Upload
mauricio-godoy
View
766
Download
0
Embed Size (px)
Citation preview
© 2011 IBM Corporation© 2011 IBM Corporation
© 2011 IBM Corporation© 2011 IBM Corporation
Choosing the Right Security Strategy for Cloud Computing
Harold MossCTO/Chief Architect Cloud Security Strategy
© 2011 IBM Corporation3
© 2011 IBM Corporation4
© 2011 IBM Corporation
Introduction to Cloud Computing
5
© 2011 IBM Corporation6
© 2011 IBM Corporation7
© 2011 IBM Corporation8
© 2011 IBM Corporation9
© 2011 IBM Corporation10
© 2011 IBM Corporation
“The Cloud has the potential to be more
secure than traditional environments”
11
© 2011 IBM Corporation12
© 2011 IBM Corporation13
© 2011 IBM Corporation14
What’s Important?
© 2011 IBM Corporation15
Can you identify your Important Data?
© 2011 IBM Corporation16http://creativecommons.org/licenses/by/2.5/
© 2011 IBM Corporation17
© 2011 IBM Corporation18
© 2011 IBM Corporation19
© 2011 IBM Corporation20
© 2011 IBM Corporation21
© 2011 IBM Corporation22
© 2011 IBM Corporation23
© 2011 IBM Corporation24
© 2011 IBM Corporation25
© 2011 IBM Corporation26
© 2011 IBM Corporation
There are Multiple Delivery Models for Clouds
27
© 2011 IBM Corporation
And Multiple Deployment Paths…
28
© 2011 IBM Corporation
What Other Vendors Tell People About their Clouds and Their Security
29
© 2011 IBM Corporation
Our Perspective
30
© 2011 IBM Corporation
Our Approach to the Cloud
31
© 2011 IBM Corporation
Security by Design: “Building Security into the fabric of the Cloud”
32
© 2011 IBM Corporation
Just Like there are different Clouds, there are different workloads
33
© 2011 IBM Corporation
Workload Driven: “Relevant security not just Fluff”
34
© 2011 IBM Corporation
Service Enabled: “Building Better Walls”
35
© 2011 IBM Corporation
Innovation Powered: “Creating Security for tomorrow”
36
© 2011 IBM Corporation
The IBM Security Portfolio
37
© 2011 IBM Corporation
Applying Workload Driven Security to a Private Cloud
38
Intrusion PreventionMonitoringAccess ManagementData Security
Application EvaluationDatabase Design/Test
Virtual ServerProtectionSecurity Event Monitoring
Provisioning
© 2011 IBM Corporation
Example: Cloud Security in the Public Space
39
IPS
Firewall
Data ProtectionAccessIdentityFederated
IdentityVM Protection
Patch Mgmt.
ConfigurationMgmt.
Security EventLog Mgmt.AuditVulnerabilityMgmt.
© 2011 IBM Corporation
Hybrid Cloud Scenario
40
© 2011 IBM Corporation
New Security Capabilities for 2011
41
© 2011 IBM Corporation
Preparing to Move to the Cloud
“Cloud Computing” is complex where to begin:
Engage Experts who have had prior success in the cloud.
Establish a set of measures that clarify what a successful engagement in the cloud would look like.
If externally hosting your cloud ensure that your vendor is reliable
Identify what workloads you are most comfortable with don’t just dive in.
Determine the appropriate security for your workload, and leverage managed services where possible
Build Consensus upfront, one sided decisions tend to fail in the cloud
42
© 2011 IBM Corporation
IBM Cloud Security Guidance
43
Based on cross-IBM research and customer interaction on cloud security
Highlights a series of best practice controls that should be implemented
Broken into 7 critical infrastructure components:
• Building a Security Program• Confidential Data Protection• Implementing Strong Access and Identity• Application Provisioning and De-provisioning• Governance Audit Management• Vulnerability Management• Testing and Validation
© 2011 IBM Corporation
Cloud Security Whitepaper
44
Trust needs to be achieved, especially when data is stored in new ways and in new locations, including for example different countries.
This paper is provided to stimulate discussion by looking at three areas:
• What is different about cloud? • What are the new security
challenges cloud introduces? • What can be done and what should
be considered further?
http://www-03.ibm.com/press/us/en/attachment/32799.wss?fileId=ATTACH_FILE1&fileName=10-0861_US%20Cloud%20Computing%20White%20Paper_Final_LR.pdf
© 2011 IBM Corporation
Why IBM
IBM is the only company with the Breadth and depth of products, technologies, services and business partners to provide end-to-end security.
IBM has over 200 Security related products and over 3500 Highly Skilled Security professionals
IBM has over 40 years of security development and innovation experience
IBM has six worldwide research labs innovating security technology and nine security operations centers.
IBM analyzes more than 13 billion security events on behalf of its clients and block more than 150 million attacks each day.
IBM is one of the most trusted companies in the World.
45
© 2011 IBM Corporation46