didzis balodis, cissp, head of it security and infrastructure at squalio using the cloud - practical...
TRANSCRIPT
Didzis Balodis, CISSP, Head of IT Security and Infrastructure at SQUALIO
Using the Cloud - practical security implications
Facts and numbers
Practical Cloud security
Conclusions
Data source: KPMG research- http://www.kpmg-institutes.com/institutes/shared-services-outsourcing-institute/articles/2015/03/spps-it-outsourcing-management-summary-2014-15.html
28%
17%
16%
Data location, security and privacy risks
Integration with existing IT
Regulatory and compliance concerns
TOP 3 barriers to adoption of Cloud Services
Data source: Eurostat - http://ec.europa.eu/eurostat/statistics-explained/mobile/index.php#Page?title=Cloud computing - statistics on the use by enterprises&lg=en
57%
48%17%
Risk of security breach
Location of data, legal jurisdiction
Insufficient knowledge and skills
Factors limiting use of cloud Services
38%
32%32%
Risk of security breach
Insufficient knowledge and skills
High cost of cloud computing
Small and medium enterprises:
Large enterprises:
Microsoft Azure
IT security statistics don’t change
SIMPLE ATTACKS96%
VERY FEW SECURITY
BREACHES IN THE PUBLIC
CLOUD
«TO DATE, THERE HAVE BEEN
Gartner Inc.
- MOST BREACHES CONTINUE TO INVOLVE
ON-PREMISES DATA CENTER
ENVIRONMENTS.»
Customer Cloud provider
On-PremisesInfrastructureas a Service
Platformas a Service
Softwareas a Service
Networking
Hardware
Physical Security
Operating System
Middleware
Virtualization
Data
Applications
Users
Shared responsibilityREDUCES SECURITY COSTS + MAINTAINS FLEXIBILITY, ACCESS, & CONTROL
Is cloud more or less secure than my on-
premises infrastructure?
Cameras
24X7 security staff
Barriers
Fencing
Alarms
Two-factor access control: Biometric readers & card readersSecurity operations center
Days of backup power
Seismic bracing
BuildingPerimeter
Computer room
Physical security
Infrastructure security
9
Systems management & monitoring
Threat defense
Physical & logical security
I have heard that cloud is not secure. Is it?
Cloud service availability
Cloud service security
Additional security layers
VIDEO DEMO Azure 2 factor authenticaiton.
https://www.youtube.com/watch?v=__ytuEiY-Aw
CONCLUSIONCloud security
Evaluate and Monitor
DO Risk Assessment
Choose the RIGHT
solution
Thank you!