2012 10 cloud security architecture

•Télécharger en tant que PPTX, PDF•

1 j'aime•1,038 vues

Vladimir Jirasek

Cloud model maps to Security model
Cloud model

GRC
Business continuity
SIEM
Data security

Identity, Access
Direct map

Cryptography
Application sec.
Host security
Network security
Physical security

Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk

Responsibilities for areas in security
model compared to delivery models
Provider responsible Customer responsible
GRC
Business continuity
SIEM
Identity, Access
Cryptography
Data security
Application sec.
Host security
Network security
Physical security
IaaS PaaS SaaS IaaS PaaS SaaS
Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk

How to manage cloud security
• Have a cloud security standard
• What to do on an Enterprise level
• Before your Cloud project
• During your Cloud project
How to drive out the
• BAU 'seven deadly sins' of
cloud computing - new
Information Security
• Exit from the Cloud provider Forum report

• Risks cannot be outsourced
• Manage lock-in and exit up-front – especially in SaaS
Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk

Cloud Security Alliance supports number
of projects related to cloud

Get involved at
https://cloudsecurityalliance.org/resea
rch/https://cloudsecurityalliance.org.uk
Copyright © 2012 Cloud Security Alliance

Contact

• Help us secure cloud computing
• http://cloudsecurityalliance.org.uk
• info@cloudsecurityalliance.org.uk
• LinkedIn: http://www.linkedin.com/groups/Cloud-
Security-Alliance-UK-Chapter-3745837
• Twitter: @CSAUKResearch

Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk

Thank you!

www.cloudsecurityalliance.org

Contenu connexe

Tendances

Guide to CASB Use CasesSachin Yadav

Cloud Access Security Brokers - CASB Samrat Das

Cloud SecurityThe TNS Group

secureit-cloudsecurity-151130141528-lva1-app6892.pdfYounesChafi1

Cloud Security DemystifiedMichael Torres

Architect secure cloud services.Moshe Ferber

Security As A Service In Cloud(SECaaS)أحلام انصارى

Cloud security for financial servicesMoshe Ferber

McAfee - MVISION Cloud (MVC) - Cloud Access Security Broker (CASB)Iftikhar Ali Iqbal

CASB — Your new best friend for safe cloud adoption? Digital Transformation EXPO Event Series

The Notorious 9 Cloud Computing Threats - CSA Congress, San JoseMoshe Ferber

Cloud security privacy- orgDharmalingam S

Surviving the lions den - how to sell SaaS services to security oriented cust...Moshe Ferber

Cloud securityBikashPokharel3

Automatizovaná bezpečnost – nadstandard nebo nutnost?MarketingArrowECS_CZ

Global Mandate to Secure Cloud ComputingCloudSecurityAllianceAustralia

Cloud Security - Emerging Facets and FrontiersGokul Alex

Security As A ServiceGeorge Fares

Symantec Webinar | Tips for Successful CASB ProjectsSymantec

Why Everyone Needs a Cloud-First Security Program - SASEfaction Guaranteed!Netskope

Tendances (20)

Guide to CASB Use Cases

Cloud Access Security Brokers - CASB

Cloud Security

secureit-cloudsecurity-151130141528-lva1-app6892.pdf

Cloud Security Demystified

Architect secure cloud services.

Security As A Service In Cloud(SECaaS)

Cloud security for financial services

McAfee - MVISION Cloud (MVC) - Cloud Access Security Broker (CASB)

CASB — Your new best friend for safe cloud adoption?

The Notorious 9 Cloud Computing Threats - CSA Congress, San Jose

Cloud security privacy- org

Surviving the lions den - how to sell SaaS services to security oriented cust...

Cloud security

Automatizovaná bezpečnost – nadstandard nebo nutnost?

Global Mandate to Secure Cloud Computing

Cloud Security - Emerging Facets and Frontiers

Security As A Service

Symantec Webinar | Tips for Successful CASB Projects

Why Everyone Needs a Cloud-First Security Program - SASEfaction Guaranteed!

Similaire à 2012 10 cloud security architecture

Cloud security and security architectureVladimir Jirasek

Cloud Security - Made simpleSameer Paradia

Integrated Cloud Framework: Security, Governance, Compliance, Content Applica...Chad Lawler

Security of,for & by cloudLakshmi Subramanian

Cloud security ely kahnEly Kahn

Securing Your Cloud Servers with Halo NetSecCloudPassage

Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec

CloudPassage OverviewCloudPassage

null Bangalore meet - Cloud Computing and Securityn|u - The Open Security Community

Cisco tec chris young - security intelligence operationsCisco Public Relations

Neupart Isaca April 2012Lars Neupart

Risk Factory: PCI Compliance in the CloudRisk Crew

AWS Summit 2011: Cloud Compliance 101: No PhD required - SafeNetAmazon Web Services

Resarch paper i cloud computingBharat Gupta

Enterprise Security in CloudLenin Aboagye

Enterprise Security in Hybrid Cloud ISACA-SV 2012Symosis Security (Previously C-Level Security)

What customers want the cloud to be - Jason Waxman GM at Intel, Cloud Slam 20...Khazret Sapenov

Protecting Data in the CloudNeil Readshaw

марко Safe net@rainbow-informzashita - februar 2012Валерий Коржов

Cw13 securing your journey to the cloud by rami naccache-trend microTheInevitableCloud

Similaire à 2012 10 cloud security architecture (20)

Cloud security and security architecture

Cloud Security - Made simple

Integrated Cloud Framework: Security, Governance, Compliance, Content Applica...

