Presentation is loading. Please wait.

Presentation is loading. Please wait.

Riding the Cloud Storm – Responding to Cloud Risks David Rawle Technical Director.

Published bySharon Merritt Modified over 8 years ago

Similar presentations

Presentation on theme: "Riding the Cloud Storm – Responding to Cloud Risks David Rawle Technical Director."— Presentation transcript:

1 Riding the Cloud Storm – Responding to Cloud Risks David Rawle Technical Director

2 First things first Thanks to Dave and Ian

3 A little about Bytes SP and myself Security Partnerships acquired by Bytes in 2011 I started working for Security Partnerships in January 2000 as their first Technical Resource As a Consultant I have designed and delivered multi-million pound solutions for household names As a Manager I developed the technical team and professional services within Security Partnerships As one of two Directors of Bytes Security Partnerships I have helped to grow the business by a further 50% in 2 years

4 I am very proud of our business and what and how it does things

5 So now you know what the cloud is how does it apply to Information Security?

6 “Information security, sometimes shortened to InfoSec, is the practice of defending information from unauthorised access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. It is a general term that can be used regardless of the form the data may take” -Wikipedia : September 2013

7 One more reason why cloud is a good idea…

8 Why cloud? For every server room that looks like this…

9 Why cloud? There is one that looks like this…

10 Information Security in the cloud is just as important as “on-premise” Different challenges Same key requirements You can’t just say “it’s the provider’s problem”

11 Which vendors cloud technology?

12 So what does Cloud mean to us?

13 What are we trying to achieve? This?

14 What are we trying to achieve? This?

15 What are we trying to achieve? This?

16 What are we trying to achieve The reality is its all of them…

17 The Cloud in the modern workplace Dave has talked about how people are working Ian has talked about all the different things that The Cloud can be

18 IT Security Evolved

19 The first phase of change From this Traditional Firewall Office Based Users

20 All solutions focussed on protecting users from the Internet

21 The first phase of change To this Next Gen Firewall Users anywhere on any device

22 Solutions focussed on protecting users from the Internet and providing access to internal systems from different devices in different locations

23 Where are we headed? And on to this…

24 The key pillars of Cloud Security Deterrent Controls - These controls are set in place to prevent any purposeful attack on a cloud system. Much like a warning sign on a fence or a property, these controls do not reduce the actual vulnerability of a system. Preventative Controls - These controls upgrade the strength of the system by managing the vulnerabilities. The preventative control will safeguard vulnerabilities of the system. If an attack were to occur, the preventative controls are in place to cover the attack and reduce the damage and violation to the system's security. Corrective Controls - Corrective controls are used to reduce the effect of an attack. Unlike the preventative controls, the corrective controls take action as an attack is occurring. Detective Controls - Detective controls are used to detect any attacks that may be occurring to the system. In the event of an attack, the detective control will signal the preventative or corrective controls to address the issue.

25 Cloud Security – The same but different The challenges are the same – Secure storage of data that trusted people need to be able to access – Provision of applications that people can work with effectively – Proof that the systems are secure and managed in the right way

26 Security challenges Who is accessing your data? What are they accessing? When are the accessing it?

27 Other challenges Cloud is not 100% guaranteed to be available? Your infrastructure as backup for the cloud? How do you deploy a “hybrid” cloud environment? How do you make it appear as one?

28 Other challenges How do you control devices that are out of the office? Not just Phones and Tablets? How do you make your data available anywhere from any device seamlessly

29 How can our Vendors help you? Best of breed firewall technology Common rule base on:- – Premises based appliances – VMWare based virtual appliances – Cloud based virtual appliances – Protect from DOS attacks on-premise Consolidated policies, logging and reporting for all deployments

30 How can our Vendors help you? Best of breed application delivery and security for both Cloud and Premises based deployments

31 How can our Vendors help you? Best of breed mobile device management and mobile application deployment Purpose built to enable the mobile enterprise Not just about Tablets and Phones

32 How can our Vendors help you? Providing secure, available cloud storage for emails and files Giving users a valid corporate alternative to Dropbox, Google Drive etc

33 Summary The IT Security Challenges don’t go away, they just move IT Security has become a business enabler rather than a business preventer It is moving into the cloud space hand in hand with the functionality that is available

Download ppt "Riding the Cloud Storm – Responding to Cloud Risks David Rawle Technical Director."

