1 Secure Cloud and BYOD Strategies Gaining Control Over Trust.
-
Upload
kendrick-wollen -
Category
Documents
-
view
217 -
download
1
Transcript of 1 Secure Cloud and BYOD Strategies Gaining Control Over Trust.
![Page 1: 1 Secure Cloud and BYOD Strategies Gaining Control Over Trust.](https://reader038.fdocuments.us/reader038/viewer/2022103015/551a8e145503466b3a8b4dc6/html5/thumbnails/1.jpg)
1
Secure Cloud and BYOD StrategiesGaining Control Over Trust
![Page 2: 1 Secure Cloud and BYOD Strategies Gaining Control Over Trust.](https://reader038.fdocuments.us/reader038/viewer/2022103015/551a8e145503466b3a8b4dc6/html5/thumbnails/2.jpg)
2
A New World
Own Nothing.
![Page 3: 1 Secure Cloud and BYOD Strategies Gaining Control Over Trust.](https://reader038.fdocuments.us/reader038/viewer/2022103015/551a8e145503466b3a8b4dc6/html5/thumbnails/3.jpg)
3
Some Misconceptions
It’s my Cloud providers responsibility to provide a secure environment.
“You are responsible for properly configuring and using the Service Offerings and taking your own steps to maintain appropriate security, protection” Customer Agreement
“When you go to the cloud, you have to consider that application is going to be going to a somewhat hostile environment.”
Dennis Hurst, founding member of CSA and security specialist
Hewlett-Packard Co.
![Page 4: 1 Secure Cloud and BYOD Strategies Gaining Control Over Trust.](https://reader038.fdocuments.us/reader038/viewer/2022103015/551a8e145503466b3a8b4dc6/html5/thumbnails/4.jpg)
4
The Onus Is On YOU!
“When data is transferred to a cloud, the responsibility for protecting and securing the data typically remains with the collector or
custodian of that data.” Guidance v3.0
“Ultimately, you can outsource responsibility but you can't outsource accountability” ENISA Cloud Computing: Benefits, risks and recommendations for information security
![Page 5: 1 Secure Cloud and BYOD Strategies Gaining Control Over Trust.](https://reader038.fdocuments.us/reader038/viewer/2022103015/551a8e145503466b3a8b4dc6/html5/thumbnails/5.jpg)
5
Establishing TRUST?
![Page 6: 1 Secure Cloud and BYOD Strategies Gaining Control Over Trust.](https://reader038.fdocuments.us/reader038/viewer/2022103015/551a8e145503466b3a8b4dc6/html5/thumbnails/6.jpg)
6
Establishing Trust
Encryption
Digitalcertificates
API &symmetric keys SSH keys
![Page 7: 1 Secure Cloud and BYOD Strategies Gaining Control Over Trust.](https://reader038.fdocuments.us/reader038/viewer/2022103015/551a8e145503466b3a8b4dc6/html5/thumbnails/7.jpg)
7
When TRUST breaks down
2011 2012 2013
Stolen Private Keys
Digitally sign code
• Stuxnet • Zeus – Kaspersky
compromised • Duqu• W32/Agent.DTIW• Mediyes • Troj/BredoZp –
Adobe compromised
• Sony compromise• Bit9 compromise
User ErrorPoorly managed
keys
• Yahoo • Foxconn - Wii U
keys• TurkTrust• McAfee• Microsoft
Fraudulent Certificates
CA Compromise
• Verisign • Comodo • StartSSL • DigiNotar • DigiCert
Technology Advances
Weak Crypto
• BEAST – SSL 3• FLAME – MD5 • Lucky 13 – (D)TLS• SSH daemon
backdoors
![Page 8: 1 Secure Cloud and BYOD Strategies Gaining Control Over Trust.](https://reader038.fdocuments.us/reader038/viewer/2022103015/551a8e145503466b3a8b4dc6/html5/thumbnails/8.jpg)
8
Trust is The New Target
“PKI is under attack”Scott Charney, Microsoft
![Page 9: 1 Secure Cloud and BYOD Strategies Gaining Control Over Trust.](https://reader038.fdocuments.us/reader038/viewer/2022103015/551a8e145503466b3a8b4dc6/html5/thumbnails/9.jpg)
9
Real World Data
Weak crypto exploit
Server key theft
CA compromise
SSH attacks
Attacks over last 24 months
1.3 0.4 1.1 0.3Expected attacks in next 24 months
18% 5% 7% 3%
Cost of Failed Trust: Threats & Attacks, Feb 2013, Underwritten by Venafi – download @ www.venafi.com/Ponemon
Demographics: 2,300 Global 2000 organizationsU.S, Germany, UK, Australia, France
![Page 10: 1 Secure Cloud and BYOD Strategies Gaining Control Over Trust.](https://reader038.fdocuments.us/reader038/viewer/2022103015/551a8e145503466b3a8b4dc6/html5/thumbnails/10.jpg)
10
Real World Data
1 in 5 organizations
expect to fall prey to attacks due to weak or legacy cryptography
Cost of Failed Trust: Threats & Attacks, Feb 2013, Underwritten by Venafi – download @ www.venafi.com/ponemon
![Page 11: 1 Secure Cloud and BYOD Strategies Gaining Control Over Trust.](https://reader038.fdocuments.us/reader038/viewer/2022103015/551a8e145503466b3a8b4dc6/html5/thumbnails/11.jpg)
11
Emerging Threats
#1 Most Alarming Key & Certificate Management Threat
SSHCritical for establishing trust and control in the cloudCost of Failed Trust: Threats & Attacks, Feb 2013, Underwritten by Venafi – download @ www.venafi.com/ponemon
![Page 12: 1 Secure Cloud and BYOD Strategies Gaining Control Over Trust.](https://reader038.fdocuments.us/reader038/viewer/2022103015/551a8e145503466b3a8b4dc6/html5/thumbnails/12.jpg)
12
Gain Control Over TRUST
![Page 13: 1 Secure Cloud and BYOD Strategies Gaining Control Over Trust.](https://reader038.fdocuments.us/reader038/viewer/2022103015/551a8e145503466b3a8b4dc6/html5/thumbnails/13.jpg)
13
Control Over Trust Challenges
Security Threats
& Attacks
Operational Risks &
Outages
Complia
nce Audits
![Page 14: 1 Secure Cloud and BYOD Strategies Gaining Control Over Trust.](https://reader038.fdocuments.us/reader038/viewer/2022103015/551a8e145503466b3a8b4dc6/html5/thumbnails/14.jpg)
14
Solving the Problem?
