Lecture Slides on Sensitivity and Security Concerns | IT 150G, Study notes of Information Technology

Download Lecture Slides on Sensitivity and Security Concerns | IT 150G and more Study notes Information Technology in PDF only on Docsity! Sensitivity and Security Concerns y¥: Dhe Grand Challenge Trea Pei apsbiiiateertiat biarn ton 7 anne sshrentrateannicata iii HOPS Cabos tratiheavendos hare the | (lcehnplogwaneiicgovemanenre conrolits lompla yon satrannpet a megytiat oss ff PO h ota See SMe ht eae ees Oy 7 Seems ily a thetetie ‘ites ie lraB Hite ms @ Sa eae a poo ‘Ofjrespondentsjarerooncehnediwith ‘ ea bag om stn Clovdlinterferinajwithithe ability Se iia tGICOMpI With hed U lations) Rouen ER no eta ea canoe Maer oy eles Cone HLS Ibs tals mene arate ane a |e id Mera oP SPeciicieustomenconcenisirelated to security Protection of intellectual property and data 30 % Ability to enforce regulatory or contractual obligations 21 % Unauthorized use of data 1 5% Confidentiality of data 1 2% Availability of data 9% Integrity of data Ability to test or audit a provider’s environment Other Categories of Cloud Computing Risks Control Data Many companies and governments Migrating workloads to a shared are uncomfortable with the idea of network and compute infrastructure their information located on increases the potential for systems they do not control. unauthorized exposure. Providers must offer a high degree Authentication and access of security transparency to help technologies become put customers at ease. Reliability increasingly important. High availability will be a key concern. IT departments will worry about a loss of service should outages occur. Mission critical applications Compliance may not run in the cloud Complying with without strong availability =| Security Management plying guarantees. 2 regulations may prohibit the Even the simplest of tasks may be behind layers of abstraction or use of clouds for some applications. performed by someone else. Comprehensive auditing Providers must supply easy controls to capabilities are essential. manage security settings for application and runtime environments. One-size does not fit-all: Different cloud workloads have different risk profiles High ; \ Mission-critical workloads, personal rey information Tomorrow's high value / high risk workloads need: + Quality of protection adapted to risk + Direct visibility and control Need for Analysis & - Significant level of Secu rity simulation with assurance Assurance public data ™, Today's clouds are primarily here: . Lower risk workloads + One-size-fits-all approach to data protection . No significant assurance / . Price is key Training, testing with non- > sensitive data Low Low-risk Mid-risk High-risk Business Risk Customer Expectations Customers require visibility into the security posture of their cloud. Customers require proper authentication of cloud users. Customers cite data protection as their most important concern. Customer Expectations Customers cite data protection as their most important concern. Customers expect a secure cloud operating environment. Customers expect cloud data centers to be physically secure.