securing data in the cloud: point of view - file. securing data in the cloud: point of view

Download Securing Data in the Cloud: Point of View - file. Securing Data in the Cloud: Point of View

Post on 01-Sep-2018

214 views

Category:

Documents

0 download

Embed Size (px)

TRANSCRIPT

  • Securing Data in the

    Cloud: Point of View

    Presentation by Infosys Limited

    www.Infosys.com

    http://www.infosys.com/

  • 2

    Agenda

    Data Security challenges & changing compliance

    requirements

    Approach to address Cloud Data Security

    requirements

    About Infosys Information and Cyber Risk

    management practice

  • 3

    Your Presenter today Saju brings in nearly 18 years of experience in IT

    consulting and advisory services. He currently heads

    Infrastructure and Cloud consulting for Infosys.

    He has been with Infosys for past 13 years and been

    instrumental in setting up the cloud business strategy

    for Infosys.

    Saju brings in experience in cloud and infrastructure

    strategy formulation, cloud technology advisory and

    cloud economics.

    Saju has executed several strategic engagements in

    technology, business transformation & optimization,

    Cloud and Infrastructure transformation, platform

    modernization, collaboration and end-user computing.

    He is an active member of partner advisory boards of

    product alliance partners and has been on steering

    committees with various clients.

    Saju Sankaran Kutty Associate Vice President - Cloud

    Infrastructure & Security Infosys Limited

  • 4

    The next-generation

    technology services company

    Founded in Pune, India in 1981

    $8.7 billion in revenues

    987+ clients

    Clients in 50+ countries

    85 offices and 100 development centers

    179,000+ employees of 115 nationalities

    94% are consultants and engineers

    97% of staff are university educated

    22% with masters degrees or doctorates

    35% of employees are women

    Worlds largest corporate university

    1.3% of revenues invested in R&D

    More than 300 researchers

    Employees trained in Design Thinking

    505 patents pending and 204 granted

    Transparency, ethics, and respect

    $500 million innovation fund

    96.6% business is repeat business

    2% of avg. net profits over 3 fiscals to Infosys Foundation

    Award winning sustainable delivery centers

    4 out of top 5 US banks

    7 out of top 10 global CPG

    8 out of top 10 global pharma

    4 out of top 5 global

    aerospace & defence

    6 out of top 10 communications cos.

    Corporate Learning Purpose People Clients

    Infosys helps enterprises transform and thrive in a changing world by co-creating

    breakthrough solutions that combine strategic insights and execution excellence.

    We help them renew themselves while also creating new avenues to generate

    value.

  • 5

    Infosys Huawei Partnership

    Infosys Huawei

  • 6

    The enterprise cloud ecosystem is evolving

    Siloed Consolidated

    VM VM

    Private Cloud

    IaaS

    VM VM

    VM VM

    Hybrid IaaS

    Private Cloud

    PaaS

    Enterprise

    Apps

    IaaS

    PaaS

    SaaS

    Public Cloud Enterprise IT

    A hybrid deployment, multi-cloud

    consumption model

  • 7

    Trends in Cloud adoption today

    81 % of companies are either using or planning to use mission-critical apps on the cloud in the

    next 2 years

    77 % of companies are using or planning to use IaaS, PaaS or SaaS for a wide range of

    business application in the next 2 years

    It takes 3 days for 55% of large enterprises to get new virtual infrastructure from their private or

    public Cloud

    69% of companies are looking for the ability to detect, alert, and self-resolve issues in their

    cloud environment

    77% of companies trust system integrators to be their cloud implementation providers

    Infosys Study: Simplify and innovate the way you consume Cloud -

    http://www.experienceinfosys.com/cloudstudy

    http://www.experienceinfosys.com/cloudstudyhttp://www.experienceinfosys.com/cloudstudy

  • 8

    Key Data Security challenges for organizations

    leveraging the Cloud

    Available solutions in the market are still silo-based

    Security challenges exist when enterprises integrate private cloud with public cloud for cloud

    burst and other on need computing requirements . The challenges cut across 4 key pillars of

    security

  • 9

    Resulting in new and evolving requirements for data

    security in Cloud

    Cloud Security Alliance (CSA) Cloud control matrix is the comprehensive standard to ensure the data and privacy safety of the cloud environment

    NIST, the U.S. National Institute of Standards and Technology, last year published its Guidelines on Security and Privacy in Public Cloud Computing.

