SlideShare une entreprise Scribd logo

Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers:

H
HyTrust
TechnologieBusiness
1  sur  25
Télécharger pour lire hors ligne
Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers: How to virtualize more by building a security fortress around your "in-scope” virtual environment with HyTrust First in a three-part series for IS and IT professionals responsible for virtualization and data center architecture, management, and optimization 1975 W. El Camino Real, Suite 203, Mountain View, CA 94040 Phone: 650-681-8100 / email: info@hytrust.com © 2012, HyTrust, Inc. www.hytrust.com 1
Overview  Meet the Experts  What are the key business drivers for the virtualization security blueprint ?  Can you recommend a strategy, framework, and tools to help us succeed with compliance audits and beyond?  What cross-vendor architectures exist to help virtualize more mission- critical applications, more securely this year?  What best practices and methodologies can you outline for planning and undertaking these newer virtualization security initiatives?  Summary  Q&A © 2012, HyTrust, Inc. www.hytrust.com 2
Today’s Experts Justin Lute  Director, Product Management - Virtualization, Cloud, and Technology Integrations – Qualys  Extensively-certified, technical and business leader in cloud security  Strategic product, technical consulting, and engineering roles at VCE, EMC, RSA, and more.  Justin has studied at Stanford University and The Ohio State University. © 2012, HyTrust, Inc. www.hytrust.com 3
Today’s Experts Dave Shackleford  SVP of Research and CTO, IANS  Former consultant at Voodoo Security  Author of SANS Virtualization Security and Cloud Security courses, and SANS curriculum lead for Virtualization and Cloud Security  Sybex “Virtualization Security” book coming in Q3 2012  Helped create and publish first virtualization security hardening guides while CTO at Center for Internet Security © 2012, HyTrust, Inc. www.hytrust.com 4
Today’s Experts Eric Chiu  Eric Chiu is CEO and co-founder of HyTrust, Inc. (http://www.hytrust.com/),  Vice President of Sales and Business Development at Cemaphore Systems, a leader in disaster recovery for Microsoft Exchange, Business Development at MailFrontier and mySimon  Instrumental in building OEM partnerships and technology alliances and driving new product initiatives.  Formerly a Venture Capitalist for Brentwood (now Redpoint) and Pinnacle, he also served in the M&A Group for Robertson, Stephens and Company.  Eric holds a BS in Materials Science and Engineering from UC Berkeley. © 2012, HyTrust, Inc. www.hytrust.com 5
HyTrust Backgrounder  Founded: Fall 2007  Headquarters: Mountain View, CA  Venture Funding: $16 million  Strategic Partners:  Awards & Top Ten Lists: VMworld 2009 Best of Show, VMworld 2009 Gold, VMworld 2010 Finalist, TechTarget 2009 Product of the Year, RSA Innovation Sandbox 2009/2010 Finalist, SC Magazine 2010 Rookie Company of the Year, Network World Startup to Watch 2010, InfoWorld Tech Company to Know 2010, Forbes “Who’s Who” in Virtualization, Red Herring 2010 North America winner, Gartner Cool Vendor 2011 © 2012, HyTrust, Inc. www.hytrust.com 66
Data Center of the Future – 3 year Vision “Rented” Cloud SaaS Application Infrastructure Self-Service Access Identity and Usage Consolidation & IT as a Virtualization Service Ubiquitous Access Data Cost End result of datacenter transformation: IT is delivered as-a-service; Role of Corporate IT is transformed from operational to control / governance © 2012, HyTrust, Inc. www.hytrust.com 7
What security concern ranks highest in importance in your virtualized environments heading into 2012?  Lack of automation (admin is brought in for every update and change)  Self service for line of businesses to access/manage their virtual machines  Strength of security policies and processes around access and change controls  Insider breach – either malicious or errant  Logging and reporting tools for audit and/or forensics purposes  All of the above © 2011, HyTrust, Inc. Inc. www.hytrust.com 8 © 2012, HyTrust, www.hytrust.com
When are you planning your next server refresh?  Next 6 months as part of a full data center re-architecture  Next 6 months as standalone server refresh  Next 7-12 months as part of a full data center re-architecture  Next 7-12 months as standalone server refresh  Greater than 12 months as part of a full data center re-architecture  Greater than 12 months as standalone server refresh  No server refresh planned  Unknown © 2011, HyTrust, Inc. www.hytrust.com 9
