control in the cloud with slas -...
TRANSCRIPT
www.enisa.europa.eu
Control in the cloud with SLAs at OASIS International Cloud Symposium,
London, October 10, 2011
Marnix Dekker, ENISA
www.enisa.europa.eu
Trust
www.enisa.europa.eu
3
Governance and assurance standards
www.enisa.europa.eu 4
www.enisa.europa.eu 5
250 M euros of IT services, 15000 users,
1000s of servers and applications
www.enisa.europa.eu 6
It’s really cloud but… shhh
www.enisa.europa.eu
Sun at the datacenter… 7
www.enisa.europa.eu
Natural hazards 8
www.enisa.europa.eu
The proof is in the eating…
9
www.enisa.europa.eu 10
Cloud security; if you can’t measure it, you can’t
manage it.
www.enisa.europa.eu 11
Safety Liveness
www.enisa.europa.eu 12
Confidentiality, integrity
Availability, continuity
www.enisa.europa.eu 13
Penetration tests
www.enisa.europa.eu 14
Backup/failover tests
www.enisa.europa.eu 15
Data portability tests
www.enisa.europa.eu
o Joint ENISA, OASIS, CSA Workshop on security in cloud SLAs
o Hands-on, the result will be a draft of best practices
o October 13th, London, 10:00 to 13:00
o Lunch provided
Workshop on security in cloud SLAs
16
www.enisa.europa.eu
Contact Marnix Dekker ([email protected]) Giles Hogben ([email protected]) About securely moving to smartphones and cloud computing http://www.enisa.europa.eu/act/application-security
17
Upcoming events: • Joint ENISA, OASIS, CSA Workshop on security in cloud
SLAs (October 13th, London) • Virtual ENISA working group: Best practices for Cloud SLAs • SecureCloud 2012 (ENISA, CSA, Fraunhofer)