Cloud Computing Risks N Controls V1.0
-
Upload
itilsme -
Category
Technology
-
view
151 -
download
0
description
Transcript of Cloud Computing Risks N Controls V1.0
![Page 1: Cloud Computing Risks N Controls V1.0](https://reader036.fdocuments.us/reader036/viewer/2022070303/54b4bd424a795988368b46b4/html5/thumbnails/1.jpg)
Solution is within.
*Cloud ComputingRisks and Controls
![Page 2: Cloud Computing Risks N Controls V1.0](https://reader036.fdocuments.us/reader036/viewer/2022070303/54b4bd424a795988368b46b4/html5/thumbnails/2.jpg)
7/4/2011
*It’ every where but why?
Model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.
![Page 3: Cloud Computing Risks N Controls V1.0](https://reader036.fdocuments.us/reader036/viewer/2022070303/54b4bd424a795988368b46b4/html5/thumbnails/3.jpg)
7/4/2011
*Cloud Models
![Page 4: Cloud Computing Risks N Controls V1.0](https://reader036.fdocuments.us/reader036/viewer/2022070303/54b4bd424a795988368b46b4/html5/thumbnails/4.jpg)
7/4/2011
*Evolution Continues
![Page 5: Cloud Computing Risks N Controls V1.0](https://reader036.fdocuments.us/reader036/viewer/2022070303/54b4bd424a795988368b46b4/html5/thumbnails/5.jpg)
7/4/2011
*Technical Building Blocks
Cloud computing combines several technical innovations from the last 10 to 15years that constitute its fundamental technical building blocks, including:
SOA 뾃 library of proven, functional software applets that can be connected to become a useful application
Application programming interfaces (APIs) 뾗Tags to direct applets about the Internet
XML 뾋 Identifier tags attached to information (data, pages, pictures, files, fields, etc.) that allow them to be transported to any designated application located on the Internet
![Page 6: Cloud Computing Risks N Controls V1.0](https://reader036.fdocuments.us/reader036/viewer/2022070303/54b4bd424a795988368b46b4/html5/thumbnails/6.jpg)
7/4/2011
*Cloud Computing Challenges
* Data Location
* Commingled Data
* Cloud Security Policy / Procedure Transparency
* Cloud Data Ownership
* Lock-in with CSP’s proprietary APIs
* CSP business viability
* Record keeping for forensic audits
* Identity and Access Management (IAM)
* Penetration detection
* Screening of other cloud computing clients
* Compliance Requirements
* Disaster Recovery
![Page 7: Cloud Computing Risks N Controls V1.0](https://reader036.fdocuments.us/reader036/viewer/2022070303/54b4bd424a795988368b46b4/html5/thumbnails/7.jpg)
7/4/2011
*Governance in the cloud
* Data Location
* Commingled Data
* Cloud Security Policy / Procedure Transparency
* Cloud Data Ownership
* Lock-in with CSP’s proprietary APIs
* CSP business viability
* Record keeping for forensic audits
* Identity and Access Management (IAM)
* Penetration detection
* Screening of other cloud computing clients
* Compliance Requirements
* Disaster Recovery
![Page 8: Cloud Computing Risks N Controls V1.0](https://reader036.fdocuments.us/reader036/viewer/2022070303/54b4bd424a795988368b46b4/html5/thumbnails/8.jpg)
7/4/2011
*Cloud Factors
![Page 9: Cloud Computing Risks N Controls V1.0](https://reader036.fdocuments.us/reader036/viewer/2022070303/54b4bd424a795988368b46b4/html5/thumbnails/9.jpg)
7/4/2011
*Risk IT for the Cloud
* Strategic
* Environmental
* Market
* Credit
* Operational
* Compliance
![Page 10: Cloud Computing Risks N Controls V1.0](https://reader036.fdocuments.us/reader036/viewer/2022070303/54b4bd424a795988368b46b4/html5/thumbnails/10.jpg)
*Risk Hierarchy
![Page 11: Cloud Computing Risks N Controls V1.0](https://reader036.fdocuments.us/reader036/viewer/2022070303/54b4bd424a795988368b46b4/html5/thumbnails/11.jpg)
*Key Questions
![Page 12: Cloud Computing Risks N Controls V1.0](https://reader036.fdocuments.us/reader036/viewer/2022070303/54b4bd424a795988368b46b4/html5/thumbnails/12.jpg)
*Risk Management
![Page 13: Cloud Computing Risks N Controls V1.0](https://reader036.fdocuments.us/reader036/viewer/2022070303/54b4bd424a795988368b46b4/html5/thumbnails/13.jpg)
*Assessing Sun Cloud
You decide what degree of assessment would suffice your needs.
7/4/2011
![Page 14: Cloud Computing Risks N Controls V1.0](https://reader036.fdocuments.us/reader036/viewer/2022070303/54b4bd424a795988368b46b4/html5/thumbnails/14.jpg)
7/4/2011
*Deliverables
*Assessment Report(s)
*SLAs
*Accessibility Report
*Vulnerabilities
*Risks
*Compliance
*Responsibility & Accountability Metrics
![Page 15: Cloud Computing Risks N Controls V1.0](https://reader036.fdocuments.us/reader036/viewer/2022070303/54b4bd424a795988368b46b4/html5/thumbnails/15.jpg)
7/4/2011
*Need more info?
*Please contact:
Azim Tirmizi
214-473-4274