Key Drivers – Innovation Driving Business Goals Virtualize More… Analyst research of CIO top priorities for 2012, 40% picked virtualization as one of top three Analyst research shows market is now 52% virtualized, with many organizations goaled to be 75% virtualized by 2014. * Forrester Research CISO’s Guide to Virtualization Security © 2012, HyTrust, Inc. www.hytrust.com 10
Key Drivers - Virtualization / Cloud Security Leading IT Virtualize More Securely… “There will be more “By 2015, 40% of the virtual machines security controls used deployed on servers within enterprise data during 2011 than in centers will be 2001 through 2009 virtualized, up from combined”2 less than 5% in 2010.”1 “Virtualization increases security risk by 60%.”1 1Gartner; “From Secure Virtualization to Secure Private Clouds”; Neil MacDonald & Thomas J. Bittman; 13 October 2010 11 2Gartner; “Q&A: Six Misconceptions About Server Virtualization”, Thomas J. Bittman; 29 July 2010 © 2012, HyTrust, Inc. www.hytrust.com 11
Key Drivers - Business Demands More Virtualize More… More Securely… With Less! Forrester Research CISO’s Guide to Virtualization Security © 2012, HyTrust, Inc. www.hytrust.com 12
Key Drivers - Proactively Protect and Secure Your IP 87% Percentage of companies that have experienced a data breach — IT Compliance Institute 48% Percent of all breaches that involved privileged user misuse — Verizon report, 2010 74% Percentage of breached companies who lost customers as a result of the breach — IT Compliance Institute © 2012, HyTrust, Inc. www.hytrust.com 13
Key Drivers - Proactively Protect and Secure Your IP 87% Percentage of companies that have experienced a data breach — IT Compliance Institute 48% Percent of all breaches that involved privileged user misuse — Verizon report, 2010 74% Percentage of breached companies who lost customers as a result of the breach — IT Compliance Institute © 2012, HyTrust, Inc. www.hytrust.com 14
Typical Response for Errant Insider-caused Breach © 2012, HyTrust, Inc. www.hytrust.com 15
Key Drivers - Summary  Build the Business Case  External and Internal drivers  Describing What is ISO/IEC 27001?  Articulating benefits  Value to your intellectual property (IP)  Value to Brand  Value to departmental reputation and team careers © 2012, HyTrust, Inc. www.hytrust.com 16
Strategy, Framework, and Tools  Scoping – the Key to Success  Planning and Design - Understanding the environment is critical  ISMS - Documented Components  Communication and Setting Expectations Internally © 2012, HyTrust, Inc. www.hytrust.com 17
Strategy, Framework, and Tools  GRC Tool Benefits  ISO Controls Testing (control activities)  Obtain Certification  Maintenance, Surveillance, and Re-Audit © 2012, HyTrust, Inc. www.hytrust.com 18
Why Get Started Now?  Jason Cornish, former Shionogi Pharma IT Staffer  Plead guilty to Feb ‘11 computer intrusion  Wiped out 88 corporate servers (VMs) – email, order tracking, financial, & other services – and 15 ESX hosts  Shionogi’s operations frozen for days  unable to ship product  unable to cut checks  unable to send email  Estimated cost: $800k All of this was accomplished from a McDonalds 19 19
Why Get Started Now? “…down the road, the cyber threat will be the number one threat to the country…” FBI Director Robert Mueller …”service attacks … into NASDAQ, RSA, and the IMF“ underscore the vulnerability of key sectors of the economy." …"wholesale plundering" of American intellectual property.,, Director National Intelligence, James Clapper © 2012, HyTrust, Inc. www.hytrust.com 20
Best Practices and Guidance - Getting Started  How To Get Started with Virtualization Security Strive for virtual security that is equal to or better than the traditional security in your environment.  Consider the following:  Apply the “Zero Trust” model of information security to your network architecture  Consider virtualization-aware security solutions  Implement privileged identity management  Incorporate vulnerability management into the virtual server environment © 2012, HyTrust, Inc. www.hytrust.com 21
 eric@hytrust.com  jlute@qualys.com  dave@daveshackleford.com © 2011, HyTrust, Inc. www.hytrust.com 22
 eric@hytrust.com  jlute@qualys.com  dave@daveshackleford.com © 2011, HyTrust, Inc. www.hytrust.com 23
 eric@hytrust.com  jlute@qualys.com  dave@daveshackleford.com © 2011, HyTrust, Inc. www.hytrust.com 24
 eric@hytrust.com  jlute@qualys.com  dave@daveshackleford.com © 2011, HyTrust, Inc. www.hytrust.com 25

