security in the cloud
DESCRIPTION
TRANSCRIPT
![Page 1: Security in the Cloud](https://reader036.vdocuments.us/reader036/viewer/2022081413/548f3f57b479597a588b4e41/html5/thumbnails/1.jpg)
VISIT 2010 – Fujitsu Forum Europe 1
![Page 2: Security in the Cloud](https://reader036.vdocuments.us/reader036/viewer/2022081413/548f3f57b479597a588b4e41/html5/thumbnails/2.jpg)
Cloud Computing – Room 13b
Shapingtomorrowwith you.
Security in the Cloudwith you.
John AlcockManaging Consultant,Fujitsu UK & Ireland
15:00 h15:00 h
VISIT 2010 – Fujitsu Forum Europe
![Page 3: Security in the Cloud](https://reader036.vdocuments.us/reader036/viewer/2022081413/548f3f57b479597a588b4e41/html5/thumbnails/3.jpg)
3
![Page 4: Security in the Cloud](https://reader036.vdocuments.us/reader036/viewer/2022081413/548f3f57b479597a588b4e41/html5/thumbnails/4.jpg)
Security in the Cloud
John AlcockManaging ConsultantManaging ConsultantInformation Assurance SolutionsUK & IrelandFujitsu
VISIT 2010 – Fujitsu Forum Europe
Fujitsu
4 Copyright 2010 FUJITSU
![Page 5: Security in the Cloud](https://reader036.vdocuments.us/reader036/viewer/2022081413/548f3f57b479597a588b4e41/html5/thumbnails/5.jpg)
AgendaWhat do we expect “Security in the Cloud” to look like?Applying this to our organisationsFujitsu’s approach and experienceSummary and DiscussionSummary and Discussion
VISIT 2010 – Fujitsu Forum Europe Copyright 2010 FUJITSU5
![Page 6: Security in the Cloud](https://reader036.vdocuments.us/reader036/viewer/2022081413/548f3f57b479597a588b4e41/html5/thumbnails/6.jpg)
What do we expect “Security in the Cloud” to look like?look like?
What is “cloud” and what makes us nervous about using it?
VISIT 2010 – Fujitsu Forum Europe Copyright 2010 FUJITSU6
![Page 7: Security in the Cloud](https://reader036.vdocuments.us/reader036/viewer/2022081413/548f3f57b479597a588b4e41/html5/thumbnails/7.jpg)
What is “Cloud”?Cloud Computing is a mechanism for the delivery of services. It is service-based, scalable and elastic, shared, metered by use, and uses internet technologies. Source: Gartner
Why are we interested?Consumer perspectiveSupplier perspective
Th iThree scenarios:Using pre-existing Cloud servicesMigrating Enterprise services to the CloudMigrating Enterprise services to the CloudCloud being used as part of the delivery mechanism
VISIT 2010 – Fujitsu Forum Europe Copyright 2010 FUJITSU7
![Page 8: Security in the Cloud](https://reader036.vdocuments.us/reader036/viewer/2022081413/548f3f57b479597a588b4e41/html5/thumbnails/8.jpg)
Barriers to Cloud adoption
Security and performance issues are at the top of the lists of concerns raised by organisations:
Security and compliance issues 38%Loss of local control 36%Vendor lock-in 30%Vendor lock-in 30%Lack of upgrade control 30%
Source: IDC
VISIT 2010 – Fujitsu Forum Europe Copyright 2010 FUJITSU8
![Page 9: Security in the Cloud](https://reader036.vdocuments.us/reader036/viewer/2022081413/548f3f57b479597a588b4e41/html5/thumbnails/9.jpg)
What makes security good?
ffEffectiveAppropriateAff d blAffordableEnabling Reass ringReassuringScalable
VISIT 2010 – Fujitsu Forum Europe Copyright 2010 FUJITSU9
![Page 10: Security in the Cloud](https://reader036.vdocuments.us/reader036/viewer/2022081413/548f3f57b479597a588b4e41/html5/thumbnails/10.jpg)
Applying this to our organisations
What to look forGood governanceGood governanceGood technology
VISIT 2010 – Fujitsu Forum Europe Copyright 2010 FUJITSU10
![Page 11: Security in the Cloud](https://reader036.vdocuments.us/reader036/viewer/2022081413/548f3f57b479597a588b4e41/html5/thumbnails/11.jpg)
Do security concerns constrain us?Lack of understandingFear of the unknownLoss of control
Business understanding is key
VISIT 2010 – Fujitsu Forum Europe Copyright 2010 FUJITSU11
![Page 12: Security in the Cloud](https://reader036.vdocuments.us/reader036/viewer/2022081413/548f3f57b479597a588b4e41/html5/thumbnails/12.jpg)
Do security concerns constrain us?Need to be very sure about country of operation
Must ensure legal and regulatory complianceCompliance has to be maintainedCompliance has to be maintainedThreat profile in country needs to be understoodLocation of dataLocation of support and management services
Who gets into the cloud?Our usersSupport staffOther customersOther customersAnyone else?
What happens when something goes wrong?What happens when something goes wrong?
How does it work?
VISIT 2010 – Fujitsu Forum Europe
How does it work?
