ibm and beyondtrust presents: protecting your sensitive data in the cloud
DESCRIPTION
Presented by IBM and BeyondTrustTRANSCRIPT
© 1985-2012 BeyondTrust Software, Inc. All rights reserved
Protecting Your Sensitive Data in the Cloud
Jim Zierick EVP Strategy and Corporate Development
BeyondTrust
June 26, 2012
Ed Bottini Global Cloud Computing Ecosystem Manager
IBM
© 1985-2010 BeyondTrust Software, Inc. All rights reserved
• IBM Smart Cloud Offering
• The State of the Cloud
• Cloud Security Best Practices
• BeyondTrust Cloud Security
• Next Steps
• Q&A
Agenda
2
3 © 2012 IBM Corporation
How Important are the Following Objectives for Adopting Cloud? % of Respondents
Source: 2011 IBM/EIU Cloud Survey Results, Q5: How Important are the Following Objectives for Adopting Cloud?, n= 572
62%
57%
56%
54%
51%
46%
43%
Business Capabilities Internal Efficiencies
Increased collaboration with external partners
Important or Very Important
Enterprises intend for cloud to improve their business capabilities
Competitive/cost advantages thru vertical integration
New delivery channels/markets
New/enhanced revenue streams
Competitive differentiation thru specialization
Rebalanced mix of products/services
Flexible pricing models
Close to half (42%) of organizations surveyed plan to harness
cloud for radical business model innovation within three years
3
4 © 2012 IBM Corporation
Adoption patterns are emerging for successfully beginning and
progressing cloud initiatives
Cut IT expense & complexity through a cloud enabled data center
Accelerate time to market with cloud platform services
Gain immediate access with business solutions on cloud
Innovate business models by becoming a cloud service provider
5 © 2012 IBM Corporation
Private & Hybrid
Cloud Enablement
Technologies
Managed Services
Infrastructure & Platform
as a Service
Business Solutions
Software & Business
Process as a Service
FOUNDATION SERVICES SOLUTIONS
Commitment to open standards and a broad ecosystem
IBM offers clients choice of cloud delivery models…
6 © 2012 IBM Corporation
Application
Lifecycle
Application
Resources
Application
Environments
Application
Management
Integration
Infrastructure
Platform
Availability and
Performance
Security Payment and
Billing
Application Services
Enterprise Enterprise+
Management
and Support
Client
defined
services
Industry
services
Data and
analytics
services
Workplace
services
Security
services
Resilience
services
Enterprise
applications
Partner
services
Enterprise
data center
Managed private cloud
Enterprise
Hosted private cloud
Enterprise
Shared cloud services
A B
SERVICES
7 © 2012 IBM Corporation
Transforming Application Lifecycle Management leveraging Cloud & ecosystem partner services
Project
Initiation
Requirement
Analysis
Design Deployment Production Development Test
Defects loaded in Rational
Quality Manager and tracked
through application life cycle
Code Analysis & Reporting
Application Virtualization
Performance Testing Services
Mobile Device Testing
Defect Analysis
Maintain
Community of Partners
Workload Portability
Application Virtualization
Testing Solutions
Testing on Devices
8 © 2012 IBM Corporation
Cloud Builders
Cloud Infrastructure
Providers
Cloud Technology
providers
Cloud Application Providers Cloud Services Solution Providers
IBM has built and ecosystem to enhance our capabilities and deliver
client value
Application
Lifecycle
Application
Resources
Application
Environments
Application
Management
Integration
Infrastructure
Platform
Availability and
Performance
Security Payment
and Billing
Application Services
Enterprise Enterprise+
Management
and Support
Client
defined
services
Industry
services
Data and
analytics
services
Workplace
services
Security
services
Resilience
services
Enterprise
applications
Partner
services
Enterprise
data center
Managed private cloud
Enterprise
Hosted private
cloud
Enterprise
Shared cloud services
A B
© 1985-2010 BeyondTrust Software, Inc. All rights reserved
#1 Concern When Moving to the Cloud
Security is the #1 concern when moving deployments to the Cloud
IDC Enterprise Panel Survey on Cloud challenges
Poneman’s Surveys concluded that:
• 79% of respondents believe that being able to efficiently manage security in the cloud is critical.
• 42% of respondents indicated they would not
know if their organizations' cloud applications or data was compromised by a security breach or data exploit
9
© 1985-2010 BeyondTrust Software, Inc. All rights reserved
Per Cloud Security Alliance’s “Top Threats to Cloud Computing (March 2010) – Abuse & Nefarious Use of Cloud Computing
– Insecure Interfaces and APIs
– Malicious Insiders
– Shared Technology Vulnerabilities
– Data Loss/Leakage
– Account or Service Hijacking
Top threats to Cloud Computing
10
© 1985-2010 BeyondTrust Software, Inc. All rights reserved
The Evolving Threat Landscape
Boldness and inventiveness of hackers is outrunning companies’ ability to deal with them. Theft of intellectual property from U.S. companies is occurring at a rate of $200B a year.
“Organizations continue to struggle with excessive user privilege as it remains the primary attack point for data breaches and unauthorized transactions.”
~ Mark Diodati, Burton/Gartner Group
• Cost of security operations outstripping IT budget growth
• Threat surface increases with every new user and every new technology
– Acceleration of APT activities
– BYOD/’Consumerization’ of IT a fact of life now
– Virtualization and the Private Cloud blur create gaps for attack
• Challenges in distinguishing between ‘potential’ and ‘real’ threats
11
© 1985-2010 BeyondTrust Software, Inc. All rights reserved
The Problem is Broad and Deep
• The threat from attacks is a statistical certainty and businesses of every type and size are vulnerable.
