SlideShare une entreprise Scribd logo

A Plan to Control and Protect Data in the Private and Public Cloud

Rochester Security Summit
Rochester Security Summit

Despite cloud computing’s maturation as an enterprise IT application or infrastructure option, IT management concerns persist, notably in the areas of security, IT governance, and business continuity. The speaker will focus on security and data governance issues regarding deployment of private, hybrid and public clouds, and offer a pragmatic plan for resolving these concerns. This plan navigates the tangle of security responsibilities between enterprises and cloud service providers to enable IT managers to leverage the economics and flexibility provided by cloud-based applications. The plan focuses on how companies can create secure spaces in the cloud and both protect and control data in those spaces. Todd Thiemann ,. Senior Director, Datacenter Products, Trend Micro, Inc. Todd Thiemann has been with Trend Micro for over eight years and is currently responsible for planning Trend Micro’s products and technologies designed to secure datacenter information including virtualization and cloud security, DLP, and encryption. Todd is also co-chair of the Cloud Security Alliance Solution Provider Forum. Todd holds a BS degree from Georgetown University and an MBA from the Anderson School of Business at the University of California, Los Angeles.

Technologie
1  sur  31
Télécharger pour lire hors ligne
Copyright 2009 Trend Micro Inc. 0 A Plan To Control and Protect Data in the Private and Public Cloud Todd Thiemann • Senior Director, Datacenter Security Trend Micro
Copyright 2009 Trend Micro Inc. Why virtualization & cloud matters Speed and Business Impact Expertise and Performance Cost Reduction 1) The Cloud Imperative… If by mid-year you have not developed and begun to execute upon an ambitious and enterprise-wide cloud strategy, then by year-end the odds are good you'll no longer be a CIO. “Global CIO: The Top 10 CIO Issues For 2010” InformationWeek, 21 December 2009
Copyright 2009 Trend Micro Inc. Virtualization & Cloud Have Management Attention Trend Micro Confidential10/12/2010 2 Source: “The 2010 Gartner Scenario: The Current State and Future Directions of the IT Industry”, Gartner 14 June 2010
Copyright 2009 Trend Micro Inc. Realized Benefits of Cloud Computing Enterprises Reducing Costs, Increases Agility Pharmaceutical R&D and The Cloud “Drug behemoth Eli Lilly and Co. …uses Amazon's Elastic Compute Cloud (EC2) for scientific collaboration and computations … because they empower many subsets of users.” SearchCIO.com, 30 July 2009 Public Cloud for Backup & Storage Using public cloud services, GE reduced backup costs by 40% to 60%, created reusable processes in a rapidly deployable model. Matt Merchant, General Electric (December 2009) Gartner Top 10 Strategic Technologies in 2010 “Cloud Computing. Organizations should think about how to approach the cloud in terms of using cloud services, developing cloud-based applications and implementing private cloud environments.” SearchCIO.com, 22 October 2009 Cloud Computing & Security “CISOs and Security Architects: Don't let operations-led projects lower your security profile. Engage in a discussion of the issues now, not after the fact.” Neil MacDonald, Gartner (Gartner Data Center Conference, December 2009)
Copyright 2009 Trend Micro Inc. 4 Security and privacy were the foremost concerns by far, with a weighted score higher than the next three (performance, immaturity and regulatory compliance) combined. Gartner (April 2010) Security: the #1 Cloud Challenge Classification 10/12/2010
Copyright 2009 Trend Micro Inc. 15% 30% 70% 85% Phase 1 Consolidation DC Consolidation - Non-mission critical base applications - Standardized hypervisor - Simple VM Management Public and private cloud - Multi-hypervisor -Virtualized storage -Multi-tenancy -Workload Management -Dedicate or Burst to public Phase 3 Private > Public Cloud Mission critical applications & Endpoint Control - Performance becomes critical -API and advanced management use VDI sampling -Enhanced Compliance controls Servers Desktops Phase 2 Expansion & Desktop “Typical” Customer Virtualization Evolution
Copyright 2009 Trend Micro Inc. The Evolving Datacenter Lowering Costs, Increasing Flexibility Classification 10/12/2010 6 Physical Private Cloud Public Cloud Virtual Outsourced •Metered •Shared Resources •Data Mobility Consolidation •Cost Center •Single Hypervisor •Data per AppTraditional Datacenter Multi-Tennant •Charge Back •Multi-Hypervisor •Data Sharing Infrastructure Security and Data Protection must keep up with Cloud Evolution
Copyright 2009 Trend Micro Inc. 7 Phase 1 Security Challenge Perimeter-only (“Outside-in”) approach together with rapid virtualization have created less secure application environments Through 2012, 60% of virtualized servers will be less secure than the physical servers they replace. “Addressing the Most Common Security Risks in Data Center Virtualization Projects” Gartner, 25 January 2010
Copyright 2009 Trend Micro Inc. Phase I: The virtual datacenter is very dynamic ! 8 Hypervisor Inter-VM attacks PCI Mobility Cloud Computing New Challenges Require a New Security Architecture
Copyright 2009 Trend Micro Inc. Virtual Machines Need Specialized Protection Same threats in virtualized servers as physical. New challenges: 1. Instand-on/Dormant VMs 2. Resource contention 3. VM Sprawl 4. Inter-VM traffic 5. vMotion      9
Copyright 2009 Trend Micro Inc. Virtualization Security Foundation “Secure the workload” App3 OS3 VM3 App1 OS1 VM1 Hypervisor VM & Network Security Integration Self-secured workload App FW, IPS, AV…
Copyright 2009 Trend Micro Inc. Customers most common Phase I concern: Instant-on or unmanged VMs & Patching • Determines missing patches and existing vulnerabilities – Operating System – Common desktop applications • Recommends set of lightweight, fast-to-deploy filters – Virtually patches the vulnerabilities – Zero-Day protection – Reports on attempts to exploit vulnerabilities • Removes filters as soon as the patch is deployed Virtual patch endpoints until patch is ready Without exposing them to exploits
Copyright 2009 Trend Micro Inc. “Inside-out” Protection Model for Physical, Virtual and Cloud Computing “De-Militarized Zone” (DMZ) Mission Critical Servers Business Servers FirewallIPS Firewall NIPSIPS Firewall File Integrity Monitoring Log Inspection IDS / IPS Trend Micro Deep Security Provides A Secure Container for Applications and Data
Copyright 2009 Trend Micro Inc. 15% 30% 70% 85% Stage 1 Consolidation DC Consolidation - Non-mission critical base applications - Standardized hypervisor - Simple VM Management Stage 2 Expansion & Desktop Mission critical applications & Endpoint Control - Performance becomes critical -API and advanced management use VDI sampling -Enhanced Compliance controls Servers Desktops Hybrid and selected public cloud - Multi-hypervisor -Virtualized storage -Workload Management -Burst to public Stage 3 Private > Public Cloud GET TECHIE “Typical” Customer Virtualization Evolution
