Embed Size (px)
DESCRIPTION
Cloud Security & Compliance. Presented by: Matt Stamper, CISA VP of Professional & Security Services [email protected] 858-836-0224. The Cloud Environment Security Concerns The impact of multi-tenancy Can your ‘neighbors’ impact your environment? - PowerPoint PPT Presentation
Citation preview
Cloud Security & Compliance
Presented by:Matt Stamper, CISA
VP of Professional & Security [email protected]
858-836-0224
The Cloud Environment Security Concerns
The impact of multi-tenancy• Can your ‘neighbors’ impact your environment? • How can you evaluate shared infrastructure (e.g. vulnerability assessments)?• High-profile targets?
Right to audit • Is the SAS 70 Type II audit sufficient?• Right-to-know vs. good cloud security practices• Administrative privileges & audit trails / logs
Vulnerability Management in the Cloud Challenges with PCI
PCI DSS vulnerability scans • Will the cloud service provider allow scans?• Will the scans impact service?• How do you remediate vulnerabilities of a third-party?
PCI DSS & change management Beware of ‘PCI-Compliant’ Claims
Cloud Security Standards?Work-in-Progress
OSF / cloutage.org COBIT ITILCloud-migration
Think about how clouds impact each layer of your security – What is happening and why?
Data
Storage
Applications
Servers/OS
Network
Physical Location
About Castle AccessCastle Access is a global provider of enterprise data centers and IT managed services.
We’re in the business of helping companies in industries such as healthcare, biotech, government, legal, and finance with their mission-critical IT infrastructure requirements.
Our newest facility in San Diego is 88,000 square feet, SAS 70 Type II audited, carrier neutral, and 2N with regard to power infrastructure. The data center is designed to meet the most demanding requirements and provides the best uptime records in the region.
