2 0 2 0 © w w w . s u n e r a t e c h . c o m 1P a g e |
Demystifying Cloud Security Cloud & Security is not a “either -or” proposit ion
Sujit SahaCISO :
Improve your Cloud Cyber Risk Posture with Suneratech’s Managed Security Services (MSS) or SECaaS
2 0 2 0 © w w w . s u n e r a t e c h . c o m 2P a g e |
Introduction
SUJIT SAHA
CISO, Suneratech RHEL, MCSE, ITIL, Oracle Cloud Implementation Specialist
2 0 2 0 © w w w . s u n e r a t e c h . c o m 3P a g e |
Agenda
Success Story
6Suneratech Cloud & Cyber
Security Framework
5Key Considerations
1
2
3
Why is it important for you?
Cloud Adoption : Shifting Paradigm
4
Cloud Security
Barriers to Cloud Adoption
Q & A8
7
2 0 2 0 © w w w . s u n e r a t e c h . c o m 4P a g e |
Currently Every Organization is aware of Cloud Benefits……
Cloud Benefits
39%Flexible Capacity/
Scalability
34%Increased Agility
32%Improved Availability &
Business Continuity
32%Reduced Cost
2 0 2 0 © w w w . s u n e r a t e c h . c o m 5P a g e |
….so there is a shift from Should Cloud be an option… to Which Cloud should I move…
Cloud Push
Today business is done in the internet. Whether they are responding to a regulatory pressure, reacting to a static disruption or driving innovation to be a disruptor .. Companies are creating a completely new business model by building extended partner and customer ecosystem.
for many organizations, the growing pressure to migrate stems to remain competitive in an increasingly digital economy.
Hence the cloud push is happening for many reasons, including the need for scalability and agility, better cost management.
Companies of all sizes are moving applications and services to the cloud. In fact, in a recent IDG Enterprise Research Services survey, 78% of the participating IT and business leaders said they have either already made the transition or are in the process of migrating one or more on-premises apps to the cloud.
78%
Increasing data exchang
e
2 0 2 0 © w w w . s u n e r a t e c h . c o m 6P a g e |
Digital disruption is forcing business to change how business is done
Digital Darwinism – Technology’s affect on society are slowly but surely disrupting business models that can not keep up with more connected, nimble and informed customers?
Several disruptive technologies are converging to form Golden Triangle of Disruption. It is defined by
1. Real Time2. Social Media3. Mobile Technology
Source: Trend- Fred Wilson, Venture Capitalist
2 0 2 0 © w w w . s u n e r a t e c h . c o m 7P a g e |
At the same time there are.. Apprehensions that holding you up …
“App dev and deployment
process is too slow, costly for me to
maintain a competitive edge ”
“I need my development environment provisioned
NOW.”“I don’t have
time or budget to integrate
apps manually with other tiers in the
cloud”
Development / DevOps
LOBLeaders
VP ofIT
“I need toscale apps easily and without
disruption –especially
during peak periods. ”
“We need to manage on-premises and cloud
apps and databases seamlessly. I can’t
afford to buy or train staff on new tools for
the cloud”
“My team can’t scale to manageall the dev/test databases for
each app ”
7
Security
Data Protection
Loosing Control
Performance and Uptime
Vendor Lock-in
2 0 2 0 © w w w . s u n e r a t e c h . c o m 8P a g e |
Leading Barriers of Cloud Adoption
2 0 2 0 © w w w . s u n e r a t e c h . c o m 9P a g e |
Moving to Cloud opens Systems Boundary
2 0 2 0 © w w w . s u n e r a t e c h . c o m 10P a g e |
Cloud Security Report 2019
Organizations are moderately to extremely concerned about cloud security
Experience a public cloud related security incident in the last 12 months?
27% Exposed data 20% Malware infection 19% Account compromise 17% Vulnerability exploited
Most organizations are at least moderately confident in their cloud security posture
64% Data loss/leakage
62% Data privacy/confidentiality
39% Legal and regulatory compliance
39% Accidental exposure of credentials
35% Data sovereignty/ residency/control
29% Incident response
93%
Type of incident they faced:
Cloud Security Concerns:
28%
84%
2 0 2 0 © w w w . s u n e r a t e c h . c o m 11P a g e |
Why is it important for you as a customer/platform provider/service provider? Cyber Security Ratings – Emerging Business Health Determination Criteria
“By 2022 cybersecurity ratings will become as important as credit ratings when assessing the risk of existing and new business relationships.
