Security cloud forum_2011

© 2011 IBM Corporation© 2011 IBM Corporation

© 2011 IBM Corporation© 2011 IBM Corporation

Choosing the Right Security Strategy for Cloud Computing

Harold MossCTO/Chief Architect Cloud Security Strategy

© 2011 IBM Corporation3


© 2011 IBM Corporation

Introduction to Cloud Computing

5







“The Cloud has the potential to be more

secure than traditional environments”

11




What’s Important?


Can you identify your Important Data?

© 2011 IBM Corporation16http://creativecommons.org/licenses/by/2.5/












There are Multiple Delivery Models for Clouds

27


And Multiple Deployment Paths…

28


What Other Vendors Tell People About their Clouds and Their Security

29


Our Perspective

30


Our Approach to the Cloud

31


Security by Design: “Building Security into the fabric of the Cloud”

32


Just Like there are different Clouds, there are different workloads

33


Workload Driven: “Relevant security not just Fluff”

34


Service Enabled: “Building Better Walls”

35


Innovation Powered: “Creating Security for tomorrow”

36


The IBM Security Portfolio

37


Applying Workload Driven Security to a Private Cloud

38

Intrusion PreventionMonitoringAccess ManagementData Security

Application EvaluationDatabase Design/Test

Virtual ServerProtectionSecurity Event Monitoring

Provisioning


Example: Cloud Security in the Public Space

39

IPS

Firewall

Data ProtectionAccessIdentityFederated

IdentityVM Protection

Patch Mgmt.

ConfigurationMgmt.

Security EventLog Mgmt.AuditVulnerabilityMgmt.


Hybrid Cloud Scenario

40


New Security Capabilities for 2011

41


Preparing to Move to the Cloud

“Cloud Computing” is complex where to begin:

Engage Experts who have had prior success in the cloud.

Establish a set of measures that clarify what a successful engagement in the cloud would look like.

If externally hosting your cloud ensure that your vendor is reliable

Identify what workloads you are most comfortable with don’t just dive in.

Determine the appropriate security for your workload, and leverage managed services where possible

Build Consensus upfront, one sided decisions tend to fail in the cloud

42


IBM Cloud Security Guidance

43

Based on cross-IBM research and customer interaction on cloud security

Highlights a series of best practice controls that should be implemented

Broken into 7 critical infrastructure components:

• Building a Security Program• Confidential Data Protection• Implementing Strong Access and Identity• Application Provisioning and De-provisioning• Governance Audit Management• Vulnerability Management• Testing and Validation


Cloud Security Whitepaper

44

Trust needs to be achieved, especially when data is stored in new ways and in new locations, including for example different countries.

This paper is provided to stimulate discussion by looking at three areas:

• What is different about cloud? • What are the new security

challenges cloud introduces? • What can be done and what should

be considered further?

http://www-03.ibm.com/press/us/en/attachment/32799.wss?fileId=ATTACH_FILE1&fileName=10-0861_US%20Cloud%20Computing%20White%20Paper_Final_LR.pdf





Why IBM

IBM is the only company with the Breadth and depth of products, technologies, services and business partners to provide end-to-end security.

IBM has over 200 Security related products and over 3500 Highly Skilled Security professionals

IBM has over 40 years of security development and innovation experience

IBM has six worldwide research labs innovating security technology and nine security operations centers.

IBM analyzes more than 13 billion security events on behalf of its clients and block more than 150 million attacks each day.

IBM is one of the most trusted companies in the World.

45


Documents

Security cloud forum_2011