1 / 14

Cloud Security Consulting Services AT&T Security Consulting

Cloud Security Consulting Services AT&T Security Consulting. March 2012. Technology Trends Reshaping Business. Powerful Mobile Computing Devices. Fast, Widespread Wireless/Wireline IP Networks. Cloud Computing. Companies are reengineering the way they do business.

osanna
Télécharger la présentation

Cloud Security Consulting Services AT&T Security Consulting

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Cloud Security Consulting ServicesAT&T Security Consulting March 2012

  2. Technology Trends Reshaping Business Powerful Mobile Computing Devices Fast, Widespread Wireless/Wireline IP Networks Cloud Computing Companies are reengineering the way they do business.

  3. What is “Cloud Computing”? “…a model for enabling ubiquitous, convenient, on-demandnetwork access to a sharedpool of configurable computing resourcesthat can be rapidly provisioned and released with minimal managementeffort or service provider interaction.” - National Institutes of Standards and Technology

  4. Business Drivers for Cloud • Improve My Productivity • Real time collaboration across employees, partners, customers • Requirements for applications to work across devices • Reduce My Cost • Low storage and server utilization in non-peak periods • Desire to pivot from Capexto Opex • Remove the Complexity • Simplification due to limited IT staff down market • End-to-end ownership vs. multi-vendor service integrations Demand to mobilize and virtualize assets, applications and activities • Off-premise • On-demand • Easy to Use • Web-enabled • Device Agnostic • Tiered Support

  5. Cloud Deployment Models Transfer Responsibility CustomerManagement Responsibility Service Provider Management Responsibility

  6. Considerations for Cloud Security

  7. Cloud Security Challenges • Applicable Compliance Requirements • Current Good Manufacturing Practices (cGMPs) for human pharmaceuticals • FDA Audit Processes, field trials, exception approvals • ARA, HIPPA, HITRUST, PCI, NIST, FTC, State Regulations • Risk Management • Monitoring • Governance • Visibility • Advanced technology adoption • Complicates security, compliance & validation efforts

  8. Success Through “Data Centricity” Define the Workload (isolate a function) Classify the Relevant Data Establish Contractual Obligations Assess the Associated Risks Sensitive Data DefineAppropriate Controls Determine Applicable Compliance Requirements

  9. Layered Approach to Cloud Security Security LayersApplications Security THREATS VULNERABILITIES Services Security Destruction Access Management Access Control Authentication Authentication repudiation Non-repudiation Data Confidentiality Data Confidentiality Communication Security Communication Security Data Integrity Integrity Availability Availability Privacy Privacy Corruption Removal Infrastructure Security Disclosure Interruption ATTACKS 8 Security Dimensions End User Security Adapted based on X.805 Model

  10. Compliance & Security Lessons Learned • The responsibility for security and compliance cannot be outsourced • Proper Asset Classification is critical - understand what you are putting into the cloud • Understand that assets can exist in various physical locations • Determine who can affect the security of the data • Do Your Homework to find the right Security Solutions Provider! • Evaluate providers based on your security requirements • Document accountability demarcation points

  11. Cloud Security and Compliance Assessment

  12. Cloud Security and Compliance Assessment Service Overview What We Provide What We Deliver • AT&T’s Cloud Security and Compliance Assessment helps you understand your security posture, polices and compliance exposure. • Cloud Security and Compliance Assessment Executive Summary • Provides key findings of the assessment. • The Cloud Security and Compliance Assessment provides an onsite consulting engagement to examine and maintain your security posture by identifying potential data security risk(s) involved in moving targeted workloads to the Cloud. • Cloud Security and Compliance Assessment Report • Comprehensive findings report with technical detail and recommendations resulting from the assessment service. • AT&T is committed to providing pre and post assessment requirements, access to information and transparency.

  13. Why AT&T for Cloud Security and Advisory Services? Where experience counts AT&T Expertise • A rich history of building highly-secure domestic and global networks including expertise in large scale, complex and custom network infrastructures and solutions. • Comprehensive Consulting portfolio across eight strategic services in addition to cloud advisory services. • Combined network implementation experience and consulting capabilities that is aligned with your business needs and vision. • AT&T Consulting provides “trusted advisor” expertise with “C” level executives based upon many years of experience of addressing strategic business initiatives with best of breed solutions. Managed WAN for single communication fabric worldwide Security Managed Applications, Managed UC Services, Collaboration Services and Cloud Solutions

More Related