Siauw Nam Khong's presentation at SGU Seminar and Focus Grup Discussion with theme 'Data Governance and Management for Digital Transformation, industry 4.0, and Internet of Thing'
3. Industry 4.0 Cloud Computation
Services and Solutions that are
delivered and consumed in real
time over internet are Cloud
Service
• Example : When you store your
photos online, use webmail, or
social networking site, you are
using a “cloud computing” service.
Cloud Computing is a delivery
model of computing service over
the internet
• It enables real time development,
deployment, and delivery of
broad range of products, service,
and solution
4. Information Flow in Cloud
• How to classify information?
• Which information to secure?
• What should be the basis to secure it?
• What is the value of information?
• How much to spend on securing information?
5. CIA Model
Confidentiality, Integrity & Availability
• Confidentiality: Is to protect information from accidental
or malicious disclosure.
• Integrity: Is to protect information from accidental or
intentional (malicious) modification.
• Availability: Is to make sure that information is available to
those who need it and when they need it.
6. Confidentiality
• Equivalent to privacy:
• Prevent sensitive information from reaching the wrong
people
• Right people can get the authorized acess
• Trained to guard the data with strong password
• Avoid social engineering hack
• Data Encryption
• Encrypted connection with 2 Factor Authentication:
• With biometric verification, security tokens.
• Logging, audit trails
7. Integrity
• Maintain the consistency, accuracy and
trustworthiness of data over its entire life cycle.
• Additional Digital Hash (checksums), Digital Signature
(cryptographic checksums)
• Version control to prevent erroneous changes or
accidental deletion by authorized users.
• Backups or redundancy of data.
8. Availability
• Hardware availability
• Link redundancy
• Load Balancer
• Disaster Recovery Plan
• Data Backup in different geographically-isolated
location.
• Extra security equipment or software:
• Firewalls
• Proxy Servers
• Intrusion Detecting System / Intrusion Preventing System
13. More on Network Virtualization
• Distributed Firewall
• Microsegmentation
• Logical switch
• VXLAN and logical network segmentation
• Distributed Logical Router
• A logical router that can span across all of physical hosts
• Solves traffic hairpinning – routed traffic between two VMs on the
same host never leaves the host
• Traditional routing protocols to peer your VMware
environment with the outside world
• NSX Edge
• Load balancing, VPN services, NAT, DHCP, etc.
15. Backup Strategy
One System for Any Data
• Backup Any Data: OS, VM, apps.
• Restore Any Data: bytes, blocks, bricks, objects, whole
systems
• Transfer Any Data: huge files, lots of small files, hot data,
big data
• Store on Any Data Media: disks, tapes or in the cloud
Most Complete System for Your Data
• Ensures consistency and recoverability of Your Data
• De-duplicates and compresses Your Data for efficient
storage and transmission
• Use authentication and strong encryption for security of
Your Data
• Provides monitoring, auditing, reporting, data retention and
other means of safeguarding Your Data
16. 3-2-1 Rule of Backup
https://www.youtube.com/watch?v=wLX5wEUGlE0
17. Disaster Recovery Strategy
Local
Datacenter
Real-time data
replication
• Real-time monitoring
• Web-based interface
Local Datacenter with Tier III Design, KVM &
Vmware hypervisors, Multiple OS supported
(Microsoft, Linux, Custom OS), 24x7 Support (NOC
& SOC),
HOT
Multi-site
datacenter
Real-time data
replication
Up to zero data loss
guaranteed
Immediately
recovery
Notas del editor
This is the first page. You can change the text into anything that suit your need.