Recommandé

Are you ready for the private cloud? [WHITEPAPER]
Are you ready for the private cloud? [WHITEPAPER]Are you ready for the private cloud? [WHITEPAPER]
Are you ready for the private cloud? [WHITEPAPER]
KVH Co. Ltd.
 
Virtual Instruments Presentation
Virtual Instruments PresentationVirtual Instruments Presentation
Virtual Instruments Presentation
Key Information Systems, Inc.
 
Cloud Is Built, Now Who's Managing It?
Cloud Is Built, Now Who's Managing It?Cloud Is Built, Now Who's Managing It?
Cloud Is Built, Now Who's Managing It?
doan_slideshares
 
Dispelling the vapor around cloud computing
Dispelling the vapor around cloud computingDispelling the vapor around cloud computing
Dispelling the vapor around cloud computing
IBM India Smarter Computing
 
Ventana Research Presents: Best Practices with Hadoop - Real World Data
Ventana Research Presents: Best Practices with Hadoop - Real World DataVentana Research Presents: Best Practices with Hadoop - Real World Data
Ventana Research Presents: Best Practices with Hadoop - Real World Data
Cloudera, Inc.
 
White Paper: The Benefits of An Outsourced IT Infrastructure
White Paper: The Benefits of An Outsourced IT InfrastructureWhite Paper: The Benefits of An Outsourced IT Infrastructure
White Paper: The Benefits of An Outsourced IT Infrastructure
Asaca
 
J3602068071
J3602068071J3602068071
J3602068071
ijceronline
 
Sukhbir jasuja digital_trends_11
Sukhbir jasuja digital_trends_11Sukhbir jasuja digital_trends_11
Sukhbir jasuja digital_trends_11
Hellenic Professionals Informatics Society
 

Recommandé

Are you ready for the private cloud? [WHITEPAPER]
Are you ready for the private cloud? [WHITEPAPER]Are you ready for the private cloud? [WHITEPAPER]
Are you ready for the private cloud? [WHITEPAPER]
KVH Co. Ltd.
 
Virtual Instruments Presentation
Virtual Instruments PresentationVirtual Instruments Presentation
Virtual Instruments Presentation
Key Information Systems, Inc.
 
Cloud Is Built, Now Who's Managing It?
Cloud Is Built, Now Who's Managing It?Cloud Is Built, Now Who's Managing It?
Cloud Is Built, Now Who's Managing It?
doan_slideshares
 
Dispelling the vapor around cloud computing
Dispelling the vapor around cloud computingDispelling the vapor around cloud computing
Dispelling the vapor around cloud computing
IBM India Smarter Computing
 
Ventana Research Presents: Best Practices with Hadoop - Real World Data
Ventana Research Presents: Best Practices with Hadoop - Real World DataVentana Research Presents: Best Practices with Hadoop - Real World Data
Ventana Research Presents: Best Practices with Hadoop - Real World Data
Cloudera, Inc.
 
White Paper: The Benefits of An Outsourced IT Infrastructure
White Paper: The Benefits of An Outsourced IT InfrastructureWhite Paper: The Benefits of An Outsourced IT Infrastructure
White Paper: The Benefits of An Outsourced IT Infrastructure
Asaca
 
J3602068071
J3602068071J3602068071
J3602068071
ijceronline
 
Sukhbir jasuja digital_trends_11
Sukhbir jasuja digital_trends_11Sukhbir jasuja digital_trends_11
Sukhbir jasuja digital_trends_11
Hellenic Professionals Informatics Society
 
Uptime Group
Uptime GroupUptime Group
Uptime Group
MatsBluekens1
 
Kostnadseffektiv implementation av er IT-säkerhetsstrategi - PCTY 2011
Kostnadseffektiv implementation av er IT-säkerhetsstrategi - PCTY 2011Kostnadseffektiv implementation av er IT-säkerhetsstrategi - PCTY 2011
Kostnadseffektiv implementation av er IT-säkerhetsstrategi - PCTY 2011
IBM Sverige
 
Virtela Corp Brochure
Virtela Corp BrochureVirtela Corp Brochure
Virtela Corp Brochure
tmcleland
 
NJVC Brochure
NJVC BrochureNJVC Brochure
NJVC Brochure
Spencer Nelson
 
Application Integration Architecture of Excellence - Answering to the Challenges
Application Integration Architecture of Excellence - Answering to the ChallengesApplication Integration Architecture of Excellence - Answering to the Challenges
Application Integration Architecture of Excellence - Answering to the Challenges
Henry Chandra
 
Get your house on order
Get your house on orderGet your house on order
Get your house on order
Dekkinga, Ewout
 
Protecting What Matters...An Enterprise Approach to Cloud Security
Protecting What Matters...An Enterprise Approach to Cloud SecurityProtecting What Matters...An Enterprise Approach to Cloud Security
Protecting What Matters...An Enterprise Approach to Cloud Security
InnoTech
 
Secure and Scale Your Virtual Infrastructure While Meeting Compliance Mandates
Secure and Scale Your Virtual Infrastructure While Meeting Compliance MandatesSecure and Scale Your Virtual Infrastructure While Meeting Compliance Mandates
Secure and Scale Your Virtual Infrastructure While Meeting Compliance Mandates
HyTrust
 
"Hosted IP Services: Fleeting Fad or Evolving Environment?"
"Hosted IP Services: Fleeting Fad or Evolving Environment?""Hosted IP Services: Fleeting Fad or Evolving Environment?"
"Hosted IP Services: Fleeting Fad or Evolving Environment?"
John Turner
 
INSA cloud computing_2012_final
INSA cloud computing_2012_finalINSA cloud computing_2012_final
INSA cloud computing_2012_final
GovCloud Network
 
Dataplex Company Overview
Dataplex Company OverviewDataplex Company Overview
Dataplex Company Overview
dataplex systems limited
 
Cloud risk management
Cloud risk managementCloud risk management
Cloud risk management
Prachyanun Nilsook
 
NJVC-Virtual Global PaaS white paper
NJVC-Virtual Global PaaS white paperNJVC-Virtual Global PaaS white paper
NJVC-Virtual Global PaaS white paper
GovCloud Network
 
Cloud computing implications for project management methodologies
Cloud computing implications for project management methodologiesCloud computing implications for project management methodologies
Cloud computing implications for project management methodologies
Livingstone Advisory
 