Copyright 2009 Trend Micro Inc. 14 Phase 2: Security Challenge ”Virtually unaware” traditional security architectures eliminate the benefits of VDI and virtualized mission-critical applications
Copyright 2009 Trend Micro Inc. Phase II Server Performance 15 App OS ESX Server App OS App OS VMsafe APIs Security VM Firewall IDS / IPS Anti-Virus Integrity Monitoring • Protect the VM by inspection of virtual components • Unprecedented security for the app & data inside the VM • Complete integration with, and awareness of, vMotion, Storage VMotion, HA, etc.
Copyright 2009 Trend Micro Inc. Phase II: Securing virtual desktops (VDI) • Malware risk potential: Identical to physical desktops – Same operating systems – Same software – Same vulnerabilities – Same user activities => Same risk of exposing corporate and sensitive data • New challenges, unique to VDI: – Identify endpoints virtualization status – Manage resource contention • CPU • Storage IOPs • Network
Copyright 2009 Trend Micro Inc. • The “9-AM problem” – Multiple users log in and download updates at the same time • “AV-Storms”, Scheduled scans – Adds significant load to the endpoint – Multiplied by number of VMs Cumulative system load Existing Endpoint Security Induces Resource Contention and Limits Desktop Virtualization Benefits Phase II: IT Environment Changes Challenge: Resource Contention with VDI
Copyright 2009 Trend Micro Inc. Phase II Security has to have VDI-Intelligence • Detects whether endpoints are physical or virtual – With VMware View – With Citrix XenDesktop • Serialize updates and scans per VDI-host – Controls the number of concurrent scans and updates per VDI host – Maintains availability and performance of the VDI host – Faster than concurrent approach • Leverages Base-Images to further shorten scan times – Pre-scans and white-lists VDI base-images – Prevents duplicate scanning of unchanged files on a VDI host – Further reduces impact on the VDI host • Can be done agentlessly as well
Copyright 2009 Trend Micro Inc. Summary of Phase II Solutions • Light and lean agents when deep visibility is required – Using cloud-client architecture • Agent-less option for application & server performance – Using virtualization APIs • Architecture optimizes performance across entire infrastructure – Processes are “virtually-aware” across CPU, network, and storage Trend Micro Confidential10/12/2010 19
Copyright 2009 Trend Micro Inc. 15% 30% 70% 85% Phase 1 Consolidation DC Consolidation - Non-mission critical base applications - Standardized hypervisor - Simple VM Management Phase 2 Expansion & Desktop Mission critical applications & Endpoint Control - Performance becomes critical -API and advanced management use VDI sampling -Enhanced Compliance controls Servers Desktops Hybrid and selected public cloud - Multi-hypervisor -Virtualized storage -Workload Management -Burst to public Phase 3 Private > Public Cloud GET TECHIE “Typical” Customer Virtualization Evolution
Copyright 2009 Trend Micro Inc. Phase III: Virtualized Storage and Multi-tenancy Creates Data Protection Nightmares Classification 10/12/2010 21 Perimeter Public and Private CloudDatacenter Strong perimeter security No shared CPU No shared network No shared storage Weak perimeter security Shared CPU Shared network Shared storage Traditional “outside-in” approach is inadequate in an “inside-out” cloud world full of strangers Hypervisor Company1 App2 App1 App3 App1 App2 App3 App4 App5 Appn Company2 Company3 Company4 Company5 Companyn Hypervisor …
Copyright 2009 Trend Micro Inc. 22 Phase 3: Security Challenge How do I protect data in a virtualized and multi- tenant storage environment (private, hybrid, or public cloud) ?
Copyright 2009 Trend Micro Inc. Who Has Control? Servers Virtualization & Private Cloud Public Cloud PaaS Public Cloud IaaS End-User (Enterprise) Service Provider Public Cloud SaaS 23Trend Micro Confidential 10/12/2010
Copyright 2009 Trend Micro Inc. Amazon Web Services™ Customer Agreement 24 7.2. Security. We strive to keep Your Content secure, but cannot guarantee that we will be successful at doing so, given the nature of the Internet. Accordingly, without limitation to Section 4.3 above and Section 11.5 below, you acknowledge that you bear sole responsibility for adequate security, protection and backup of Your Content and Applications. We strongly encourage you, where available and appropriate, to (a) use encryption technology to protect Your Content from unauthorized access, (b) routinely archive Your Content, and (c) keep your Applications or any software that you use or run with our Services current with the latest security patches or updates. We will have no liability to you for any unauthorized access or use, corruption, deletion, destruction or loss of any of Your Content or Applications. http://aws.amazon.com/agreement/#7 (3 March 2010) The cloud customer has responsibility for security and needs to plan for protection. Trend Micro Confidential10/12/2010
Copyright 2009 Trend Micro Inc. SecureCloud: Enterprise Controlled Data Protection for the Cloud 25 Patent pending Trend Micro technology enables enterprises to retain control of data in the cloud Trend Micro Confidential10/12/2010 25
Copyright 2009 Trend Micro Inc. 26 All Phases: Architecture Security Challenge How do I bring it all together in a manageable way across virtualized, private and public cloud environments?
Copyright 2009 Trend Micro Inc. A New Security Architecture For A New Era All environments should be considered un-trusted Users access app Image ensures data is always encrypted and managed Host defends itself from attack Encrypted Data Encryption keys controlled by you DC1, LAN 1 Cloud 2, LAN 1 Data Cloud 1, LAN 2 DC2, LAN 2 Data Public CloudDatacenter Data Trend Micro Confidential10/12/2010 27 Benefits •Facilitates movement between datacenter & cloud •Delivers security compliance through encryption •Enables portability between service providers •Ensures private data in public cloud
Copyright 2009 Trend Micro Inc. Your data center is changing, have your security strategies changed accordingly? 1. Improve Server Defenses (supplement with IDS/IPS, FW, Application security) - Implement full audit and monitoring of virtualized environments 2. Leverage Vmware VMsafe-based and vShield Endpoint- based solutions for higher levels of security with simpler operations 3. Add virtualization-aware agents where needed 4. Ensure security solution is future-proofed for the private, public and hybrid cloud Classification 10/12/2010 28 Security Best Practices Recap
Copyright 2009 Trend Micro Inc. Thank You
Copyright 2009 Trend Micro Inc. Cloud Computing Compromises Salesforce.com security breached. Repeatedly hacked (Washington Post) Amazon EC2 customer Bitbucket taken offline by Distributed Denial of Service attack (The Register) Oct 2009: Google Gmail hacked by attacks originating in China (Financial Times) Jan 2010: Oct 2007: 30 Enterprise security challenges continue in the cloud

