SlideShare une entreprise Scribd logo

Access Assurance in the Cloud

Télécharger en tant que PPTX, PDF
Courion Corporation
Courion Corporation

A look at how to keep your data safe with access assurance in the cloud.

Technologie
1  sur  26
Assuring Access in the Cloud
2 What is the Cloud?  The cloud is a network of servers, and each server has a different function. Some servers use computing power to run applications or "deliver a service.“*  Basically, it’s a network of servers and computers hosting your information away from your physical device. *From The Beginners Guide to the Cloud: Mashable “Thunder and lightning isn’t God being angry, its just Microsoft and Google fighting in the clouds.” - Anonomyus
3 What is Cloud Computing ?  Noun: the practice of using a network of remote servers hosted on the Internet to store, manage, and process data, rather than a local server or a personal computer.  Many different varieties: • IT computing accessible online • Available from anywhere • Virtualization • Interchangeable services • On-demand for peak loads and needs • IaaS, PaaS, SaaS
4 Drivers of Cloud Adoption
5 Impediments to Cloud Adoption
6 Enabling the Business  If business drivers for cloud computing are: • Agility and flexibility • Performance and scale • Operational efficiency • Universal access  Security must be: • Transparent • Dynamic • Flexible • Operationally Efficient
7 The Business Needs for IAM  Transparent compliance  Sustained efficiencies  Improved business agility  Access Assurance visibility to LOB
8 Access Assurance for the Cloud  Ensuring the right people have the right access to the right resources regardless of where those resources are physically located and managed • Hosted applications • SaaS applications • Private clouds • Public clouds  Providing the basis for: • Access policy definition • Preventative controls and enforcement via provisioning • Access verification of user access to cloud applications
9 Cloud Does Not Change Requirements Same information  PHI & privacy data (HIPPA, etc)  Key financial data (SOX)  Card holder information (PCI)  Other high risk (shareholders) Same IAM requirements  All access must connect to enterprise identities  Access certification  Separation of duties for operators and users  Privileged access management  Access management • Who has access? • Who has accessed?
10 Seamless to Users
11 So Must Access Assurance Be
12 What Comes with the Cloud?  No more closed and controlled surfaces • You no longer have direct control or oversight  You are still accountable to the law and shareholders • You may be subject to new regulations  Vendors will try to lock-in  Level of auditability of their controls  Key is transparency, embedded controls, and agility
13 Risks and Considerations  Disabling network access does not prevent access to key applications and data  Ensure new users get access quickly and changes are reflected accurately  Management of identity information in the cloud • Delegation and assurance  Where is sensitive data located and how managed?  Privacy management  Administrative access to sensitive data and users  Compliance and regulatory requirements  Security aspects as part of partner agreements
14 Access Assurance
15 To Achieve Access Assurance You Must
16 To Achieve Access Assurance You Must
17 To Achieve Access Assurance You Must
18 Access Assurance
19 Access Assurance Components
20 Critical Need Across IT Services
21 Courion Access Assurance Suite
22 Courion Access Assurance Suite Secure the Enterprise, don’t slow it down… Designed for Your Complex Environment
23 The Secret to Making it All Work  A user interface that business users understand  Ability to gather information from numerous sources  Information that is actionable for remediation  Fast, reliable, scalable implementation  Breadth of capability to reach to variety of systems and resources • Off-premise applications • Virtualization • Platform and infrastructure • Federation  Proven customer success in a cloud environment
24 IAM and the Cloud  Risks and required controls may increase due to cloud: • Removal of corporate network access no longer a compensating control • Sensitive data is now in different locations and may be:  More accessible  Subject to different regulations • Additional technologies for provisioning and access compliance  Must span the traditional enterprise and the cloud • Policy definition • Accurate tracking and periodic review of access • Balance of preventative and detective controls
25 Bottom Line  The cloud and cloud computing are a reality  Closed and controlled moves to dynamic, open, and accessible  Identity plays a critical role in cloud environments  Need to deal with… • Lack of control of data • Extended reach of administrative privileges • Privacy and trust • Complexity of handling identities  An Access Assurance strategy is critical
26 What Now?  If you’re looking for more information on how an Access Assurance Suite can transform your company’s information, contact us today. We can provide a quick scan of your system and let you know where your hidden risks lie and how to take care of them. info@Courion.com www.Courion.com Get My Quick Scan >>