Vulnerability Data
Threat Intelligence
Asset Criticality RIS
K IN
DIC
ATO
RS
Cyber Exposure Score
Likelihood of Exploitability
Asset Criticality Rating (ACR)
Benchmark Cyber Risk Posture
Use the Cyber Exposure Score to benchmark your organization against industry peers and measure your overall cyber risk posture
35 %
2 0 2 0 © w w w . s u n e r a t e c h . c o m 12P a g e |
What do I do then? .. And how ?
CIOs are increasingly tapping expertise of Managed Cloud Services Providers, Managed Security Services Provider …
2 0 2 0 © w w w . s u n e r a t e c h . c o m 13P a g e |
Few Considerations - Cloud Security Capabilities
2 0 2 0 © w w w . s u n e r a t e c h . c o m 14P a g e |
Adaptive Security Architecture
Source: gartner.com/SmarterWithGartner
2 0 2 0 © w w w . s u n e r a t e c h . c o m 15P a g e |
Protecting Customer Business - With Layered Security Approach
✓ HIPS✓ Log Mgmt.✓ Patch Mgmt.✓ Malware✓ Policy Compliance
IDS / IPS ✓ Firewall Policy ✓ Intrusion Prevention ✓ Intrusion Detection✓ Log Mgmt.
SIEM & IR
✓ Internal Scanning ✓ IDS signature✓ Phishing✓ Penetration Testing
Vulnerability Mgmt.
✓ Event & Data Collection ✓ Correlation✓ Normalization and Taxonomy ✓ Incident Forensics✓ Behavior Analytics✓ Incident logging, response and
escalation
✓ IT assets ✓ CI Relationship ✓ Critical assets ✓ Policy Compliance
CMDB✓ Integrity monitoring OS, Apps, Files
and Folders etc. ✓ Policy Development & Update✓ Policy Compliance
FIM
✓ Highly Privileged Accounts✓ Separation of duties✓ Access Control via Internet✓ Access Rights Policies
PAM
✓ Secure devices and networks✓ Authentication Credentials and
procedures✓ Integrated with AD
MFA (DUO)
DLP ✓ Policy administration✓ Web, e-mail, and host✓ encryption for data at rest
EDR
IAM / IDM ✓ Monitoring✓ To / From Customer
Databases
Network Security
✓ WAF Compliance✓ SSL VPN ✓ DMZ
2 0 2 0 © w w w . s u n e r a t e c h . c o m 16P a g e |
Keeping your data safe & compliant with standardsSuneratech Information Security Framework
ISO 27001 – ISMS Foundation
ISO 27002 – ISMS Controls
NIST 800-171 & 53
HIP
PA
FIS
MA
ITA
R/D
FA
RS
SO
X SOC-2
SOC-3
SOC-1
PC
I D
SS
CSF ( Cyber Security Framework)
ISO 27005 – Risk Management (FredRAMP)
Au
dit
s
CMSP
Process
Tools
Digital Engagement
ISO 20000 – ITIL / COBIT
GD
PR
Sta
nd
ard
sC
om
plia
nce
s
Go
vern
ance
2 0 2 0 © w w w . s u n e r a t e c h . c o m 17P a g e |
Five Keys To SuccessWhen Migrating to Cloud and ensure its secure enough
Pick the right Cloud(s) for
your
Workloads and
Applications
Assess the right
migration
methodology - Lift &
Shift vs. Rehost vs.
Rearchitect
Architect & Build for
Network, Security, DR,
Backups
Comprehensive
Operations/Services
01 02 0503 04
Execution for
performance,
functionality,
availability
2 0 2 0 © w w w . s u n e r a t e c h . c o m 18P a g e |
Suneratech’s Cloud EnablementFramework ..Modernize your IT, Accelerate Business.
