Download Lecture Slides on Sensitivity and Security Concerns | IT 150G and more Study notes Information Technology in PDF only on Docsity! Sensitivity and Security Concerns
yĀ„: Dhe Grand Challenge
Trea Pei apsbiiiateertiat
biarn
ton
7 anne sshrentrateannicata iii
HOPS Cabos tratiheavendos hare the |
(lcehnplogwaneiicgovemanenre conrolits
lompla yon satrannpet a megytiat oss ff
PO h ota See SMe ht eae ees Oy
7 Seems ily a thetetie āites ie lraB Hite
ms @ Sa eae a poo
āOfjrespondentsjarerooncehnediwith ā ea bag om stn
Clovdlinterferinajwithithe ability Se iia
tGICOMpI With hed U lations)
Rouen ER no eta ea canoe Maer oy eles Cone HLS Ibs tals mene arate ane a |e id Mera oP
SPeciicieustomenconcenisirelated to security
Protection of intellectual property and data 30 %
Ability to enforce regulatory or contractual obligations 21 %
Unauthorized use of data 1 5%
Confidentiality of data 1 2%
Availability of data 9%
Integrity of data
Ability to test or audit a providerās environment
Other
Categories of Cloud Computing Risks
Control Data
Many companies and governments Migrating workloads to a shared
are uncomfortable with the idea of network and compute infrastructure
their information located on increases the potential for
systems they do not control. unauthorized exposure.
Providers must offer a high degree Authentication and access
of security transparency to help technologies become
put customers at ease. Reliability increasingly important.
High availability will be a key concern.
IT departments will worry about a loss
of service should outages occur.
Mission critical applications
Compliance may not run in the cloud
Complying with without strong availability =| Security Management
plying guarantees. 2
regulations may prohibit the Even the simplest of tasks may be
behind layers of abstraction or
use of clouds for some
applications. performed by someone else.
Comprehensive auditing Providers must supply easy controls to
capabilities are essential. manage security settings for
application and runtime environments.
One-size does not fit-all:
Different cloud workloads have different risk profiles
High ; \
Mission-critical
workloads, personal
rey
information Tomorrow's high value /
high risk workloads need:
+ Quality of protection
adapted to risk
+ Direct visibility and
control
Need for Analysis & - Significant level of
Secu rity simulation with assurance
Assurance public data
ā¢, Today's clouds are
primarily here:
. Lower risk workloads
+ One-size-fits-all
approach to data
protection
. No significant
assurance
/ . Price is key
Training, testing
with non- >
sensitive data
Low
Low-risk Mid-risk High-risk
Business Risk
Customer Expectations
Customers require visibility into the
security posture of their cloud.
Customers require proper authentication
of cloud users.
Customers cite data protection as their
most important concern.
Customer Expectations
Customers cite data protection as their
most important concern.
Customers expect a secure cloud
operating environment.
Customers expect cloud data centers to
be physically secure.