Recommandé

#MFSummit2016 Secure: Introduction to identity, access and security
#MFSummit2016 Secure: Introduction to identity, access and security#MFSummit2016 Secure: Introduction to identity, access and security
#MFSummit2016 Secure: Introduction to identity, access and security
Micro Focus
 
Cloud computing risk assesment
Cloud computing risk assesment Cloud computing risk assesment
Cloud computing risk assesment
Ahmad El Tawil
 
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
Gene Kim
 
Cloud & Software Terms Defined
Cloud & Software Terms DefinedCloud & Software Terms Defined
Cloud & Software Terms Defined
Namtek Consulting Services
 
UNIFIED MESSAGE ARCHIVING – WHY IT IS IMPORTANT
UNIFIED MESSAGE ARCHIVING – WHY IT IS IMPORTANTUNIFIED MESSAGE ARCHIVING – WHY IT IS IMPORTANT
UNIFIED MESSAGE ARCHIVING – WHY IT IS IMPORTANT
Micro Focus
 
Office365 security in depth
Office365 security in depthOffice365 security in depth
Office365 security in depth
Alberto Pascual
 
LegalAnywhereConnect Brochure
LegalAnywhereConnect BrochureLegalAnywhereConnect Brochure
LegalAnywhereConnect Brochure
Nancy DaCorsi
 
Data Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Data Protection Indonesia: Basic Regulation and Technical Aspects_ErykData Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Data Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Eryk Budi Pratama
 

Recommandé

#MFSummit2016 Secure: Introduction to identity, access and security
#MFSummit2016 Secure: Introduction to identity, access and security#MFSummit2016 Secure: Introduction to identity, access and security
#MFSummit2016 Secure: Introduction to identity, access and security
Micro Focus
 
Cloud computing risk assesment
Cloud computing risk assesment Cloud computing risk assesment
Cloud computing risk assesment
Ahmad El Tawil
 
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
Gene Kim
 
Cloud & Software Terms Defined
Cloud & Software Terms DefinedCloud & Software Terms Defined
Cloud & Software Terms Defined
Namtek Consulting Services
 
UNIFIED MESSAGE ARCHIVING – WHY IT IS IMPORTANT
UNIFIED MESSAGE ARCHIVING – WHY IT IS IMPORTANTUNIFIED MESSAGE ARCHIVING – WHY IT IS IMPORTANT
UNIFIED MESSAGE ARCHIVING – WHY IT IS IMPORTANT
Micro Focus
 
Office365 security in depth
Office365 security in depthOffice365 security in depth
Office365 security in depth
Alberto Pascual
 
LegalAnywhereConnect Brochure
LegalAnywhereConnect BrochureLegalAnywhereConnect Brochure
LegalAnywhereConnect Brochure
Nancy DaCorsi
 
Data Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Data Protection Indonesia: Basic Regulation and Technical Aspects_ErykData Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Data Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Eryk Budi Pratama
 
Cloud computing in Australia - Separating hype from reality
Cloud computing in Australia - Separating hype from realityCloud computing in Australia - Separating hype from reality
Cloud computing in Australia - Separating hype from reality
Russell_Kennedy
 
Information classification
Information classificationInformation classification
Information classification
Howard Diesel (CDMP BI, DW, DBA, Msc Elec Eng)
 
Cloud Email Firewall
Cloud Email FirewallCloud Email Firewall
Cloud Email Firewall
Giuseppe Coppola
 
Never Clueless Hosted Exchange Email
Never Clueless Hosted Exchange EmailNever Clueless Hosted Exchange Email
Never Clueless Hosted Exchange Email
John Rood
 
Managed It Services
Managed It ServicesManaged It Services
Managed It Services
sanaq951
 