• Organizations are experiencing multiple breaches: 59 percent had two or more breaches in the past 12 months.
• Only 11 percent of companies know the source of all network security breaches.
12
© 1985-2010 BeyondTrust Software, Inc. All rights reserved
You can’t secure ‘The Cloud.’ There is no ‘The Cloud.’ If you don’t have a robust security program, cloud computing will make it worse.” Christopher Hoff – Founding member
and technical advisor to the Cloud Security Alliance
Demystifying Cloud Security
13
© 1985-2010 BeyondTrust Software, Inc. All rights reserved
Cloud Computing Reality – Public, Hybrid or Private
• Increasing scale – from thousands to tens of thousands servers
• Increasing complexity makes configuration and change management challenging
– Complex directory structures are a major pain point
• Reliability is critical to realizing operational improvement
Impact of Cloud Computing
14
© 1985-2010 BeyondTrust Software, Inc. All rights reserved
Rethink Existing Controls for Clouds
What’s the same – Many technical controls are the same
What’s different – Massively automated, virtualized, multi-tenant
environment
– Complex supply chain, multiple-domain security concerns
Necessitates some shifts in security strategy – New controls (hypervisor integrity monitoring)
– Process-related controls (application and data governance)
15
© 1985-2010 BeyondTrust Software, Inc. All rights reserved
Requirements:
Account for All Privileged Users
Manage Provisioning/De-Provisioning Privileged Credentials
Implement a “Least Privilege” based Control System
Monitor and Reconcile Privileged Activity
Maintain a High Quality Audit Repository
Automate Compliance Reporting
Best Practice For Cloud Security
Full Life-Cycle Control of Privileged Users
16
© 1985-2010 BeyondTrust Software, Inc. All rights reserved
Requirements For Enterprise Grade Cloud Security
• Scalable, enterprise grade fabric
• Seamless integrations with on-premise and cloud directories
• Allow admins to manage policies not infrastructure
• Dynamically react to changes in virtual environment
• Quantifiable performance metrics of how it’s performing
17
© 1985-2010 BeyondTrust Software, Inc. All rights reserved
BeyondTrust allows companies to extend existing security infrastructure, policies and compliance reporting to their private, public and hybrid clouds such that it is
• Scalable
• Elastic
• Easily installed
• Easily managed
Cloud Security with BeyondTrust
18
© 1985-2010 BeyondTrust Software, Inc. All rights reserved
Public, Private and Hybrid Cloud Computing Security
• Solutions for infrastructure, endpoints, data and applications
• Support for physical, virtual, public, private and hybrid cloud environments
• Allows IT governance to strengthen security, improve productivity, drive compliance and reduce expense
The BeyondTrust Vision
Security in Context Our threat management and policy enablement solutions provide zero-gap visibility and actionable intelligence to reduce risks and close security gaps by integrating providing Security in Context across vulnerabilities, privilege and data.
Server & Desktop, Physical & Virtualization Windows, Linux,
Unix
Network Device Security
Data Security & Leak Prevention
Governance, Risk & Compliance
19
© 1985-2010 BeyondTrust Software, Inc. All rights reserved
Context-Aware Security Intelligence
Complete Risk Management for both Internal and External Threats
Discovery of all internal and external vulnerabilities and threats
Prioritization of risk according to threats, resources, privileges, etc.
Threat-aware mitigations and preventative measures including Patch Management, Least Privilege, DLP and Endpoint protection.
Continuous monitoring and measurement of threat posture
Automated compliance reporting
20
© 1985-2010 BeyondTrust Software, Inc. All rights reserved
Context-Aware Security Intelligence
Benefits
Comprehensive preventative intelligence
BeyondTrust allows you to discover all your security weaknesses across vulnerabilities, privilege and data and provides you with the security intelligence you need to protect business assets from cyber attacks.
Fully automated and integrated; less resource intensive
BeyondTrust automates the full spectrum of ongoing assets discovery, assessments, policy and compliance enforcement for your entire IT infrastructure across Desktop, Servers, Mobile, Virtual, Database and Cloud.
Flexible and Scalable
Our solutions support distributed deployment across the largest organizations around the globe.
21
© 1985-2010 BeyondTrust Software, Inc. All rights reserved
BeyondTrust Solutions For Cloud Computing
Unix, Linux and Windows Servers
Monitor critical databases
Policy Based Security
Flexible Network Configuration
Highly Scalable
Dynamic Deployment
Mixed Networks
Activity Directory Bridge
Virtualized and cloud environments
Purpose built threat assessment and management
RETINA CS
22
© 1985-2010 BeyondTrust Software, Inc. All rights reserved
Comprehensive Hybrid Cloud Model
HR Systems Financial Systems PCI
Application
Operating System
Hypervisor
Database
PowerBroker Enterprise Fabric
Flexible Deployment Across Virtual and Physical Infrastructure
• Programmable
• Policy driven
• Dynamically Deployed
• Context aware and adaptive
Easily Configured into Separate Security Zones to allow Context Aware Cloud Security Policies
Systems
Management
Identity
Services
Servers Virtualization
24
© 1985-2010 BeyondTrust Software, Inc. All rights reserved
Next: Learn More About Secure Cloud Deployments
BeyondTrust Resources
Free whitepaper: Elevating Cloud
Security with Privilege
Delegation
Find both here:
www.beyondtrust.com/SmartCloud
Free product evaluation
IBM Resources
Learn more about IBM SmartCloud
Enterprise and Sign Up for an Account
Visit:
www.ibm.com/buycloud
25
© 1985-2012 BeyondTrust Software, Inc. All rights reserved
Thank You
800-234-9072
818-575-4000
www.beyondtrust.com
Join the Conversation!