Presentation is loading. Please wait.

Presentation is loading. Please wait.

Javier Salido, CIPP Sr. Program Manager Trustworthy Computing Group Microsoft Corporation SESSION CODE: SIA337.

Published byOwen Fowler Modified over 9 years ago

Similar presentations

Presentation on theme: "Javier Salido, CIPP Sr. Program Manager Trustworthy Computing Group Microsoft Corporation SESSION CODE: SIA337."— Presentation transcript:

1 Javier Salido, CIPP Sr. Program Manager Trustworthy Computing Group Microsoft Corporation SESSION CODE: SIA337

2

3

4 *Source: Ponemon study, “Cost of a Data Breach,” January 2010 www.encryptionreports.com/

5 *Source: Joshua Gómez, Travis Pinnick and Ashkan Soltani, “KnowPrivacy,” June 1 2009. http://www.knowprivacy.org/report/KnowPrivacy_Final_Report.pdf

6 *Source: Joshua Gómez, Travis Pinnick and Ashkan Soltani, “KnowPrivacy,” June 1 2009. http://www.knowprivacy.org/report/KnowPrivacy_Final_Report.pdf

7

8

9

10

11 People Executive management commitment Engaged management team Integrated governance organization Trained, aware, and accountable DGPC “Aware ” Culture Process Structured and repeatable processes Practical and enforceable policies Harmonized frameworks and standards Effective internal control environment DGPC Embedded in Processes Technology Secure infrastructure Identity and access control Information protection Auditing and reporting DGPC Enabled in Technology DGPC Framework

12 Manage DGPC Organization Manage DGPC Requirements Manage DGPC Strategy & Policies Manage DGPC Control Environment Integrated GRC Authority Documents Requirements Business Data Data Compliance Harmonized GRC Guidance (e.g. UCF) DGPC Controls Manual Controls Technical Controls DGPC Strategy Data Privacy & Confidentiality Principles DGPC Policies (Data Classification) GRC Authority Documents External regulations Control Frameworks Security & Privacy Standards Business Strategy

13

14 Transfer (New Lifecycle) Collect UpdateDelete Process Transfer

15 Safeguards against malware Safeguards against unauthorized access to sensitive info Protect systems from evolving threats Protect personal information from unauthorized access or use Provide management controls for identity, access and provisioning Protect sensitive personal information in structured databases Protect sensitive personal information in unstructured documents, messages and records, through encryption Protect data while on the net Monitor to verify integrity of systems and data Monitor to verify compliance with business processes Information Protection Auditing and reporting Secure Infrastructure Identity and Access Control

16

17 Information Protection Auditing and reporting Secure Infrastructure Identity and Access Control Manual Controls 1.Honor policies throughout the information lifecycle 2.Minimize risk of data misuse 3.Minimize impact of data loss 4.Demonstrate effectiveness of data protection policies and measures

18 Establish a context for analysis Identify (model) potential threats Analyze risks Determine risk treatment Evaluate effectiveness Clearly define the business purpose of the flow Identify privacy, security and compliance objectives for the flow Identify systems using the data

19 Log Storage Application Server Cloud Provider Customer

20 Establish a context for analysis Identify (model) potential threats Analyze risks Determine risk treatment Evaluate effectiveness Diagram of flow Threat Identification Data Flow Diagrams (DFD) Data stores & Data Flows Place Trust Boundaries!

21 Log Storage Application Server Cloud Provider Customer Trust Boundary

22

23 Establish a context for analysis Identify (model) potential threats Analyze risks Determine risk treatment Evaluate effectiveness Diagram of flow Threat Identification How to do this without being an expert? Use a method to step through Get specific about threats

24

25

26

27

28

29

30

31 Choice and Consent Options have to be displayed clearly in order to obtain appropriate consent Access and Correction Customer not able to view/modify personal information Accountability Customer PII is not properly classified Compliance Compliance reports not defined, escalation path to business owners is not specified Information Protection Customer information is sent in the clear, over unauthenticated channel Data Quality Quality depends on customer, no threat See Microsoft’s Application Privacy Assessment: http://www.microsoft.com/datagovernancehttp://www.microsoft.com/datagovernance

32 See Microsoft’s IT Infrastructure Threat Modeling Guide: http://technet.microsoft.com/en-us/library/dd941826.aspxhttp://technet.microsoft.com/en-us/library/dd941826.aspx

33 Establish a context for analysis Identify (model) potential threats Analyze risks Determine risk treatment Evaluate effectiveness Build the Risk/Gap analysis matrix Apply existing mitigations Identify residual risk

34 Servers are on regular OS and App. Patch cycle, and up- to-date in malware signatures (2) Incoming data is correctly classified and tagged as per customer choice and consent (1,2) Choices are displayed and consent obtained as per MPSD guide (1) Transaction log data is encrypted in transit and at rest (3,4) All material transactions are to be logged as per logging framework (3,4) Communications channel to, and log servers are monitored. Failover process to local log servers in processor facilities is up and running (4) Information Protection Auditing and reporting Secure Infrastructure Identity and Access Control Manual Controls

35 Establish a context for analysis Identify (model) potential threats Analyze risks Determine risk treatment Evaluate effectiveness Identify additional mitigations Determine risk treatment Mitigate Transfer Assume

