security with NVIDIA DPUs and MorpheusPost-Quantum Security with NVIDIA DPUs and Morpheus
Post-Quantum Security with NVIDIA DPUs and Morpheus
 
Virtual Desktop Infrastructure with Novell Endpoint Management Solutions
Virtual Desktop Infrastructure with Novell Endpoint Management SolutionsVirtual Desktop Infrastructure with Novell Endpoint Management Solutions
Virtual Desktop Infrastructure with Novell Endpoint Management Solutions
 
Windows 7 security enhancements
Windows 7 security enhancementsWindows 7 security enhancements
Windows 7 security enhancements
 
AWS Cloud Security From the Point of View of the Compliance
AWS Cloud Security From the Point of View of the ComplianceAWS Cloud Security From the Point of View of the Compliance
AWS Cloud Security From the Point of View of the Compliance
 
Rik Ferguson
Rik FergusonRik Ferguson
Rik Ferguson
 
Forecast 2012 Panel: Security POC NAB, Terremark, Trapezoid
Forecast 2012 Panel: Security POC NAB, Terremark, TrapezoidForecast 2012 Panel: Security POC NAB, Terremark, Trapezoid
Forecast 2012 Panel: Security POC NAB, Terremark, Trapezoid
 
Data Governance and Management in Cloud pak nam
Data Governance and Management in Cloud pak namData Governance and Management in Cloud pak nam
Data Governance and Management in Cloud pak nam
 
Kaspersky Labs - Hyperconverged Presentation.pptx
Kaspersky Labs - Hyperconverged Presentation.pptxKaspersky Labs - Hyperconverged Presentation.pptx
Kaspersky Labs - Hyperconverged Presentation.pptx
 

Plus de Online Tech

Legal implications of HIPAA, HITECH and BAAs
Legal implications of HIPAA, HITECH and BAAsLegal implications of HIPAA, HITECH and BAAs
Legal implications of HIPAA, HITECH and BAAs
Online Tech
 
Cloud Computing Disaster Recovery Framework
Cloud Computing Disaster Recovery FrameworkCloud Computing Disaster Recovery Framework
Cloud Computing Disaster Recovery Framework
Online Tech
 
HIPAA Compliance in the Cloud
HIPAA Compliance in the CloudHIPAA Compliance in the Cloud
HIPAA Compliance in the Cloud
Online Tech
 

Plus de Online Tech (6)

Legal implications of HIPAA, HITECH and BAAs
Legal implications of HIPAA, HITECH and BAAsLegal implications of HIPAA, HITECH and BAAs
Legal implications of HIPAA, HITECH and BAAs
 
Cloud Computing Disaster Recovery Framework
Cloud Computing Disaster Recovery FrameworkCloud Computing Disaster Recovery Framework
Cloud Computing Disaster Recovery Framework
 
HIPAA Compliance in the Cloud
HIPAA Compliance in the CloudHIPAA Compliance in the Cloud
HIPAA Compliance in the Cloud
 
Disaster Recovery in the Cloud -- A Failover Testing Case Study
Disaster Recovery in the Cloud -- A Failover Testing Case StudyDisaster Recovery in the Cloud -- A Failover Testing Case Study
Disaster Recovery in the Cloud -- A Failover Testing Case Study
 
Navigating the World of Cloud Computing
Navigating the World of Cloud ComputingNavigating the World of Cloud Computing
Navigating the World of Cloud Computing
 
Colocation Basics for Small to Medium Sized Businesses
Colocation Basics for Small to Medium Sized BusinessesColocation Basics for Small to Medium Sized Businesses
Colocation Basics for Small to Medium Sized Businesses
 

Dernier

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Principled Technologies
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 

Dernier (20)

