Cloud security and security architecture
Download as PPTX, PDF19 likes28,760 views
This document discusses security architecture in cloud computing. It provides an overview of cloud risk assessments and how they differ from traditional assessments. It also compares cloud security architectures to traditional security architectures. Finally, it outlines the key domains covered by the Cloud Security Alliance, including governance, operations, and others.
Cloud security and security architecture
- 1. Security architecture and Cloud computing, are these mutually exclusive? (Introduction to Cloud Security Guidance)
- 2. Agenda Cloud risk assessment x compared to traditional risk assessments Cloud security architectures x compared to security architectures CSA domains Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk
- 3. Cloud risk assessment Identify Context assets establishment Map the data Evaluate flows assets Risk Risk communication assessment Evaluate Map to Cloud Cloud deployments models and Risk treatment models Providers Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk
- 4. Cloud model Broad network Rapid elasticity Measured On-demand access service service Resource pooling Software as a Platform as a Infrastructure Service (SaaS) Service (SaaS) as a Service (SaaS) Publi Private Hybrid Community c Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk
- 5. Cloud computing deployment models Infrastructure Infrastructure Infrastructure Accessible and managed by owned by located consumed by Third party Third party Public Off-premise Untrusted provider provider Organisation Organisation On-premise Private/ o Trusted Community r 3rd party 3rdparty Off-Premise provider provider Both Organisation Both Organisation Both On-Premise Trusted & Hybrid & Third party & Third party & Off-Premise Untrusted provider provider Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk
- 6. Cloud model maps to Security model Cloud model GRC Business continuity SIEM Data security Identity, Access Direct map Cryptography Application sec. Host security Network security Physical security Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk
- 7. Responsibilities for areas in security model compared to delivery models Provider responsible Customer responsible GRC Business continuity SIEM Identity, Access Cryptography Data security Application sec. Host security Network security Physical security IaaS PaaS SaaS IaaS PaaS SaaS Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk
- 8. Cloud Security Domains Governance Operational Governance and Enterprise Risk Traditional Security, Business Management Continuity and Disaster Recovery Legal Issues: Contracts and Electronic Data Center Operations Discovery Incident Response, Notification and Compliance and Audit Remediation Information Management and Data Application Security Security Encryption and Key Management Portability and Interoperability Identity and Access Management Virtualization Security as a Service Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk
- 9. Cloud Security Alliance supports number of projects related to cloud Get involved at https://cloudsecurityalliance.org/resea rch/https://cloudsecurityalliance.org.uk Copyright © 2012 Cloud Security Alliance
- 10. How to manage cloud security • Have a cloud security standard • What to do on an Enterprise level • Before your Cloud project • During your Cloud project How to drive out the • BAU 'seven deadly sins' of cloud computing - new Information Security • Exit from the Cloud provider Forum report • Risks cannot be outsourced • Manage lock-in and exit up-front – especially in SaaS Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk
- 11. Contact Help us secure cloud computing – Get involved • http://cloudsecurityalliance.org.uk • info@cloudsecurityalliance.org.uk • LinkedIn: http://www.linkedin.com/groups/Cloud- Security-Alliance-UK-Chapter-3745837 • Twitter: @CSAUKResearch Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk
- 12. Thank you! www.cloudsecurityalliance.org
Editor's Notes
- #12: Do visit the websiteDo join the LinkedIn Groups – you will receive regular email updates