Business intelligence in_the_cloud
Business intelligence in_the_cloudBusiness intelligence in_the_cloud
Business intelligence in_the_cloud
Prachyanun Nilsook
 
Cyber Threat Management Services
Cyber Threat Management ServicesCyber Threat Management Services
Cyber Threat Management Services
Marlabs
 
Top 10 IT enterprise trends 2012
Top 10 IT enterprise trends 2012Top 10 IT enterprise trends 2012
Top 10 IT enterprise trends 2012
CSC Australia
 
Cybersecurity Improvement eBook
Cybersecurity Improvement eBookCybersecurity Improvement eBook
Cybersecurity Improvement eBook
Pablo Junco
 
WBSN Q412 Investor Presentation
WBSN Q412 Investor PresentationWBSN Q412 Investor Presentation
WBSN Q412 Investor Presentation
avelinakauffman
 
20111031 KMWorld 2011 Applying the Social Business Roadmap to Your Organization
20111031 KMWorld 2011 Applying the Social Business Roadmap to Your Organization20111031 KMWorld 2011 Applying the Social Business Roadmap to Your Organization
20111031 KMWorld 2011 Applying the Social Business Roadmap to Your Organization
Jesse Wilkins
 
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
HyTrust
 
Cloud con -financial-services---case-study-keynote-panel-slide
Cloud con -financial-services---case-study-keynote-panel-slideCloud con -financial-services---case-study-keynote-panel-slide
Cloud con -financial-services---case-study-keynote-panel-slide
satya evvus
 

Contenu connexe

Tendances

Virtela Corp Brochure
Virtela Corp BrochureVirtela Corp Brochure
Virtela Corp Brochure
tmcleland
 
Secure and Scale Your Virtual Infrastructure While Meeting Compliance Mandates
Secure and Scale Your Virtual Infrastructure While Meeting Compliance MandatesSecure and Scale Your Virtual Infrastructure While Meeting Compliance Mandates
Secure and Scale Your Virtual Infrastructure While Meeting Compliance Mandates
HyTrust
 
NJVC-Virtual Global PaaS white paper
NJVC-Virtual Global PaaS white paperNJVC-Virtual Global PaaS white paper
NJVC-Virtual Global PaaS white paper
GovCloud Network
 
Cloud computing implications for project management methodologies
Cloud computing implications for project management methodologiesCloud computing implications for project management methodologies
Cloud computing implications for project management methodologies
Livingstone Advisory
 
Business intelligence in_the_cloud
Business intelligence in_the_cloudBusiness intelligence in_the_cloud
Business intelligence in_the_cloud
Prachyanun Nilsook
 
WBSN Q412 Investor Presentation
WBSN Q412 Investor PresentationWBSN Q412 Investor Presentation
WBSN Q412 Investor Presentation
avelinakauffman
 

Tendances (20)

Uptime Group
Uptime GroupUptime Group
Uptime Group
 
Kostnadseffektiv implementation av er IT-säkerhetsstrategi - PCTY 2011
Kostnadseffektiv implementation av er IT-säkerhetsstrategi - PCTY 2011Kostnadseffektiv implementation av er IT-säkerhetsstrategi - PCTY 2011
Kostnadseffektiv implementation av er IT-säkerhetsstrategi - PCTY 2011
 
Virtela Corp Brochure
Virtela Corp BrochureVirtela Corp Brochure
Virtela Corp Brochure
 
NJVC Brochure
NJVC BrochureNJVC Brochure
NJVC Brochure
 
Application Integration Architecture of Excellence - Answering to the Challenges
Application Integration Architecture of Excellence - Answering to the ChallengesApplication Integration Architecture of Excellence - Answering to the Challenges
Application Integration Architecture of Excellence - Answering to the Challenges
 
Get your house on order
Get your house on orderGet your house on order
Get your house on order
 
Protecting What Matters...An Enterprise Approach to Cloud Security
Protecting What Matters...An Enterprise Approach to Cloud SecurityProtecting What Matters...An Enterprise Approach to Cloud Security
Protecting What Matters...An Enterprise Approach to Cloud Security
 
Secure and Scale Your Virtual Infrastructure While Meeting Compliance Mandates
Secure and Scale Your Virtual Infrastructure While Meeting Compliance MandatesSecure and Scale Your Virtual Infrastructure While Meeting Compliance Mandates
Secure and Scale Your Virtual Infrastructure While Meeting Compliance Mandates
 
"Hosted IP Services: Fleeting Fad or Evolving Environment?"
"Hosted IP Services: Fleeting Fad or Evolving Environment?""Hosted IP Services: Fleeting Fad or Evolving Environment?"
"Hosted IP Services: Fleeting Fad or Evolving Environment?"
 
