cloud trust
Post on 17-Oct-2014
457 views
DESCRIPTION
TRANSCRIPT
Not so fast!
“I’m Cloud Confused” series
In CloudWe Trust
http://www.slideshare.net/Guppers/im-cloud-confused
If you’re new to Cloud Computing, or just confused…
Please try
the biggest Cloud Computing concerns are…
Security Privacy
Is Cloud Computingsecurity weaker
than
EnterpriseSecurity?
Fundamental Question
a Typical Reaction
when asks about security
SHA256
PKCS
X.509
AES
DES
Salt
IV
Heard
it
on
the street
Security is….
Complex Boring
Hacker stuff
Necessary EvilComplicates my life
Kills usability
Let’s make it simple
Child Play
You worked hard this year, you bought a pile of gold bars
Let’s pick a simple story
Your BankYour House
Where should you store them?
House? Bank?
What does this thief think?
…
Plenty of valuable assets,
but it may have elaborate security protection in place
Bank
Some valuable assets,
security protection may notas elaborate
House
What would you do to boostyour protection?
Yes, build layers of defense
Put Put the fence up
Install additional door locks
Let’s also install alarm system
and surveillance cameras
Feel Better?
Oh, don’t forget about
a disaster plan
Knock, knock
Who’s there?
You control who
has access to your house
And, pretty sure
your inner circle won’t steal from you
Let’s translate…
Corporate Data
IT Assets(Software, Hardware)
Employees
You feel totally in control
Why in the world
you would give up control?
..and many eyes aim at big prizes
a few things to consider….
when delegating security to other…
It’s all about Trust
Trust
It’s all about
Do you trust them that they’ll still be in the
business tomorrow? Help!
Ex-Cloud Provider willwork for Food
Didn’t we see this before?
Recommendation
Pick services that are
backed by major players
Data Lost
It is unlikely.
Reputable Cloud Providers copy data 3-4 times
However, it is normal to store highly value-able data in
two or more different cloud providers
Cloud Provider 1 Cloud Provider 2
Servicereplicated replicated
Data
Data Privacy
Confidentiality
Data in Transit
Cloud Provider
It can be secured using encryption technology, e.g. SSLIt is used especially for sensitive data
Internetdata
Data at Rest
More and more cloud providers are developing native data encryption Even if it is stolen, it will be useless for attackers
Biggest prize for attackers!
Cloud Provider
You can pick where your data resides
Physi
cal A
ccess
Data CenterCloud Provider
Security processes are typically in place for physical access Background Check
Two factor authentication
Video surveillance
Intrusion detection system
Audit
Multi tenantInfrastructure
Corporate 1 Corporate 2 Corporate 3 Corporate 4
…infrastructure is shared by many corporations (tenant)
Will vulnerability in one company
affect others in the cloud?
VirtualizationData Isolation
Cloud Providers use
isolation techniques
Computing Isolation
a vulnerability in one tenant has little impact on other tenants
Identity
Employees
Customers Suppliers
Cloud Computing
Unwanted guest
XYZCorp.com
Potential External Entry Points
Web SiteHTTP(S)
Web ServicesHTTP(S)
Database Blob(Files, Docs)
Queue Custom
Worker VM
Typical access to a web site hosted in the Cloud
Example of
a stronger authentication process
for sensitive web site
A8KP
Accessing other Cloud Services(Example)
https://aservice.mycloudprov.net
Address
Key1
R3ZhU3xAmLIEAnRRyiMHx…
Key2
xFAlNx4VeRDGQgSQI…
Control which network or machines have access
98.237.178.63 83.231.32.17
Let’s look at from cloud infrastructure provider’s
perspectives
Typical SLAs to compete
99.95% uptime
around
It is in their best interest to maintain reputation, best security practice
their business depends on it
Headlines they try hard to avoid
…. has been downsince yesterday
Data is stolen from ….
Security breach at data center….
Should you migrate all to Cloud?
NOCloud Computing is still at infancy
Trust is Always Earned,
Never Given---R. Williams
Enterprise
Migrate non-critical business operations,
departmental level data first
and Observe!
It’s not as difficult as you think
simplicity, agility and elasticity (another topic for further discussion)
Excited about new possibilities in
cloud space?
Follow discussions andpresentations on
http://www.facebook.com/pages/Im-Cloud-Confused/219897591208?ref=ts
“I’m Cloud Confused”
Us You
10 simple questions,
2 minutes to completehttp://surveymonkey.com/s.aspx?sm=NrndNTZkoG6j8BWJYejC1g_3d_3d
Will Publish Results on
Want to try Cloud for your business now ?
Only a few minutes to setup
http://www.slideshare.net/Guppers/guppers-3-minute-walkthrough
For more presentations like this, visit, follow, subscribe to:
Blog: http://www.andyharjanto.com Twitter: http://twitter.com/harjanto
Contact: [email protected]