What Data Center Compliance Means for Your Business
What Data Center Compliance Means for Your BusinessWhat Data Center Compliance Means for Your Business
What Data Center Compliance Means for Your Business
Data Foundry
 
IT Series: Cloud Computing Done Right CISOA 2011
IT Series: Cloud Computing Done Right CISOA 2011IT Series: Cloud Computing Done Right CISOA 2011
IT Series: Cloud Computing Done Right CISOA 2011
Donald E. Hester
 
Softchoice - Microsoft Office 365 - Discussing legal concerns and informatio...
Softchoice - Microsoft Office 365 - Discussing legal concerns and informatio...Softchoice - Microsoft Office 365 - Discussing legal concerns and informatio...
Softchoice - Microsoft Office 365 - Discussing legal concerns and informatio...
Softchoice Corporation
 
Never Clueless Encrypted Email
Never Clueless Encrypted EmailNever Clueless Encrypted Email
Never Clueless Encrypted Email
John Rood
 
Cloud Services & the Development of ISO/IEC 27018
Cloud Services & the Development of ISO/IEC 27018Cloud Services & the Development of ISO/IEC 27018
Cloud Services & the Development of ISO/IEC 27018
Corporacion Colombia Digital
 
Visual Online - Cloud Computing - 4 Mars 2011
Visual Online - Cloud Computing - 4 Mars 2011Visual Online - Cloud Computing - 4 Mars 2011
Visual Online - Cloud Computing - 4 Mars 2011
Francisco Malpica
 
Keynote Theatre. Keynote Day 2. 16:30 Evelyn de Souza
Keynote Theatre. Keynote Day 2. 16:30 Evelyn de Souza Keynote Theatre. Keynote Day 2. 16:30 Evelyn de Souza
Keynote Theatre. Keynote Day 2. 16:30 Evelyn de Souza
CloudExpoAsia
 
California Consumer Privacy Act (CCPA)
California Consumer Privacy Act (CCPA)California Consumer Privacy Act (CCPA)
California Consumer Privacy Act (CCPA)
Happiest Minds Technologies
 
Cas 4
Cas 4Cas 4
Cas 4
Byju Antony
 
How to Deliver Closed-Loop Compliance
How to Deliver Closed-Loop ComplianceHow to Deliver Closed-Loop Compliance
How to Deliver Closed-Loop Compliance
ForgeRock
 
Realizing the Value of Social: Evolving from Social Media to Customer Experience
Realizing the Value of Social: Evolving from Social Media to Customer ExperienceRealizing the Value of Social: Evolving from Social Media to Customer Experience
Realizing the Value of Social: Evolving from Social Media to Customer Experience
Tata Consultancy Services
 
BOSSDesk_overview
BOSSDesk_overviewBOSSDesk_overview
BOSSDesk_overview
Renu Mahadevan
 
Bitglass Webinar - 5 Cloud Security Best Practices for 2018
Bitglass Webinar - 5 Cloud Security Best Practices for 2018Bitglass Webinar - 5 Cloud Security Best Practices for 2018
Bitglass Webinar - 5 Cloud Security Best Practices for 2018
Bitglass
 
Data Privacy Readiness Test
Data Privacy Readiness TestData Privacy Readiness Test
Data Privacy Readiness Test
Druva
 
Bitglass Webinar - BlueCross BlueShield of Tennessee's CASB Journey to Secure...
Bitglass Webinar - BlueCross BlueShield of Tennessee's CASB Journey to Secure...Bitglass Webinar - BlueCross BlueShield of Tennessee's CASB Journey to Secure...
Bitglass Webinar - BlueCross BlueShield of Tennessee's CASB Journey to Secure...
Bitglass
 
10 IT Security Trends to Watch for in 2016
10 IT Security Trends to Watch for in 201610 IT Security Trends to Watch for in 2016
10 IT Security Trends to Watch for in 2016
Core Security
 
Phishing: How to get off the hook using Intelligent IAM
Phishing: How to get off the hook using Intelligent IAMPhishing: How to get off the hook using Intelligent IAM
Phishing: How to get off the hook using Intelligent IAM
Courion Corporation
 

