where data security and value of data meet in the cloud ulf mattsson
TRANSCRIPT
![Page 1: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/1.jpg)
Where Data Security and Value of Data Meet in the C loudWhere Data Security and Value of Data Meet in the C loud
Ulf MattssonCTO, Protegrity
![Page 2: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/2.jpg)
Cloud Security Alliance (CSA)
PCI Security Standards Council
• Cloud & Virtualization SIGs
• Encryption Task Force
• Tokenization Task Force
Ulf Mattsson, Protegrity CTO
ANSI X9
• American National Standard for Financial Services
IFIP WG 11.3 Data and Application Security
• International Federation for Information Processing
ISACA (Information Systems Audit and Control Association)
ISSA (Information Systems Security Association)
2
![Page 3: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/3.jpg)
The biggest challenge in this new paradigm• Cloud and an interconnected world
• Merging data security with data value and productivity
What’s required?• Seamless, boundless security framework – data flow
• Maximize data utility & Minimizing risk – finding the right balance
Value-preserving data-centric security methods
Agenda
Value-preserving data-centric security methods• How to keep track of your data and monitor data access outside the enterprise
• Best practices for protecting data and privacy in the perimeter-less enterprise.
What New Data Security Technologies are Available for Cloud?
How can Cloud Data Security work in Context to the Enterprise?
3
![Page 4: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/4.jpg)
The Interconnected
4
World
![Page 5: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/5.jpg)
Safe Integration - International Data Protection
![Page 6: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/6.jpg)
Interconnection of Embedded Computing Devices
6
http://en.wikipedia.org/wiki/Internet_of_Things
![Page 7: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/7.jpg)
They’re Tracking When You Turn Off the Lights
7
Source: Wall Street Journal
![Page 8: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/8.jpg)
What is The
8
The New Currency?
![Page 9: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/9.jpg)
Generated a 3.8% increase in the PayPal conversion rate, the proportion of online visitors who make a
Analytics Improving Customer Experience
9
Source: Forbes
rate, the proportion of online visitors who make a purchase.
Overall Average Order Value (AOV) rose 2.4% when the PayPal button was moved to the top of the page.
4.03% increase in overall revenue, a more than $600,000 increase over a nine-week period.
![Page 10: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/10.jpg)
Is Cloud Secure?
10
Secure?
![Page 11: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/11.jpg)
Sensitive Data in the Cloud
11
Of organizations currently (or plan to) transfer sensitive/confidential data to the cloud in the next
24 mo.
![Page 12: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/12.jpg)
Lack of Cloud Confidence
12
Number of survey respondents that either agree or are unsure that the cloud services used by their organization are
NOT thoroughly vetted for security.
![Page 13: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/13.jpg)
Chinese government cyberattack against iCloud
13
![Page 14: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/14.jpg)
What Is Your No. 1 Issue Slowing Adoption of Public Cloud Computing?
14
![Page 15: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/15.jpg)
Threat Vector Inheritance
15
![Page 16: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/16.jpg)
What aboutResponsibilities
16
Responsibilities in Cloud?
![Page 17: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/17.jpg)
Computing as a Service:
• Software as a Service (SaaS)
• Platform as a Service (PaaS)
• Infrastructure as a Service (IaaS)
What is Cloud Computing?
Delivered Internally or Externally to the Enterprise:
• Public
• Private
• Community
• Hybrid
17
![Page 18: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/18.jpg)
Public Cloud
18
Source: Wired.com
![Page 19: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/19.jpg)
19
![Page 20: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/20.jpg)
What’s required?
• Seamless, boundless security framework
• Balance data utility & risk• Balance data utility & risk
20
![Page 21: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/21.jpg)
Hybrid CloudFlexibility
21
Flexibility
![Page 22: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/22.jpg)
Trust
Risk Adjusted Computation – Location Awareness
Corporate Network
Private Cloud
Private Cloud
H
Processing Cost
H
22
Elasticity
Out-sourcedIn-house
Public Cloud
L L
![Page 23: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/23.jpg)
Interconnected Enterprise & Cloud
?
