Cloud Computing Security: Mapping Concepts to Practical Techniques

Slides:



Advertisements
Similar presentations
© 2012 Open Grid Forum Simplifying Inter-Clouds October 10, 2012 Hyatt Regency Hotel Chicago, Illinois, USA.
Advertisements

The Threat Within September Copyright © 2004 Q1 Labs. All Rights Reserved Agenda Customer Pain Industry Solutions Network Behavior Enforcement Example.
Security, Privacy and the Cloud Connecticut Community Providers’ Association June 20, 2014 Steven R Bulmer, VP of Professional Services.
Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –
An Approach to Secure Cloud Computing Architectures By Y. Serge Joseph FAU security Group February 24th, 2011.
1 Security on OpenStack 11/7/2013 Brian Chong – Global Technology Strategist.
Security in the Cloud: Can You Trust What You Can’t Touch? Rob Johnson Security Architect, Cloud Engineering Unisys Corp.
1 Telstra in Confidence Managing Security for our Mobile Technology.
Government Technology Bay Area Technology Forum November 5, 2009 Presented By: Jon Fullinwider Director, Local Government Citrix Systems, Inc. Presented.
Supervisor : Mr. Hadi Salimi Advanced Topics in Information Systems Mazandaran University of Science and Technology February 4, 2011 Survey on Cloud Computing.
INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.
Copyright Marchany 2010 Cloud Computing Security Issues Randy Marchany, VA Tech IT Security,
Securing and Auditing Cloud Computing Jason Alexander Chief Information Security Officer.
Security Framework For Cloud Computing -Sharath Reddy Gajjala.
MIGRATING INTO A CLOUD P. Sai Kiran. 2 Cloud Computing Definition “It is a techno-business disruptive model of using distributed large-scale data centers.
Security issues in the Cloud Presentation for CloudCamp 2012 (Lagos) Christopher Odutola FVC Inc. Dubai.
© 2010 IBM Corporation Cloudy with a chance of security Information security in virtual environments Johan Celis Security Solutions Architect EMEA IBM.
SEC835 Database and Web application security Information Security Architecture.
SECURITY IN CLOUD COMPUTING By Bina Bhaskar Anand Mukundan.
Computer Crime and Information Technology Security
Cloud Computing Saneel Bidaye uni-slb2181. What is Cloud Computing? Cloud Computing refers to both the applications delivered as services over the Internet.
Jim Reavis, Executive Director Cloud Security Alliance November 22, 2010 Developing a Baseline On Cloud Security.
Computer Science and Engineering 1 Csilla Farkas Associate Professor Center for Information Assurance Engineering Dept. of Computer Science and Engineering.
Security Could Ruin Everything! Source: 451 Research, Dec 2012.
NICE :Network Intrusion Detection and Countermeasure Selection in Virtual Network Systems.
Computer Science and Engineering 1 Cloud ComputingSecurity.
1 Suronapee Phoomvuthisarn, Ph.D. / NETE4631:Cloud Privacy and Security - Lecture 12.
Knowing What You Missed Forensic Techniques for Investigating Network Traffic.
How to Integrate Security Tools to Defend Data Assets Robert Lara Senior Enterprise Solutions Consultant, GTSI.
CIO Perspectives on Security Fabrício Brasileiro Regional Sales Manager.
Kia Manoochehri.  Background  Threat Classification ◦ Traditional Threats ◦ Availability of cloud services ◦ Third-Party Control  The “Notorious Nine”
Scott Charney Cybercrime and Risk Management PwC.
3/14/2016 © Crown Copyright. All rights reserved. Risk Managed Cloud Computing HMG IA Approach Ian McCormack TD IA Policy and Risk CESG.
Chapter 11 – Cloud Application Development. Contents Motivation. Connecting clients to instances through firewalls. Cloud Computing: Theory and Practice.
SEMINAR ON.  OVERVIEW -  What is Cloud Computing???  Amazon Elastic Cloud Computing (Amazon EC2)  Amazon EC2 Core Concept  How to use Amazon EC2.
Clouding with Microsoft Azure
Check Point vSEC STORY [Protected] Non-confidential content.
Prof. Jong-Moon Chung’s Lecture Notes at Yonsei University
Introduction to Barracuda IM Firewall
CLOUD SECURITY Timothy Brown Director, Security & Virtualization
Security on OpenStack 11/7/2013
Stop Cyber Threats With Adaptive Micro-Segmentation
Understanding The Cloud
Avenues International Inc.
VIRTUALIZATION & CLOUD COMPUTING
Windows Server 2016 Secure IaaS Microsoft Build /1/2018 4:00 AM
Public Facilities and Cyber Security
NETWORK SECURITY Cryptography By: Abdulmalik Kohaji.
INFORMATION SECURITY The protection of information from accidental or intentional misuse of a persons inside or outside an organization Comp 212 – Computer.
Chapter 21: Cloud Computing and Related Security Issues
Chapter 22: Cloud Computing Technology and Security
Bill Banks | Security Engineer
Network Services, Cloud Computing, and Virtualization
Cloud Security An IaaS Story 2018 © Netskope. All rights reserved.
11/17/2018 9:32 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
Developing a Baseline On Cloud Security Jim Reavis, Executive Director
Brandon Traffanstedt Systems Engineer - Southeast
Security.
What is Interesting in the CCSP certification?
Computers Are Your Future Twelfth Edition
Cloud Computing: Concepts
(With Hybrid Network Support)
MS AZURE By Sauras Pandey.
Computer Science and Engineering
Cloud Security AWS as an example.
Cloud Security AWS as an example.
Making Windows Azure Relevant to IT Professionals
Network Security in Academia: an Oxymoron?
Cloud Computing for Wireless Networks
Presentation transcript:

