Presentation is loading. Please wait.

Presentation is loading. Please wait.

CLOUD SECURITY. CREDIT UNION 2.0 For Credit Unions to succeed – they need to shift their business model and focus all of their technology resources on:

Published byRafe Manning Modified over 8 years ago

Similar presentations

Presentation on theme: "CLOUD SECURITY. CREDIT UNION 2.0 For Credit Unions to succeed – they need to shift their business model and focus all of their technology resources on:"— Presentation transcript:

1 CLOUD SECURITY

2 CREDIT UNION 2.0 For Credit Unions to succeed – they need to shift their business model and focus all of their technology resources on: A) Member Facing Technology B) Technology Marketing C) Technology Enabled Service Copyright © 2016 Ongoing Operations, LLC. All rights reserved. www.ongoingoperations.com

3 CREDIT UNION 2.0 Instead of: Technology Compliance Technology Infrastructure HR Copyright © 2016 Ongoing Operations, LLC. All rights reserved. www.ongoingoperations.com

4 CREDIT UNION 2.0 OGO Progress: Copyright © 2016 Ongoing Operations, LLC. All rights reserved. www.ongoingoperations.com 2006 – Disaster Recovery 2011 – Acquire Cloudwor ks 2012 – Launch OGO Telecom 2014 – Begin Managed Security 40-50 Credit Unions fully cloud based today

5 CU 2.0 CHANGE THE GAME Copyright © 2016 Ongoing Operations, LLC. All rights reserved. www.ongoingoperations.com Disaster Recovery Cyber Security TelecomHosting Tech Driven Marketing Tech Driven Service Tech Driven Tools

6 CLOUD SECURITY CONCERNS Copyright © 2016 Ongoing Operations, LLC. All rights reserved. www.ongoingoperations.com

7 CREDIT UNION IT SECURITY CHALLENGES – OGO CLIENTS 85% spent on Compliance Old architecture AdHoc development Painful to evolve Constantly changing regulatory environment Low resources Knowledge GAP Copyright © 2016 Ongoing Operations, LLC. All rights reserved. www.ongoingoperations.com

8 ARCHITECTURE - CHALLENGES Typical CU Environment Virtualization Trusted Zones create false sense of security Built over time Security was a secondary thought Audit and Compliance Standards Legacy Infrastructure (Core) Copyright © 2016 Ongoing Operations, LLC. All rights reserved. www.ongoingoperations.com

9 TechnologyCredit UnionCloud Provider Data Center (cooling, UPS, Generator) 5 of 109 of 10 SAN (Storage platform)5 of 109 of 10 Switching5 of 109 of 10 Servers5 of 109 of 10 Database Platforms5 of 109 of 10 Email5 of 109 of 10 Virtualization Technology5 of 109 of 10 Bandwidth5 of 109 of 10 Security Components5 of 109 of 10 1 + 1 = 2 Copyright © 2016 Ongoing Operations, LLC. All rights reserved. www.ongoingoperations.com X SO WHY NOT MOVE?

10 CLOUD SECURITY CRITERIA Copyright © 2016 Ongoing Operations, LLC. All rights reserved. www.ongoingoperations.com 1. Philosophy 2. Tactics 3. Audit/Compliance 4. Legal

11 CLOUD PHILOSOPHY Copyright © 2016 Ongoing Operations, LLC. All rights reserved. www.ongoingoperations.com

12 CLOUD SECURITY TACTICS Copyright © 2016 Ongoing Operations, LLC. All rights reserved. www.ongoingoperations.com Assess CISO as a Service Tools CU Control, CleanPipe Monitor CU Control, CSM, Threats React CSM+ Architecture Internal External Location of Data Audits Tool Kits Self-Service Monitoring Remediation

13 Copyright © 2016 Ongoing Operations, LLC. All rights reserved. www.ongoingoperations.com What Is OGO Protecting Today? Servers Network Devices Users &Workstations 750+ 3500+

14 Copyright © 2016 Ongoing Operations, LLC. All rights reserved. www.ongoingoperations.com INTERNAL DEFENSE FeatureBasicStandardAdvancedHosted Platform     System Inventory     Asset Tracking     License Tracking     Warranty Tracking     Reporting     Anti-Virus    Windows Patching    3 rd Party Patching    SLA Management    Change Reporting    Backup Management    Web Filtering (desktop only)   SEIM (with Log Aggregation) 24/7   Firewall Management   Mobile Device Management   Vulnerability Scanning   SharePoint Portal Q3 – 2016