Copyright 2010 FUJITSU12
![Page 13: Security in the Cloud](https://reader036.vdocuments.us/reader036/viewer/2022081413/548f3f57b479597a588b4e41/html5/thumbnails/13.jpg)
Policies, people, processes and placesEvidence of good physical and procedural security measuresCompliance with legal and regulatory requirementsGood personnel security management – staff security clearance and aftercareOpen attitude to audit and inspectionsTransparency in operations so that you know where your data p y p y yis and the locations from which support is providedTechnical tools to manage - from a single dashboard - the g gsecurity and compliance settings across a virtual infrastructure
VISIT 2010 – Fujitsu Forum Europe Copyright 2010 FUJITSU13
![Page 14: Security in the Cloud](https://reader036.vdocuments.us/reader036/viewer/2022081413/548f3f57b479597a588b4e41/html5/thumbnails/14.jpg)
Architecture and DesignNetwork TopologyData Storage and OperationInput and Output End Points in SystemTrust BoundariesTrust BoundariesAccess ControlsSystem and Network IsolationSystem and Network IsolationCryptographic ControlsAd i i t ti C t l f S i P idAdministrative Controls for Service ProviderAdministrative Controls for Business Owner
VISIT 2010 – Fujitsu Forum Europe Copyright 2010 FUJITSU14
![Page 15: Security in the Cloud](https://reader036.vdocuments.us/reader036/viewer/2022081413/548f3f57b479597a588b4e41/html5/thumbnails/15.jpg)
The virtual worldAssess the logical network, applications, and services hosted in the Cloud.
VISIT 2010 – Fujitsu Forum Europe Copyright 2010 FUJITSU15
![Page 16: Security in the Cloud](https://reader036.vdocuments.us/reader036/viewer/2022081413/548f3f57b479597a588b4e41/html5/thumbnails/16.jpg)
Fujitsu’s approach and experienceFujitsu s approach and experience
The way we build our services
VISIT 2010 – Fujitsu Forum Europe Copyright 2010 FUJITSU16
![Page 17: Security in the Cloud](https://reader036.vdocuments.us/reader036/viewer/2022081413/548f3f57b479597a588b4e41/html5/thumbnails/17.jpg)
Fujitsu ApproachRange of security levels
On premises private infrastructure in data centre shared community infrastructure public infrastructureinfrastructure public infrastructureDifferent levels of assurance
Precision in infrastructure designPrecision in infrastructure designCare in process implementationSubject to external reviewSubject to external review
VISIT 2010 – Fujitsu Forum Europe Copyright 2010 FUJITSU17
![Page 18: Security in the Cloud](https://reader036.vdocuments.us/reader036/viewer/2022081413/548f3f57b479597a588b4e41/html5/thumbnails/18.jpg)
Where are we now?Security measures that are commensurate with the riskNo longer single levelCloud requires and enables a more profiled approach to security
What can and cannot live in the cloud?Would you trust putting anything into the cloud?What would you take from the cloud?What would you take from the cloud?What constrains us?
VISIT 2010 – Fujitsu Forum Europe Copyright 2010 FUJITSU18
![Page 19: Security in the Cloud](https://reader036.vdocuments.us/reader036/viewer/2022081413/548f3f57b479597a588b4e41/html5/thumbnails/19.jpg)
The areas Fujitsu focuses onService and Management – how the service operations function to deliver an overall approach to governance, risk and compliance incident management and the provision ofand compliance, incident management and the provision of audit services).Network the configuration of the network services toNetwork – the configuration of the network services to deliver separation and isolation of clients’ connections from their location to the service payloads in the data centre.their location to the service payloads in the data centre.Compute – the arrangements to provide isolation between customer capsules and management blocks.customer capsules and management blocks.Storage –the methods and approaches for segregating and protecting the storage assetsp g gPhysical – a rigorous approach to the physical security aspects of the service.
VISIT 2010 – Fujitsu Forum Europe Copyright 2010 FUJITSU
p
19
![Page 20: Security in the Cloud](https://reader036.vdocuments.us/reader036/viewer/2022081413/548f3f57b479597a588b4e41/html5/thumbnails/20.jpg)
Security Defence in Depth in the Cloud
VISIT 2010 – Fujitsu Forum Europe 20 Copyright 2010 FUJITSU
![Page 21: Security in the Cloud](https://reader036.vdocuments.us/reader036/viewer/2022081413/548f3f57b479597a588b4e41/html5/thumbnails/21.jpg)
Summary and DiscussionSummary and Discussion
VISIT 2010 – Fujitsu Forum Europe Copyright 2010 FUJITSU21
![Page 22: Security in the Cloud](https://reader036.vdocuments.us/reader036/viewer/2022081413/548f3f57b479597a588b4e41/html5/thumbnails/22.jpg)
Summary1. Identify, understand and manage security risks2. Take and push services in accordance with your
organisation’s risk appetite3. Satisfy yourself that you understand enough about the
services4. Make sure you will meet regulatory, legal and compliance
requirements5. Understand the architecture and design6. Focus how the service operations function7. Manage the use of the serviceg
VISIT 2010 – Fujitsu Forum Europe Copyright 2010 FUJITSU22
![Page 23: Security in the Cloud](https://reader036.vdocuments.us/reader036/viewer/2022081413/548f3f57b479597a588b4e41/html5/thumbnails/23.jpg)
Discussion
VISIT 2010 – Fujitsu Forum Europe Copyright 2010 FUJITSU23
![Page 24: Security in the Cloud](https://reader036.vdocuments.us/reader036/viewer/2022081413/548f3f57b479597a588b4e41/html5/thumbnails/24.jpg)
VISIT 2010 – Fujitsu Forum Europe
![Page 25: Security in the Cloud](https://reader036.vdocuments.us/reader036/viewer/2022081413/548f3f57b479597a588b4e41/html5/thumbnails/25.jpg)
VISIT 2010 – Fujitsu Forum Europe