36 Servers are on regular OS and App. Patch cycle, and up- to-date in malware signatures Incoming data is correctly classified and tagged as per customer choice and consent All transactions to take place on authenticated communications channel (2) Choices are displayed and consent obtained as per MPSD guide Transaction log data is encrypted in transit and at rest All material customer transactions arrive over encrypted comms channel (2) All material transactions are to be logged as per logging framework Communications channel to, and log servers are monitored. Failover process to local log servers in processor facilities is up and running Alerts and alert recipients defined and operational (3,4) Set of access and use reports, along with recipients and deliver schedules are defined (3,4) Define escalation path for issues (3,4) Information Protection Auditing and reporting Secure Infrastructure Identity and Access Control Manual Controls

37 Establish a context for analysis Identify (model) potential threats Analyze risks Determine risk treatment Evaluate effectiveness Ensure you are covering the entire data lifecycle Examine each trust boundary Have you made a clear decision of how each risk will be treated? Are mitigations done right?

38 Trustworthy Computing

39 Network Storage Server Application Virtual Machine Application Server Storage Network Application Virtual Machine Server Storage Network Server Storage Network Virtual Machine Application Mather, Kumaraswamy and Latif, “Cloud Security and Privacy,” O’Reilly 2009

40

41

42

43 Ask to see independent third party audits and attestations Understand what exactly what the certification/attestation is verifying ISO 27001 SAS 70 Type I and Type II Understand what is covered and what is not covered Coverage of the platform does not imply coverage of applications

44

45 Safeguards against malware (filtering: spam, antivirus, firewalls) Protect systems from evolving threats (patching and testing) Virtualization how is it used (depends on service type) PaaS development process from security/privacy perspective Roles and responsibilities between you and provider Provisioning and administration of accounts Model: Role/group based, least privilege Monitoring and auditing of accounts Provider access to your data Roles and responsibilities between you and provider Information Protection Auditing and reporting Secure Infrastructure Identity and Access Control Encryption of data while in storage and in transit Key management Data integrity and backups, data disposal methods Data collection and retention by provider Data loss/leakage prevention Roles and responsibilities between you and provider What can be monitored and reported by provider? How does that meet your compliance needs? Roles and responsibilities between you and provider

46

47

48

49

50 www.microsoft.com/teched www.microsoft.com/learning http://microsoft.com/technet http://microsoft.com/msdn

51

52 Sign up for Tech·Ed 2011 and save $500 starting June 8 – June 31 st http://northamerica.msteched.com/registration You can also register at the North America 2011 kiosk located at registration Join us in Atlanta next year

53

54

Download ppt "Javier Salido, CIPP Sr. Program Manager Trustworthy Computing Group Microsoft Corporation SESSION CODE: SIA337."

Similar presentations

29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY.

29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY.
Health Insurance Portability and Accountability Act (HIPAA)HIPAA.

Health Insurance Portability and Accountability Act (HIPAA)HIPAA.
HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.

HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.
Security Controls – What Works

Security Controls – What Works
Information Security Policies and Standards

Information Security Policies and Standards
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.

6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
Developing a Records & Information Retention & Disposition Program:

Developing a Records & Information Retention & Disposition Program:
August 9, 2005 UCCSC -- 2005 IT Security at the University of California A New Initiative Jacqueline Craig. Director of Policy Information Resources and.

August 9, 2005 UCCSC IT Security at the University of California A New Initiative Jacqueline Craig. Director of Policy Information Resources and.
Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.

Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.
First Practice - Information Security Management System Implementation and ISO 27001 Certification.

First Practice - Information Security Management System Implementation and ISO Certification.
Stephen S. Yau CSE 465-591, Fall 2006 1 Security Strategies.

Stephen S. Yau CSE , Fall Security Strategies.
Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.

Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.
Session 3 – Information Security Policies

Session 3 – Information Security Policies
Copyright © 2015 Pearson Education, Inc. Confidentiality and Privacy Controls Chapter 9 9-1.

Copyright © 2015 Pearson Education, Inc. Confidentiality and Privacy Controls Chapter
Securing and Auditing Cloud Computing Jason Alexander Chief Information Security Officer.

Securing and Auditing Cloud Computing Jason Alexander Chief Information Security Officer.
Ferst Center Incident Incident Identification – Border Intrusion Detection System Incident Response – Campus Executive Incident Response Team Incident.

Ferst Center Incident Incident Identification – Border Intrusion Detection System Incident Response – Campus Executive Incident Response Team Incident.
Elements of Internal Controls Preventing Fraud, Waste, and Abuse in Urban and Rural Transit Systems.

Elements of Internal Controls Preventing Fraud, Waste, and Abuse in Urban and Rural Transit Systems.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Avanade: 10 tips for å sikring av dine SQL Server databaser Bernt Lervik Infrastructure Architect Avanade.

Avanade: 10 tips for å sikring av dine SQL Server databaser Bernt Lervik Infrastructure Architect Avanade.
Information Security Compliance System Owner Training Richard Gadsden Information Security Office Office of the CIO – Information Services Sharon Knowles.

Information Security Compliance System Owner Training Richard Gadsden Information Security Office Office of the CIO – Information Services Sharon Knowles.

Similar presentations

Ads by Google