Building A Cloud-Ready Security Program
-
Upload
netiq -
Category
Technology
-
view
760 -
download
0
description
Transcript of Building A Cloud-Ready Security Program
![Page 1: Building A Cloud-Ready Security Program](https://reader033.fdocuments.in/reader033/viewer/2022060109/55565beed8b42a144c8b4698/html5/thumbnails/1.jpg)
Building a Cloud-Ready Security Program
Be ready. Get ahead…stay ahead.
@NetIQ - #NetIQCloud
![Page 2: Building A Cloud-Ready Security Program](https://reader033.fdocuments.in/reader033/viewer/2022060109/55565beed8b42a144c8b4698/html5/thumbnails/2.jpg)
© 2012 NetIQ Corporation. All rights reserved.2
Overview
• Cloud makes the world complex.
• There are some things you control.
• Get those right.
• Stay relevant.
• Extend and reinforce success.
• How (specifically) NetIQ helps.
@NetIQ - #NetIQCloud
![Page 3: Building A Cloud-Ready Security Program](https://reader033.fdocuments.in/reader033/viewer/2022060109/55565beed8b42a144c8b4698/html5/thumbnails/3.jpg)
At the Crossroads
![Page 4: Building A Cloud-Ready Security Program](https://reader033.fdocuments.in/reader033/viewer/2022060109/55565beed8b42a144c8b4698/html5/thumbnails/4.jpg)
© 2012 NetIQ Corporation. All rights reserved.4
What Keeps You up at Night?
NewThreats
Expanding Computing
Environment
BusinessKeepsMoving
StaffStretched
Thin
Change + Complexity = Loss of Control and Visibility
@NetIQ - #NetIQCloud
![Page 5: Building A Cloud-Ready Security Program](https://reader033.fdocuments.in/reader033/viewer/2022060109/55565beed8b42a144c8b4698/html5/thumbnails/5.jpg)
© 2012 NetIQ Corporation. All rights reserved.5
Fueling the Rush to the Cloud
• Greater customer and partner integration and intimacy
• Faster response to competitive threats
• Faster time to market
@NetIQ - #NetIQCloud
![Page 6: Building A Cloud-Ready Security Program](https://reader033.fdocuments.in/reader033/viewer/2022060109/55565beed8b42a144c8b4698/html5/thumbnails/6.jpg)
© 2012 NetIQ Corporation. All rights reserved.6
Cloud Brings Many Challenges
• Security
• Visibility
• Cost Management
• Alignment
• Compliance
![Page 7: Building A Cloud-Ready Security Program](https://reader033.fdocuments.in/reader033/viewer/2022060109/55565beed8b42a144c8b4698/html5/thumbnails/7.jpg)
© 2012 NetIQ Corporation. All rights reserved.7
Things Are Getting Complicated
@NetIQ - #NetIQCloud
![Page 8: Building A Cloud-Ready Security Program](https://reader033.fdocuments.in/reader033/viewer/2022060109/55565beed8b42a144c8b4698/html5/thumbnails/8.jpg)
© 2012 NetIQ Corporation. All rights reserved.8
Things Are Getting ComplicatedMORE
@NetIQ - #NetIQCloud
![Page 9: Building A Cloud-Ready Security Program](https://reader033.fdocuments.in/reader033/viewer/2022060109/55565beed8b42a144c8b4698/html5/thumbnails/9.jpg)
© 2012 NetIQ Corporation. All rights reserved.9
Interdependencies Grow
• Systems and services extend into third-party cloud offerings.
• Creates interdependencies that never existing before.
• These are highly complex, and potentially very difficult to manage.
@NetIQ - #NetIQCloud
![Page 10: Building A Cloud-Ready Security Program](https://reader033.fdocuments.in/reader033/viewer/2022060109/55565beed8b42a144c8b4698/html5/thumbnails/10.jpg)
© 2012 NetIQ Corporation. All rights reserved.10
BYO…(Anything)
• …Device
• …Cloud
• …Applications
• …Identity
@NetIQ - #NetIQCloud
![Page 11: Building A Cloud-Ready Security Program](https://reader033.fdocuments.in/reader033/viewer/2022060109/55565beed8b42a144c8b4698/html5/thumbnails/11.jpg)
© 2012 NetIQ Corporation. All rights reserved.11
Integration and Proliferation
• Cloud usage proliferates.
• Integration with existing services is complex.
• Integration between ‘clouds’ can be even harder.
@NetIQ - #NetIQCloud
![Page 12: Building A Cloud-Ready Security Program](https://reader033.fdocuments.in/reader033/viewer/2022060109/55565beed8b42a144c8b4698/html5/thumbnails/12.jpg)
© 2012 NetIQ Corporation. All rights reserved.12
All The Risk… None of the Reward
• IT continues to hold liability:• Controls access to critical services and data
• Manages organizational risk
• Deals with compliance
• Yet business users continue to directly engage with the cloud and unmanaged personal devices.
@NetIQ - #NetIQCloud
![Page 13: Building A Cloud-Ready Security Program](https://reader033.fdocuments.in/reader033/viewer/2022060109/55565beed8b42a144c8b4698/html5/thumbnails/13.jpg)
© 2012 NetIQ Corporation. All rights reserved.13
It’s Getting Crazy Out There
@NetIQ - #NetIQCloud
![Page 14: Building A Cloud-Ready Security Program](https://reader033.fdocuments.in/reader033/viewer/2022060109/55565beed8b42a144c8b4698/html5/thumbnails/14.jpg)
© 2012 NetIQ Corporation. All rights reserved.14
It’s Getting Crazy Out There
11,500+ files, every second, every day
@NetIQ - #NetIQCloud
![Page 15: Building A Cloud-Ready Security Program](https://reader033.fdocuments.in/reader033/viewer/2022060109/55565beed8b42a144c8b4698/html5/thumbnails/15.jpg)
© 2012 NetIQ Corporation. All rights reserved.15
Cloud Brings Challenges
• Security
• Visibility
• Cost Management
• Alignment
• Compliance
You are here.
