in cloud we trust
Post on 17-Oct-2014
6.151 views
DESCRIPTION
Security and privacy are the major concerns for many companies to move forward with cloud computing. This presentation describes a few security and privacy issues related to cloud computing and where we as industry addressing these issues.TRANSCRIPT
![Page 1: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/1.jpg)
Not so fast!
“I’m Cloud Confused” series
In CloudWe Trust
![Page 2: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/2.jpg)
http://www.slideshare.net/Guppers/im-cloud-confused
If you’re new to Cloud Computing, or just confused…
Please try
![Page 3: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/3.jpg)
the biggest Cloud Computing concerns are…
Security Privacy
![Page 4: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/4.jpg)
Is Cloud Computingsecurity weaker
than
EnterpriseSecurity?
Fundamental Question
![Page 5: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/5.jpg)
a Typical Reaction
when asks about security
SHA256
PKCS
X.509
AES
DES
Salt
IV
![Page 6: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/6.jpg)
Heard
it
on
the street
Security is….
Complex Boring
Hacker stuff
Necessary EvilComplicates my life
Kills usability
![Page 7: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/7.jpg)
Let’s make it simple
Child Play
![Page 8: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/8.jpg)
You worked hard this year, you bought a pile of gold bars
Let’s pick a simple story
![Page 9: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/9.jpg)
Your BankYour House
Where should you store them?
House? Bank?
![Page 10: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/10.jpg)
What does this thief think?
…
![Page 11: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/11.jpg)
Plenty of valuable assets,
but it may have elaborate security protection in place
Bank
![Page 12: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/12.jpg)
Some valuable assets,
security protection may notas elaborate
House
![Page 13: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/13.jpg)
What would you do to boostyour protection?
![Page 14: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/14.jpg)
Yes, build layers of defense
![Page 15: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/15.jpg)
Put Put the fence up
![Page 16: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/16.jpg)
Install additional door locks
![Page 17: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/17.jpg)
Let’s also install alarm system
and surveillance cameras
![Page 18: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/18.jpg)
Feel Better?
![Page 19: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/19.jpg)
Oh, don’t forget about
a disaster plan
![Page 20: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/20.jpg)
Knock, knock
Who’s there?
![Page 21: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/21.jpg)
You control who
has access to your house
![Page 22: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/22.jpg)
And, pretty sure
your inner circle won’t steal from you
![Page 23: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/23.jpg)
Let’s translate…
Corporate Data
IT Assets(Software, Hardware)
Employees
![Page 24: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/24.jpg)
You feel totally in control
![Page 25: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/25.jpg)
Why in the world
you would give up control?
![Page 26: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/26.jpg)
..and many eyes aim at big prizes
![Page 27: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/27.jpg)
a few things to consider….
when delegating security to other…
![Page 28: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/28.jpg)
It’s all about Trust
Trust
It’s all about
![Page 29: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/29.jpg)
Do you trust them that they’ll still be in the
business tomorrow? Help!
Ex-Cloud Provider willwork for Food
![Page 30: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/30.jpg)
Didn’t we see this before?
![Page 31: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/31.jpg)
Recommendation
Pick services that are
backed by major players
![Page 32: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/32.jpg)
Data Lost
It is unlikely.
Reputable Cloud Providers copy data 3-4 times
![Page 33: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/33.jpg)
However, it is normal to store highly value-able data in
two or more different cloud providers
Cloud Provider 1 Cloud Provider 2
Servicereplicated replicated
Data
![Page 34: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/34.jpg)
Data Privacy
Confidentiality
![Page 35: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/35.jpg)
Data in Transit
Cloud Provider
It can be secured using encryption technology, e.g. SSLIt is used especially for sensitive data
Internetdata
![Page 36: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/36.jpg)
Data at Rest
More and more cloud providers are developing native data encryption Even if it is stolen, it will be useless for attackers
Biggest prize for attackers!
Cloud Provider
![Page 37: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/37.jpg)
You can pick where your data resides
![Page 38: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/38.jpg)
Physi
cal A
ccess
Data CenterCloud Provider
![Page 39: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/39.jpg)
Security processes are typically in place for physical access Background Check
Two factor authentication
Video surveillance
Intrusion detection system
Audit
![Page 40: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/40.jpg)
Multi tenantInfrastructure
Corporate 1 Corporate 2 Corporate 3 Corporate 4
…infrastructure is shared by many corporations (tenant)
![Page 41: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/41.jpg)
Will vulnerability in one company
affect others in the cloud?
![Page 42: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/42.jpg)
VirtualizationData Isolation
Cloud Providers use
isolation techniques
Computing Isolation
a vulnerability in one tenant has little impact on other tenants
![Page 43: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/43.jpg)
Identity
![Page 44: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/44.jpg)
Employees
Customers Suppliers
Cloud Computing
Unwanted guest
![Page 45: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/45.jpg)
XYZCorp.com
Potential External Entry Points
Web SiteHTTP(S)
Web ServicesHTTP(S)
Database Blob(Files, Docs)
Queue Custom
Worker VM
![Page 46: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/46.jpg)
Typical access to a web site hosted in the Cloud
![Page 47: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/47.jpg)
Example of
a stronger authentication process
for sensitive web site
A8KP
![Page 48: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/48.jpg)
Accessing other Cloud Services(Example)
https://aservice.mycloudprov.net
Address
Key1
R3ZhU3xAmLIEAnRRyiMHx…
Key2
xFAlNx4VeRDGQgSQI…
![Page 49: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/49.jpg)
Control which network or machines have access
98.237.178.63 83.231.32.17
![Page 50: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/50.jpg)
Let’s look at from cloud infrastructure provider’s
perspectives
![Page 51: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/51.jpg)
Typical SLAs to compete
99.95% uptime
around
![Page 52: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/52.jpg)
It is in their best interest to maintain reputation, best security practice
their business depends on it
![Page 53: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/53.jpg)
Headlines they try hard to avoid
…. has been downsince yesterday
Data is stolen from ….
Security breach at data center….
![Page 54: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/54.jpg)
Should you migrate all to Cloud?
![Page 55: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/55.jpg)
NOCloud Computing is still at infancy
![Page 56: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/56.jpg)
Trust is Always Earned,
Never Given---R. Williams
![Page 57: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/57.jpg)
Enterprise
Migrate non-critical business operations,
departmental level data first
and Observe!
![Page 58: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/58.jpg)
It’s not as difficult as you think
simplicity, agility and elasticity (another topic for further discussion)
![Page 59: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/59.jpg)
Excited about new possibilities in
cloud space?
![Page 60: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/60.jpg)
Follow discussions andpresentations on
http://www.facebook.com/pages/Im-Cloud-Confused/219897591208?ref=ts
“I’m Cloud Confused”
![Page 61: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/61.jpg)
Us You
10 simple questions,
2 minutes to completehttp://surveymonkey.com/s.aspx?sm=NrndNTZkoG6j8BWJYejC1g_3d_3d
Will Publish Results on
![Page 62: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/62.jpg)
Want to try Cloud for your business now ?
Only a few minutes to setup
http://www.slideshare.net/Guppers/guppers-3-minute-walkthrough
![Page 63: In Cloud We Trust](https://reader033.vdocuments.net/reader033/viewer/2022061105/5441c50fb1af9ff74b8b480f/html5/thumbnails/63.jpg)
For more presentations like this, visit, follow, subscribe to:
Blog: http://www.andyharjanto.com Twitter: http://twitter.com/harjanto
Contact: [email protected]