cloud security allianz webinar
TRANSCRIPT
KEEPING YOUR CLOUD PRIVATEMichael Holder
Head of Global Identity and Access Management
AGENDA About Allianz Data Center
Migration Program (Private Cloud)
German Regulations With External Partners
Use Cases For User Activity Monitoring
Michael HolderMunich, Germany
Allianz AMOS
CUSTOMER SPEAKER
ABOUT ALLIANZ
International Insurance & Financial Services Company
80 Million Customers
150,000 Employees
70 Countries 140 Data Centers
DATA CENTER MIGRATION PROGRAM (PRIVATE CLOUD)
Build Private Cloud (Engagement officially started in April 2014)
Consolidate data centers from 140 to six
The data centers will be networked into a new platform called the Allianz provide cloud
Private cloud will deliver services to employees and customers worldwide
Standardize technology operations across all of global operating centers (Hand Off Tech Ops to IBM)
Expects the setup to be fully functional by the end of 2017
German Restrictions with external partners All Insurance data needs
to be protected Special protection for
customer Health Information (Criminal Code)
Tight controls on all external work Outsourcers (IBM &
CSC) Contractors (50+
companies in Germany alone)
Consultants (all major, e.g. KPMG, BCG)
GERMAN REGULATIONS WITH EXTERNAL PARTNERS
1. Balance your risk with level of access
2. Have ONE centralized access point for all external partners
3. Get the right tools in place:
CyberArk (PIM) HP ArcSight (SIEM) ObserveIT (UAM)
USER-CENTRIC SECURITY TO CONTROL & MITIGATE RISK
USE CASES FOR USER ACTIVITY MONITORING Perform User
Activity Audits Incident
Response (at a user-level)
Productivity Reports & Documentation
PERFORM USER ACTIVITY AUDITS
View any on-screen event Applications Run Windows Opened System Commands
Executed Check Boxes Clicked Text Entered/Edited URLs Visited
Verify samples of user activity pose no risk to the organization
INCIDENT RESPONSE (AT A USER-LEVEL)
Receive alerts from HP ArcSight and investigate with ObserveIT
User-level (screenshots) offers a clear view of any out-of-scope activities Usage of
unauthorized applications
RDP sessions to particular servers
PRODUCTIVITY REPORTS & DOCUMENTATION Review changes and
search all remote vendor activity
Make sure vendors meet obligations
Ensure that vendors are staying within their assigned tasks
LESSONS LEARNED
If possible, start with business critical applications (if not, monitor everything)
User monitoring adds Transparency with External Partners (good partners want to be monitored)
If you don’t observe user activity— you’ll never know what’s actually happening in your environment— you’ll only be able infer what’s happening
Michael HolderMunich, GermanyAllianz AMOS
THANK YOU!TRY IT
YOURSELF:
observeit.com/tryitnow
Q&A