INSA cloud computing_2012_final
INSA cloud computing_2012_finalINSA cloud computing_2012_final
INSA cloud computing_2012_final
 
Dataplex Company Overview
Dataplex Company OverviewDataplex Company Overview
Dataplex Company Overview
 
Cloud risk management
Cloud risk managementCloud risk management
Cloud risk management
 
NJVC-Virtual Global PaaS white paper
NJVC-Virtual Global PaaS white paperNJVC-Virtual Global PaaS white paper
NJVC-Virtual Global PaaS white paper
 
Cloud computing implications for project management methodologies
Cloud computing implications for project management methodologiesCloud computing implications for project management methodologies
Cloud computing implications for project management methodologies
 
Business intelligence in_the_cloud
Business intelligence in_the_cloudBusiness intelligence in_the_cloud
Business intelligence in_the_cloud
 
Cyber Threat Management Services
Cyber Threat Management ServicesCyber Threat Management Services
Cyber Threat Management Services
 
Top 10 IT enterprise trends 2012
Top 10 IT enterprise trends 2012Top 10 IT enterprise trends 2012
Top 10 IT enterprise trends 2012
 
Cybersecurity Improvement eBook
Cybersecurity Improvement eBookCybersecurity Improvement eBook
Cybersecurity Improvement eBook
 
WBSN Q412 Investor Presentation
WBSN Q412 Investor PresentationWBSN Q412 Investor Presentation
WBSN Q412 Investor Presentation
 
20111031 KMWorld 2011 Applying the Social Business Roadmap to Your Organization
20111031 KMWorld 2011 Applying the Social Business Roadmap to Your Organization20111031 KMWorld 2011 Applying the Social Business Roadmap to Your Organization
20111031 KMWorld 2011 Applying the Social Business Roadmap to Your Organization
 

Similaire à Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers:

Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
HyTrust
 
HIPAA Compliance in the Cloud
HIPAA Compliance in the CloudHIPAA Compliance in the Cloud
HIPAA Compliance in the Cloud
Online Tech
 
The Cloud according to VMware
The Cloud according to VMwareThe Cloud according to VMware
The Cloud according to VMware
OpSource
 
The Postdigital Enterprise: Harnessing Change, Managing Disruption
The Postdigital Enterprise: Harnessing Change, Managing DisruptionThe Postdigital Enterprise: Harnessing Change, Managing Disruption
The Postdigital Enterprise: Harnessing Change, Managing Disruption
Corey O'Neal
 
IBM Smarter Business 2012 - 11 trender för Enterprise Mobile just nu
IBM Smarter Business 2012 - 11 trender för Enterprise Mobile just nuIBM Smarter Business 2012 - 11 trender för Enterprise Mobile just nu
IBM Smarter Business 2012 - 11 trender för Enterprise Mobile just nu
IBM Sverige
 
Presentation security build for v mware
Presentation security build for v mwarePresentation security build for v mware
Presentation security build for v mware
solarisyourep
 
HP2065_TieCon_Presentation_V7
HP2065_TieCon_Presentation_V7HP2065_TieCon_Presentation_V7
HP2065_TieCon_Presentation_V7
Mark Interrante
 
Rick slides thursday (2).pptx [autosaved]
Rick slides thursday (2).pptx [autosaved]Rick slides thursday (2).pptx [autosaved]
Rick slides thursday (2).pptx [autosaved]
Cisco Collaboration
 
Financial Analyst Day 2013
Financial Analyst Day 2013Financial Analyst Day 2013
Financial Analyst Day 2013
avelinakauffman
 

Similaire à Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers: (20)

Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
 
Cloud con -financial-services---case-study-keynote-panel-slide
Cloud con -financial-services---case-study-keynote-panel-slideCloud con -financial-services---case-study-keynote-panel-slide
Cloud con -financial-services---case-study-keynote-panel-slide
 
HIPAA Compliance in the Cloud
HIPAA Compliance in the CloudHIPAA Compliance in the Cloud
HIPAA Compliance in the Cloud
 
Cloud Services: Resolving the Trust vs. Uptake Paradox
Cloud Services: Resolving the Trust vs. Uptake ParadoxCloud Services: Resolving the Trust vs. Uptake Paradox
Cloud Services: Resolving the Trust vs. Uptake Paradox
 
2012-01 How to Secure a Cloud Identity Roadmap
2012-01 How to Secure a Cloud Identity Roadmap2012-01 How to Secure a Cloud Identity Roadmap
2012-01 How to Secure a Cloud Identity Roadmap
 
11 IT Management Predictions for 2011
11 IT Management Predictions for 201111 IT Management Predictions for 2011
11 IT Management Predictions for 2011
 
The Cloud according to VMware
The Cloud according to VMwareThe Cloud according to VMware
The Cloud according to VMware
 
The Postdigital Enterprise: Harnessing Change, Managing Disruption
The Postdigital Enterprise: Harnessing Change, Managing DisruptionThe Postdigital Enterprise: Harnessing Change, Managing Disruption
The Postdigital Enterprise: Harnessing Change, Managing Disruption
 
The 10 most trusted companies in enterprise security 2019
The 10 most trusted companies in enterprise security 2019The 10 most trusted companies in enterprise security 2019
The 10 most trusted companies in enterprise security 2019
 
IBM Smarter Business 2012 - 11 trender för Enterprise Mobile just nu
IBM Smarter Business 2012 - 11 trender för Enterprise Mobile just nuIBM Smarter Business 2012 - 11 trender för Enterprise Mobile just nu
IBM Smarter Business 2012 - 11 trender för Enterprise Mobile just nu
 