Recommandé

Cw13 securing your journey to the cloud by rami naccache-trend micro
Cw13 securing your journey to the cloud by rami naccache-trend microCw13 securing your journey to the cloud by rami naccache-trend micro
Cw13 securing your journey to the cloud by rami naccache-trend microTheInevitableCloud
 
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performanceDeepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performanceUNIT4 IT Solutions
 
Effectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing ParadigmEffectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing Paradigmfanc1985
 
Vmug birmingham mar2013 trendmicro
Vmug birmingham mar2013 trendmicroVmug birmingham mar2013 trendmicro
Vmug birmingham mar2013 trendmicrodvmug1
 
Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...
Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...
Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...white paper
 
TechNet Event: August 2011 Private Cloud
TechNet Event: August 2011 Private CloudTechNet Event: August 2011 Private Cloud
TechNet Event: August 2011 Private CloudHarold Wong
 
Best practices for Vblock Monitoring with FusionStorm and Nimsoft
Best practices for Vblock Monitoring with FusionStorm and NimsoftBest practices for Vblock Monitoring with FusionStorm and Nimsoft
Best practices for Vblock Monitoring with FusionStorm and NimsoftCA Nimsoft
 
Cloud Security Strategy
Cloud Security StrategyCloud Security Strategy
Cloud Security StrategyCapgemini
 

Recommandé

Cw13 securing your journey to the cloud by rami naccache-trend micro
Cw13 securing your journey to the cloud by rami naccache-trend microCw13 securing your journey to the cloud by rami naccache-trend micro
Cw13 securing your journey to the cloud by rami naccache-trend microTheInevitableCloud
 
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performanceDeepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performanceUNIT4 IT Solutions
 
Effectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing ParadigmEffectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing Paradigmfanc1985
 
Vmug birmingham mar2013 trendmicro
Vmug birmingham mar2013 trendmicroVmug birmingham mar2013 trendmicro
Vmug birmingham mar2013 trendmicrodvmug1
 
Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...
Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...
Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...white paper
 
TechNet Event: August 2011 Private Cloud
TechNet Event: August 2011 Private CloudTechNet Event: August 2011 Private Cloud
TechNet Event: August 2011 Private CloudHarold Wong
 
Best practices for Vblock Monitoring with FusionStorm and Nimsoft
Best practices for Vblock Monitoring with FusionStorm and NimsoftBest practices for Vblock Monitoring with FusionStorm and Nimsoft
Best practices for Vblock Monitoring with FusionStorm and NimsoftCA Nimsoft
 
Cloud Security Strategy
Cloud Security StrategyCloud Security Strategy
Cloud Security StrategyCapgemini
 
Cloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingCloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingJim Geovedi
 
Security issue in cloud by himanshu tiwari
Security issue in cloud by himanshu tiwariSecurity issue in cloud by himanshu tiwari
Security issue in cloud by himanshu tiwaribhanu krishna
 
Cloud security design considerations
Cloud security design considerationsCloud security design considerations
Cloud security design considerationsMike Kavis
 
V mware view
V mware viewV mware view
V mware viewSistemi Qualità
 
Cloud Computing Risk Management (IIA Webinar)
Cloud Computing Risk Management (IIA Webinar)Cloud Computing Risk Management (IIA Webinar)
Cloud Computing Risk Management (IIA Webinar)Brian K. Dickard
 
Cloud Computing: Architecture, IT Security and Operational Perspectives
Cloud Computing: Architecture, IT Security and Operational PerspectivesCloud Computing: Architecture, IT Security and Operational Perspectives
Cloud Computing: Architecture, IT Security and Operational PerspectivesMegan Eskey
 
Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26
Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26
Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26TT L
 
Trend Micro: Security Challenges and Solutions for the Cloud (Saas) & Cloud S...
Trend Micro: Security Challenges and Solutions for the Cloud (Saas) & Cloud S...Trend Micro: Security Challenges and Solutions for the Cloud (Saas) & Cloud S...
Trend Micro: Security Challenges and Solutions for the Cloud (Saas) & Cloud S...Ingram Micro Cloud
 
IT Pros and The Cloud
IT Pros and The CloudIT Pros and The Cloud
IT Pros and The CloudStephen Rose
 
ConsoleWorks ITFM for VMware
ConsoleWorks ITFM for VMwareConsoleWorks ITFM for VMware
ConsoleWorks ITFM for VMwareTvkearns
 
Disaster recovery with cloud computing
Disaster recovery with cloud computingDisaster recovery with cloud computing
Disaster recovery with cloud computingIsrael Roy Sambu
 
Presentation security build for v mware
Presentation security build for v mwarePresentation security build for v mware
Presentation security build for v mwaresolarisyourep
 
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...HyTrust
 
Cloud Computing for Disaster Recovery
Cloud Computing for Disaster RecoveryCloud Computing for Disaster Recovery
Cloud Computing for Disaster RecoveryJojo Colina
 
