security for cloud - ibm · core connectivity & delivery saas integration & middleware apis...

IBM Security FOR the Cloud

Александр Гринюк

08 Июня 2017

IBM Security Ukraine/CIS

2 IBM Security

Агенда

§Риски и угрозы в Cloud.

§Безопасность ИЗ Cloud vs Безопасность ДЛЯ Cloud

§Стратегия облачной безопасности IBM

Security FOR the Cloud

Риски и Угрозы в Cloud

4 IBM Security

Cloud вычисления менее надежны

Cloud безопасность сложная и дорогостоящая

Cloud безопасность трудно поддерживать“ “ ““ “ “

Респондентов заявили, что их уровень защиты конфиденциальности увеличился в результате перехода на Cloud1

С момента перехода в Cloud,респондентов

сказали, что сэкономили деньги1

55% Cloud пользователей сократили время, затрачиваемое на управление безопасностью 1

Реальность Реальность Реальность

Общие восприятия безопасности заставляют организации переосмыслить, как они могут более эффективно управлять Cloud рисками

Восприятие Восприятие Восприятие

1 Microsoft Cloud Trust Study

69% 62%

7 IBM Security

Что ускоряет переход в Cloud

Гибкость

БыстрыеИнновации

Снижениезатрат

НЕТдефициту

квалификации

Повышениебезопасности

8 IBM Security

Соответствия

Инсайдеры

Квалификациябезопасников

Видимостьпроцессов

Защитаданных

Что тормозит переход в Cloud

9 IBM Security

Где защищать?

На физическом уровне

На сетевом уровне

Уровень сервисов, приложений и данных

10 IBM Security

Использование нескольких моделей облачных сервисов решает бизнес-задачи, но создает новые сложности для обеспечения безопасности

PresentationModality

PresentationPlatform

APIs

Applications

Data Metadata Content

Integration & Middleware

APIs

Hardware

Facilities

Abstraction

Core Connectivity & Delivery

SaaS

Integration & Middleware

APIs

Hardware

Facilities

Abstraction


PaaS

APIs

Hardware

Facilities

Abstraction


IaaS

11 IBM Security

Security FOR the CloudSecurity FROM the Cloud

Безопасность– ИЗ Cloud и ДЛЯ Cloud

Enable Security-as-a-Service• Provide immediate access

to cloud-delivered security• Mobility, Fraud Prevention, Sec. Intel, and

App Sec from Cloud

Security-as-a-Service

Deliver cloud services securely• Manage access to cloud workloads• Secure infrastructure & applications in the Cloud• Protect data at rest and in transit• Gain security visibility across hybrid deployments

Private CloudPublic Cloud

ISAM, CIS, Guardium, App Security, QRadar, XGS, Encryption + SKLM, BigFix

QRadar on Cloud, Maas360, Trusteer, Application Security on Cloud, Enforcer

12 IBM Security

Безопасность “ДЛЯ Cloud” – разделение ответственности между заказчиком и Cloud провайдером

1. Identity and Access2. Network security3. Data protection

4. Vulnerability & patch mgmt5. Security monitoring &

intelligence6. Workload-centric Security

Management

3rd party cloud security products, policies, practices and processesCustomer Security Operations:Bring Your Own

Platform SecurityServices: Built in

1. Security monitoring2. Network protection3. Workload isolation4. Harden VMs & Containers

5. Application threat protection, vuln management6. Priv user mgmt7. Pen testing8. Compliance/Certification

Стратегия IBM дляCloud безопасности

14 IBM Security

“Must Haves” для безопасного CloudACCESS MANAGEMENTusers, privileges, clients Identity and access

