RSA / EMC: Vision of the Trusted Cloud. Ivan Svoboda RSA, The Security Division of EMC

(1)

RSA / EMC: Vision of the Trusted Cloud

Ivan Svoboda

(2)

The Opportunity

Enterprise IT Has Many Challenges

Enterprise IT Simple Low Cost Flexible Dynamic Public Cloud

The Public Cloud Has Broad Appeal

Complex Expensive

Inflexible Siloed

Infrastructure

Dynamic

Over Time, Enterprise IT Will Evolve Towards Public Cloud Ideals

(3)

The Opportunity: The Journey to the

Cloud

The Private Cloud is a Logical First Step

Private Cloud

Enterprise IT Public Cloud

“70% Will Spend More On Private Cloud through 2012”

- Gartner DC Conference 2009 Infrastructure

Dynamic

(4)

The Opportunity: The Journey to the

Cloud

Virtualize Everything, Standardize & Automate

Private Cloud

Virtualization Converged Infrastructure Automation Federation GRC Infrastructure as-a-Service

Hybrid Cloud: Utilize Service Provider Infrastructure

Infrastructure

Hybrid Cloud

(5)

Securing the Journey to The Private Cloud 30% 70% 85% _95% IT Production Lower Costs Business Production Improve Quality Of Service

IT-As-A-Service Improve Agility % Virtualized 15% 30% Platinum Platinum Gold Gold • Security Compliance • Information-centric security • Risk-driven policies

• IT and security operations alignment

• Secure multi-tenancy • Verifiable chain of trust • Visibility into virtualization

infrastructure

• privileged user monitoring • access management • network security

(6)

Our Customers Are Asking Themselves

How do I centrally manage compliance across Can I ensure my virtualized business

critical applications are running in a secure and compliant environment?

How do I centrally manage compliance across mixed VMware and physical IT environments?

Can I respond more quickly to security events in my virtual environment?

How do I begin to assess hybrid and public cloud service providers?

(7)

Implications of Challenges

Security and compliance concerns stall the

Missing opportunity for “better than physical” CISOs need to

manage security

and compliance concerns stall the

adoption of virtualization

“better than physical” security

and compliance across virtual and

(8)

RSA / EMC: naše zkušenosti s virtualizací

(9)

RSA / EMC: naše zkušenosti s cloudem

Žijeme cloudem

• Jsme na cestě_{k privátnímu cloudu (p}ř_{es 70% virtualizace)} • Používáme public cloud aplikace (CRM)

Jsme dodavatelem řešení pro cloud:

• VCE (VMware, Cisco, EMC)

• RSA: ř_{ešení bezpe}č_{nosti pro VCE (Vblock)} • Dodáváme bezpečnost providerům cloudu • Dodáváme bezpečnost providerům cloudu

Poskytujeme řešení „SaaS“

• Adaptivní autentizace

• Transakč_{ní monitoring} • 3D Secure

Máme vizi bezpečného cloudu

• Jsme členy CSA (Cloud Security Alliance) • Uvedli jsme ř_{ešení „Cloud Trust Authority“}

(10)

EMC IT’s Journey to the Private Cloud

% Virtualized

IT

IT--asas--aa--ServiceService IT

IT--asas--aa--ServiceService IT Production

IT Production IT Production

IT Production Business ProductionBusiness ProductionBusiness ProductionBusiness Production

Agility Agility Agility Agility Efficiency Efficiency Efficiency

Efficiency Quality of serviceQuality of serviceQuality of serviceQuality of service

75% We are here Development, Development, test and IT

test and IT--ownedowned applications applications

100% 86%

2004-08 2009-10 2011+ 15% 30% 40% Run IT as a Run IT as a business business Mission Mission--criticalcritical applications applications

(11)

VMware

Application

Deliver IT as a Service

Define Service Catalog, Publish to Self-service IT Portal

Policy/SLA-driven Management Availabilit y Security Performan ce Cost 99.99% High 0.2ms $500K S e lf -S e rv ic e IT P o rt a l S e lf -S e rv ic e IT P o rt a l 11 © Copyright 2010 EMC Corporation. All rights reserved.

EMC UIM Infrastructure Service Catalogue VMware vCloud Director Application Service Catalogue Platinum Gold Gold Silver Silver Bronze Bronze S e rv ic e IT P o rt a l S e rv ic e IT P o rt a l Service Catalog

(12)

www.EMC.com/emcit

EMC IT Journey to the Private Cloud: A Practitioner's Guide

(13)

Jaká jsou doporučení ostatních?

US Government CIO (Kundra):

•

25% of Fed IT Spend on Cloud Services NIST:

•

Guidelines on Security and Privacy in Public Cloud (800-144 Draft)

Cloud Security Alliance:

•

Cloud Assesment Initiative

„Fraud-as-a-Service“ – running in cloud

•

Trojans as a Service

(14)

Enterprise IT Public Cloud Simple Low Cost Flexible Dynamic Trusted Controlled Reliable Secure

D

ů

v

ě

ra

Virtualizace

Hlavní změny na cestě ke cloudu

Private Cloud Infrastructure

D

ů

v

ě

ra

Virtualizace

Private Cloud Availabilit y Security Performan ce Cost 99.99% High 0.2ms $500K

(15)

D

ů

v

ě

ra

Virtualizace

Private Cloud Infrastructure

D

ů

v

ě

ra

= SLA ?

Virtualizace

Private Cloud Availabilit y Security Performan ce Cost 99.99% High 0.2ms $500K

(16)

Enabling Trust in the Cloud

Enterprises Cloud Service Providers

Security & Compliance Visibility & Reporting

Identities Information Workload

Public Cloud

(17)

Creating the Trusted Cloud

Trust = Visibility + Control

Control:

•

Availability

•

Integrity

•

Confidentiality

•

Confidentiality Visibility:

•

Compliance

•

Governance

•

Risk Management 17

(18)

D

ů

v

ě

ra

Virtualizace

Private Cloud Cloud provider A Cloud provider D Infrastructure

D

ů

v

ě

ra

= SLA ?

Virtualizace

Private Cloud Availabilit y Security Performan ce Cost 99.99% High 0.2ms $500K Cloud provider B Cloud provider C

(19)

RSA Cloud Trust Authority

Identity Services

Compliance profiling …

(20)

RSA SecurBook: Cloud Security and Compliance

A technical guide for deploying and operating RSA Solution for Cloud Security and Compliance