15 Copyright © 2016 Ongoing Operations, LLC. All rights reserved. www.ongoingoperations.com REPORTING

16 Copyright © 2016 Ongoing Operations, LLC. All rights reserved. www.ongoingoperations.com EXTERNAL DEFENSE FeatureOn PremiseHosted Firewall Management   CleanPipe   Router Management   Switch Management   Penetration Testing  

17 CLOUD ARCHITECTURE Copyright © 2016 Ongoing Operations, LLC. All rights reserved. www.ongoingoperations.com

18 Copyright © 2016 Ongoing Operations, LLC. All rights reserved. www.ongoingoperations.com EXTERNAL DEFENSE - CLEANPIPE What is CleanPipe? Bundling of Solutions that create a private “scrubbed” internet – Blended Private Internet Connection From OGO – Anti-Dos Technology – DNS – Pre-built mitigation strategies – 24/7 SOC/Monitoring CleanPipe

19 Copyright © 2016 Ongoing Operations, LLC. All rights reserved. www.ongoingoperations.com SIEM/SOC 24/7 - TRUSHIELD Service NameDescription CSM 24/7/365 security monitoring, alerting and incident response for subscribed devices. Includes threat advisory subscription. CSM+CSM, plus active remediation of subscribed devices. Vulnerability Management Regular vulnerability scanning in accordance with client regulatory environment, no less frequent than quarterly, with optional monthly or weekly scanning. Reporting includes executive reporting, trending, and detailed, risk- prioritized technical remediation information Service Levels

20 Copyright © 2016 Ongoing Operations, LLC. All rights reserved. www.ongoingoperations.com Process Cyber - Risk Assessment Tool Alignment and Installation Re- Assessment Gap Analysis and Strategy Maintenance

21 CISO AS A SERVICE Technical Skills on Demand Oversee and Administer IT Security Program Fully integrated with tool kit High caliber talent Meets with Board and Regulators Consistent focus on Credit Union IT Security (no distractions) Life cycle management Assess CISO as a Service Tools CU Control, CleanPipe Monitor CU Control, CSM, Threats React CSM+

22 CISO – WHO IS IT? Full Time – Cyber Expert / Analyst (OGO employee) – Creates reports- Independently – Meets with TruShield - Adds SIEM/SOC Data – Meets with OGO – Adds Support / NCUA data – Meets with Radware – Adds CleanPipe Data – Synergizes info and works with VCIO to: Develops strategy for Client Manage Remediation Propose Solutions Provide roadmap Jointly run Cyber – Quarterly Business Reviews

23 23 SSAE16 SOC 2 Type II The SOC 2 report focuses on a business’s non-financial reporting controls as they relate to security, availability, processing integrity, confidentiality, and privacy of a system, as opposed to SOC 1/SSAE 16 which is focused on the financial reporting controls A Type II report not only includes the service organization's description of controls, but also includes detailed testing of the service organization's controls over a minimum six month period (e.g. January 1, 2014 to September 30, 2014) PCI DDS Certification The Payment Card Industry Data Security Standard (PCI DSS) is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures The PCI DSS, a set of comprehensive requirements for enhancing payment account data security, was developed by the founding payment brands of the PCI Security Standards Council, to help facilitate the broad adoption of consistent data security measures on a global basis Penetration Testing and Vulnerability Scans At least once annually OGO engages an independent 3rd Party to test our security and identify any possible security gaps Vulnerability scans and internal testing is conducted more frequently Penetration Testing Execution Standard (PTES) methodology for executing, discovering, and validating the findings during testing The team will thoroughly assess and identify attack vectors, vulnerabilities, and weaknesses that you may or may not know existed Security and Certification Standards

24 LEGAL Copyright © 2016 Ongoing Operations, LLC. All rights reserved. www.ongoingoperations.com

25 HOW TO TAKE ADVANTAGE OF CLOUD SECURITY? Copyright © 2016 Ongoing Operations, LLC. All rights reserved. www.ongoingoperations.com 1. Philosophy (make a choice) 2. Tactics (align local tools first, than move) 3. Audit/Compliance (validate) 4. Legal (measure the transfer)

26 Q&A Copyright © 2016 Ongoing Operations, LLC. All rights reserved. www.ongoingoperations.com

27 ADJOURN Copyright © 2016 Ongoing Operations, LLC. All rights reserved. www.ongoingoperations.com

Download ppt "CLOUD SECURITY. CREDIT UNION 2.0 For Credit Unions to succeed – they need to shift their business model and focus all of their technology resources on:"

Similar presentations

The System Center Family Microsoft. Mobile Device Manager 2008.

