Upload
others
View
9
Download
1
Embed Size (px)
Citation preview
Transformation strategies for building
a “cloud-confident” enterprise
The Use of Cloud Brokers David Frith – CGI
This presentation will cover:
• Computing types e.g. Cloud Computing, Fog Computing, Mist
Computing, Droplet Computing
• Cloud types e.g. White Clouds, Dark Clouds, Grey Clouds,
Shadow Clouds, Black Clouds (some of these are bad!!!)
• Cloud Brokers – acting as a control point for cloud services e.g.
CASB, SPSM, CDPG and XaaS
• Cloud Broker components and deployment modes
• Cloud Broker capabilities – covering Visibility, Service
integration, Proxy Chaining methods etc…
2
Introduction
• Companies are consuming cloud capabilities offered by external
suppliers, as well as building them in-house
• Often purchasing is done ad-hoc across a variety of cloud
services and between multiple suppliers leading to a highly
fragmented IT environment
• Such environments may include new multi-cloud offerings, hybrid
cloud usage, cloud bursting services and a variety of
orchestration and enabling third parties
• This complexity creates risk and assurance concerns for
businesses
• At a time of headline cyber-attacks and regulatory fines,
businesses are seeking confidence.
3
Cloud Computing
4
Public Cloud
Types of Cloud
5
Answer - a Cloud Broker!
• Cloud Brokers are an upcoming technology - aimed at solving a
whole number / melting pot of problems
• Can be deployed On-premises, as a SOC proxy, a cloud proxy,
or within a cloud provider
• Provides a collection of capabilities that enables an organisation
to use cloud offerings securely
• Inspect and change data where required
• Commonly offered as a wider set of XaaS – e.g. consultancy,
cloud readiness assessment, cloud-fit reviews, estimation tool
usage, review of transition efforts & capacities needed, on-going
application portfolio management
6
A Cloud Broker – a control point
7
Unified Management Interface
Dashboards & visual summaries
Views of threats, user & admin actions. Reports
on policy exceptions, users, incident severity &
outcomes. Views of billing & chargeback,
requests & changes
Inspect and Change data
DLP
Inspect data at rest and data in transit where
required, identify policy violations
Mobile Controls
MDM & BYOD
Extend security controls to mobile
devices & apply distinct policies via
device fingerprinting
Event Management
SIEM & ATI
Correlate events across systems
for cloud usage, use if Advanced
Threat Integration (ATI) and data
feeds to update infrastructure
Encrypt and Decrypt data
KMS & SSE solutions Solutions to encrypt & decrypt
data stored at rest & in transit
whilst allowing search,
preventing CSP access etc.
Behaviour Analytics
UEBA
User and Entity Behaviour Analytics – apply Machine
Learning & algorithms to large data volumes to build
models of user behaviour & detect anomalous activities
Data centric control
IRM
Information Rights
Management to apply granular
level controls, inspect content &
apply context aware policies
Federate Identities
IDM / IDaaS & SSO
Enforce access policies, enable integration
with existing IDM, define coarse level &
Fine Grained Access (FGA)
En
ab
lem
en
t &
Tra
nsfo
rmati
on
Serv
ices
Active and Static Management Services
En
ab
lem
en
t &
Tra
nsfo
rmati
on
Serv
ices
Cloud Broker Capabilities
Unified Management Interface
8
Cloud Broker deployment options…
9
Cloud BrokerSOC
Cloud Proxy
Cloud BrokerCloud Broker
Cloud Broker
Cloud Broker
Cloud Broker – Visibility (First Mile)
10
On-Premise
Log to history list
Cloud Broker
Cloud Broker – Integration (First Mile)
11
12
Cloud Broker – Proxy & API (Last Mile)
Cloud Brokers – a summary
• A Control & Integration Point – orchestrating security processes
for Cloud Services
• Governs cloud usage - permits or denies or (where required)
alters data/workflows
• Deployed in conjunction with existing security solutions
• Provides visibility & enforces compliance via auditing and
common templates use
• Often part of a wider XaaS set of services providing consultancy,
assessment, integration, tools, training
• Helps prevent lock and provides the abstracting of access
to cloud services
13
Thank you
Cyber Security supplier to
40+ years
of experience Advise, build and
operate for Government
and commercial clients,
with a business-focused
approach
3 accredited
test facilities
In UK, Canada
and US One of only two companies
to offer this. We test
products and services of
global technology suppliers
1,400 experts
In 12 countries Sharing expertise, insight,
capabilities and solutions
100+ clients
In 16 countries Use our managed security
services
10 SOCs
Operating globally Offering protective monitoring
for Government and commercial
clients around the world
07342 076802