Presentation security build for v mware
Presentation security build for v mwarePresentation security build for v mware
Presentation security build for v mware
 
The most reliable infrastructure management service providers 2021
The most reliable infrastructure management service providers 2021The most reliable infrastructure management service providers 2021
The most reliable infrastructure management service providers 2021
 
HP2065_TieCon_Presentation_V7
HP2065_TieCon_Presentation_V7HP2065_TieCon_Presentation_V7
HP2065_TieCon_Presentation_V7
 
Rick slides thursday (2).pptx [autosaved]
Rick slides thursday (2).pptx [autosaved]Rick slides thursday (2).pptx [autosaved]
Rick slides thursday (2).pptx [autosaved]
 
Kostnadseffektiv implementation av IT-säkerhetsstrategi – Accenture - IBM Sma...
Kostnadseffektiv implementation av IT-säkerhetsstrategi – Accenture - IBM Sma...Kostnadseffektiv implementation av IT-säkerhetsstrategi – Accenture - IBM Sma...
Kostnadseffektiv implementation av IT-säkerhetsstrategi – Accenture - IBM Sma...
 
Developing Your Cloud Strategy
Developing Your Cloud StrategyDeveloping Your Cloud Strategy
Developing Your Cloud Strategy
 
shchyrinprom2009
shchyrinprom2009shchyrinprom2009
shchyrinprom2009
 
Developing Your Cloud Strategy
Developing Your Cloud StrategyDeveloping Your Cloud Strategy
Developing Your Cloud Strategy
 
Financial Analyst Day 2013
Financial Analyst Day 2013Financial Analyst Day 2013
Financial Analyst Day 2013
 
8 Experts on Flawless App Delivery
8 Experts on Flawless App Delivery8 Experts on Flawless App Delivery
8 Experts on Flawless App Delivery
 

Plus de HyTrust

Virtualizing More While Improving Risk Posture – From Bare Metal to End Point
Virtualizing More While Improving Risk Posture – From Bare Metal to End PointVirtualizing More While Improving Risk Posture – From Bare Metal to End Point
Virtualizing More While Improving Risk Posture – From Bare Metal to End Point
HyTrust
 
PCI-DSS Compliant Cloud - Design & Architecture Best Practices
PCI-DSS Compliant Cloud - Design & Architecture Best PracticesPCI-DSS Compliant Cloud - Design & Architecture Best Practices
PCI-DSS Compliant Cloud - Design & Architecture Best Practices
HyTrust
 
S24 – Virtualiza.on Security from the Auditor Perspec.ve
S24 – Virtualiza.on Security from the Auditor Perspec.veS24 – Virtualiza.on Security from the Auditor Perspec.ve
S24 – Virtualiza.on Security from the Auditor Perspec.ve
HyTrust
 
G12: Implementation to Business Value
G12: Implementation to Business ValueG12: Implementation to Business Value
G12: Implementation to Business Value
HyTrust
 
IBM X-Force 2010 Trend and Risk Report-March 2011
IBM X-Force 2010 Trend and Risk Report-March 2011IBM X-Force 2010 Trend and Risk Report-March 2011
IBM X-Force 2010 Trend and Risk Report-March 2011
HyTrust
 
PCI Compliance and Cloud Reference Architecture
PCI Compliance and Cloud Reference ArchitecturePCI Compliance and Cloud Reference Architecture
PCI Compliance and Cloud Reference Architecture
HyTrust
 
Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...
Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...
Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...
HyTrust
 
Implementing ID Governance in Complex Environments-HyTrust & CA Technologies
Implementing ID Governance in Complex Environments-HyTrust & CA Technologies Implementing ID Governance in Complex Environments-HyTrust & CA Technologies
Implementing ID Governance in Complex Environments-HyTrust & CA Technologies
HyTrust
 
HyTrust-FISMA Compliance in the Virtual Data Center
HyTrust-FISMA Compliance in the Virtual Data CenterHyTrust-FISMA Compliance in the Virtual Data Center
HyTrust-FISMA Compliance in the Virtual Data Center
HyTrust
 
HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust
 

Plus de HyTrust (10)

Virtualizing More While Improving Risk Posture – From Bare Metal to End Point
Virtualizing More While Improving Risk Posture – From Bare Metal to End PointVirtualizing More While Improving Risk Posture – From Bare Metal to End Point
Virtualizing More While Improving Risk Posture – From Bare Metal to End Point
 
PCI-DSS Compliant Cloud - Design & Architecture Best Practices
PCI-DSS Compliant Cloud - Design & Architecture Best PracticesPCI-DSS Compliant Cloud - Design & Architecture Best Practices
PCI-DSS Compliant Cloud - Design & Architecture Best Practices
 
S24 – Virtualiza.on Security from the Auditor Perspec.ve
S24 – Virtualiza.on Security from the Auditor Perspec.veS24 – Virtualiza.on Security from the Auditor Perspec.ve
S24 – Virtualiza.on Security from the Auditor Perspec.ve
 
G12: Implementation to Business Value
G12: Implementation to Business ValueG12: Implementation to Business Value
G12: Implementation to Business Value
 
IBM X-Force 2010 Trend and Risk Report-March 2011
IBM X-Force 2010 Trend and Risk Report-March 2011IBM X-Force 2010 Trend and Risk Report-March 2011
IBM X-Force 2010 Trend and Risk Report-March 2011
 
PCI Compliance and Cloud Reference Architecture
PCI Compliance and Cloud Reference ArchitecturePCI Compliance and Cloud Reference Architecture
PCI Compliance and Cloud Reference Architecture
 
Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...
Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...
Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...
 
