Cloud security is a must have. Also, an expectation AND a business accelerator.
But what really changes with cloud ? Cloud is not more or less secure : the security posture evolves..
14. ensures data protection data classification & rights assignation private networks, encryption & strong authentication access control, rights management, encryption encryption, asset management crypto-shredding, secure deletion, content discovery create transfer store use archive destroy application security, logical controls, activity monitoring
15. appropriate level of engagement Cloud service provider management customer’s management responsibilities between parties datacenter servers & network Hypervisor (VMM) VM operating systems middleware applications IaaS PaaS SaaS increased criticality high-level of shared resources increased responsibilities for the Cloud Service Provider
16. Cloud models & security public Cloud for enterprises community cloud private cloud hybrid cloud shared infrastructure dedicated infrastructure/staff/processes security is under customer’s control security controlled by the provider Internal risk & compliance still apply here !
20. portfolio Infrastructure as a Service Software as a Service IT infrastructure as a Service Security as a Service Collaboration as a Service Real-Time applications as a Service Back-up and Storage as a Service Flexible Computing Premium Messaging Protection Suite Web Protection Suite Unified Collaboration (B2GaaS) Fleet Management Network IVR Business Store Flexible Computing Private 2011 H2 2010 now VPN Galerie IT Plan Contact Center as a Service Cloud-ready Networking Business VPN Business Acceleration Flexible Computing Business Telephony Hosted Exchange Orange API Private Applications Store Business Together with Microsoft – Online Services Flexible SSL Smartphone management Application & Content Delivery Networking
26. Cloud specific vulnerabilities On-demand self-service Ubiquitous network access Resource polling Rapid elasticity Measured service NIST Virtualization Hyper-jacking VM-Escape VM sprawl VM Theft Direct vulnerabilities
27.
28. Yes : Thanks to cloud-specific vulnerabilities On-demand self-service Ubiquitous network access Resource polling Rapid elasticity Measured service NIST Virtualization Hyper-jacking VM-Escape VM sprawl VM Theft Direct vulnerabilities Indirect vulnerabilities Inability to monitor traffic Limited network zoning Single point of failure Forbidden network vulns scans
La menace suit à la trace les données, quelque soit leur localisation, dans le cloud ou sur les périphériques mobiles….
TODO : Titre à retravailler/préciser….
presentation title
Exemple : SecuityInTTM pour les prohets de conception de service Exemple : Un qui n’a pas de SecuerityInttM TODO: Enlever slides « Recommamdations » et le