cloud security checklist and planning guide summary
Post on 07-Dec-2014
2.450 Views
Preview:
DESCRIPTION
TRANSCRIPT
Building a Secure Cloud Environment
Practical Planning Guide from Intel
2 INTEL IT CENTER | Peer Research
Seven Steps for Planning Cloud Security
Start planning early. Identify vulnerabilities.
Mitigate vulnerabilities.
Protect data.
Secure infrastructure.
Enable compliance monitoring.
Choose the right cloud service provider.
1234567
3 INTEL IT CENTER | Peer Research
Think about the FundamentalsStep 1: Start Security Planning Early
1 What are the business priorities?
2 Which workloads do you want to move to the cloud?
3 How sensitive is the data?
4 What cloud delivery model works best?
5 What about compliance?
6 How will the data flow?
7 How will users access data and applications?
4 INTEL IT CENTER | Peer Research
Seven Areas of Security RiskStep 2: Identify Vulnerabilities
1 Abuse and nefarious use of cloud services
2 Insecure interfaces and APIs
3 Multitenancy and shared technology issues
4 Data loss or leakage
5 Account or service hijacking
6 Malicious insiders
7 “Unknown” risks
5 INTEL IT CENTER | Peer Research
Physical Layers at Risk
Growing attack targetDesktops, laptops, and other mobile devices.
Step 2: Identify Vulnerabilities
Growing attack targetWeb servers, portal servers, e-mail servers, bridges, and routers.
Emerging attack targetVirtualization, database management, and storage infrastructure.
6 INTEL IT CENTER | Peer Research
Four Things an IT Manager Can Do
Control access by managing identities and manage API control points at the network edge.
Encrypt data that rests or moves in and out of both private and public clouds.
1
2
Establish trusted compute pools to secure data center infrastructure and protect clients.
3
Build higher assurance into compliance to streamline auditing and increase visibility into your cloud.
4
Step 3: Mitigate Vulnerabilities
7 INTEL IT CENTER | Peer Research
Safeguard Data Throughout the Cloud
Accelerate and strengthen encryption so that the performance penalty is virtually eliminated, paving the way for pervasive encryption.
Accelerate secure connections for transferring encrypted data.
Reduce data loss through data loss prevention (DLP) policies that proactively detect threats, identify potential fraud, and avoid unauthorized data transfer.
Step 4: Protect Data
Data loss
8 INTEL IT CENTER | Peer Research
Protect Client, Edge, and Data Center Systems
Create secure clients to ensure that only authorized users can access the cloud and to guard endpoint devices against rootkit and other low-level malware attacks.
Protect edge systems at the API level where external software interacts with the cloud environment.
Create a secure data center infrastructure with hardware-based technologies that build trust between servers and between servers and clients.
Step 5: Secure Your Infrastructure
44%1%
70%
Foundational Role
Small Role
Strong Role
57% 37% 6%
62% 32% 6%
59% 34% 8%
44% 54% 2%
Total (n=200)
Already deployed (n=79)
In process of deployment (n=80)
Planning/evaluation (n=41)
Agree completely
Agree somewhat
Disagree
10%No Plan
47%Currently Utilizing
42%
Plan to in Next 12 Months
IT
User
9 INTEL IT CENTER | Peer Research
Build Higher Assurance into Compliance
Build trusted compute pools of servers, which form the foundation for compliance in both public and private clouds.
Ensure the continued trustworthy status of compute pools with routine integrity checks.
Support audit and security management by making trusted pool integrity checks available to policy management, security information and event manager, and governance, risk management, and compliance solutions.
Step 6: Enable Compliance Monitoring
10 INTEL IT CENTER | Peer Research
Build Security into Your Evaluation
Make sure data and platform security are built into any offering.
Establish measurable, enforceable service level agreements (SLAs) for verification.
Search for cloud providers with Intel Cloud Finder based on key security and other criteria.
Step 7: Choose the Right Cloud Service Provider
Review the Security Considerations Checklist.
®
11 INTEL IT CENTER | Peer Research
We Have a Lot More to Say about Cloud Security
Intel.com/ITCenter
• Read the planning guide, Cloud Security: Seven Steps for Building Security in the Cloud from the Ground Up.
• Review proven cloud security reference architectures at Intel Cloud Builders.
• Streamline the cloud service provider selection process at Intel Cloud Finder.
• Learn more about cloud security at intel.com/cloudsecurity.
12 INTEL IT CENTER | Peer Research
Legal
The information in this document is provided only for educational purposes and for the convenience of Intel customers. The information contained herein
is subject to change without notice, and is provided “AS IS” without guarantee or warranty as to the accuracy or applicability of the information to any
specificsituationorcircumstance.
This presentation is for informational purposes only. THIS DOCUMENT IS PROVIDED “AS IS” WITH NO WARRANTIES WHATSOEVER, INCLUDING ANY
WARRANTY OF MERCHANTABILITY, NONINFRINGEMENT, FITNESS FOR ANY PARTICULAR PURPOSE, OR ANY WARRANTY OTHERWISE ARISING OUT OF
ANY PROPOSAL, SPECIFICATION, OR SAMPLE. Intel disclaims all liability, including liability for infringement of any property rights, relating to use of this
information. No license, express or implied, by estoppel or otherwise, to any intellectual property rights is granted herein.
Copyright © 2012 Intel Corporation. Intel, the Intel logo, Intel Sponsors of Tomorrow., and the Intel Sponsors of Tomorrow. logo are trademarks of Intel
Corporation in the U.S. and other countries.
top related