Implementing ID Governance in Complex Environments-HyTrust & CA Technologies
Implementing ID Governance in Complex Environments-HyTrust & CA Technologies Implementing ID Governance in Complex Environments-HyTrust & CA Technologies
Implementing ID Governance in Complex Environments-HyTrust & CA Technologies
 
HyTrust-FISMA Compliance in the Virtual Data Center
HyTrust-FISMA Compliance in the Virtual Data CenterHyTrust-FISMA Compliance in the Virtual Data Center
HyTrust-FISMA Compliance in the Virtual Data Center
 
HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure
 

Dernier

08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
 

Dernier (20)

08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 

Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers:

  • 1. Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers: How to virtualize more by building a security fortress around your "in-scope” virtual environment with HyTrust First in a three-part series for IS and IT professionals responsible for virtualization and data center architecture, management, and optimization 1975 W. El Camino Real, Suite 203, Mountain View, CA 94040 Phone: 650-681-8100 / email: info@hytrust.com © 2012, HyTrust, Inc. www.hytrust.com 1
  • 2. Overview  Meet the Experts  What are the key business drivers for the virtualization security blueprint ?  Can you recommend a strategy, framework, and tools to help us succeed with compliance audits and beyond?  What cross-vendor architectures exist to help virtualize more mission- critical applications, more securely this year?  What best practices and methodologies can you outline for planning and undertaking these newer virtualization security initiatives?  Summary  Q&A © 2012, HyTrust, Inc. www.hytrust.com 2
  • 3. Today’s Experts Justin Lute  Director, Product Management - Virtualization, Cloud, and Technology Integrations – Qualys  Extensively-certified, technical and business leader in cloud security  Strategic product, technical consulting, and engineering roles at VCE, EMC, RSA, and more.  Justin has studied at Stanford University and The Ohio State University. © 2012, HyTrust, Inc. www.hytrust.com 3
  • 4. Today’s Experts Dave Shackleford  SVP of Research and CTO, IANS  Former consultant at Voodoo Security  Author of SANS Virtualization Security and Cloud Security courses, and SANS curriculum lead for Virtualization and Cloud Security  Sybex “Virtualization Security” book coming in Q3 2012  Helped create and publish first virtualization security hardening guides while CTO at Center for Internet Security © 2012, HyTrust, Inc. www.hytrust.com 4
  • 5. Today’s Experts Eric Chiu  Eric Chiu is CEO and co-founder of HyTrust, Inc. (http://www.hytrust.com/),  Vice President of Sales and Business Development at Cemaphore Systems, a leader in disaster recovery for Microsoft Exchange, Business Development at MailFrontier and mySimon  Instrumental in building OEM partnerships and technology alliances and driving new product initiatives.  Formerly a Venture Capitalist for Brentwood (now Redpoint) and Pinnacle, he also served in the M&A Group for Robertson, Stephens and Company.  Eric holds a BS in Materials Science and Engineering from UC Berkeley. © 2012, HyTrust, Inc. www.hytrust.com 5
  • 6. HyTrust Backgrounder  Founded: Fall 2007  Headquarters: Mountain View, CA  Venture Funding: $16 million  Strategic Partners:  Awards & Top Ten Lists: VMworld 2009 Best of Show, VMworld 2009 Gold, VMworld 2010 Finalist, TechTarget 2009 Product of the Year, RSA Innovation Sandbox 2009/2010 Finalist, SC Magazine 2010 Rookie Company of the Year, Network World Startup to Watch 2010, InfoWorld Tech Company to Know 2010, Forbes “Who’s Who” in Virtualization, Red Herring 2010 North America winner, Gartner Cool Vendor 2011 © 2012, HyTrust, Inc. www.hytrust.com 66
  • 7. Data Center of the Future – 3 year Vision “Rented” Cloud SaaS Application Infrastructure Self-Service Access Identity and Usage Consolidation & IT as a Virtualization Service Ubiquitous Access Data Cost End result of datacenter transformation: IT is delivered as-a-service; Role of Corporate IT is transformed from operational to control / governance © 2012, HyTrust, Inc. www.hytrust.com 7
  • 8. What security concern ranks highest in importance in your virtualized environments heading into 2012?  Lack of automation (admin is brought in for every update and change)  Self service for line of businesses to access/manage their virtual machines  Strength of security policies and processes around access and change controls  Insider breach – either malicious or errant  Logging and reporting tools for audit and/or forensics purposes  All of the above © 2011, HyTrust, Inc. Inc. www.hytrust.com 8 © 2012, HyTrust, www.hytrust.com