Advisory Cost Efficiency Cloud Solution Solution Modelling Migrate Run Manage Optimize
CLOUD ADVISORY CLOUD MIGRATE
• Cloud Readiness Assessment
• Cloud Suitability Report
• Cloud Roadmap
• Metered vs Non-Metered
• Capacity Utilization
• Cost Optimization
• Deployment Model: Public, Private, Hybrid
• Cloud Storage & Backup
• PaaS Components: Database, Integration, Mobile
• High Availability
• Business Continuity
• Elastic Load Balancing
• Security
• Migration Framework
• DevOps• Zero
Disruption • Minimal
Down Time• Seamless
Transition
• Proactive Monitoring
• Incident Management
• Security• Compliances• Audits
CLOUD OPTIMIZE
Expand
• Change Management
• Request Fulfillment
• SLA Attainment
• Governance & Reviews
• Stabilize • Automate
Maintenance Tasks
• Data Compress & Backup
• User Adoption & Expansion
• Value & Benefit Realization
• Continuous Improvement
VALUE ADD SOLUTIONS
Comprehensive Support throughout the Cloud Lifecycle Management
Tools & Automation: DevOps. Test Automation. Application Management. Cloud Operations Management
2 0 2 0 © w w w . s u n e r a t e c h . c o m 19P a g e |
Shared Responsibility Model (1/2)…
2 0 2 0 © w w w . s u n e r a t e c h . c o m 20P a g e |
Shared Responsibility Model (2/2)…
2 0 2 0 © w w w . s u n e r a t e c h . c o m 21P a g e |
Case Study: Enabling Data Center Migration & Cloud Security for a large auto company
• Exorbitant cost of managing datacenter-based legacy hosting environment. • Operating from data centers, their IT infrastructure was not scalable,
resulting in higher lead time to provision. • Absence of agility to respond quickly to business demand.• Quality of services and SLAs were less aligned to RA’s business expectation. • Absence of visibility to effective utilization of computing resources
• Datacenter migration to hyperscale Oracle Cloud Infrastructure• Hybrid deployment of MS Exchange on Equinix Datacenter and Office365• Oracle FastConnect for high speed data migration, Golden Gate, Data Guard • Complete cloud security and compliances with Federal Regulatory • Resiliency with cloud-based disaster recovery solution at Phoenix
• Variabilizes IT cost by moving infrastructure to cloud• Modernizes IT infrastructure with scalability and edge services • 27% savings on TCO helped client in self-funded transformation
About Client
Headquartered in Troy, MI,
this automotive original
equipment manufacturer
(OEM) is a leading global
supplier of drivetrain,
mobility, braking and
aftermarket solutions for
commercial vehicle and
industrial markets.
Application Landscape:
Oracle EBS, PeopleSoft,
Oracle DBs, SQL Server DBs,
Microsoft O365, Microsoft
Exchange and Citrix
Challenges
Solutions
Benefits
2 0 2 0 © w w w . s u n e r a t e c h . c o m 22P a g e |
Case Study: Architecture
2 0 2 0 © w w w . s u n e r a t e c h . c o m 23P a g e |
Case Study: Oracle Cloud Infrastructure Security and IAM Access Control Oracle Cloud Infrastructure offers best-in-class security technology and operational processes to secure its enterprise cloud services. By design, Oracle provides security of cloud infrastructure and operations (cloud operator access controls, infrastructure security patching, and so on), and customers are responsible for securely configuring their cloud resources
Access Levels
Inspect
Read
Use
Manage
Roles Provides the ability to list resources, without access to any confidential information or user-specified metadata that might be part of that resourceIncludes inspect plus the ability to get user-specified metadata and the actual resource itself.Includes read plus the ability to work with existing resources (the actions vary by resource type). Includes the ability to update the resource, except for resource types where the update operation has the same effective impact as the create operationIncludes all permissions for the resource.
• Console password • Time-based one-time password (TOTP) • API key• Swift password • Customer secret key • SMTP credential
Authentication Credentials – Mechanism
IAM
Acc
ess
Co
ntr
ol
2 0 2 0 © w w w . s u n e r a t e c h . c o m 24P a g e |
Case Study: CASB – Cloud Access Security Broker
Oracle CASB security functionality includes • Monitoring security misconfiguration of Oracle Cloud Infrastructure
resources • Monitoring credentials and privileges• User behavior analysis (UBA) for anomalous user actions • Threat analytics for identifying risk events
2 0 2 0 © w w w . s u n e r a t e c h . c o m 25P a g e |
Why Suneratech?