![Page 16: Building A Cloud-Ready Security Program](https://reader033.fdocuments.in/reader033/viewer/2022060109/55565beed8b42a144c8b4698/html5/thumbnails/16.jpg)
© 2012 NetIQ Corporation. All rights reserved.16
• There is little-to-no knowledge of internal activities – or potential threats.
• Most breaches are discovered by a third party – not the breached party.
Maintain the Status Quo
@NetIQ - #NetIQCloud
![Page 17: Building A Cloud-Ready Security Program](https://reader033.fdocuments.in/reader033/viewer/2022060109/55565beed8b42a144c8b4698/html5/thumbnails/17.jpg)
© 2012 NetIQ Corporation. All rights reserved.17
Gain Visibility and Control
• Focus on organizational risk management
• Greater context for security and risk data
• Know what your internal users are doing
• Monitor and audit all activity around sensitive assets
@NetIQ - #NetIQCloud
![Page 18: Building A Cloud-Ready Security Program](https://reader033.fdocuments.in/reader033/viewer/2022060109/55565beed8b42a144c8b4698/html5/thumbnails/18.jpg)
Ready, set..transform!
![Page 19: Building A Cloud-Ready Security Program](https://reader033.fdocuments.in/reader033/viewer/2022060109/55565beed8b42a144c8b4698/html5/thumbnails/19.jpg)
© 2012 NetIQ Corporation. All rights reserved.19
Risk: Define It, Manage It
@NetIQ - #NetIQCloud
![Page 20: Building A Cloud-Ready Security Program](https://reader033.fdocuments.in/reader033/viewer/2022060109/55565beed8b42a144c8b4698/html5/thumbnails/20.jpg)
© 2012 NetIQ Corporation. All rights reserved.20
What Does That Mean?
Focus resources on the most critical assets, then make sure the “basics” are in place:
• System configuration
• Reduce privileged users
• Reduce privileges
• Monitor activity
• Integrate identity
• Improve access controls
• Keep it visible, keep it real
@NetIQ - #NetIQCloud
![Page 21: Building A Cloud-Ready Security Program](https://reader033.fdocuments.in/reader033/viewer/2022060109/55565beed8b42a144c8b4698/html5/thumbnails/21.jpg)
© 2012 NetIQ Corporation. All rights reserved.21
Focus on the Data, Then Layer Defenses
@NetIQ - #NetIQCloud
![Page 22: Building A Cloud-Ready Security Program](https://reader033.fdocuments.in/reader033/viewer/2022060109/55565beed8b42a144c8b4698/html5/thumbnails/22.jpg)
© 2012 NetIQ Corporation. All rights reserved.22
It’s All About The Data
Data-centric, risk-focused security
@NetIQ - #NetIQCloud
![Page 23: Building A Cloud-Ready Security Program](https://reader033.fdocuments.in/reader033/viewer/2022060109/55565beed8b42a144c8b4698/html5/thumbnails/23.jpg)
© 2012 NetIQ Corporation. All rights reserved.23
Surround with Layers of Data-Centric Solutions….• Manage who has access
• Monitor what they do
• Secure where the data is
• Build intelligence and use it
• Integrate other data-centric technologies
@NetIQ - #NetIQCloud
![Page 24: Building A Cloud-Ready Security Program](https://reader033.fdocuments.in/reader033/viewer/2022060109/55565beed8b42a144c8b4698/html5/thumbnails/24.jpg)
© 2012 NetIQ Corporation. All rights reserved.24
Keep It Rolling
• Continuous compliance
• Automate where you can, when you can
• Smarter security is better than more security
• Don’t just believe the vendors
• Make sure it’s easy to show value
![Page 25: Building A Cloud-Ready Security Program](https://reader033.fdocuments.in/reader033/viewer/2022060109/55565beed8b42a144c8b4698/html5/thumbnails/25.jpg)
© 2012 NetIQ Corporation. All rights reserved.25
Extending…
It’s easier to extend what’s right into the cloud.
![Page 26: Building A Cloud-Ready Security Program](https://reader033.fdocuments.in/reader033/viewer/2022060109/55565beed8b42a144c8b4698/html5/thumbnails/26.jpg)
© 2012 NetIQ Corporation. All rights reserved.26
Fight Fire With Fire
• OK, cloud with cloud
• Increasing interest in SecaaS
• NetIQ closely involved in this
• Partnering with cloud providers
@NetIQ - #NetIQCloud
![Page 27: Building A Cloud-Ready Security Program](https://reader033.fdocuments.in/reader033/viewer/2022060109/55565beed8b42a144c8b4698/html5/thumbnails/27.jpg)
© 2012 NetIQ Corporation. All rights reserved.27
NetIQ Will Help
• Faster identification of threats
• Clearer understanding of “who”
• Simpler management of access to services
• Reduced risk from poor configuration
• Tighter controls on privileged users
@NetIQ - #NetIQCloud
![Page 28: Building A Cloud-Ready Security Program](https://reader033.fdocuments.in/reader033/viewer/2022060109/55565beed8b42a144c8b4698/html5/thumbnails/28.jpg)
© 2012 NetIQ Corporation. All rights reserved.28
cloud ninenoun Informal.a state of elation or happiness (usually in the phrase on cloud nine)
![Page 29: Building A Cloud-Ready Security Program](https://reader033.fdocuments.in/reader033/viewer/2022060109/55565beed8b42a144c8b4698/html5/thumbnails/29.jpg)