Getting key and certificate management right first, solves security, operations, and compliance problems of using encryption
59%Cost of Failed Trust: Threats & Attacks, Feb 2013, Underwritten by Venafi – download @ www.venafi.com/ponemon
![Page 15: 1 Secure Cloud and BYOD Strategies Gaining Control Over Trust.](https://reader038.fdocuments.us/reader038/viewer/2022103015/551a8e145503466b3a8b4dc6/html5/thumbnails/15.jpg)
15
A Rather Large Problem!
Average number of server keys and certificates in a Global 2000 organization
17,807Cost of Failed Trust: Threats & Attacks, Feb 2013, Underwritten by Venafi – download @ www.venafi.com/ponemon
![Page 16: 1 Secure Cloud and BYOD Strategies Gaining Control Over Trust.](https://reader038.fdocuments.us/reader038/viewer/2022103015/551a8e145503466b3a8b4dc6/html5/thumbnails/16.jpg)
16
Gaining Control Over Trust
Central Policy Control
DiscoveryEnrollment
Server Certs
Module
Symmetric Key Module
SSH Key Module
User Certs
Module
ProvisioningMonitoring
![Page 17: 1 Secure Cloud and BYOD Strategies Gaining Control Over Trust.](https://reader038.fdocuments.us/reader038/viewer/2022103015/551a8e145503466b3a8b4dc6/html5/thumbnails/17.jpg)
17
Journey to Control Trust
AUTOMATEREPORT AND
AUDIT
ENFORCEPOLICY
DISCOVER
ASSETS
ANALYZE FOR INSIGHT
CONNECTPEOPLE
![Page 18: 1 Secure Cloud and BYOD Strategies Gaining Control Over Trust.](https://reader038.fdocuments.us/reader038/viewer/2022103015/551a8e145503466b3a8b4dc6/html5/thumbnails/18.jpg)
18
First, Assess Risk and Gain Visibility
![Page 19: 1 Secure Cloud and BYOD Strategies Gaining Control Over Trust.](https://reader038.fdocuments.us/reader038/viewer/2022103015/551a8e145503466b3a8b4dc6/html5/thumbnails/19.jpg)
19
How Do You Measure Up?
MD5 % SHA-1 % Validity Period <=1 year %
Validity Period 1-3 years %
Validity Period >3 years %
Expired Certs % Key Length <= 1024 %
0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
37%
55%
23%
15%
40%
21%
68%
Financial Govt Healthcare
Tech All Industry Average
![Page 20: 1 Secure Cloud and BYOD Strategies Gaining Control Over Trust.](https://reader038.fdocuments.us/reader038/viewer/2022103015/551a8e145503466b3a8b4dc6/html5/thumbnails/20.jpg)
20
Gain Control Over Trust
Streamline your trust asset management
Gain knowledge
Bring under control
Eliminate failed audits
Put controls in place
Reduce operational cost
Own Nothing. Control Everything.
![Page 21: 1 Secure Cloud and BYOD Strategies Gaining Control Over Trust.](https://reader038.fdocuments.us/reader038/viewer/2022103015/551a8e145503466b3a8b4dc6/html5/thumbnails/21.jpg)
21
Gained Control Over Trust
Learn More: www.venafi.com/about/case-studies/
![Page 22: 1 Secure Cloud and BYOD Strategies Gaining Control Over Trust.](https://reader038.fdocuments.us/reader038/viewer/2022103015/551a8e145503466b3a8b4dc6/html5/thumbnails/22.jpg)
22
Any Key. Any Cert. Anywhere.™
Read Key & Certificate Management Best Practices www.venafi.com/best-practices/
Take the Enterprise risk assessment to understand your risks www.venafi.com/venafi-assessor/
![Page 23: 1 Secure Cloud and BYOD Strategies Gaining Control Over Trust.](https://reader038.fdocuments.us/reader038/viewer/2022103015/551a8e145503466b3a8b4dc6/html5/thumbnails/23.jpg)
23
Unpublished Work of Venafi, Inc. All Rights Reserved.This work is an unpublished work and contains confidential, proprietary, and trade secret information of Venafi, Inc. Access to this work is restricted to Venafi employees who have a need to know to perform tasks within the scope of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Venafi, Inc. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability.
General DisclaimerThis document is not to be construed as a promise by any participating company to develop, deliver, or market a product. Venafi, Inc. makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Venafi, Inc. reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All Venafi marks referenced in this presentation are trademarks or registered trademarks of Venafi, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.
© 2013 Venafi Proprietary and Confidential