2 0 2 0 © w w w . s u n e r a t e c h . c o m 26P a g e |
Suneratech’s Next- Gen Capabilities across 4 HorizonsDigital | Data | Cloud
EnterpriseDigital Experience
EnterpriseDigital Operations
Data Engineering& Sciences
EnterpriseMulti-Cloud
Engineering
Data Monetization Churn Prediction | Customer Acquisition RPU Maximization | Supply Chain Optimization
Customer Experience (CXP)ServiceNext & Qualtrics
Digital Engagement (DMP)Meltag & Wylei
Digital Supply Network (DSN)eSeal & eButor
Oracle Practice
SAP Practice
Middleware & API
Oracle SoA
BI & ReportingTableau & Power BI
Quality EngineeringCloudTestr
Data Warehouse
BigData Data LakeMachine Learning
GoogleCloud
Amazon Cloud
OracleCloud
AZURECloud
HORIZON
FHREE
HORIZON
FOUR
HORIZON
TWO
HORIZON
ONE
Strategic Partnership
2 0 2 0 © w w w . s u n e r a t e c h . c o m 27P a g e |
Cloud MigrationSolutions
Enterprise Cloud
Solutions
Cloud Professional
Services
Cloud Managed Services
• 24/7/365 Cloud Support
• Monitor. Manage. Maintain
• Managed Infrastructure
• Managed Integrations
• Managed Security
• Managed App and Database
• Data Center Migration
• Lift & Shift Workloads to
Oracle Cloud
• Cloud Infrastructure and
Application Security
• Hybrid Cloud Multi Cloud
Orchestration (AWS, Azure)
• Conversational Chatbots
• Artificial Intelligence &
Machine Learning
• Robotics Process
Automation
• Supply Chain Digitalization
• Application & Integration
Testing
• Cloud Discovery workshops
• Cloud Advisory Services
• Cloud Optimization
• Cloud Security Services
• Cloud DR Services
Suneratech Complete Cloud CapabilityEnabling A Strategic Partnerships
Cloud Managed
Services Provider
2 0 2 0 © w w w . s u n e r a t e c h . c o m 28P a g e |
Suneratech Infrastructure CapabilitiesComprehensive Service Portfolio
Cloud Managed Services Provider
Technology Domains
Data Center
Networking
Security & Compliance
Infrastructure Operation Management
Cloud Services
Consulting Services
• Data Center Transformation assessment
• Cloud assessment
• Network Design & Deployment Planning
• Wireless Network Assessment• Network Performance Assessment
• Security Audit & Risk Assessment• Security & BCP/DR Lifecycle
Programme Development• Data Protection
• Technology Road map advisory• Process Road map advisory• IT Staffing advisory• Budgeting & Finance advisory
• Migration Advisory• Cost Benefit Advisory• Solution Advisory
Managed services
• Data Center facility Management• DC Monitoring and Production
Operations• Server Management• Storage Management• Database Management• Mainframe Management• Backup and recovery Management• DC Network Management
• Managed Enterprise Network services• Managed Office LAN Services• Managed IP Contact Center• Managed P PBX/Voice services
• Managed Enterprise Security • Managed Anti Virus • Managed SIEM • Managed PIM • Managed HIDS/NIDS• Security Device Monitoring • Managed Identity and Access
Management
• Dedicated/Shared services leveraging Roc
• Managed Workplace Services (Service-desk Management)
• Implémentation Service• 24x7 Service Desk• RIM• NOC• Contact Center• Professional Services
Solutions
• Managed hosted Business Services• Managed Hosted Private cloud• SPAC-Sunera Platform for Adaptive
computing
• MEMS - Modular Enterprise Managed Services
• Vulnerability Assessment& Penetration Testing
• Application &Mobile Security Testing• Enterprise Core Network &Systems
security testing • Application Security Bureau
• Service assurance• Automation using Digital Assistants• AIOps• Incident Prediction and Detection• Self-service Capabilities• Multi-Language & 24/7
• Security services• IaaS• TaaS• PaaS• SaaS
ISO 27001:2013 Certified
NIST Compliant
Automation using Digital AssistantsAIOps & ITOps Incident Prediction and Detection
SOC 1 & SOC 2 Attested
2 0 2 0 © w w w . s u n e r a t e c h . c o m 29P a g e |
Key Differentiators – EBS Lifecycle Automation (Ring Master Studio)
Oracle EBS Fusion Middleware
Business Intelligence
Database Technologies
Cloud SaaS/PaaS/IaaS
Implementation Services
Application Development Services
Managed Services
End to EndImplementation Global Rollout
ApplicationModernization
RICE Retro fitment
ApplicationTesting
Application Health Check
ProcessRe-engineering
DocumentationAnd Training
Localizations
ApplicationIntegration
Reports Bolt-ons Personalization
Global Support 8*5,16*5 and 24*7
Application Maintenance
Application Support – L1 /L2/ L3/L4
TechnicalHelpdesk
DatabaseManagement
Ad
viso
ry S
erv
ice
s fo
r D
igit
al T
ran
sfo
rma
tio
n
Integrations Customizationsand Extensions
