Horizontal Media Solution Provider

FLEXIBILITY

We were born

CLOUD

in 2006

CONTINUOUSLY

INNOVATE

ON BEHALF

OF THE CUSTOMER

Mobile and Social in 2012

Reborn

CONTINUOUSLY

ADD VALUE

Today, in 2014

We provide

Horizontal Media

Solutions

Global Reach

24X7 Operations

Following Sun

57 Countries.

33 Languages.

Over 400

Customers

Strong presence in Media / Life Sciences / Manufacturing /

Education Verticals

Cloud Based

Offerings

Pressmart Cloud Based Offerings

AWS Cloud Services Publication Cloud Education Cloud

We offer following cloud based solutions & services

AWS Cloud

Services

The 7 Transformations of Cloud

Computing for Media Companies

A common misconception:

cloud computing is only about….

Saving money

Cloud Transforms hat’s possi le

Transformation 1:

Launch New Media Services Fast

Traditional Infrastructure Drives up

the Cost of Failure … I o atio Suffers

How many big ticket

technology ideas can

your budget tolerate?

Experiment

Often & Fail

Quickly with

AWS

Cost of failure falls dramatically

People are free to try out new ideas

More risk taking, more innovation

Transformation 2:

New application success is not a problem

With traditional hardware it may be

impossible to keep up with demand

With the cloud you can easily add the VM, storage,

DB, and CDN resources you need

Transformation 3:

New platforms and devices are opportunities, not threats

With traditional infrastructure, your

media waits in line

With the cloud you can add

thousands of servers to encode your

library fast.

Problem: Timeline overruns to support

PS3 launch

Solution: AWS’s Scale,1200 virtual

machines on-demand

Benefits:17,000 titles (80TB of data)

transcoded in days, able to support

launch

Transformation 4:

Distributed Architectures Made Easy

High

Availability

Building Distributed

Architectures

with Traditional

Infrastructure is Difficult

Cloud Computing Makes This Easier Distributed

Infrastructure

Building

Blocks

Availability Zones

AWS Regions

EC2 Instances

Elastic Load Balancer

Multi-AZ

Services

S3

RDS

DynamoDB

Loosely Coupled

Process Coordination

SWF

SNS

SQS

Architecture Templates for Common Patterns

aws.amazon.com/architecture

Transformation 5:

Embracing the security advantages of shared systems

Infrastructure

Every Customer Gets the Highest

Level of Security

AWS Security Infrastructure

SOC 1/SSAE 16/ISAE 3402,

ISO 27001, PCI DSS, HIPAA, ITAR,

FISMA Moderate, FIPS 140-2

Your

Apps

Applications

Flexibility to Choose the Right Security

Model for Each Application

Transformation 6:

Big Data without Big Servers

Atta ki g Big Data Pro le s Should ’t Be This Co pli ated

Storing Massive Data

Volumes Into A Huge Data

Warehouse

Investing In Expensive

Server Clusters To Process

The Data

Amazon S3

The Cloud Makes This a Lot Simpler

Load Data in the Cloud

Organize & Analyze Data

Visualize Results

1 2 3

Amazon DynamoDB

Hadoop Clusters

Amazon EMR

Transformation 7:

Content Access not Content Copies

Content and apps were device

specific and needed to be replicated

Now the cloud is the content hub

How Pressmart

Can Help To

Achieve

Transformation

Typical Deployment

Private Connections

Workload Migrations

Access Control Integration

Work with Existing

Management Tools

On-Premises Apps

Customer Data Centers

Cloud Apps AWS

Most enterprises will run a hybrid IT architecture

Some workloads will run on-premises

Some workloads will run in the cloud

Management & Integration is mixed

Workloads can be migrated back and forth

Hybrid (not all or nothing)

Typical Use Cases

Prototyping and Development

Test and Staging

Data Warehousing and Analytics

Collaboration

DR/BCP and Data Archiving

Web Application Architectures

Media caching, streaming and delivery

Tried and True

Cloud-Ready

Cloud Risks, Both Old and New

1. Data Breaches

2. Data Loss

3. Account Hijacking

4. Insecure APIs

5. Denial of Service

6. Malicious Insiders

7. Abuse of Cloud Services

8. Insufficient Due

Diligence

9. Shared Technology

Issues

Source- Cloud Security Alliance

Cloud Computing Top Threats in 2013

1. Accountability & Data Risk

2. User Identity Federation

3. Regulatory Compliance (CPNI, PCI, SOX…) 4. Business Continuity & Resiliency

5. User Privacy & Secondary Usage of Data

6. Service & Data Integration

7. Multi-tenancy & Physical Security

8. Incidence Analysis & Forensics

9. Infrastructure Security

10. Non-production Environment Exposure

Top 10 Cloud Risks Source- OWASP

Governance

& Control

Measure, Mitigate, Accept

We Manage Your Cloud Technology Risks

A model of shared

control

responsibility

AWS

CSP

Customer

We do Active Risk Tracking and Mitigation

Example Risks Impact

Rating

Mitigation

Type Remediation/Best Practice

Effort

Level

No formal process to

assess, track and

report cloud

computing risks.

