Embed Size (px)
DESCRIPTION
This is a PPT from CTE Solutions' Smarter Everyday Project
Citation preview
The Smarter Everyday project is owned and operated by CTE Solutions Inc.
Top 5 Cloud Security Tips For Canadian Organizations
Session Topics
• Cloud Benefits • Canadian Approach To Cloud • Geolocation Concerns • Cloud Security Alliance Guidance • Cloud Controls Matrix • Q&A
Cloud Benefits
Going cloud is not just about the cost savings. In fact, depending on the application, it may wind up costing more.
After speaking with hundreds of leaders of companies ranging from Fortune 100 to start-up firms, I can tell you agility is the primary driver for organizations today.
Bottom line: I’m not here to sell you on cloud adoption. You either “get it” or you will eventually. We are here to discuss addressing Canadian adoptions intelligently.
Canadian Approach To Cloud?
• PATRIOT Act • NSA Prism • PIPEDA &
Privacy Act • Conservative
Nature* • Lack of
understanding We can address 4 of these…
Tip 1: Privacy - Consent Is Not An Option
• Canada’s private sector privacy legislation does not prohibit organizations in Canada from transferring personal information to an organization in another jurisdiction for processing.
• Privacy Commissioner of Canada
Tip 2: Geo-location Concerns
Mechanisms Available:
•Consent Consent Consent •Governance •Data Classification •Encryption of Data at Rest •Encryption Gateway
Tip 3: Governance and CMP
Addressing governance in a cloud environment can be greatly assisted through the use of a Cloud Management Platform (CMP).
The role of the CMP is to create a single choke-point for cloud services in your organization.
There is a wide variety of CMP technology out there. As a starting point, we will discuss the highlights of CMP functionality…
Top 4 CMP Functionality Highlights
•Centrally determine where applications and workloads can be
run (Public, Private, VPC, etc). •Example: Apps with PII data cannot run in public cloud.
Security Policy Enforcement
•Through automated configuration management, instances can be automatically hardened in accordance with corporate policy •Example: Host-Based security agents (e.g. HIPS)
Automated instance hardening
•All actions taken through the CMP are logged. •Example: Any policy changes are logged
Security logs and audit trails
•A CMP should be able to plug-in existing key management solutions and extend these to cloud systems •Example: Key Management Interoperability Protocol (KMIP)
Leverage existing encryption key management
Tip 4: Cloud Security Alliance Guidance
• Domain 3 of the CSA guidance focuses on
the legal aspects of adopting cloud computing. Canadians with concerns regarding the legal aspects of cloud as it relates to addressing Canadian laws.
https://cloudsecurityalliance.org/download/security-guidance-for-critical-areas-of-focus-in-cloud-computing-v3/
CSA Guidance Table of Contents
• CSA Guidance consists of 14 domains that
cover the items from legal to encryption to interoperability & portability.
Tip 5: Cloud Security Alliance Cloud Controls Matrix
• The Cloud Controls Matrix can be used to
determine how service providers meet your particular requirements.
https://cloudsecurityalliance.org/research/ccm/
Tip 5: Cloud Security Alliance Cloud Controls Matrix
• The Cloud Controls Matrix can be used to
determine how service providers meet your particular requirements.
https://cloudsecurityalliance.org/research/ccm/
CSA Training
• Cloud Security Alliance Training is coming to Ottawa and Toronto in December. Get the latest information on Cloud Security and hands-on with Public and Private cloud technology.
• Ottawa: December 2nd – 4th (3 days) • Toronto: December 9th – 11th (3 days)
Training with impact TECHNICAL MANAGEMENT BUSINESS
Microsoft VMware Cloud Computing IT and Cyber Security CompTIA Java Programming-Languages Novell UNIX
TOGAF Enterprise Architecture ITIL COBiT Agile and Scrum Business Analysis Project Management
Change Management Communication Skills Leadership Skills Negotiation Skills Problem Solving Skills Facilitation Skills and many more…
CTE Solutions Inc. - Ottawa 11 Holland Avenue, Suite 100 Ottawa, Ontario, K1Y 4S1 Tel: (613) 798-5353 Toll Free: 1 (866) 635-5353 Fax: (613) 798-5574 CTE Solutions Inc. - Toronto 77 Bloor St. West, Suite 1406 Toronto, Ontario M5S 1M2 Tel: (416) 284-2700 Toll Free: 1 (866) 635-5353 Fax: (416) 284-6797
