forecast odcau7 100_ak2
DESCRIPTION
TRANSCRIPT
OCDA U: SECURITY DATA PROTECTION
Matt Lowth (NAB)Ian Lamont (BMW)
®
AGENDA
2ODCA Data Security 2013 |
Topic
Discuss
Learning
Cloud Data Security
- Usage Scenarios- Data Security Challenges- Data Security Lifecycle
Learnings andTake-aways from this UM
TOPIC & UM BACKGROUND
The ODCA Contributor organizations have created this Usage Model to collaboratively identify ways in how they agree cloud data security should be managed, and so as to provide this as a clear message to the Cloud and Solution Providers, and to share with the general public
The Data Security UM addresses:
1. Concept2. Important enabling elements3. Usage Scenario’s4. Categorization of service
qualities in context of the UM
3ODCA Data Security 2013 |
UM CORE – KEY ELEMENTS
4
Different Security Methodology.Protecting the data versus protecting your perimeter?
Important to understand what you’re protecting?
Options to lower the sensitivity of the data by masking or encrypting it?
Ensure access and management of your data is logged and monitored.
Data Security Challenges
Data Classification
Data encryption &
masking
SIEM
ODCA Data Security 2013 |
COMMON ACCESS TYPES
5ODCA Data Security 2013 |
DATA SECURITY – USAGE SCENARIOS
6
What to think about before you move your data to the cloud?
How to get your data to the cloud.
How to access your data in the cloud.
How to Backup/Restore information from the cloud OR delete your data when you’re finished using it.
Transfer Preparations
Data Transfer
Data Access
Other Scenarios
ODCA Data Security 2013 |
KEY TAKEAWAYS FOR THIS UM
7
Your data is only as secure as your weakest link.
You need to consider what protection is necessary throughout your data’s lifecycle, not just protecting the information in transit.
Where does your data live?
It is difficult to apply appropriate protection to your data if you don’t understand the data’s sensitivity.
Develop Securely
Data Lifecycle
Data Sovereignt
y
Understand Your Data
ODCA Data Security 2013 |
KEY INDUSTRY ACTIONS (STANDARDS AND MORE)
8
Data security must comply with country-specific legal requirements. These requirements and their implications need to be clearly comprehended by providers and subscribers.
Are requested to submit input on the proposed data security criteria for the various assurance levels (Bronze, Silver, Gold, and Platinum).
Should examine their enterprises and understand the data security life cycle; then they should validate their findings by comparing them to the RFP questions.
Industry Wide
Cloud Provider
Cloud Subscriber
ODCA Data Security 2013 |
INFORMATION AND ASSETS
9
Available to Members at: www.opendatacenteralliance.orgURL for Public content: www.opendatacenteralliance.org
StandardizedResponse Checklists
Accelerate TTM
Shared Practices Drive Scale
Streamlined Requirements
Accelerate Adoption
ODCA Data Security 2013 |
QUESTIONS
10
www.opendatacenteralliance.org
UM: Cloud Data SecurityFrom engagement to real adoption and implementation
ODCA Data Security 2013 |
© 2013 Open Data Center Alliance, Inc. ALL RIGHTS RESERVED.