Cloud Computing Security: Mapping Concepts to Practical Techniques Gilad Parann-Nissany http://www.porticor.com contact@porticor.com September 6th, 2010 Cloud Computing Security: Mapping Concepts to Practical Techniques Copyright 2009, 2010 ©Porticor 9/21/2018

Earlier today, CSA talked about… Pay as you go Reasonable cost On-demand Self service Elastic Scale My precious data in a public place? Who do I trust? How easy to hack? Is encryption enough? Can I control it? Many considerations exist even before clouds Some considerations really are new Copyright 2009, 2010 © Porticor 9/21/2018

Modern threats… Its far too easy to be a bad guy Hacking is a business today, often involving professional criminals Interesting fact: biggest cloud in the world belongs to the crooks Number of Systems: 6,400,000 Number of CPUs: 18,000,000+ Bandwidth: 28 Terabits Facilities: 230 Countries …the Conficker worm  R. Joffe Copyright 2009, 2010 ©Porticor 9/21/2018

How much (cloud) security do I really need? Draw your conclusions Do I need security? What needs most security (most valuable)? Where do I need security most? (store, comm, …) Evaluate service, functionality & data flow Cloud providers, service models Detailed analysis of where your data will be “at rest” and during communication Evaluate asset and attractiveness of target Money value Non-monetary value Nuisance value For whom? (pros? Insiders? kids?) Identify the asset for the cloud deployment Data Applications, Functions, Processes Copyright 2009, 2010 ©Porticor 9/21/2018

Governance: managing security & compliance by clarity Governance: managing security & compliance Risk management Legal and Electronic Discovery Compliance and Audit Information life cycle Standards Ops in cloud Traditional Security Data Center Incident Mgmt Application Security Encryption and Keys Identity and Access Virtualization Cloud Arch. I/P/SaaS Application Information Management Network Trust Storage Physical Copyright 2009, 2010 ©Porticor 9/21/2018

Applying Security Concepts to Public Clouds Some pretty new stuff Secure distributed data storage Keys management Hypervisors and virtual machines Physical security of cloud environments Role of encryption changes New data protection measures emerge (i.e. fragmentation) Some known concepts translate to cloud with a twist APIs SaaS security Usage of IaaS Identity Access Management Policy management Denial of Service prevention Web Application Firewall Firewall Virtual Private Networks Database Firewall Intrusion Detection and Prevention (IDS/IPS) Logging and Log forensics Security Information Management Data Leak Prevention Scanning for exploits Scanning for virus *courtesy CSA Copyright 2009, 2010 ©Porticor 9/21/2018

Demo: known concepts that translate to cloud with a twist Firewalls in AWS Application firewall in AWS Role of APIs Role of IaaS Copyright 2009, 2010 ©Porticor 9/21/2018

Understand your complete problem domain Understand the value of your data and service: sec should be cost effective Understand your complete problem domain Governance & Measurement Architecture & Technology Specifics of your application Answers Some take known concepts and add APIs, use SaaS and IaaS Some are truly new Cloud Operations really is new! Map out – what’s relevant for you Roll your own – or work with someone who has experience? Copyright 2009, 2010 ©Porticor 9/21/2018

Thank you Questions? http://www.porticor.com contact@porticor.com Copyright 2009, 2010 ©Porticor 9/21/2018