Contenu connexe

Tendances

Softchoice - Microsoft Office 365 - Discussing legal concerns and informatio...
Softchoice - Microsoft Office 365 - Discussing legal concerns and informatio...Softchoice - Microsoft Office 365 - Discussing legal concerns and informatio...
Softchoice - Microsoft Office 365 - Discussing legal concerns and informatio...
Softchoice Corporation
 

Tendances (20)

Cloud computing in Australia - Separating hype from reality
Cloud computing in Australia - Separating hype from realityCloud computing in Australia - Separating hype from reality
Cloud computing in Australia - Separating hype from reality
 
Information classification
Information classificationInformation classification
Information classification
 
Cloud Email Firewall
Cloud Email FirewallCloud Email Firewall
Cloud Email Firewall
 
Never Clueless Hosted Exchange Email
Never Clueless Hosted Exchange EmailNever Clueless Hosted Exchange Email
Never Clueless Hosted Exchange Email
 
Managed It Services
Managed It ServicesManaged It Services
Managed It Services
 
What Data Center Compliance Means for Your Business
What Data Center Compliance Means for Your BusinessWhat Data Center Compliance Means for Your Business
What Data Center Compliance Means for Your Business
 
IT Series: Cloud Computing Done Right CISOA 2011
IT Series: Cloud Computing Done Right CISOA 2011IT Series: Cloud Computing Done Right CISOA 2011
IT Series: Cloud Computing Done Right CISOA 2011
 
Softchoice - Microsoft Office 365 - Discussing legal concerns and informatio...
Softchoice - Microsoft Office 365 - Discussing legal concerns and informatio...Softchoice - Microsoft Office 365 - Discussing legal concerns and informatio...
Softchoice - Microsoft Office 365 - Discussing legal concerns and informatio...
 
Never Clueless Encrypted Email
Never Clueless Encrypted EmailNever Clueless Encrypted Email
Never Clueless Encrypted Email
 
Cloud Services & the Development of ISO/IEC 27018
Cloud Services & the Development of ISO/IEC 27018Cloud Services & the Development of ISO/IEC 27018
Cloud Services & the Development of ISO/IEC 27018
 
Visual Online - Cloud Computing - 4 Mars 2011
Visual Online - Cloud Computing - 4 Mars 2011Visual Online - Cloud Computing - 4 Mars 2011
Visual Online - Cloud Computing - 4 Mars 2011
 
Keynote Theatre. Keynote Day 2. 16:30 Evelyn de Souza
Keynote Theatre. Keynote Day 2. 16:30 Evelyn de Souza Keynote Theatre. Keynote Day 2. 16:30 Evelyn de Souza
Keynote Theatre. Keynote Day 2. 16:30 Evelyn de Souza
 
California Consumer Privacy Act (CCPA)
California Consumer Privacy Act (CCPA)California Consumer Privacy Act (CCPA)
California Consumer Privacy Act (CCPA)
 
Cas 4
Cas 4Cas 4
Cas 4
 
How to Deliver Closed-Loop Compliance
How to Deliver Closed-Loop ComplianceHow to Deliver Closed-Loop Compliance
How to Deliver Closed-Loop Compliance
 
Realizing the Value of Social: Evolving from Social Media to Customer Experience
Realizing the Value of Social: Evolving from Social Media to Customer ExperienceRealizing the Value of Social: Evolving from Social Media to Customer Experience
Realizing the Value of Social: Evolving from Social Media to Customer Experience
 
BOSSDesk_overview
BOSSDesk_overviewBOSSDesk_overview
BOSSDesk_overview
 
Bitglass Webinar - 5 Cloud Security Best Practices for 2018
Bitglass Webinar - 5 Cloud Security Best Practices for 2018Bitglass Webinar - 5 Cloud Security Best Practices for 2018
Bitglass Webinar - 5 Cloud Security Best Practices for 2018
 
Data Privacy Readiness Test
Data Privacy Readiness TestData Privacy Readiness Test
Data Privacy Readiness Test
 
Bitglass Webinar - BlueCross BlueShield of Tennessee's CASB Journey to Secure...
Bitglass Webinar - BlueCross BlueShield of Tennessee's CASB Journey to Secure...Bitglass Webinar - BlueCross BlueShield of Tennessee's CASB Journey to Secure...
Bitglass Webinar - BlueCross BlueShield of Tennessee's CASB Journey to Secure...
 

