Top Banner
Solution is within. * Cloud Computing Risks and Controls
15

Cloud Computing Risks N Controls V1.0

Jan 13, 2015

Download

Technology

itilsme

Do you know, how secure is your cloud?

cloud computingrisks

cloud models

cloud factors

risk management

forensic auditsidentity

information data

minimal management effort

technical innovations

Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Page 1: Cloud Computing Risks N Controls V1.0

Solution is within.

*Cloud ComputingRisks and Controls

Page 2: Cloud Computing Risks N Controls V1.0

7/4/2011

*It’ every where but why?

Model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.

Page 3: Cloud Computing Risks N Controls V1.0

7/4/2011

*Cloud Models

Page 4: Cloud Computing Risks N Controls V1.0

7/4/2011

*Evolution Continues

Page 5: Cloud Computing Risks N Controls V1.0

7/4/2011

*Technical Building Blocks

Cloud computing combines several technical innovations from the last 10 to 15years that constitute its fundamental technical building blocks, including:

SOA 뾃 library of proven, functional software applets that can be connected to become a useful application

Application programming interfaces (APIs) 뾗Tags to direct applets about the Internet

XML 뾋 Identifier tags attached to information (data, pages, pictures, files, fields, etc.) that allow them to be transported to any designated application located on the Internet

Page 6: Cloud Computing Risks N Controls V1.0

7/4/2011

*Cloud Computing Challenges

* Data Location

* Commingled Data

* Cloud Security Policy / Procedure Transparency

* Cloud Data Ownership

* Lock-in with CSP’s proprietary APIs

* CSP business viability

* Record keeping for forensic audits

* Identity and Access Management (IAM)

* Penetration detection

* Screening of other cloud computing clients

* Compliance Requirements

* Disaster Recovery

Page 7: Cloud Computing Risks N Controls V1.0

7/4/2011

*Governance in the cloud

* Data Location

* Commingled Data

* Cloud Security Policy / Procedure Transparency

* Cloud Data Ownership

* Lock-in with CSP’s proprietary APIs

* CSP business viability

* Record keeping for forensic audits

* Identity and Access Management (IAM)

* Penetration detection

* Screening of other cloud computing clients

* Compliance Requirements

* Disaster Recovery

Page 8: Cloud Computing Risks N Controls V1.0

7/4/2011

*Cloud Factors

Page 9: Cloud Computing Risks N Controls V1.0

7/4/2011

*Risk IT for the Cloud

* Strategic

* Environmental

* Market

* Credit

* Operational

* Compliance

Page 10: Cloud Computing Risks N Controls V1.0

*Risk Hierarchy

Page 11: Cloud Computing Risks N Controls V1.0

*Key Questions

Page 12: Cloud Computing Risks N Controls V1.0

*Risk Management

Page 13: Cloud Computing Risks N Controls V1.0

*Assessing Sun Cloud

You decide what degree of assessment would suffice your needs.

7/4/2011

Page 14: Cloud Computing Risks N Controls V1.0

7/4/2011

*Deliverables

*Assessment Report(s)

*SLAs

*Accessibility Report

*Vulnerabilities

*Risks

*Compliance

*Responsibility & Accountability Metrics

Page 15: Cloud Computing Risks N Controls V1.0

7/4/2011

*Need more info?

*Please contact:

Azim Tirmizi

[email protected]

214-473-4274

mailto:[email protected]

Related Documents
Texas Public Funds Investment Act Compliance · – (c) Investment controls, security risks, strategy risks, market risks, diversification of investment portfolio, and compliance

Texas Public Funds Investment Act Compliance · – (c)...

Category: Documents
Data Lifecycle Risks Considerations and Controls

Data Lifecycle Risks Considerations and Controls

Category: Data & Analytics
Controls proportionate to the Risks for the European meat Industry Dream or Reality? Controls proportionate to the Risks for the European meat Industry.

Controls proportionate to the Risks for the European meat...

Category: Documents
Risks and Controls in the Implementation of ERP Systems

Risks and Controls in the Implementation of ERP Systems

Category: Documents
Using jira to manage risks v1.0 - owasp app sec eu - june 2016

Using jira to manage risks v1.0 - owasp app sec eu - june....

Category: Internet
IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESS.

IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESS.

Category: Documents
Session 37 VoIP Risks and Controls. ©2004 Lucent Technologies World Wide Services 2 Voice Over IP Risks and Controls Session Number 37 George G. McBride.

Session 37 VoIP Risks and Controls. ©2004 Lucent...

Category: Documents
Assessing Business Risks and Controls for the Financial Professional | Environmental Risks

Assessing Business Risks and Controls for the Financial...

Category: Business
Wireless Network Risks and Controls - · PDF fileWireless Network Risks and Controls Offensive Security Tools, Techniques, and Defenses ... WiFi Hacking Using Android Phones StarTech

Wireless Network Risks and Controls - · PDF fileWireless...

Category: Documents
Security managment risks, controls and incidents

Security managment risks, controls and incidents

Category: Business
FedRAMP Baseline Security Controls v1.0

FedRAMP Baseline Security Controls v1.0

Category: Documents
1 Chapter 17 Risks, Controls and Security Measures.

1 Chapter 17 Risks, Controls and Security Measures.

Category: Documents