Not so fast!

“I’m Cloud Confused” series

In CloudWe Trust

http://www.slideshare.net/Guppers/im-cloud-confused

If you’re new to Cloud Computing, or just confused…

Please try

the biggest Cloud Computing concerns are…

Security Privacy

Is Cloud Computingsecurity weaker

than

EnterpriseSecurity?

Fundamental Question

a Typical Reaction

when asks about security

SHA256

PKCS

X.509

AES

DES

Salt

IV

Heard

it

on

the street

Security is….

Complex Boring

Hacker stuff

Necessary EvilComplicates my life

Kills usability

Let’s make it simple

Child Play

You worked hard this year, you bought a pile of gold bars

Let’s pick a simple story

Your BankYour House

Where should you store them?

House? Bank?

What does this thief think?

…

Plenty of valuable assets,

but it may have elaborate security protection in place

Bank

Some valuable assets,

security protection may notas elaborate

House

What would you do to boostyour protection?

Yes, build layers of defense

Put Put the fence up

Install additional door locks

Let’s also install alarm system

and surveillance cameras

Feel Better?

Oh, don’t forget about

a disaster plan

Knock, knock

Who’s there?

You control who

has access to your house

And, pretty sure

your inner circle won’t steal from you

Let’s translate…

Corporate Data

IT Assets(Software, Hardware)

Employees

You feel totally in control

Why in the world

you would give up control?

..and many eyes aim at big prizes

a few things to consider….

when delegating security to other…

It’s all about Trust

Trust

It’s all about

Do you trust them that they’ll still be in the

business tomorrow? Help!

Ex-Cloud Provider willwork for Food

Didn’t we see this before?

Recommendation

Pick services that are

backed by major players

Data Lost

It is unlikely.

Reputable Cloud Providers copy data 3-4 times

However, it is normal to store highly value-able data in

two or more different cloud providers

Cloud Provider 1 Cloud Provider 2

Servicereplicated replicated

Data

Data Privacy

Confidentiality

Data in Transit

Cloud Provider

It can be secured using encryption technology, e.g. SSLIt is used especially for sensitive data

Internetdata

Data at Rest

More and more cloud providers are developing native data encryption Even if it is stolen, it will be useless for attackers

Biggest prize for attackers!

Cloud Provider

You can pick where your data resides

Physi

cal A

ccess

Data CenterCloud Provider

Security processes are typically in place for physical access Background Check

Two factor authentication

Video surveillance

Intrusion detection system

Audit

Multi tenantInfrastructure

Corporate 1 Corporate 2 Corporate 3 Corporate 4

…infrastructure is shared by many corporations (tenant)

Will vulnerability in one company

affect others in the cloud?

VirtualizationData Isolation

Cloud Providers use

isolation techniques

Computing Isolation

a vulnerability in one tenant has little impact on other tenants

Identity

Employees

Customers Suppliers

Cloud Computing

Unwanted guest

XYZCorp.com

Potential External Entry Points

Web SiteHTTP(S)

Web ServicesHTTP(S)

Database Blob(Files, Docs)

Queue Custom

Worker VM

Typical access to a web site hosted in the Cloud

Example of

a stronger authentication process

for sensitive web site

A8KP

Accessing other Cloud Services(Example)

https://aservice.mycloudprov.net

Address

Key1

R3ZhU3xAmLIEAnRRyiMHx…

Key2

xFAlNx4VeRDGQgSQI…

Control which network or machines have access

98.237.178.63 83.231.32.17

Let’s look at from cloud infrastructure provider’s

perspectives

Typical SLAs to compete

99.95% uptime

around

It is in their best interest to maintain reputation, best security practice

their business depends on it

Headlines they try hard to avoid

…. has been downsince yesterday

Data is stolen from ….

Security breach at data center….

Should you migrate all to Cloud?

NOCloud Computing is still at infancy

Trust is Always Earned,

Never Given---R. Williams

Enterprise

Migrate non-critical business operations,

departmental level data first

and Observe!

It’s not as difficult as you think

simplicity, agility and elasticity (another topic for further discussion)

Excited about new possibilities in

cloud space?

Follow discussions andpresentations on

http://www.facebook.com/pages/Im-Cloud-Confused/219897591208?ref=ts

“I’m Cloud Confused”

facebook

Us You

10 simple questions,

2 minutes to completehttp://surveymonkey.com/s.aspx?sm=NrndNTZkoG6j8BWJYejC1g_3d_3d

Will Publish Results on

facebook

Want to try Cloud for your business now ?

Only a few minutes to setup

http://www.slideshare.net/Guppers/guppers-3-minute-walkthrough

For more presentations like this, visit, follow, subscribe to:

Blog: http://www.andyharjanto.com Twitter: http://twitter.com/harjanto

Contact: andy@guppers.com