View
3.385
Download
0
Category
Preview:
Citation preview
Get Your Head in the Cloud: A Practical Model for Enterprise Cloud Security
Vishal Gupta, Vice President, Symantec Enterprise Security Group
MAGIC SHOW How to deliver 47 slides in 15 minutes
Copyright © 2014 Symantec Corporation2
WarningThis is a short fifteen minute presentation. No superfluous content is enclosed. There are no cloud adoption metrics, no data breach statistics, no distracting logos or graphics
and absolutely no diagrams with concentric circles, pyramids, arrows or other geometric shapes regularly used
to convey depth of information. No part of this presentation is fictional and all resemblance to real organizations and
people is completely intentional.
Copyright © 2014 Symantec Corporation3
there is only one word you need to know when talking about the cloud
Copyright © 2014 Symantec Corporation4
CONTROL
Copyright © 2014 Symantec Corporation5
all the benefits you receive from moving to the cloud: agility, elasticity, and low cost are received by giving up
Copyright © 2014 Symantec Corporation6
CONTROL
Copyright © 2014 Symantec Corporation7
all the challenges you face in the cloud: security, compliance, data residency, data privacy and management are rooted in your lack of
Copyright © 2014 Symantec Corporation8
CONTROL
Copyright © 2014 Symantec Corporation9
the only reason you have not moved your critical workloads to the cloud is because you cannot afford to give up
Copyright © 2014 Symantec Corporation10
CONTROL
Copyright © 2014 Symantec Corporation11
you want to keep the benefits but resolve the challenges
Copyright © 2014 Symantec Corporation12
CONTROL?how do you give it away and keep it at the same time
Copyright © 2014 Symantec Corporation13
WarningThis is a short fifteen minute presentation. No superfluous content is enclosed. There are no cloud adoption metrics, no data breach statistics, no distracting logos or graphics
and absolutely no diagrams with concentric circles, pyramids, arrows or other geometric shapes regularly used
to convey depth of information. No part of this presentation is fictional and all resemblance to real organizations and people is completely intentional.
Revised∧
just a few
Copyright © 2014 Symantec Corporation14
this is your enterprise – your temple of complete
CONTROL
Copyright © 2014 Symantec Corporation15
before cloud, you held your infrastructure and applications safe within its walls
---------------
Copyright © 2014 Symantec Corporation16
then cloud happened
---------------
Copyright © 2014 Symantec Corporation17
your infrastructure started moving over
---------------
CONTROLyou lost some
Copyright © 2014 Symantec Corporation18
---------------
your applications started moving over too ---------------
Copyright © 2014 Symantec Corporation19
---------------
---------------
CONTROLyou lost more
Copyright © 2014 Symantec Corporation20
---------------
---------------
in addition cloud endpoint, mobile, BYOD, have all spiraled
Copyright © 2014 Symantec Corporation21
---------------
---------------
CONTROL
out of your
Copyright © 2014 Symantec Corporation22
that teeny tiny bit is all you seem to have left
CONTROL
Copyright © 2014 Symantec Corporation23
CONTROLwould you like to get it back?
Copyright © 2014 Symantec Corporation24
audience tongue twister testcan you say the following
HE WHO CONTROLS THE CONTROL POINTS CONTROLS THE CONTROL
Copyright © 2014 Symantec Corporation25
CONTROL = CONTROL POINTS
Copyright © 2014 Symantec Corporation26
---------------
---------------
lets add some control (points) back to the picture
Copyright © 2014 Symantec Corporation27
---------------
---------------
endpoints
SaaS
IaaS/PaaSstorage
the cloud killed the perimeter – what shall we do about that control point?
Copyright © 2014 Symantec Corporation28
hold that thought
Copyright © 2014 Symantec Corporation29
also remember – cloud challenged SIEMhold that thought too
Copyright © 2014 Symantec Corporation30
A MODERN CONTROLS BASED MODEL FOR SECURITY
Copyright © 2014 Symantec Corporation31
securing the modern endpoint
Copyright © 2014 Symantec Corporation32
---------------
endpoints
the modern endpoint is heterogeneous
IaaS/PaaS
Copyright © 2014 Symantec Corporation33
traditional, mobile, multiple clouds devices, desktops, servers
---------------
endpoints
IaaS/PaaS
WE NEED HOMOGENOUS SECURITY ACROSS HETEROGENOUS ENDPOINTS
34
---------------
endpoints
IaaS/PaaS
ENDPOINT
REMEMBER… CONTROL = CONTROL POINTS
1 Grab a common security agent
2 Embed in your on-prem endpoints
3 Put it on your mobile endpoints
4 Natively integrate it into your IaaS/PaaS infrastructure
5 Enjoy the control• Homogenous policies• Visibility, Control and Compliance• Correlation and Analytics
Copyright © 2014 Symantec Corporation35
securing modern applications
Copyright © 2014 Symantec Corporation36
---------------
---------------
modern applications live in the cloud
SaaS
Copyright © 2014 Symantec Corporation37
---------------
---------------
we don’t control any part of that stackwhere shall we put our control point?
SaaSWE NEED A NEW CONTROL POINTTHE CLOUD SECURITY BROKER
Copyright © 2014 Symantec Corporation38
---------------
---------------
SaaS
APPLICATIONS
1 External control point
2 Proxy and API based
3 Context, content and identity aware
4 Enjoy the control• Email, storage and application support• Event monitoring, SSO, data protection• Compliance and audit ready
remember the first thought you were holdingTHE CLOUD SECURITY BROKER
Copyright © 2014 Symantec Corporation39
so what?
Copyright © 2014 Symantec Corporation40
---------------
endpoints
IaaS/PaaS
---------------
SaaS
storage
---------------
ANALYTICS
when all these control points can communicate intelligentlywhat you get is nothing short of
MAGIC
Copyright © 2014 Symantec Corporation41
---------------
endpoints
IaaS/PaaS
---------------
SaaS
storage
---------------
ANALYTICS
get ready to harness the power of the cloud
---------------
1 The cloud powered SOC
2 The future of SIEM – on-prem and cloud telemetry
3 Cross-control point data correlation
4 Enjoy the control• Advanced Threat Protection• User behavior, data flow and threat
intelligence• Prioritized and actionable
WITHOUT GIVING UP CONTROL
Copyright © 2014 Symantec Corporation42
there is only one word you need to know when talking about the cloud
Copyright © 2014 Symantec Corporation43
CONTROL
Copyright © 2014 Symantec Corporation44
actually, there is a second thing you need to know about control in the cloud
Copyright © 2014 Symantec Corporation45
you can have it today with
Thank you!
Copyright © 2014 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.
Vishal Gupta
46
Recommended