En vedette

Phishing: How to get off the hook using Intelligent IAM
Phishing: How to get off the hook using Intelligent IAMPhishing: How to get off the hook using Intelligent IAM
Phishing: How to get off the hook using Intelligent IAM
Courion Corporation
 
PDFCertification
PDFCertificationPDFCertification
PDFCertification
Gene Berger
 
Check Point Certified Security Admin
Check Point Certified Security AdminCheck Point Certified Security Admin
Check Point Certified Security Admin
Gene Berger
 
Cisco ASA Firewall Interview Question "aka Stump-the-Chump" Question # 01
Cisco ASA Firewall Interview Question "aka Stump-the-Chump" Question # 01Cisco ASA Firewall Interview Question "aka Stump-the-Chump" Question # 01
Cisco ASA Firewall Interview Question "aka Stump-the-Chump" Question # 01
Duane Bodle
 
How to Audit Firewall, what are the standard Practices for Firewall Audit
How to Audit Firewall, what are the standard Practices for Firewall AuditHow to Audit Firewall, what are the standard Practices for Firewall Audit
How to Audit Firewall, what are the standard Practices for Firewall Audit
keyuradmin
 

En vedette (18)

10 IT Security Trends to Watch for in 2016
10 IT Security Trends to Watch for in 201610 IT Security Trends to Watch for in 2016
10 IT Security Trends to Watch for in 2016
 
Phishing: How to get off the hook using Intelligent IAM
Phishing: How to get off the hook using Intelligent IAMPhishing: How to get off the hook using Intelligent IAM
Phishing: How to get off the hook using Intelligent IAM
 
PDFCertification
PDFCertificationPDFCertification
PDFCertification
 
10 Things to Watch for in 2016
10 Things to Watch for in 201610 Things to Watch for in 2016
10 Things to Watch for in 2016
 
Courion Survey Findings: Access Risk Attitudes
Courion Survey Findings: Access Risk AttitudesCourion Survey Findings: Access Risk Attitudes
Courion Survey Findings: Access Risk Attitudes
 
4 ways to defend against internal attacks
4 ways to defend against internal attacks4 ways to defend against internal attacks
4 ways to defend against internal attacks
 
Check Point Certified Security Admin
Check Point Certified Security AdminCheck Point Certified Security Admin
Check Point Certified Security Admin
 
Firewall audit
Firewall auditFirewall audit
Firewall audit
 
Checkpoint - A Practical Demonstration of Endpoint Security
Checkpoint - A Practical Demonstration of Endpoint SecurityCheckpoint - A Practical Demonstration of Endpoint Security
Checkpoint - A Practical Demonstration of Endpoint Security
 
Forti web
Forti webForti web
Forti web
 
Cisco ASA Firewall Interview Question "aka Stump-the-Chump" Question # 01
Cisco ASA Firewall Interview Question "aka Stump-the-Chump" Question # 01Cisco ASA Firewall Interview Question "aka Stump-the-Chump" Question # 01
Cisco ASA Firewall Interview Question "aka Stump-the-Chump" Question # 01
 
Firewalking
FirewalkingFirewalking
Firewalking
 
How to Audit Firewall, what are the standard Practices for Firewall Audit
How to Audit Firewall, what are the standard Practices for Firewall AuditHow to Audit Firewall, what are the standard Practices for Firewall Audit
How to Audit Firewall, what are the standard Practices for Firewall Audit
 
Building a culture of security
Building a culture of securityBuilding a culture of security
Building a culture of security
 
Spam Detection with a Content-based Random-walk Algorithm (SMUC'2010)
Spam Detection with a Content-based Random-walk Algorithm (SMUC'2010)Spam Detection with a Content-based Random-walk Algorithm (SMUC'2010)
Spam Detection with a Content-based Random-walk Algorithm (SMUC'2010)
 