Similar presentations

Information Security Update CTC 18 March 2015 Julianne Tolson.

Information Security Update CTC 18 March 2015 Julianne Tolson.
Asif Jinnah Microsoft IT – United Kingdom. Security Challenges in an ever changing landscape Evolution of Security Controls: Microsoft’s Secure Anywhere.

Asif Jinnah Microsoft IT – United Kingdom. Security Challenges in an ever changing landscape Evolution of Security Controls: Microsoft’s Secure Anywhere.
Mehdi Ghayoumi Kent State University Computer Science Department Summer 2015 Exposition on Cyber Infrastructure and Big Data.

Mehdi Ghayoumi Kent State University Computer Science Department Summer 2015 Exposition on Cyber Infrastructure and Big Data.
Small Business Server is Dead! Long Live Zynstra Cloud Managed Appliances June 2014 Andrew Birch Channel Mgr Zynstra.

Small Business Server is Dead! Long Live Zynstra Cloud Managed Appliances June 2014 Andrew Birch Channel Mgr Zynstra.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.

Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
Network security Product Group 2 McAfee Network Security Platform.

Network security Product Group 2 McAfee Network Security Platform.
Survey Report IPEXPO 2015 Top priorities and Technology Trends.

Survey Report IPEXPO 2015 Top priorities and Technology Trends.
Microsoft Virtual Academy Preparing for the Windows 8.1 MCSA Module 5: Managing Devices & Resource Access.

Microsoft Virtual Academy Preparing for the Windows 8.1 MCSA Module 5: Managing Devices & Resource Access.
© 2012 IBM Corporation IBM Security Systems 1 © 2012 IBM Corporation Cloud Security: Who do you trust? Martin Borrett Director of the IBM Institute for.

© 2012 IBM Corporation IBM Security Systems 1 © 2012 IBM Corporation Cloud Security: Who do you trust? Martin Borrett Director of the IBM Institute for.
What’s New Data Loss Prevention 14. Information is Everywhere Brings Productivity, Agility, Convenience ……and Problems Copyright © 2015 Symantec Corporation.

What’s New Data Loss Prevention 14. Information is Everywhere Brings Productivity, Agility, Convenience ……and Problems Copyright © 2015 Symantec Corporation.
Head in the Clouds, feet on the ground David Massey Chief Technology Officer.

Head in the Clouds, feet on the ground David Massey Chief Technology Officer.
Short Customer Presentation September 2014. The Company  Storgrid delivers a secure software platform for creating secure file sync and sharing solutions.

Short Customer Presentation September The Company  Storgrid delivers a secure software platform for creating secure file sync and sharing solutions.
Complete Cloud Security Anyone, anywhere, any app, any device.

Complete Cloud Security Anyone, anywhere, any app, any device.
SDN & NFV Driving Additional Value into Managed Services.

SDN & NFV Driving Additional Value into Managed Services.
Digital Asset Management & Storage Program Program Summary

Digital Asset Management & Storage Program Program Summary
Michael Wright • Chief Security Officer • Tech Lock

Michael Wright • Chief Security Officer • Tech Lock
PrinterOn Mobile Printing Platform

PrinterOn Mobile Printing Platform
Office 365 is your modern Office Microsoft Office365 12/26/2017

Office 365 is your modern Office Microsoft Office365 12/26/2017
Your Office 365 Journey Prepare, Migrate, and Operate with Barracuda

Your Office 365 Journey Prepare, Migrate, and Operate with Barracuda
Deployment Planning Services

Deployment Planning Services

Similar presentations

Ads by Google