023
?
![Page 24: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/24.jpg)
Can Cloud Computing
24
Cloud Computing be Secure?
![Page 25: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/25.jpg)
Cloud Gateway
Security Gateway Deployment – Application Example
ClientSystem
Public Cloud
025
EnterpriseSecurity
AdministratorSecurity Officer
Out-sourced
![Page 26: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/26.jpg)
Corporate Network
Security Gateway Deployment – Hybrid Cloud
ClientSystem
Public CloudCloud Gateway
Private Cloud
026
EnterpriseSecurity
AdministratorSecurity Officer
Out-sourced
![Page 27: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/27.jpg)
Corporate Network Corporate Network
Security Gateway Deployment – Hybrid Cloud
ClientSystem
Private Cloud Public Cloud
CloudGateway
027
EnterpriseSecurity
AdministratorSecurity Officer
Gateway
Out-sourced
![Page 28: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/28.jpg)
Where to put the Key to the Front Door?
28
to the Front Door?
![Page 29: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/29.jpg)
Trust, Elasticity dimensions and system componentsTrust
Trusted Domain (Corporate)
ClientClientClientClientProtocolGateway
SecurityAgent
29
Elasticity
ApplicationApplicationApplicationApplication
ServerServerServerServer
Application Application Application Application
DatabaseDatabaseDatabaseDatabase
Untrusted Domain
(Public cloud)
Out-sourcedIn-house
![Page 30: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/30.jpg)
Trust, Elasticity dimensions and system componentsTrust
Trusted Domain (Corporate)
ClientClientClientClient ProtocolGateway
SecurityAgent
30
Elasticity
Semi-trusted Domain (Private cloud)
ApplicationApplicationApplicationApplication
ServerServerServerServer
Agent
Application Application Application Application
DatabaseDatabaseDatabaseDatabase
Untrusted Domain
(Public cloud)
Out-sourcedIn-house
![Page 31: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/31.jpg)
Trust, Elasticity dimensions and system componentsTrust
Trusted Domain (Corporate)
ClientClientClientClient ProtocolGateway
Security
31
Elasticity
Semi-trusted Domain (Private cloud)
ApplicationApplicationApplicationApplication
ServerServerServerServer
SecurityAgent
Application Application Application Application
DatabaseDatabaseDatabaseDatabase
Untrusted Domain (Public cloud)
Out-sourcedIn-house
![Page 32: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/32.jpg)
The Trendin
32
inData Protection
![Page 33: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/33.jpg)
Rather than making the protection platform based, the security is applied directly to the data, protecting it wherever it goes, in any environment
How Data-Centric Protection Increases Security in Cloud Computing and Virtualization
Cloud environments by nature have more access points and cannot be disconnected – data-centric protection reduces the reliance on controlling the high number of access points
33
![Page 34: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/34.jpg)
How to Balance Risk and
34
Risk and Data Access
![Page 35: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/35.jpg)
Value-preserving data-centric security methods
• How to keep track of your data and monitor data access outside the enterpriseenterprise
• Best practices for protecting data and privacy in the perimeter-less enterprise.
• What New Data Security Technologies are Available for Cloud?
35
![Page 36: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/36.jpg)
Computational Value
Risk Adjusted Storage – Data Leaking Formats
H
36
Data
Leakage
Strong-encryption Truncation Sort-order-pres erving-encryption Indexing
L
I I I I
![Page 37: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/37.jpg)
Corporate Network
Security Gateway Deployment – Database Example
ClientSystem
CloudGateway
RDBMS
037
EnterpriseSecurity
AdministratorSecurity Officer
![Page 38: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/38.jpg)
Should I AllowData Leakage?
38
Data Leakage?