The System Center Family Microsoft. Mobile Device Manager 2008.
JEFF WILLIAMS INFORMATION SECURITY OFFICER CALIFORNIA STATE UNIVERSITY, SACRAMENTO Payment Card Industry Data Security Standard (PCI DSS) Compliance.

JEFF WILLIAMS INFORMATION SECURITY OFFICER CALIFORNIA STATE UNIVERSITY, SACRAMENTO Payment Card Industry Data Security Standard (PCI DSS) Compliance.
Security Controls – What Works

Security Controls – What Works
Security Posture Assessment (SPA) Headquarters: Ofisgate Sdn Bhd (610820-A), 2-15 Jalan Jalil Perkasa 13 Aked Esplanad, Bukit Jalil, 57000 Kuala Lumpur,

Security Posture Assessment (SPA) Headquarters: Ofisgate Sdn Bhd ( A), 2-15 Jalan Jalil Perkasa 13 Aked Esplanad, Bukit Jalil, Kuala Lumpur,
Ferst Center Incident Incident Identification – Border Intrusion Detection System Incident Response – Campus Executive Incident Response Team Incident.

Ferst Center Incident Incident Identification – Border Intrusion Detection System Incident Response – Campus Executive Incident Response Team Incident.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.

1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.
Effectively Explaining the Cloud to Your Colleagues.

Effectively Explaining the Cloud to Your Colleagues.
Chapter 20 20-1 © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Financial Advisory & Litigation Consulting Services Risk Management 2006 September 14-15, 2006 The Metropolitan Club, New York, NY Workshop B: Information.

Financial Advisory & Litigation Consulting Services Risk Management 2006 September 14-15, 2006 The Metropolitan Club, New York, NY Workshop B: Information.
NUAGA May 22, 2014.  IT Specialist, Utah Department of Technology Services (DTS)  Assigned to Department of Alcoholic Beverage Control  PCI Professional.

NUAGA May 22,  IT Specialist, Utah Department of Technology Services (DTS)  Assigned to Department of Alcoholic Beverage Control  PCI Professional.
No one questions that Microsoft can write great software. Customers want to know if we can be innovative, scalable, reliable in the cloud. (1996) 450M+

No one questions that Microsoft can write great software. Customers want to know if we can be innovative, scalable, reliable in the cloud. (1996) 450M+
SEC835 Database and Web application security Information Security Architecture.

SEC835 Database and Web application security Information Security Architecture.
Enterprise Computing Community June 13 - 15, 2010February 27, 2010 1 Information Security Industry View Linda Betz IBM Director IT Policy and Information.

Enterprise Computing Community June , 2010February 27, Information Security Industry View Linda Betz IBM Director IT Policy and Information.
Lessons Learned in Smart Grid Cyber Security

Lessons Learned in Smart Grid Cyber Security
Copyright © 2006 CyberRAVE LLC. All rights reserved. 1 Virtual Private Network Service Grid A Fixed-to-Mobile Secure Communications Framework Managed Security.

Copyright © 2006 CyberRAVE LLC. All rights reserved. 1 Virtual Private Network Service Grid A Fixed-to-Mobile Secure Communications Framework Managed Security.
Cloud Computing Kwangyun Cho v=8AXk25TUSRQ.

Cloud Computing Kwangyun Cho v=8AXk25TUSRQ.
Dell Connected Security Solutions Simplify & unify.

Dell Connected Security Solutions Simplify & unify.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
DISCOVER IT PEACE OF MIND Staying HIPAA-Compliant Revised: April 13, 2015.

DISCOVER IT PEACE OF MIND Staying HIPAA-Compliant Revised: April 13, 2015.

Similar presentations

Ads by Google