Security of,for & by cloud

Cloud security ely kahn

Securing Your Cloud Servers with Halo NetSec

Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...

CloudPassage Overview

null Bangalore meet - Cloud Computing and Security

Cisco tec chris young - security intelligence operations

Neupart Isaca April 2012

Risk Factory: PCI Compliance in the Cloud

AWS Summit 2011: Cloud Compliance 101: No PhD required - SafeNet

Resarch paper i cloud computing

Enterprise Security in Cloud

Enterprise Security in Hybrid Cloud ISACA-SV 2012

What customers want the cloud to be - Jason Waxman GM at Intel, Cloud Slam 20...

Protecting Data in the Cloud

марко Safe net@rainbow-informzashita - februar 2012

Cw13 securing your journey to the cloud by rami naccache-trend micro

Plus de Vladimir Jirasek

Vulnerability management - beyond scanningVladimir Jirasek

Vulnerability Management @ DevSecOps London GatheringVladimir Jirasek

Mobile phone as Trusted identity assistantVladimir Jirasek

Security architecture for LSE 2009Vladimir Jirasek

Mobile security summit - 10 mobile risksVladimir Jirasek

Information Risk Security model and metricsVladimir Jirasek

Integrating Qualys into the patch and vulnerability management processesVladimir Jirasek

Securing mobile population for White HatsVladimir Jirasek

Security models for security architectureVladimir Jirasek

Meaningfull security metricsVladimir Jirasek

CAMM presentation for Cyber Security Gas and Oil june 2011Vladimir Jirasek

ISE UK&Ireland 2008 Showcase Nominee Presentation Vladimir JirasekVladimir Jirasek

Qualys Webex 24 June 2008Vladimir Jirasek

Federation For The Cloud Opportunities For A Single IdentityVladimir Jirasek

Plus de Vladimir Jirasek (14)

Vulnerability management - beyond scanning

Vulnerability Management @ DevSecOps London Gathering

Mobile phone as Trusted identity assistant

Security architecture for LSE 2009

Mobile security summit - 10 mobile risks

Information Risk Security model and metrics

Integrating Qualys into the patch and vulnerability management processes

Securing mobile population for White Hats

Security models for security architecture

Meaningfull security metrics

CAMM presentation for Cyber Security Gas and Oil june 2011

ISE UK&Ireland 2008 Showcase Nominee Presentation Vladimir Jirasek

Qualys Webex 24 June 2008

Federation For The Cloud Opportunities For A Single Identity

2012 10 cloud security architecture

1. Security architecture and Cloud computing, are these mutually exclusive? Vladimir Jirasek Director of Research, CSA UK 25 October 2012

2. Cloud model maps to Security model Cloud model GRC Business continuity SIEM Data security Identity, Access Direct map Cryptography Application sec. Host security Network security Physical security Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk

3. Responsibilities for areas in security model compared to delivery models Provider responsible Customer responsible GRC Business continuity SIEM Identity, Access Cryptography Data security Application sec. Host security Network security Physical security IaaS PaaS SaaS IaaS PaaS SaaS Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk

4. How to manage cloud security • Have a cloud security standard • What to do on an Enterprise level • Before your Cloud project • During your Cloud project How to drive out the • BAU 'seven deadly sins' of cloud computing - new Information Security • Exit from the Cloud provider Forum report • Risks cannot be outsourced • Manage lock-in and exit up-front – especially in SaaS Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk

5. Cloud Security Alliance supports number of projects related to cloud Get involved at https://cloudsecurityalliance.org/resea rch/https://cloudsecurityalliance.org.uk Copyright © 2012 Cloud Security Alliance

6. Contact • Help us secure cloud computing • http://cloudsecurityalliance.org.uk • info@cloudsecurityalliance.org.uk • LinkedIn: http://www.linkedin.com/groups/Cloud- Security-Alliance-UK-Chapter-3745837 • Twitter: @CSAUKResearch Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk

7. Thank you! www.cloudsecurityalliance.org

Notes de l'éditeur

Do visit the websiteDo join the LinkedIn Groups – you will receive regular email updates

2012 10 cloud security architecture

Recommandé

Recommandé

Contenu connexe

Tendances

Tendances (20)

Similaire à 2012 10 cloud security architecture

Similaire à 2012 10 cloud security architecture (20)

Plus de Vladimir Jirasek

Plus de Vladimir Jirasek (14)

2012 10 cloud security architecture

Notes de l'éditeur