Assessing the Risk of Identity and Access
Assessing the Risk of Identity and AccessAssessing the Risk of Identity and Access
Assessing the Risk of Identity and Access
 
Buyers Guide for Governance
Buyers Guide for GovernanceBuyers Guide for Governance
Buyers Guide for Governance
 
8 Tips on Creating a Security Culture in the Workplace
8 Tips on Creating a Security Culture in the Workplace8 Tips on Creating a Security Culture in the Workplace
8 Tips on Creating a Security Culture in the Workplace
 

Similaire à Access Assurance in the Cloud

dtechnClouologyassociatepart2
dtechnClouologyassociatepart2dtechnClouologyassociatepart2
dtechnClouologyassociatepart2
Anne Starr
 
Guide to security patterns for cloud systems and data security in aws and azure
Guide to security patterns for cloud systems and data security in aws and azureGuide to security patterns for cloud systems and data security in aws and azure
Guide to security patterns for cloud systems and data security in aws and azure
Abdul Khan
 

Similaire à Access Assurance in the Cloud (20)

Intel boubker el mouttahid
Intel boubker el mouttahidIntel boubker el mouttahid
Intel boubker el mouttahid
 
IT4651w-CC-1b-Introduction.pptx
IT4651w-CC-1b-Introduction.pptxIT4651w-CC-1b-Introduction.pptx
IT4651w-CC-1b-Introduction.pptx
 
Transforming cloud security into an advantage
Transforming cloud security into an advantageTransforming cloud security into an advantage
Transforming cloud security into an advantage
 
Myths of validation
Myths of validationMyths of validation
Myths of validation
 
Cloud computing overview
Cloud computing overviewCloud computing overview
Cloud computing overview
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Security
 
dtechnClouologyassociatepart2
dtechnClouologyassociatepart2dtechnClouologyassociatepart2
dtechnClouologyassociatepart2
 
Guide to security patterns for cloud systems and data security in aws and azure
Guide to security patterns for cloud systems and data security in aws and azureGuide to security patterns for cloud systems and data security in aws and azure
Guide to security patterns for cloud systems and data security in aws and azure
 
Cloud computing 10 cloud security advantages and challenges
Cloud computing 10 cloud security advantages and challengesCloud computing 10 cloud security advantages and challenges
Cloud computing 10 cloud security advantages and challenges
 
Module 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDModule 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUD
 
Cloud is not an option, but is security?
Cloud is not an option, but is security?Cloud is not an option, but is security?
Cloud is not an option, but is security?
 
Cloud security
Cloud securityCloud security
Cloud security
 
Cloud computing-security-issues
Cloud computing-security-issuesCloud computing-security-issues
Cloud computing-security-issues
 
Cloud Computing - The new buzz word
Cloud Computing - The new buzz wordCloud Computing - The new buzz word
Cloud Computing - The new buzz word
 
Does cloud technology belong at your law firm?
Does cloud technology belong at your law firm?Does cloud technology belong at your law firm?
Does cloud technology belong at your law firm?
 
Bringing the Cloud Back to Earth
Bringing the Cloud Back to EarthBringing the Cloud Back to Earth
Bringing the Cloud Back to Earth
 
Trust, security and privacy issues with cloud erp
Trust, security and privacy issues with cloud erpTrust, security and privacy issues with cloud erp
Trust, security and privacy issues with cloud erp
 
Cloud Security: A matter of trust?
Cloud Security: A matter of trust?Cloud Security: A matter of trust?
Cloud Security: A matter of trust?
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
 
May 2013 Federal Cloud Computing Summit Keynote by David Cearly
May 2013 Federal Cloud Computing Summit Keynote by David CearlyMay 2013 Federal Cloud Computing Summit Keynote by David Cearly
May 2013 Federal Cloud Computing Summit Keynote by David Cearly
 

Dernier

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
Puma Security, LLC
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 

Dernier (20)

Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 

Access Assurance in the Cloud

  • 1. Assuring Access in the Cloud
  • 2. 2 What is the Cloud?  The cloud is a network of servers, and each server has a different function. Some servers use computing power to run applications or "deliver a service.“*  Basically, it’s a network of servers and computers hosting your information away from your physical device. *From The Beginners Guide to the Cloud: Mashable “Thunder and lightning isn’t God being angry, its just Microsoft and Google fighting in the clouds.” - Anonomyus
  • 3. 3 What is Cloud Computing ?  Noun: the practice of using a network of remote servers hosted on the Internet to store, manage, and process data, rather than a local server or a personal computer.  Many different varieties: • IT computing accessible online • Available from anywhere • Virtualization • Interchangeable services • On-demand for peak loads and needs • IaaS, PaaS, SaaS
  • 6. 6 Enabling the Business  If business drivers for cloud computing are: • Agility and flexibility • Performance and scale • Operational efficiency • Universal access  Security must be: • Transparent • Dynamic • Flexible • Operationally Efficient
  • 7. 7 The Business Needs for IAM  Transparent compliance  Sustained efficiencies  Improved business agility  Access Assurance visibility to LOB
  • 8. 8 Access Assurance for the Cloud  Ensuring the right people have the right access to the right resources regardless of where those resources are physically located and managed • Hosted applications • SaaS applications • Private clouds • Public clouds  Providing the basis for: • Access policy definition • Preventative controls and enforcement via provisioning • Access verification of user access to cloud applications
  • 9. 9 Cloud Does Not Change Requirements Same information  PHI & privacy data (HIPPA, etc)  Key financial data (SOX)  Card holder information (PCI)  Other high risk (shareholders) Same IAM requirements  All access must connect to enterprise identities  Access certification  Separation of duties for operators and users  Privileged access management  Access management • Who has access? • Who has accessed?
  • 11. 11 So Must Access Assurance Be
  • 12. 12 What Comes with the Cloud?  No more closed and controlled surfaces • You no longer have direct control or oversight  You are still accountable to the law and shareholders • You may be subject to new regulations  Vendors will try to lock-in  Level of auditability of their controls  Key is transparency, embedded controls, and agility
  • 13. 13 Risks and Considerations  Disabling network access does not prevent access to key applications and data  Ensure new users get access quickly and changes are reflected accurately  Management of identity information in the cloud • Delegation and assurance  Where is sensitive data located and how managed?  Privacy management  Administrative access to sensitive data and users  Compliance and regulatory requirements  Security aspects as part of partner agreements
  • 15. 15 To Achieve Access Assurance You Must
  • 16. 16 To Achieve Access Assurance You Must
  • 17. 17 To Achieve Access Assurance You Must
  • 20. 20 Critical Need Across IT Services
  • 22. 22 Courion Access Assurance Suite Secure the Enterprise, don’t slow it down… Designed for Your Complex Environment
  • 23. 23 The Secret to Making it All Work  A user interface that business users understand  Ability to gather information from numerous sources  Information that is actionable for remediation  Fast, reliable, scalable implementation  Breadth of capability to reach to variety of systems and resources • Off-premise applications • Virtualization • Platform and infrastructure • Federation  Proven customer success in a cloud environment
  • 24. 24 IAM and the Cloud  Risks and required controls may increase due to cloud: • Removal of corporate network access no longer a compensating control • Sensitive data is now in different locations and may be:  More accessible  Subject to different regulations • Additional technologies for provisioning and access compliance  Must span the traditional enterprise and the cloud • Policy definition • Accurate tracking and periodic review of access • Balance of preventative and detective controls
  • 25. 25 Bottom Line  The cloud and cloud computing are a reality  Closed and controlled moves to dynamic, open, and accessible  Identity plays a critical role in cloud environments  Need to deal with… • Lack of control of data • Extended reach of administrative privileges • Privacy and trust • Complexity of handling identities  An Access Assurance strategy is critical
  • 26. 26 What Now?  If you’re looking for more information on how an Access Assurance Suite can transform your company’s information, contact us today. We can provide a quick scan of your system and let you know where your hidden risks lie and how to take care of them. info@Courion.com www.Courion.com Get My Quick Scan >>