![Page 39: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/39.jpg)
Corporate Network
ClientSystem Cloud
Gateway
Security Gateway – Searchable Encryption
RDBMSQuery
re-write
039
EnterpriseSecurity
AdministratorSecurity Officer
Order preserving encryption
![Page 40: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/40.jpg)
Corporate Network
ClientSystem
CloudGateway
Security Gateway – Search & Indexing
RDBMSQuery
re-write
040
EnterpriseSecurity
AdministratorSecurity Officer
IndexIndex
![Page 41: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/41.jpg)
Data Centric Security – Risk Adjusted Data Leakage
Index
Trust
HIndex
Leaking
Sensitive
Data
Sort Order Preserving
Encryption Algorithms
Leaking Sensitive
Data
41
Index Data
ElasticityOut-sourcedIn-house
L
Index NOT
Leaking
Sensitive
Data
![Page 42: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/42.jpg)
Data Centric Security – Balance Security & Value
Value
Preserving
Classification of Sensitive Data
Granular Protection of Sensitive Data
42
Index Data
Leaking
Sensitive
Data ?
Encoding
Leaking
Sensitive
Data ?
![Page 43: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/43.jpg)
What is Data Tokenization?
43
Data Tokenization?
![Page 44: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/44.jpg)
Data Tokenization – More Than Wrapping The Data
44
Source: Interestingengineering.com
Source: plus.google.com
![Page 45: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/45.jpg)
De-identification / Anonymization Field Real Data Tokenized / Pseudonymized
Name Joe Smith csu wusoj
Address 100 Main Street, Pleasantville, CA 476 srta coetse, cysieondusbak, CA
Date of Birth 12/25/1966 01/02/1966
Telephone 760-278-3389 760-389-2289
E-Mail Address [email protected] [email protected]
SSN 076-39-2778 076-28-3390
CC Number 3678 2289 3907 3378 3846 2290 3371 3378
Business URL www.surferdude.com www.sheyinctao.com
Fingerprint Encrypted
Photo Encrypted
X-Ray Encrypted
Healthcare / Financial Services
Dr. visits, prescriptions, hospital stays and discharges, clinical, billing, etc.Financial Services Consumer Products and activities
Protection methods can be equally applied to the actual data, but not needed with de-identification
45
![Page 46: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/46.jpg)
How GranularShould Data Should Data Security be?
46
![Page 47: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/47.jpg)
Cost of Application
Changes
High -
Risk Adjusted Data Formats - Payment Card Data
Risk Exposure
Cost
47
All-16-clear Only-middle-6-hidden All-16-strongly-encrypted
Low -
I I I
![Page 48: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/48.jpg)
Can SecurityImprove
48
ImproveUser Productivity?
![Page 49: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/49.jpg)
High -
Risk Adjusted Data Security – Access to Data
Risk Exposure
User Productivity and Creativity
49
Access to Sensitive Data in
Clear
Low Access to Data High Access to Data
Low -
I I
![Page 50: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/50.jpg)
High -
Risk Adjusted Data Security – Masked Data
User Productivity and Creativity
50
Access to
Masked Data
Low Access to Data High Access to Data
Low -
I I
Risk Exposure
![Page 51: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/51.jpg)
What isCost -effectiveness
51
Cost -effectivenessof
Data Protection?
![Page 52: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/52.jpg)
Reduction of Pain with New Protection Techniques
High
Pain& TCO
Strong Encryption Output:AES, 3DES
Format Preserving EncryptionDTP, FPE
Input Value: 3872 3789 1620 3675
!@#$%a^.,mhu7///&*B()_+!@
8278 2789 2990 2789
52
1970 2000 2005 2010
Low
Vault-based Tokenization
Vaultless Tokenization
8278 2789 2990 2789
Format Preserving
Greatly reduced Key Management
No Vault
8278 2789 2990 2789
![Page 53: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/53.jpg)
Cloud Gateway - Requirements Adjusted Protection
Data Protection Methods Scalability Storage Security Tr ansparency
System without data protection
Weak Encryption (1:1 mapping)
Searchable Gateway Index (IV)
VaultlessTokenization
Partial EncryptionPartial Encryption
Data Type Preservation Encryption
Strong Encryption (AES CBC, IV)
Best Worst
53
![Page 54: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/54.jpg)
Significantly Different Tokenization Approaches
Property Dynamic Pre-generated
Vault-based Vaultless
54
![Page 55: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/55.jpg)
Fine Grained Data Security Methods
Tokenization and Encryption are Different
Used Approach Cipher System Code System
Cryptographic algorithms
Cryptographic keys
TokenizationEncryption
55
Cryptographic keys
Code books
Index tokens
Source: McGraw-HILL ENCYPLOPEDIA OF SCIENCE & TECHNOLOGY
![Page 56: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/56.jpg)
Use
Case
How Should I Secure Different Data?