management Privileged Identity

DATA PROTECTIONDatabases, workloads, content

Encryption PII Monitoring

APPLICATION SECURITYThreat prevention Vulnerability

Assessment Secure Appdevelopment

VISIBILITY and INTELLIGENCE Anomalies, threats, activities Event correlation

and alertingMonitoring and

Intelligence

WORKLOAD CENTRIC Security and Devops Management

Policy and AuditPatch Management

NETWORK SECURITYAnomalies, threats, activities

Monitoring Threat Protection

1

3

4

5

6

2

ISAM, IGI, PIM, CIS

XGS or Partner solutions

File + folder encryption, key management, Guardium DB Protection

Appscan, ApplicationSecurity on Cloud

QRadar

BigFix, Partner solutions

15 IBM Security

APPLICATIONUSER

CLOUDADMIN

CLOUDDEVELOPER

EDGE SERVICES

CLOUD APPLICATION

APPLICATION

DEVICE

DATASERVICES

RUNTIME SERVICES

INFRASTRUCTURESERVICES

ENTERPRISEUSER DIRECTORY

ENTERPRISE DATA

ENTERPRISEAPPLICATIONS

PUBLIC NETWORK CLOUD NETWORK (IaaS) ENTERPRISE NETWORK

LEGEND

ApplicationInfrastructure

ManagementData Store

SecurityScalable

User

SECURED CLOUD RESOURCES & SERVICES

SECURITY SERVICES

TRANSFORMATION &CONNECTIVITY

IDENTITY & ACCESSMANAGEMENT

1

NETWORKSECURITY

2

DATA PROTECTION

3

DATA PROTECTION

3

APPLICATION SECURITY

4

VULNERABILITY ASSESSMENT AND PATCH MANAGEMENT

4

SECURITY MONITORING & INTELLIGENCE

5

WORKLOAD CENTRIC SECURITY MANAGEMENT AND DEVOPS

6

PHYSICAL SECURITY

GOVERNANCE RISK &COMPLIANCE

CustomerProvided

IDENTITY & ACCESSMANAGEMENT

1

16 IBM Security

*According to Technology Business Research, Inc. (TBR) 2016

IBM Cloud Security Checklist

• Организация контроля доступа

• Применение широкого спектра методов аутентификации

• Интеграция политик и процессов

• Усиление Превентивных мер или Обнаружения и Реагирования

• Анализ Web и Application угроз

• Управление безопасностью мобильных девайсов

• Контроль чувствительных, критичных данных

• Шифрование, маскирование данных

17 IBM Security

*According to Technology Business Research, Inc. (TBR) 2016

IBM Cloud Security Checklist

• IaaS- Резервирование, бэкапирование- Dark fiber сети между центрами обработки данных- Надежная вычислительная платформа

• PaaS and SaaS- Выберите поставщиков, которые реализуют ключевые

наборы контролей: CSCC, NIST, CSA, PCI, ISO/IEC 27001

- Контроль аутентификации, использования SSO- Контроль безопасности хостов SaaS

(Endpoint+Antivirus)

• Общее Cloud Окружение- Строгий контроль доступа и соответствия

требованиям, SOC 1 and SOC 2(SOC for Service Organization: ICFR+ SOC for

Service Organizations: Trust Services Criteria)- Интеграция мобильной безопасности- Обеспечение безопасности облачных провайдеров; с

использованием лучших продуктов от ведущих поставщиков безопасности

Иммунная система IBM Security

19 IBM Security

Интегрированная и интеллектуальная иммунная система безопасности

Criminal detectionFraud protection

Workloadprotection

Cloud accesssecurity broker

Access managementEntitlements and rolesPrivileged identity management

Identity management

Data access control

Application security managementApplication scanning

Data monitoring

Device management

Transaction protection

Content security

Malware protectionAntivirus

Endpoint patching and management

Virtual patching

FirewallsNetwork forensics and threat management

Sandboxing

Network visibility and segmentation

Indicators of compromiseIP reputation Threat sharing

Vulnerability management Incident response

Threat hunting and investigation

User behavior analysisCognitive security

Anomaly detection

20 IBM Security

QRadar Vulnerability / Risk Manager Resilient Incident Response

X-Force Exchange

QRadar Incident ForensicsBigFix Network Protection XGS

QRadar User Behavior Analytics

QRadar SIEM I2 Enterprise Insight Analysis

App Exchange

SECURITY OPERATIONSAND RESPONSE

MaaS360

INFORMATION RISKAND PROTECTION

Trusteer Mobile

Trusteer Rapport

AppScan

Guardium

Identity as a Service

Privileged Identity ManagerIdentity Governance and Access

Cloud Identity ServiceKey Manager

zSecure

Trusteer Pinpoint

IBM SaaS Security Portfolio

Application Security on Cloud

QRadar on Cloud

21 IBM Security

QRadar Vulnerability / Risk Manager Resilient Incident Response

X-Force Exchange

QRadar Incident ForensicsBigFix Network Protection XGS

QRadar User Behavior Analytics

QRadar SIEM I2 Enterprise Insight Analysis

App Exchange

SECURITY OPERATIONSAND RESPONSE

MaaS360

INFORMATION RISKAND PROTECTION

Trusteer Mobile

Trusteer Rapport

AppScan

GuardiumPrivileged Identity ManagerIdentity Governance and Access

Cloud Identity ServiceKey Manager

zSecure

Trusteer Pinpoint

IBM IaaS Security Portfolio: Security FOR the Cloud

QRadar on Cloud

ibm.com/security

securityintelligence.com

xforce.ibmcloud.com

@ibmsecurity

youtube/user/ibmsecuritysolutions

© Copyright IBM Corporation 2016. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. Any statement of direction represents IBM's current intent, is subject to change or withdrawal, and represent only goals and objectives. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.

Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM does not warrant that any systems, products or services are immune from, or will make your enterprise immune from, the malicious or illegal conduct of any party.

FOLLOW US ON:

THANK YOU

security for cloud - ibm · core connectivity & delivery saas integration & middleware apis...

Documents