Transformation strategies for building

a “cloud-confident” enterprise

The Use of Cloud Brokers David Frith – CGI

david.frith@cgi.com

This presentation will cover:

• Computing types e.g. Cloud Computing, Fog Computing, Mist

Computing, Droplet Computing

• Cloud types e.g. White Clouds, Dark Clouds, Grey Clouds,

Shadow Clouds, Black Clouds (some of these are bad!!!)

• Cloud Brokers – acting as a control point for cloud services e.g.

CASB, SPSM, CDPG and XaaS

• Cloud Broker components and deployment modes

• Cloud Broker capabilities – covering Visibility, Service

integration, Proxy Chaining methods etc…

2

Introduction

• Companies are consuming cloud capabilities offered by external

suppliers, as well as building them in-house

• Often purchasing is done ad-hoc across a variety of cloud

services and between multiple suppliers leading to a highly

fragmented IT environment

• Such environments may include new multi-cloud offerings, hybrid

cloud usage, cloud bursting services and a variety of

orchestration and enabling third parties

• This complexity creates risk and assurance concerns for

businesses

• At a time of headline cyber-attacks and regulatory fines,

businesses are seeking confidence.

3

Cloud Computing

4

Public Cloud

Types of Cloud

5

Answer - a Cloud Broker!

• Cloud Brokers are an upcoming technology - aimed at solving a

whole number / melting pot of problems

• Can be deployed On-premises, as a SOC proxy, a cloud proxy,

or within a cloud provider

• Provides a collection of capabilities that enables an organisation

to use cloud offerings securely

• Inspect and change data where required

• Commonly offered as a wider set of XaaS – e.g. consultancy,

cloud readiness assessment, cloud-fit reviews, estimation tool

usage, review of transition efforts & capacities needed, on-going

application portfolio management

6

A Cloud Broker – a control point

7

Unified Management Interface

Dashboards & visual summaries

Views of threats, user & admin actions. Reports

on policy exceptions, users, incident severity &

outcomes. Views of billing & chargeback,

requests & changes

Inspect and Change data

DLP

Inspect data at rest and data in transit where

required, identify policy violations

Mobile Controls

MDM & BYOD

Extend security controls to mobile

devices & apply distinct policies via

device fingerprinting

Event Management

SIEM & ATI

Correlate events across systems

for cloud usage, use if Advanced

Threat Integration (ATI) and data

feeds to update infrastructure

Encrypt and Decrypt data

KMS & SSE solutions Solutions to encrypt & decrypt

data stored at rest & in transit

whilst allowing search,

preventing CSP access etc.

Behaviour Analytics

UEBA

User and Entity Behaviour Analytics – apply Machine

Learning & algorithms to large data volumes to build

models of user behaviour & detect anomalous activities

Data centric control

IRM

Information Rights

Management to apply granular

level controls, inspect content &

apply context aware policies

Federate Identities

IDM / IDaaS & SSO

Enforce access policies, enable integration

with existing IDM, define coarse level &

Fine Grained Access (FGA)

En

ab

lem

en

t &

Tra

nsfo

rmati

on

Serv

ices

Active and Static Management Services

En

ab

lem

en

t &

Tra

nsfo

rmati

on

Serv

ices

Cloud Broker Capabilities

Unified Management Interface

8

Cloud Broker deployment options…

9

Cloud BrokerSOC

Cloud Proxy

Cloud BrokerCloud Broker

Cloud Broker

Cloud Broker

Cloud Broker – Visibility (First Mile)

10

On-Premise

Log to history list

Cloud Broker

Cloud Broker – Integration (First Mile)

11

12

Cloud Broker – Proxy & API (Last Mile)

Cloud Brokers – a summary

• A Control & Integration Point – orchestrating security processes

for Cloud Services

• Governs cloud usage - permits or denies or (where required)

alters data/workflows

• Deployed in conjunction with existing security solutions

• Provides visibility & enforces compliance via auditing and

common templates use

• Often part of a wider XaaS set of services providing consultancy,

assessment, integration, tools, training

• Helps prevent lock and provides the abstracting of access

to cloud services

13

Thank you

Cyber Security supplier to

40+ years

of experience Advise, build and

operate for Government

and commercial clients,

with a business-focused

approach

3 accredited

test facilities

In UK, Canada

and US One of only two companies

to offer this. We test

products and services of

global technology suppliers

1,400 experts

In 12 countries Sharing expertise, insight,

capabilities and solutions

100+ clients

In 16 countries Use our managed security

services

10 SOCs

Operating globally Offering protective monitoring

for Government and commercial

clients around the world

David.frith@cgi.com

07342 076802