High People, Process

1. Develop a risk and reporting policy specific to Cloud

Computing.

2. Begin project work to prioritize and address findings and

mitigate risk to within acceptable limits.

Medium

Security configuration

drifts from approved

standards.

High Technology, Process

1. Develop a change control process and testing policy for

Cloud Computing resources.

2. Implement configuration reconciliation and change

detection capabilities across App (source and runtime), OS

and infrastructure.

Medium

Unauthorized access

to xxxx. Critical

Technology, Process

1. Institute clear standards, reference designs and scanning

for all CNPI use cases.

2. Design and implement data protection and detection for

all xxxx associated systems and networks e.g. encryption

and exfiltration monitoring.

High

Uncontrolled use and

expense of cloud

resources.

High Technology, Process

1. Institute policy and preventative measures to disallow

unapproved end-user provisioning of resources and new

accounts.

2. Inventory and track changes to CSP accounts and

resources with periodic billing reconciliation.

Low

Impact on Operations A shifting Paradigm – need for both control and agility at web-scale

Almost everything is automatable, for better or worse Autonomy and self-service Thoughtfully extend existing policy, tools and techniques Develop Cloud specific policy and

standards to fill the gaps

The blending of

development and

operations functions

Impact Beyond Operations

Organizational

Process

Technology

New skills and new training

Agility in project teams and management

Multiple hats and blurring of legacy

boundaries

Rethinking roles

Portal-based, self provisioning

Agility in deployments

New techniques for change management Extending access and identity management

Automating workflows and key procedures

A/B Testing and QA

Mapping vendor software licensing

New techniques for monitoring and response

Integrating support with the CSP

Changes in networking topologies

Backup, DR and high availability

Application and infrastructure event logging

Your Cloud Governance Initiative

• Ensure the IT Cloud Computing strategy is

aligned with business strategy and IT delivers

against the decided strategy.

• The risks associated with Cloud Computing are periodically assessed, tracked and mitigated in-

line with the business strategy and overall risk

appetite of the company.

• To maximize the investment, benefits and agility of Cloud Computing as a transformative

technology, while balancing the need for

vigilance and control throughout the platform

lifecycle.

To lay the foundation and framework for a

balanced approach to compliance, control,

and acceptance of Cloud Computing within

your organization.

Goal

Objectives

Strategic Alignment Value Delivery

Risk Management Performance Measurement

Cloud Governance as a Process

Cloud Governance Board

Provides a unified,

centrally governed

approach for the Cloud

environment.

New Build Guidance Control

Domains

Governance

Asset Configuration and Management

Logical Access Control

Data Encryption

Network Configuration and Management

Security Logging, Monitoring and Incident Response

Disaster Recovery

✔

✔

✔

✔

✔

✔

✔

Measure,

Confirm &

Report

Workload

Onboarding

Process

Self-service

Restricted Data- Checklist, Templates & Reference Designs

Public Data- Checklist,

Templates & Reference Designs

Example Process Workflow

Workload

Onboarding

Process

Re

qu

esto

r C

lou

d

Op

era

tio

ns

IT S

ecu

rity

Opens ticket and

declares use-case,

resource and data type

Instructs on reference

design and standard

requirements

Reviews and approves

use-case with additional

security requirements

Requests deployment

based and schedule and

test plan

Deploys resources, adds

to BAU monitoring

Scans to ensure standard

builds and adds to BAU

monitoring

Concludes UAT and

closes request

Next Steps We will conduct a full risk assessment of the Cloud Computing Program.

Informed by the risk findings:

1. Finalize the Your Cloud Governance Structure and workflow

2. Complete the Policies and Standards for Cloud Computing

3. Ensure technical and process controls meet all policies and standards

4. Start POC of suitable use cases and show agreed results

Pressmart Media Limited

India

3rd Floor, MJR Arcade,

Khanamet, Gurukul Society, Landmark: Near Meridian School, Madhapur, Hyderabad - 500081, AP T : +91 (40) 6612 4000

E : sales@pressmart.com

W : www.pressmart.com