Web Applications
Mobility
Business Process Automations
Content Management Analytics Data
Management Security
DR Replications
Devops
Upgrade & Migration ServicesMigration
AssessmentVersion
Upgrades
Legacy Application
Retrofit
Regression Testing
ApplicationTesting
Application Upgrades
ProcessRe-engineering
Legacy Migrations
Upgrade on Cloud
DB Migrations
AMS Automation Dedicated/Shared Service/Outcome based Services
Infrastructure Management
Development Support Testing
Continuous Service Improvement
Advisory Services for Digital Transformation
Installations
Back-up & Recovery
Hosting
DR Setup
DB Upgrades Patch Management
M&A Consolidations
Technology & Platform Migrations
Pla
tfo
rm
So
luti
on
s D
igit
iza
tio
nC
ust
om
er
E
xpe
rie
nce
AI
/ D
ata
S
cie
nce
Dig
ita
l M
ark
eti
ng
Infrastructure
AutoMas: APM DAT CloudTestr DOX Chatbots
Lift
& S
hif
t M
igra
tio
ns
Support Automation Patch Automation RICE Deployment Automation
Test Automation SOA DeploymentAutomation
Incidents Automation
Key Customers
• #1 Cloud Partner for Oracle in NA in 2019
• Customer Appreciation awards for Meritor and Chipotle Cloud transformation Projects
• Innovation Partner award from Oracle in 2018
• Oracle SaaS Product Release Partner from 2017
Key Awards
Suneratech Oracle Capabilities
2 0 2 0 © w w w . s u n e r a t e c h . c o m 30P a g e |
Key Success StoriesCustomer Category Customer Engagement Customer Benefits
5 years Cloud Infrastructure Transformation, 2 EBS Production, Kronos and Hyperion along with 70 other workloads and managed services
• Migration from IBM hosted & managed Data Centre to OCI
• Infra Managed Services• Hyperion application migration to Oracle Cloud.
• Reduction of $6 M of Opex per year• Provided Zero Cost Transformation by creating 30% savings in the
infrastructure and security managed support services costs.
EBS & Infra Managed Services • EBS and Infra Managed Services• Peoplesoft & EBS Migration to OCI
• 40% savings on TCO• Improved performance and stability
Proactive expansion of services in a span of 7 years. Started with SOA Services and expanded it Retail, EBS, POS and BI stack
• Providing Middleware Managed services and 24/7 Peak Season Monitoring to handle all Business-Critical Systems
• Non- PROD support 8*5 and PROD is 24* 7 model• EBS , EDW and POS managed services
• Uninterrupted availability for Peak Season Monitoring• Proactive notifications for a smoother flow of business• Started 8 to 400 Servers management in a span of 2 years with same team
size
Cloud Migration of Kronos WFC, Integration of Clocks from 400+ locations and EBS Managed services
• Cloud Migration on-prem to Oracle OCI• SQL DB, EBS and Cloud Infra Managed Services• AutoMas for proactive EBS transactional monitoring
• 20% Savings on TCO• 10% Ticket Optimization using AutoMas
Large engagement covering Development as well as managed services
• More 200 People across the projects• Infra managed service• Development and Quality engineering support• Migrated EBS to AWS Cloud
• Achieved 35% savings with Cloud in the infra costs of EBS• Improved performance of EBS on Cloud• Better proactive monitoring of outages
Supply Chain Digitization • WIP Digitalization• Warehouse Automation• Field Inspection
• Overall about 2% reduction in working capital due to reduced labor costs and contained transit losses, wrong returns,
Oracle Offshore Cloud Project Support
• Suneratech Oracle experts across SaaS, PaaS and Testing are supporting Oracle India in various projects
• Fast track SaaS/PaaS implementation, Upgrade and Testing services for Oracle ACS , Oracle OCS, Oracle GSD
EBS, FMW Database Managed Services – 5 Years and providing proactive consulting services for M&A
• 16*5 coverage for Non-PROD • 24*7 coverage for L2 & L3 for Production support
• Automated 61 EBS Business KPI’s as part of managed services
2 0 2 0 © w w w . s u n e r a t e c h . c o m 31P a g e |
Q & A
2 0 2 0 © w w w . s u n e r a t e c h . c o m 2 0 1 9 © w w w . s u n e r a t e c h . c o m
Thank you
CORPORATE HEAD QUARTERS
1 E. Big Beaver, Suite # 109, Troy, MI 48083Telephone: +1 248-524-0222Email: [email protected]
DEVLOPMENT OFFICE -1
Block 2, 6th Floor, My Home Hub, Hitech City, Madhapur, Hyderabad, Telangana, India – 500081. Phone: (+91) 40 - 66006400Email: info@ Suneratech.com
DEVELOPMENT OFFICE -2
Block 1, Floor IV, NSL ArenaUppal, Hyderabad, Telangana, India – 500039Phone: (+91) 40 - 6600 6400Email: info@ Suneratech.com
2 0 2 0 © w w w . s u n e r a t e c h . c o m 33P a g e |
Let us talk about your journey