Security in a Virtualised Computing
Security in a Virtualised ComputingSecurity in a Virtualised Computing
Security in a Virtualised ComputingIOSR Journals
 
Virtual machine security
Virtual machine securityVirtual machine security
Virtual machine securityJacob Zvirikuzhe
 
Cloud computing security
Cloud computing securityCloud computing security
Cloud computing securityAung Thu Rha Hein
 
Xen client4.5 customer-presentation-2012-12-28
Xen client4.5 customer-presentation-2012-12-28Xen client4.5 customer-presentation-2012-12-28
Xen client4.5 customer-presentation-2012-12-28Nuno Alves
 
IDC it security dc_transformation_roadshow2012
IDC it security dc_transformation_roadshow2012IDC it security dc_transformation_roadshow2012
IDC it security dc_transformation_roadshow2012Uni Systems S.M.S.A.
 
Vmug birmingham mar2013 trendmicro
Vmug birmingham mar2013 trendmicroVmug birmingham mar2013 trendmicro
Vmug birmingham mar2013 trendmicrodvmug1
 
Disaster Recovery Solutions
Disaster Recovery SolutionsDisaster Recovery Solutions
Disaster Recovery SolutionsManuel Daza
 
Datacenter 2014: Trend Micro - Bill MCGee
Datacenter 2014: Trend Micro - Bill MCGeeDatacenter 2014: Trend Micro - Bill MCGee
Datacenter 2014: Trend Micro - Bill MCGeeMediehuset Ingeniøren Live
 

Contenu connexe

Tendances

Cloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingCloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingJim Geovedi
 
Security issue in cloud by himanshu tiwari
Security issue in cloud by himanshu tiwariSecurity issue in cloud by himanshu tiwari
Security issue in cloud by himanshu tiwaribhanu krishna
 
Cloud security design considerations
Cloud security design considerationsCloud security design considerations
Cloud security design considerationsMike Kavis
 
Cloud Computing Risk Management (IIA Webinar)
Cloud Computing Risk Management (IIA Webinar)Cloud Computing Risk Management (IIA Webinar)
Cloud Computing Risk Management (IIA Webinar)Brian K. Dickard
 
Cloud Computing: Architecture, IT Security and Operational Perspectives
Cloud Computing: Architecture, IT Security and Operational PerspectivesCloud Computing: Architecture, IT Security and Operational Perspectives
Cloud Computing: Architecture, IT Security and Operational PerspectivesMegan Eskey
 
Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26
Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26
Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26TT L
 
Trend Micro: Security Challenges and Solutions for the Cloud (Saas) & Cloud S...
Trend Micro: Security Challenges and Solutions for the Cloud (Saas) & Cloud S...Trend Micro: Security Challenges and Solutions for the Cloud (Saas) & Cloud S...
Trend Micro: Security Challenges and Solutions for the Cloud (Saas) & Cloud S...Ingram Micro Cloud
 
IT Pros and The Cloud
IT Pros and The CloudIT Pros and The Cloud
IT Pros and The CloudStephen Rose
 
ConsoleWorks ITFM for VMware
ConsoleWorks ITFM for VMwareConsoleWorks ITFM for VMware
ConsoleWorks ITFM for VMwareTvkearns
 
Disaster recovery with cloud computing
Disaster recovery with cloud computingDisaster recovery with cloud computing
Disaster recovery with cloud computingIsrael Roy Sambu
 
Presentation security build for v mware
Presentation security build for v mwarePresentation security build for v mware
Presentation security build for v mwaresolarisyourep
 
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...HyTrust
 
Cloud Computing for Disaster Recovery
Cloud Computing for Disaster RecoveryCloud Computing for Disaster Recovery
Cloud Computing for Disaster RecoveryJojo Colina
 
Security in a Virtualised Computing
Security in a Virtualised ComputingSecurity in a Virtualised Computing
Security in a Virtualised ComputingIOSR Journals
 
Xen client4.5 customer-presentation-2012-12-28
Xen client4.5 customer-presentation-2012-12-28Xen client4.5 customer-presentation-2012-12-28
Xen client4.5 customer-presentation-2012-12-28Nuno Alves
 
IDC it security dc_transformation_roadshow2012
IDC it security dc_transformation_roadshow2012IDC it security dc_transformation_roadshow2012
IDC it security dc_transformation_roadshow2012Uni Systems S.M.S.A.
 

Tendances (19)

Cloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingCloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud Computing
 
Security issue in cloud by himanshu tiwari
Security issue in cloud by himanshu tiwariSecurity issue in cloud by himanshu tiwari
Security issue in cloud by himanshu tiwari
 
Cloud security design considerations
Cloud security design considerationsCloud security design considerations
Cloud security design considerations
 
V mware view
V mware viewV mware view
V mware view
 
Cloud Computing Risk Management (IIA Webinar)
Cloud Computing Risk Management (IIA Webinar)Cloud Computing Risk Management (IIA Webinar)
Cloud Computing Risk Management (IIA Webinar)
 
Cloud Computing: Architecture, IT Security and Operational Perspectives
Cloud Computing: Architecture, IT Security and Operational PerspectivesCloud Computing: Architecture, IT Security and Operational Perspectives
Cloud Computing: Architecture, IT Security and Operational Perspectives
 
Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26
Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26
Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26
 
Trend Micro: Security Challenges and Solutions for the Cloud (Saas) & Cloud S...
Trend Micro: Security Challenges and Solutions for the Cloud (Saas) & Cloud S...Trend Micro: Security Challenges and Solutions for the Cloud (Saas) & Cloud S...
Trend Micro: Security Challenges and Solutions for the Cloud (Saas) & Cloud S...
 