Simple –PCI
PII
Encryption
of Files
CardHolder Data
Tokenization of Fields
Personally Identifiable Information
Type of
DataI
Structured
I
Un-structured
Complex – PHI
ProtectedHealth
Information
56
Personally Identifiable Information
![Page 57: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/57.jpg)
How can I Secure Data
in Production
57
in Production and Test?
![Page 58: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/58.jpg)
Fine Grained Security: Encryption of Fields
Production SystemsEncryption of fields• Reversible• Policy Control (authorized / Unauthorized Access)• Lacks Integration Transparency• Complex Key Management• Example: !@#$%a^.,mhu7///&*B()_+!@
58
Non-Production Systems
![Page 59: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/59.jpg)
Fine Grained Security: Masking of Fields
Production Systems
59
Non-Production SystemsMasking of fields• Not reversible• No Policy, Everyone can access the data• Integrates Transparently• No Complex Key Management• Example: 0389 3778 3652 0038
![Page 60: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/60.jpg)
Fine Grained Security: Tokenization of Fields
Production Systems
Tokenization (Pseudonymization)
• No Complex Key Management• Business Intelligence• Example: 0389 3778 3652 0038
60
Non-Production Systems
• Reversible • Policy Control (Authorized / Unauthorized Access)
• Not Reversible• Integrates Transparently
![Page 61: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/61.jpg)
How can I Secure the
Perimeter -less
61
Perimeter -less Enterprise?
![Page 62: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/62.jpg)
Centralized Policy Management - ExampleApplication
RDBMS
MPP
AuditLog
AuditLog
AuditLog
EnterpriseSecurity
Administrator
PolicyPolicyPolicyPolicyPolicyPolicyPolicyPolicyPolicy
Cloud
Security Officer
AuditLog
AuditLog
AuditLog
62
File Servers
Big Data
Gateway Servers
HP NonStopBase24
IBM Mainframe Protector
AuditLog
AuditLog Audit
Log
AuditLog
Protection Servers
AuditLog
AuditLog
![Page 63: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/63.jpg)
Enterprise Data Security Policy
What is the sensitive data that needs to be protected.
How you want to protect and present sensitive data. There are several methods for protecting sensitive data. Encryption, tokenization, monitoring, etc.
Who should have access to sensitive data and who should not. Security access control. Roles & Users
What
Who
How
63
When should sensitive data access be granted to those who have access. Day of week, time of day.
Where is the sensitive data stored? This will be where the policy is enforced.
Audit authorized or un-authorized access to sensitive data.
When
Where
Audit
![Page 64: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/64.jpg)
The biggest challenge in this new paradigm• Cloud and an interconnected world
• Merging data security with data value and productivity
What’s required?• Seamless, boundless security framework – data flow
• Maximize data utility & Minimizing risk – finding the right balance
Value-preserving data-centric security methods
Summary
Value-preserving data-centric security methods• How to keep track of your data and monitor data access outside the enterprise
• Best practices for protecting data and privacy in the perimeter-less enterprise.
What New Data Security Technologies are Available for Cloud?
How can Cloud Data Security work in Context to the Enterprise?
64
![Page 65: Where data security and value of data meet in the cloud ulf mattsson](https://reader035.vdocuments.us/reader035/viewer/2022062710/55a223551a28ab797a8b465b/html5/thumbnails/65.jpg)
Thank you!Thank you!
Questions?
Please contact us for more information
www.protegrity.com