Date post: | 31-Jan-2015 |
Category: |
Documents |
Upload: | vladimir-jirasek |
View: | 1,123 times |
Download: | 1 times |
Security architecture and Cloud computing, are these
mutually exclusive?
Vladimir JirasekDirector of Research, CSA UK
25 October 2012
https://cloudsecurityalliance.org.ukCopyright © 2012 Cloud Security Alliance
Cloud model maps to Security model
Cloud model
Physical security
Network security
Host security
Application sec.
Data security
SIEM
Iden
tity
, A
ccess
Cry
pto
gra
phy
Business continuity
GRC
Direct map
https://cloudsecurityalliance.org.ukCopyright © 2012 Cloud Security Alliance
Responsibilities for areas in security model compared to delivery models
Physical security
Network security
Host security
Application sec.
Data security
SIEM
Identity, Access
Cryptography
Business continuity
GRC
Provider responsible Customer responsible
IaaS PaaS SaaS IaaS PaaS SaaS
https://cloudsecurityalliance.org.ukCopyright © 2012 Cloud Security Alliance
How to manage cloud security• Have a cloud security standard
• What to do on an Enterprise level
• Before your Cloud project
• During your Cloud project
• BAU
• Exit from the Cloud provider
• Risks cannot be outsourced
• Manage lock-in and exit up-front – especially in SaaS
How to drive out the 'seven deadly sins' of cloud computing - new Information Security Forum report
https://cloudsecurityalliance.org.ukCopyright © 2012 Cloud Security Alliance
Cloud Security Alliance supports number of projects related to cloud
Get involved at https://cloudsecurityalliance.org/
research/
https://cloudsecurityalliance.org.ukCopyright © 2012 Cloud Security Alliance
Contact
• Help us secure cloud computing
• http://cloudsecurityalliance.org.uk
• LinkedIn: http://www.linkedin.com/groups/Cloud-Security-Alliance-UK-Chapter-3745837
• Twitter: @CSAUKResearch