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 

New Solutions for Security and Compliance in the Cloud

  • 1. vShield Data Security (vSDS) Overview June 14, 2011 Gargi Mitra Keeling, vShield Product Management Confidential © 2009 VMware Inc. All rights reserved
  • 2. Agenda •Data Security Challenges in Cloud Environments •vShield Data Security Overview • Introducing vShield Data Security • How it works • Benefits •vCenter Configuration Manager Overview 2 Confidential
  • 3. You probably already know this… Compliance and Governance Drive Data Security Regional Privacy Laws Regulatory Compliance Personal Health Personally Identifiable Cardholder Data (PCI) Information (PHI) Information (PII) Governance Intellectual Property Acceptable Use Customer Data Frameworks and Best Practices 3 Confidential
  • 4. …and you’re probably already doing this… Secure Data on Physical Systems Data Loss / Leak E-Discovery Prevention (DLP) Data in Data at Data in Motion Rest Use Access Control Encryption 4 Confidential
  • 5. …But these days, your data could be anywhere. Storage Array Local Disk (data on virtual disks) Physical (no virtualization, local disk or Cloud Storage storage array) (storage ‘blobs’) Cloud Deployment Models View / VDI – View / VDI – CIFS(data on file Linked Clones shares) (data on virtual disks) 5 Confidential
  • 6. …And if you’re here today, you probably know this firsthand. Over 10.8 million virtual machines on SAN!! -- VMware Data explosion in the virtual data center! The number of virtual machines VMware View $3.63 Billion double every year revenue in 2011 -- Gartner – Wall Street 6 Confidential
  • 7. Data Security for Virtual and Cloud Infrastructure There’s much to do But before you worry about applying all of this data security… …to your virtual environments… 7 Confidential
  • 8. First things first. Do you know where your sensitive data is stored in virtual infrastructure and cloud environments? 8 Confidential
  • 9. vShield Data Security Overview Coming Soon – September 2011 vShield 5.0 Release 9 Confidential
  • 10. Introducing vShield Data Security (vSDS) Discovery of Sensitive Data in the Virtual Data Center PCI PHI PII Cardholder Data Personal Health Information Personally Identifiable Information 1 Define policies: Choose from built in templates for standards and regulations governing most common types of sensitive data • PII Personally Identifiable Information • PCI-DSS Payment Card Industry Standard • PHI Patient Health information Run Scans: Continuous scan of running virtual 2 machines to discover sensitive data in unstructured files, based on policy. Analyze Results: Generate actionable reports on 3 type and location of sensitive data, with virtualization context (logical containers, for example) 10 1 Confidential
  • 11. vShield Data Security How it works vShield Endpoint virtual  Solution Components appliance for data security • vShield Endpoint Virtual Appliance (vSEP-VA) for data security (included) Powered by • Thin Agent in every guest virtual machine (included with VM Tools) • vShield Endpoint ESX hypervisor module per host  Features • Define policies, run scans, and analyze reports of discovered sensitive data throughout the vDC • Role-based access control for data security policies – definition, operation, report analysis 11
  • 12. vShield Data Security Benefits  Visibility • Enable regulatory compliance within vDC with visibility into PCI, PII, PHI  Manageability • Deployment and operation optimized for virtual data centers  Proven Technology • RSA DLP deployed thousands of data centers • vShield Endpoint performance gains validated by 3rd parties 12
  • 13. VMware vCenter Configuration Manager Configuration and Compliance Solution Overview 13
  • 14. vCenter Configuration Manager Overview  Drive IT Compliance to lower risk • Ensure compliance with various industry and regulatory standards on a continuous basis • Quickly remediate problems  Mitigate outages through approved change processes • Detailed understanding and tracking of changes • Control change by following your Closed Loop Change Mgmt Process Harden your environment and reduce potential threats and breaches Compliance Through Unified Patching and Provisioning • Provision Linux, Windows and ESX images • Assess and Patch Windows, UNIX, MAC, etc  Control your virtual infrastructure • Fight VM Sprawl & Decommissioning Issues • Improved Virtual Troubleshooting • Single Pane of Glass 14
  • 15. Manage & Measure Compliance Automated & Continuous Enterprise Compliance Posture  Deep Collection and Visibility SOX HIPAA FISMA • Virtual and Physical Machines • Desktops and Servers DISA GLBA ISO 27002 PCI • Spans a large array or OSs CIS NERC/  Built in compliance tool kits NIST PCI DSS FERC VMware • Regulatory Virtualization Hardening Guidelines • SOX, HIPAA, GLBA, FISMA, DISA, ISO 27002 • Industry CIS Benchmarks • PCI DSS • Security • NERC/FERC  CIS Certified Benchmarks • vSphere Hardening • VMware Best Practices  DISA NIST • CIS Benchmark  Security Hardening Guides  Vendor Specific Hardening Guidelines Dashboards provide “At-a-Glance” 15 health