IT Pros and The Cloud
IT Pros and The CloudIT Pros and The Cloud
IT Pros and The Cloud
 
ConsoleWorks ITFM for VMware
ConsoleWorks ITFM for VMwareConsoleWorks ITFM for VMware
ConsoleWorks ITFM for VMware
 
Disaster recovery with cloud computing
Disaster recovery with cloud computingDisaster recovery with cloud computing
Disaster recovery with cloud computing
 
Presentation security build for v mware
Presentation security build for v mwarePresentation security build for v mware
Presentation security build for v mware
 
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
 
Cloud Computing for Disaster Recovery
Cloud Computing for Disaster RecoveryCloud Computing for Disaster Recovery
Cloud Computing for Disaster Recovery
 
Security in a Virtualised Computing
Security in a Virtualised ComputingSecurity in a Virtualised Computing
Security in a Virtualised Computing
 
Virtual machine security
Virtual machine securityVirtual machine security
Virtual machine security
 
Cloud computing security
Cloud computing securityCloud computing security
Cloud computing security
 
Xen client4.5 customer-presentation-2012-12-28
Xen client4.5 customer-presentation-2012-12-28Xen client4.5 customer-presentation-2012-12-28
Xen client4.5 customer-presentation-2012-12-28
 
IDC it security dc_transformation_roadshow2012
IDC it security dc_transformation_roadshow2012IDC it security dc_transformation_roadshow2012
IDC it security dc_transformation_roadshow2012
 

Similaire à A Plan to Control and Protect Data in the Private and Public Cloud

Vmug birmingham mar2013 trendmicro
Vmug birmingham mar2013 trendmicroVmug birmingham mar2013 trendmicro
Vmug birmingham mar2013 trendmicrodvmug1
 
Disaster Recovery Solutions
Disaster Recovery SolutionsDisaster Recovery Solutions
Disaster Recovery SolutionsManuel Daza
 
Presentation cloud security the grand challenge
Presentation cloud security the grand challengePresentation cloud security the grand challenge
Presentation cloud security the grand challengexKinAnx
 
BT Cloud Enterprise Service Store - Rob Rowlingson
BT Cloud Enterprise Service Store - Rob RowlingsonBT Cloud Enterprise Service Store - Rob Rowlingson
BT Cloud Enterprise Service Store - Rob RowlingsonDigital Catapult
 
L105704 ibm-cloud-private-z-cairo-v1902a
L105704 ibm-cloud-private-z-cairo-v1902aL105704 ibm-cloud-private-z-cairo-v1902a
L105704 ibm-cloud-private-z-cairo-v1902aTony Pearson
 
VMworld 2014: Virtualization 101
VMworld 2014: Virtualization 101VMworld 2014: Virtualization 101
VMworld 2014: Virtualization 101VMworld
 
TrendMicro - Security Designed for the Software-Defined Data Center
TrendMicro - Security Designed for the Software-Defined Data CenterTrendMicro - Security Designed for the Software-Defined Data Center
TrendMicro - Security Designed for the Software-Defined Data CenterVMUG IT
 
Security in Cloud Computing
Security in Cloud ComputingSecurity in Cloud Computing
Security in Cloud ComputingAshish Patel
 
Cloud Security: What you need to know about IBM SmartCloud Security
Cloud Security: What you need to know about IBM SmartCloud SecurityCloud Security: What you need to know about IBM SmartCloud Security
Cloud Security: What you need to know about IBM SmartCloud SecurityIBM Security
 
Wmware Joe Baguley - enabling it as a service - emc-forum 2013
Wmware Joe Baguley - enabling it as a service - emc-forum 2013Wmware Joe Baguley - enabling it as a service - emc-forum 2013
Wmware Joe Baguley - enabling it as a service - emc-forum 2013EMC Nederland
 
Tech equity - Cloud presentation
Tech equity - Cloud presentationTech equity - Cloud presentation
Tech equity - Cloud presentationAdrian Hall
 
The why of a cloud ppt
The why of a cloud pptThe why of a cloud ppt
The why of a cloud pptSana Nasar
 
glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)
glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)
glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)Glenn Ambler
 
Cloud Computing Introduction
Cloud Computing IntroductionCloud Computing Introduction
Cloud Computing IntroductionCraig Dickson
 
Segurdad de red para la generacion de la nube symantec
Segurdad de red para la generacion de la nube symantecSegurdad de red para la generacion de la nube symantec
Segurdad de red para la generacion de la nube symantecCSA Argentina
 

Similaire à A Plan to Control and Protect Data in the Private and Public Cloud (20)

Vmug birmingham mar2013 trendmicro
Vmug birmingham mar2013 trendmicroVmug birmingham mar2013 trendmicro
Vmug birmingham mar2013 trendmicro
 
Disaster Recovery Solutions
Disaster Recovery SolutionsDisaster Recovery Solutions
Disaster Recovery Solutions
 
Datacenter 2014: Trend Micro - Bill MCGee
Datacenter 2014: Trend Micro - Bill MCGeeDatacenter 2014: Trend Micro - Bill MCGee
Datacenter 2014: Trend Micro - Bill MCGee
 
Presentation cloud security the grand challenge
Presentation cloud security the grand challengePresentation cloud security the grand challenge
Presentation cloud security the grand challenge
 
BT Cloud Enterprise Service Store - Rob Rowlingson
BT Cloud Enterprise Service Store - Rob RowlingsonBT Cloud Enterprise Service Store - Rob Rowlingson
BT Cloud Enterprise Service Store - Rob Rowlingson
 
L105704 ibm-cloud-private-z-cairo-v1902a
L105704 ibm-cloud-private-z-cairo-v1902aL105704 ibm-cloud-private-z-cairo-v1902a
L105704 ibm-cloud-private-z-cairo-v1902a
 
VMworld 2014: Virtualization 101
VMworld 2014: Virtualization 101VMworld 2014: Virtualization 101
VMworld 2014: Virtualization 101
 
TrendMicro - Security Designed for the Software-Defined Data Center
TrendMicro - Security Designed for the Software-Defined Data CenterTrendMicro - Security Designed for the Software-Defined Data Center
TrendMicro - Security Designed for the Software-Defined Data Center
 
Vr storm cips_03nov2010
Vr storm cips_03nov2010Vr storm cips_03nov2010
Vr storm cips_03nov2010
 
