George Yauneridge. Overview  Basic Security  Selecting a Provider  Cloud Computing Security Threats  Cloud Computing Security Practices  Conclusion.

Slides:

Advertisements

Similar presentations

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.

Advertisements

Voice over the Internet Protocol (VoIP) Technologies… How to Select a Videoconferencing System for Your Agency Based on the Work of Watzlaf, V.M., Fahima,

HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.

Cloud Computing Part #3 Zigmunds Buliņš, Mg. sc. ing 1.

Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.

Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.

Appendix B: Designing Policies for Managing Networks.

HIPAA Security Standards What’s happening in your office?

Security+ Guide to Network Security Fundamentals

1 DCS860A Emerging Technology Physical layer transparency in Cloud Computing (rev )

CC3.12 Lecture 12 Erdal KOSE Based of Prof. Ziegler Lectures.

Supervisor : Mr. Hadi Salimi Advanced Topics in Information Systems Mazandaran University of Science and Technology February 4, 2011 Survey on Cloud Computing.

August 9, 2005 UCCSC IT Security at the University of California A New Initiative Jacqueline Craig. Director of Policy Information Resources and.

INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.

NETWORKS Lauren Hickman Patrick McCamy Morgan Pace Noah Ryder.

Formulating a Security Policy for the Modern IT Landscape.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Morris Bennett Altman Director of Network Services Internet Security Officer Queens College, CUNY Are You Exposed? Network Security.

Website Hardening HUIT IT Security | Sep

The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions Steve Katz, CISSP Security.

New Data Regulation Law 201 CMR TJX Video.

EDUCAUSE Security Conference Denver, Colorado April 10 to 12, 2006 Bob Beer Biggs Engineering 117 (419)

NUAGA May 22,  IT Specialist, Utah Department of Technology Services (DTS)  Assigned to Department of Alcoholic Beverage Control  PCI Professional.

Teresa Macklin Information Security Officer 27 May, 2009 Campus-wide Information Security Activities.

© 2009 IDBI Intech, Inc. All rights reserved.IDBI Intech Confidential 1 Information (Data) Security & Risk Mitigation.

General Awareness Training

CHAPTER 3 Information Privacy and Security. CHAPTER OUTLINE  Ethical Issues in Information Systems  Threats to Information Security  Protecting Information.

Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management 4.Access Control 5.Cryptography 6.Physical Security.

UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.

Security Baseline. Definition A preliminary assessment of a newly implemented system Serves as a starting point to measure changes in configurations and.

Computer Science and Engineering 1 Cloud ComputingSecurity.

How to Gain Comfort in Losing Control to the Cloud Randolph Barr CSO - Qualys, Inc SourceBoston, 23. April 2010.

 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.

1 Suronapee Phoomvuthisarn, Ph.D. / NETE4631:Cloud Privacy and Security - Lecture 12.

VULNERABILITY ASSESSMENT FOR THE POLICE DEPARTMENT’S NETWORK.

Cloud Computing Presented by Alicia Wallis and Kerri Warf.

Daniel Cuschieri Information Security Distance Learning Weekend Conference August 2013.

Information Systems Security New Faculty Orientation Day Queen’s University August 2011 George Farah, GIAC/GSEC Gold, CRISC, CISA University Information.

Completing network setup. INTRODUCTION Course Overview Course Objectives.

Small Business Security Keith Slagle April 24, 2007.

Cloud of Clouds for UK public sector. Cloud Services Integrator.

Module 11: Designing Security for Network Perimeters.

Lecture 24 Wireless Network Security

Firewall firewalls Is a program on your computer to protect your computer from all types of threats and if you have a server and you wasn’t to protect.

Chap1: Is there a Security Problem in Computing?.

Database Security David Nguyen. Dangers of Internet  Web based applications open up new threats to a corporation security  Protection of information.

Territory Insurance Conference, resilient future Mr Ralph Bönig, Special Counsel, Finlaysons Cyber Times and the Insurance Industry Territory Insurance.

1 Assessment Comprehensive Analysis of IBM i Security.

Computer Security By Duncan Hall.

© 2012 IBM Corporation IBM Security Systems 1 © 2012 IBM Corporation Cloud Security: Who do you trust? Martin Borrett Director of the IBM Institute for.

CLOUD COMPUTING-3.

Information Security Measures Confidentiality IntegrityAccessibility Information cannot be available or disclosed to unauthorized persons, entities or.

Chapter 3 Pre-Incident Preparation Spring Incident Response & Computer Forensics.

Module 7: Designing Security for Accounts and Services.

E-Commerce E-Commerce Security?? Instructor: Safaa S.Y. Dalloul E-Business Level Try to be the Best.

Sources of Network Intrusion Security threats from network intruders can come from both internal and external sources.  External Threats - External threats.

BizSmart Lunch & Learn Webinar Information Security and Protecting your business With the increased risk of some sort of cyber- attack over the past few.

Appendix A: Designing an Acceptable Use Policy. Overview Analyzing Risks That Users Introduce Designing Security for Computer Use.

 December 2010 US Chief Information Officer Vivek Kundra released the Federal Cloud Computing Strategy. This became to be what is known as “Cloud First”

Onsite CRM Security

Securing Network Servers

CMIT100 Chapter 15 - Information.

Network Security Analysis Name : Waleed Al-Rumaih ID :

Unfortunately, any small business could face the risk of a data breach or cyber attack. Regardless of how big or small your business is, if your data,

Advanced Services Cyber Security 101 © ABB February, | Slide 1.

General Counsel and Chief Privacy Officer

CompTIA Security+ Study Guide (SY0-401)

Security week 1 Introductions Class website Syllabus review

Presentation transcript:

George Yauneridge

Overview  Basic Security  Selecting a Provider  Cloud Computing Security Threats  Cloud Computing Security Practices  Conclusion

Basic Security Common sense policies should be applied, including: Strong passwords Firewalls Antivirus Apply patches etc

Selecting a Provider There are many factors to consider, the primary ones are: Price Services Security Regulations ○ Government ○ Industry

Cloud Computing Risks  Clouds are big targets  Risk of data being intercepted  DoS  Horizontal privilege escalation  Provider stability

Big Targets  Risks Attacks may be more frequent Possible to become collateral damage of hacktivists  Prevention Store data locally Encrypt stored data

Risk of Interception  Risks Information traveling over the internet might be intercepted Data could be altered  Prevention Encrypt transmitted data

Privileges  Risks Users from other accounts may be able to gain access to your data  Prevention Use virtual servers Use virtual firewalls

Provider Stability  Risks Bankrupt Relocation Acquired  Prevention Research the provider

FedRAMP  Government program to assess cloud providers  Set to be released soon  Developed by the government in conjunction with other organizations  Uses third party auditing

The Contract  Items to include Price Service Compliance with industry or government regulations Security policies Non-disclosure

Questions

Resources  Brodkin, Jon. “Gartner: Seven cloud-computing security risks”. Infoworld. 16 February  Jansen, Wayne; Grance, Timothy. “Guidelines on Security and Privacy in Public Cloud Computing”. National Institute of Standards and Technology. 16 February  Perilli, Alessandro; et al. “Cloud Computing”. European Network and Information Security Agency. 16 February  Brunette, Glenn; et al. “Security Guidance for Critical Areas of Focus in Cloud Computing Security V2.1”. Cloud Security Alliance. 20 February  Vijayan, Jaikumar. “Feds Launch Cloud Security Standards Program”. Computer World. 20 February 2012.