    ENISA has published Procure Secure: A Guide to Monitoring of security service levels in cloud contracts.

    HIPAA Omnibus expands the definition of business associate and define cloud service providers (CSPs) as business associates.

    Geo Specific regulations mandates organizations to ensure data eDiscovery capabilities and controls in place while getting into Contract with cloud provider

    Geo Specific and Regulatory requirements mandates organization to ensure that legal hold discussion and agreement is the key part of cloud contract negotiations.

  • 10

    which is driving key trends around Data Security

    oriented to Cloud Adoption

    Busin

    ess &

    IT

    Obje

    ctives

    Cloud Adoption Unified approach for protecting Data

    in Cloud

    No Trust Model

    Persistent Data

    Encryption

    Customer Managed

    keys

    Data access governance

    Privileged Access

    Data

    Classification

    Is Key

    Data Disposal

    gains

    importance

  • 11

    ..which results in below decisions to make before cloud

    adoption

    Legal hold How to ensure Data availability if the CSP is going out of Business

    eDiscovery- How to ensure that Data in hosted environment is identifiable and discoverable.

    Data Protection/Confidentiality - How to ensure that data confidentiality is being maintained in

    Shared cloud environment

    Data Integrity & Usage Governance - How to ensure that data integrity is being maintained

    Compliance & Governance - How to ensure complianceCompliance with Legal and Regulatory

    Standards Including data retention, archive and purge.

  • 12

    Solutions can be realized leveraging "Integrated approach for

    Cloud data Security based on traditional building blocks

    Presentation

    Modality

    Presentation

    Platform

    APIs

    Applications

    Data

    Integration & Middleware

    APIs

    Hardware

    Facilities

    Content Metadata

    Software as a Service (SaaS)

    Platform as a Service (PaaS)

    Infrastructure as a Service (IaaS)

    Core Connectivity &

    Delivery

    Abstraction

    Cloud Security Alliance Reference

    Model

    Identity & Access Mgmt.

    Single sign-on / federation

    Adaptive authentication

    Authorization (RBAC, context-based, fine-grained)

    Provisioning access

    Segregation of Duties

    Application

    Security

    Information Systems

    Infra Security

    Governance,

    Risk & Compliance

    Data Security

    Secure SDLC

    White/Black box testing

    Penetration testing

    Cloud-based Integrated

    Security solution

    Endpoint Security

    SIEM

    Perimeter Security

    Platform Security

    Data loss Prevention

    Data Tokenization

    Data Masking

    Information Rights Management

    Data Encryption

    Risk and Enterprise Security framework

    Integrated enforcement & validation of security controls

    Compliance enforcement

    Internal & External Compliance Audits

    Enterprise IT security policies & Procedures

    Organization/

    Vendor

    Cloud Vendor

    Security is shared responsibility

  • 13

    ..complimented by data centric technology controls to

    safeguard the data

    Key Tenet Technology Solution Leading product vendors

    Data protection/confidentiality Data Loss Prevention (DLP)

    Data Encryption:

    File/ Folders

    OS

    Application

    Database

    DLP: Websense, McAfee,

    Symantec

    Encryption: SafeNet, RSA

    Data management Integrity and

    usage governance

    Database Activity Monitoring

    File Integrity Management

    Data Rights Management

    DAM: IBM, Imperva

    FIM: McAfee, TrendMicro

    DRM: Microsoft

    Compliance with legal and

    regulatory standards

    Data Tokenization

    Data Masking

    Key Management

    Security Audits

    Data Protection Agreement

    Tokenization: SafeNet, RSA

    Masking: Informatica

    Key Management: Thales,

    SafeNet

  • 14

    Infosys approach & methodology for securing data and

    services in Cloud

    Initiate

    Risk Analysis

    Identify cloud model

    Prioritize use cases,

    classify information

    Understand Risk &

    associated impact,

    liability, SLAs, RACI,

    etc.

    Enable Secure Access

    Single sign-on using

    Federation, OpenID, Oauth

    Strong authentication & fine-

    grained authorization

    Deploy adaptive / multi-factor

    authen

View more >