Security in Cloud Computing
Security in Cloud ComputingSecurity in Cloud Computing
Security in Cloud Computing
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
Cloud Security: What you need to know about IBM SmartCloud Security
Cloud Security: What you need to know about IBM SmartCloud SecurityCloud Security: What you need to know about IBM SmartCloud Security
Cloud Security: What you need to know about IBM SmartCloud Security
 
Wmware Joe Baguley - enabling it as a service - emc-forum 2013
Wmware Joe Baguley - enabling it as a service - emc-forum 2013Wmware Joe Baguley - enabling it as a service - emc-forum 2013
Wmware Joe Baguley - enabling it as a service - emc-forum 2013
 
Rik Ferguson
Rik FergusonRik Ferguson
Rik Ferguson
 
Tech equity - Cloud presentation
Tech equity - Cloud presentationTech equity - Cloud presentation
Tech equity - Cloud presentation
 
The why of a cloud ppt
The why of a cloud pptThe why of a cloud ppt
The why of a cloud ppt
 
glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)
glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)
glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)
 
Cloud Computing Introduction
Cloud Computing IntroductionCloud Computing Introduction
Cloud Computing Introduction
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
Segurdad de red para la generacion de la nube symantec
Segurdad de red para la generacion de la nube symantecSegurdad de red para la generacion de la nube symantec
Segurdad de red para la generacion de la nube symantec
 

Plus de Rochester Security Summit

Dealing with Web Application Security, Regulation Style
Dealing with Web Application Security, Regulation StyleDealing with Web Application Security, Regulation Style
Dealing with Web Application Security, Regulation StyleRochester Security Summit
 
Maximizing ROI through Security Training (for Developers)
Maximizing ROI through Security Training (for Developers)Maximizing ROI through Security Training (for Developers)
Maximizing ROI through Security Training (for Developers)Rochester Security Summit
 
State Data Breach Laws - A National Patchwork Quilt
State Data Breach Laws - A National Patchwork QuiltState Data Breach Laws - A National Patchwork Quilt
State Data Breach Laws - A National Patchwork QuiltRochester Security Summit
 
You Know You Need PCI Compliance Help When…
You Know You Need PCI Compliance Help When…You Know You Need PCI Compliance Help When…
You Know You Need PCI Compliance Help When…Rochester Security Summit
 
A Security Testing Methodology that Fits Every IT Budget
A Security Testing Methodology that Fits Every IT BudgetA Security Testing Methodology that Fits Every IT Budget
A Security Testing Methodology that Fits Every IT BudgetRochester Security Summit
 
Business Impact and Risk Assessments in Business Continuity and Disaster Reco...
Business Impact and Risk Assessments in Business Continuity and Disaster Reco...Business Impact and Risk Assessments in Business Continuity and Disaster Reco...
Business Impact and Risk Assessments in Business Continuity and Disaster Reco...Rochester Security Summit
 

Plus de Rochester Security Summit (16)

IPv6 Can No Longer Be Ignored
IPv6 Can No Longer Be IgnoredIPv6 Can No Longer Be Ignored
IPv6 Can No Longer Be Ignored
 
Radio Reconnaissance in Penetration Testing
Radio Reconnaissance in Penetration TestingRadio Reconnaissance in Penetration Testing
Radio Reconnaissance in Penetration Testing
 
Real Business Threats!
Real Business Threats!Real Business Threats!
Real Business Threats!
 
Dealing with Web Application Security, Regulation Style
Dealing with Web Application Security, Regulation StyleDealing with Web Application Security, Regulation Style
Dealing with Web Application Security, Regulation Style
 
Application Threat Modeling
Application Threat ModelingApplication Threat Modeling
Application Threat Modeling
 
Maximizing ROI through Security Training (for Developers)
Maximizing ROI through Security Training (for Developers)Maximizing ROI through Security Training (for Developers)
Maximizing ROI through Security Training (for Developers)
 
Dissecting the Hack: Malware Analysis 101
Dissecting the Hack: Malware Analysis 101 Dissecting the Hack: Malware Analysis 101
Dissecting the Hack: Malware Analysis 101
 
GRC– The Way Forward
GRC– The Way ForwardGRC– The Way Forward
GRC– The Way Forward
 
Finding Patterns in Data Breaches
Finding Patterns in Data BreachesFinding Patterns in Data Breaches
Finding Patterns in Data Breaches
 
State Data Breach Laws - A National Patchwork Quilt
State Data Breach Laws - A National Patchwork QuiltState Data Breach Laws - A National Patchwork Quilt
State Data Breach Laws - A National Patchwork Quilt
 
It's All About the Data!
It's All About the Data!It's All About the Data!
It's All About the Data!
 
You Know You Need PCI Compliance Help When…
You Know You Need PCI Compliance Help When…You Know You Need PCI Compliance Help When…
You Know You Need PCI Compliance Help When…
 
A Security Testing Methodology that Fits Every IT Budget
A Security Testing Methodology that Fits Every IT BudgetA Security Testing Methodology that Fits Every IT Budget
A Security Testing Methodology that Fits Every IT Budget
 
Business Impact and Risk Assessments in Business Continuity and Disaster Reco...
Business Impact and Risk Assessments in Business Continuity and Disaster Reco...Business Impact and Risk Assessments in Business Continuity and Disaster Reco...
Business Impact and Risk Assessments in Business Continuity and Disaster Reco...
 
Losing Control to the Cloud
Losing Control to the CloudLosing Control to the Cloud
Losing Control to the Cloud
 
Firewall Defense against Covert Channels
Firewall Defense against Covert Channels Firewall Defense against Covert Channels
Firewall Defense against Covert Channels
 

Dernier

GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesBoston Institute of Analytics
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 

Dernier (20)

GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 

A Plan to Control and Protect Data in the Private and Public Cloud

  • 1. Copyright 2009 Trend Micro Inc. 0 A Plan To Control and Protect Data in the Private and Public Cloud Todd Thiemann • Senior Director, Datacenter Security Trend Micro
  • 2. Copyright 2009 Trend Micro Inc. Why virtualization & cloud matters Speed and Business Impact Expertise and Performance Cost Reduction 1) The Cloud Imperative… If by mid-year you have not developed and begun to execute upon an ambitious and enterprise-wide cloud strategy, then by year-end the odds are good you'll no longer be a CIO. “Global CIO: The Top 10 CIO Issues For 2010” InformationWeek, 21 December 2009
  • 3. Copyright 2009 Trend Micro Inc. Virtualization & Cloud Have Management Attention Trend Micro Confidential10/12/2010 2 Source: “The 2010 Gartner Scenario: The Current State and Future Directions of the IT Industry”, Gartner 14 June 2010
  • 4. Copyright 2009 Trend Micro Inc. Realized Benefits of Cloud Computing Enterprises Reducing Costs, Increases Agility Pharmaceutical R&D and The Cloud “Drug behemoth Eli Lilly and Co. …uses Amazon's Elastic Compute Cloud (EC2) for scientific collaboration and computations … because they empower many subsets of users.” SearchCIO.com, 30 July 2009 Public Cloud for Backup & Storage Using public cloud services, GE reduced backup costs by 40% to 60%, created reusable processes in a rapidly deployable model. Matt Merchant, General Electric (December 2009) Gartner Top 10 Strategic Technologies in 2010 “Cloud Computing. Organizations should think about how to approach the cloud in terms of using cloud services, developing cloud-based applications and implementing private cloud environments.” SearchCIO.com, 22 October 2009 Cloud Computing & Security “CISOs and Security Architects: Don't let operations-led projects lower your security profile. Engage in a discussion of the issues now, not after the fact.” Neil MacDonald, Gartner (Gartner Data Center Conference, December 2009)
  • 5. Copyright 2009 Trend Micro Inc. 4 Security and privacy were the foremost concerns by far, with a weighted score higher than the next three (performance, immaturity and regulatory compliance) combined. Gartner (April 2010) Security: the #1 Cloud Challenge Classification 10/12/2010
  • 6. Copyright 2009 Trend Micro Inc. 15% 30% 70% 85% Phase 1 Consolidation DC Consolidation - Non-mission critical base applications - Standardized hypervisor - Simple VM Management Public and private cloud - Multi-hypervisor -Virtualized storage -Multi-tenancy -Workload Management -Dedicate or Burst to public Phase 3 Private > Public Cloud Mission critical applications & Endpoint Control - Performance becomes critical -API and advanced management use VDI sampling -Enhanced Compliance controls Servers Desktops Phase 2 Expansion & Desktop “Typical” Customer Virtualization Evolution
  • 7. Copyright 2009 Trend Micro Inc. The Evolving Datacenter Lowering Costs, Increasing Flexibility Classification 10/12/2010 6 Physical Private Cloud Public Cloud Virtual Outsourced •Metered •Shared Resources •Data Mobility Consolidation •Cost Center •Single Hypervisor •Data per AppTraditional Datacenter Multi-Tennant •Charge Back •Multi-Hypervisor •Data Sharing Infrastructure Security and Data Protection must keep up with Cloud Evolution
  • 8. Copyright 2009 Trend Micro Inc. 7 Phase 1 Security Challenge Perimeter-only (“Outside-in”) approach together with rapid virtualization have created less secure application environments Through 2012, 60% of virtualized servers will be less secure than the physical servers they replace. “Addressing the Most Common Security Risks in Data Center Virtualization Projects” Gartner, 25 January 2010
  • 9. Copyright 2009 Trend Micro Inc. Phase I: The virtual datacenter is very dynamic ! 8 Hypervisor Inter-VM attacks PCI Mobility Cloud Computing New Challenges Require a New Security Architecture
  • 10. Copyright 2009 Trend Micro Inc. Virtual Machines Need Specialized Protection Same threats in virtualized servers as physical. New challenges: 1. Instand-on/Dormant VMs 2. Resource contention 3. VM Sprawl 4. Inter-VM traffic 5. vMotion      9
  • 11. Copyright 2009 Trend Micro Inc. Virtualization Security Foundation “Secure the workload” App3 OS3 VM3 App1 OS1 VM1 Hypervisor VM & Network Security Integration Self-secured workload App FW, IPS, AV…
  • 12. Copyright 2009 Trend Micro Inc. Customers most common Phase I concern: Instant-on or unmanged VMs & Patching • Determines missing patches and existing vulnerabilities – Operating System – Common desktop applications • Recommends set of lightweight, fast-to-deploy filters – Virtually patches the vulnerabilities – Zero-Day protection – Reports on attempts to exploit vulnerabilities • Removes filters as soon as the patch is deployed Virtual patch endpoints until patch is ready Without exposing them to exploits
  • 13. Copyright 2009 Trend Micro Inc. “Inside-out” Protection Model for Physical, Virtual and Cloud Computing “De-Militarized Zone” (DMZ) Mission Critical Servers Business Servers FirewallIPS Firewall NIPSIPS Firewall File Integrity Monitoring Log Inspection IDS / IPS Trend Micro Deep Security Provides A Secure Container for Applications and Data
  • 14. Copyright 2009 Trend Micro Inc. 15% 30% 70% 85% Stage 1 Consolidation DC Consolidation - Non-mission critical base applications - Standardized hypervisor - Simple VM Management Stage 2 Expansion & Desktop Mission critical applications & Endpoint Control - Performance becomes critical -API and advanced management use VDI sampling -Enhanced Compliance controls Servers Desktops Hybrid and selected public cloud - Multi-hypervisor -Virtualized storage -Workload Management -Burst to public Stage 3 Private > Public Cloud GET TECHIE “Typical” Customer Virtualization Evolution
  • 15. Copyright 2009 Trend Micro Inc. 14 Phase 2: Security Challenge ”Virtually unaware” traditional security architectures eliminate the benefits of VDI and virtualized mission-critical applications
  • 16. Copyright 2009 Trend Micro Inc. Phase II Server Performance 15 App OS ESX Server App OS App OS VMsafe APIs Security VM Firewall IDS / IPS Anti-Virus Integrity Monitoring • Protect the VM by inspection of virtual components • Unprecedented security for the app & data inside the VM • Complete integration with, and awareness of, vMotion, Storage VMotion, HA, etc.