  • 9. When are you planning your next server refresh?  Next 6 months as part of a full data center re-architecture  Next 6 months as standalone server refresh  Next 7-12 months as part of a full data center re-architecture  Next 7-12 months as standalone server refresh  Greater than 12 months as part of a full data center re-architecture  Greater than 12 months as standalone server refresh  No server refresh planned  Unknown © 2011, HyTrust, Inc. www.hytrust.com 9
  • 10. Key Drivers – Innovation Driving Business Goals Virtualize More… Analyst research of CIO top priorities for 2012, 40% picked virtualization as one of top three Analyst research shows market is now 52% virtualized, with many organizations goaled to be 75% virtualized by 2014. * Forrester Research CISO’s Guide to Virtualization Security © 2012, HyTrust, Inc. www.hytrust.com 10
  • 11. Key Drivers - Virtualization / Cloud Security Leading IT Virtualize More Securely… “There will be more “By 2015, 40% of the virtual machines security controls used deployed on servers within enterprise data during 2011 than in centers will be 2001 through 2009 virtualized, up from combined”2 less than 5% in 2010.”1 “Virtualization increases security risk by 60%.”1 1Gartner; “From Secure Virtualization to Secure Private Clouds”; Neil MacDonald & Thomas J. Bittman; 13 October 2010 11 2Gartner; “Q&A: Six Misconceptions About Server Virtualization”, Thomas J. Bittman; 29 July 2010 © 2012, HyTrust, Inc. www.hytrust.com 11
  • 12. Key Drivers - Business Demands More Virtualize More… More Securely… With Less! Forrester Research CISO’s Guide to Virtualization Security © 2012, HyTrust, Inc. www.hytrust.com 12
  • 13. Key Drivers - Proactively Protect and Secure Your IP 87% Percentage of companies that have experienced a data breach — IT Compliance Institute 48% Percent of all breaches that involved privileged user misuse — Verizon report, 2010 74% Percentage of breached companies who lost customers as a result of the breach — IT Compliance Institute © 2012, HyTrust, Inc. www.hytrust.com 13
  • 14. Key Drivers - Proactively Protect and Secure Your IP 87% Percentage of companies that have experienced a data breach — IT Compliance Institute 48% Percent of all breaches that involved privileged user misuse — Verizon report, 2010 74% Percentage of breached companies who lost customers as a result of the breach — IT Compliance Institute © 2012, HyTrust, Inc. www.hytrust.com 14
  • 15. Typical Response for Errant Insider-caused Breach © 2012, HyTrust, Inc. www.hytrust.com 15
  • 16. Key Drivers - Summary  Build the Business Case  External and Internal drivers  Describing What is ISO/IEC 27001?  Articulating benefits  Value to your intellectual property (IP)  Value to Brand  Value to departmental reputation and team careers © 2012, HyTrust, Inc. www.hytrust.com 16
  • 17. Strategy, Framework, and Tools  Scoping – the Key to Success  Planning and Design - Understanding the environment is critical  ISMS - Documented Components  Communication and Setting Expectations Internally © 2012, HyTrust, Inc. www.hytrust.com 17
  • 18. Strategy, Framework, and Tools  GRC Tool Benefits  ISO Controls Testing (control activities)  Obtain Certification  Maintenance, Surveillance, and Re-Audit © 2012, HyTrust, Inc. www.hytrust.com 18
  • 19. Why Get Started Now?  Jason Cornish, former Shionogi Pharma IT Staffer  Plead guilty to Feb ‘11 computer intrusion  Wiped out 88 corporate servers (VMs) – email, order tracking, financial, & other services – and 15 ESX hosts  Shionogi’s operations frozen for days  unable to ship product  unable to cut checks  unable to send email  Estimated cost: $800k All of this was accomplished from a McDonalds 19 19
  • 20. Why Get Started Now? “…down the road, the cyber threat will be the number one threat to the country…” FBI Director Robert Mueller …”service attacks … into NASDAQ, RSA, and the IMF“ underscore the vulnerability of key sectors of the economy." …"wholesale plundering" of American intellectual property.,, Director National Intelligence, James Clapper © 2012, HyTrust, Inc. www.hytrust.com 20
  • 21. Best Practices and Guidance - Getting Started  How To Get Started with Virtualization Security Strive for virtual security that is equal to or better than the traditional security in your environment.  Consider the following:  Apply the “Zero Trust” model of information security to your network architecture  Consider virtualization-aware security solutions  Implement privileged identity management  Incorporate vulnerability management into the virtual server environment © 2012, HyTrust, Inc. www.hytrust.com 21
  • 22.  eric@hytrust.com  jlute@qualys.com  dave@daveshackleford.com © 2011, HyTrust, Inc. www.hytrust.com 22
  • 23.  eric@hytrust.com  jlute@qualys.com  dave@daveshackleford.com © 2011, HyTrust, Inc. www.hytrust.com 23
  • 24.  eric@hytrust.com  jlute@qualys.com  dave@daveshackleford.com © 2011, HyTrust, Inc. www.hytrust.com 24
  • 25.  eric@hytrust.com  jlute@qualys.com  dave@daveshackleford.com © 2011, HyTrust, Inc. www.hytrust.com 25