  • 17. Copyright 2009 Trend Micro Inc. Phase II: Securing virtual desktops (VDI) • Malware risk potential: Identical to physical desktops – Same operating systems – Same software – Same vulnerabilities – Same user activities => Same risk of exposing corporate and sensitive data • New challenges, unique to VDI: – Identify endpoints virtualization status – Manage resource contention • CPU • Storage IOPs • Network
  • 18. Copyright 2009 Trend Micro Inc. • The “9-AM problem” – Multiple users log in and download updates at the same time • “AV-Storms”, Scheduled scans – Adds significant load to the endpoint – Multiplied by number of VMs Cumulative system load Existing Endpoint Security Induces Resource Contention and Limits Desktop Virtualization Benefits Phase II: IT Environment Changes Challenge: Resource Contention with VDI
  • 19. Copyright 2009 Trend Micro Inc. Phase II Security has to have VDI-Intelligence • Detects whether endpoints are physical or virtual – With VMware View – With Citrix XenDesktop • Serialize updates and scans per VDI-host – Controls the number of concurrent scans and updates per VDI host – Maintains availability and performance of the VDI host – Faster than concurrent approach • Leverages Base-Images to further shorten scan times – Pre-scans and white-lists VDI base-images – Prevents duplicate scanning of unchanged files on a VDI host – Further reduces impact on the VDI host • Can be done agentlessly as well
  • 20. Copyright 2009 Trend Micro Inc. Summary of Phase II Solutions • Light and lean agents when deep visibility is required – Using cloud-client architecture • Agent-less option for application & server performance – Using virtualization APIs • Architecture optimizes performance across entire infrastructure – Processes are “virtually-aware” across CPU, network, and storage Trend Micro Confidential10/12/2010 19
  • 21. Copyright 2009 Trend Micro Inc. 15% 30% 70% 85% Phase 1 Consolidation DC Consolidation - Non-mission critical base applications - Standardized hypervisor - Simple VM Management Phase 2 Expansion & Desktop Mission critical applications & Endpoint Control - Performance becomes critical -API and advanced management use VDI sampling -Enhanced Compliance controls Servers Desktops Hybrid and selected public cloud - Multi-hypervisor -Virtualized storage -Workload Management -Burst to public Phase 3 Private > Public Cloud GET TECHIE “Typical” Customer Virtualization Evolution
  • 22. Copyright 2009 Trend Micro Inc. Phase III: Virtualized Storage and Multi-tenancy Creates Data Protection Nightmares Classification 10/12/2010 21 Perimeter Public and Private CloudDatacenter Strong perimeter security No shared CPU No shared network No shared storage Weak perimeter security Shared CPU Shared network Shared storage Traditional “outside-in” approach is inadequate in an “inside-out” cloud world full of strangers Hypervisor Company1 App2 App1 App3 App1 App2 App3 App4 App5 Appn Company2 Company3 Company4 Company5 Companyn Hypervisor …
  • 23. Copyright 2009 Trend Micro Inc. 22 Phase 3: Security Challenge How do I protect data in a virtualized and multi- tenant storage environment (private, hybrid, or public cloud) ?
  • 24. Copyright 2009 Trend Micro Inc. Who Has Control? Servers Virtualization & Private Cloud Public Cloud PaaS Public Cloud IaaS End-User (Enterprise) Service Provider Public Cloud SaaS 23Trend Micro Confidential 10/12/2010
  • 25. Copyright 2009 Trend Micro Inc. Amazon Web Services™ Customer Agreement 24 7.2. Security. We strive to keep Your Content secure, but cannot guarantee that we will be successful at doing so, given the nature of the Internet. Accordingly, without limitation to Section 4.3 above and Section 11.5 below, you acknowledge that you bear sole responsibility for adequate security, protection and backup of Your Content and Applications. We strongly encourage you, where available and appropriate, to (a) use encryption technology to protect Your Content from unauthorized access, (b) routinely archive Your Content, and (c) keep your Applications or any software that you use or run with our Services current with the latest security patches or updates. We will have no liability to you for any unauthorized access or use, corruption, deletion, destruction or loss of any of Your Content or Applications. http://aws.amazon.com/agreement/#7 (3 March 2010) The cloud customer has responsibility for security and needs to plan for protection. Trend Micro Confidential10/12/2010
  • 26. Copyright 2009 Trend Micro Inc. SecureCloud: Enterprise Controlled Data Protection for the Cloud 25 Patent pending Trend Micro technology enables enterprises to retain control of data in the cloud Trend Micro Confidential10/12/2010 25
  • 27. Copyright 2009 Trend Micro Inc. 26 All Phases: Architecture Security Challenge How do I bring it all together in a manageable way across virtualized, private and public cloud environments?
  • 28. Copyright 2009 Trend Micro Inc. A New Security Architecture For A New Era All environments should be considered un-trusted Users access app Image ensures data is always encrypted and managed Host defends itself from attack Encrypted Data Encryption keys controlled by you DC1, LAN 1 Cloud 2, LAN 1 Data Cloud 1, LAN 2 DC2, LAN 2 Data Public CloudDatacenter Data Trend Micro Confidential10/12/2010 27 Benefits •Facilitates movement between datacenter & cloud •Delivers security compliance through encryption •Enables portability between service providers •Ensures private data in public cloud
  • 29. Copyright 2009 Trend Micro Inc. Your data center is changing, have your security strategies changed accordingly? 1. Improve Server Defenses (supplement with IDS/IPS, FW, Application security) - Implement full audit and monitoring of virtualized environments 2. Leverage Vmware VMsafe-based and vShield Endpoint- based solutions for higher levels of security with simpler operations 3. Add virtualization-aware agents where needed 4. Ensure security solution is future-proofed for the private, public and hybrid cloud Classification 10/12/2010 28 Security Best Practices Recap
  • 30. Copyright 2009 Trend Micro Inc. Thank You
  • 31. Copyright 2009 Trend Micro Inc. Cloud Computing Compromises Salesforce.com security breached. Repeatedly hacked (Washington Post) Amazon EC2 customer Bitbucket taken offline by Distributed Denial of Service attack (The Register) Oct 2009: Google Gmail hacked by attacks originating in China (Financial Times) Jan 2010: Oct 2007: 30 Enterprise security challenges continue in the cloud