5. Global Reach
24X7 Operations
Following Sun
57Countries.
33 Languages.
Over 400
Customers
Strong presence in Media / Life Sciences / Manufacturing /
Education Verticals
20. With the cloud you can add
thousands of servers to encode your
library fast.
Problem: Timeline overruns to support
PS3 launch
Solution: AWS’s Scale,1200 virtual
machines on-demand
Benefits:17,000 titles (80TB of data)
transcoded in days, able to support
launch
27. Infrastructure
Every Customer Gets the Highest
Level of Security
AWS Security Infrastructure
SOC 1/SSAE 16/ISAE 3402,
ISO 27001, PCI DSS, HIPAA, ITAR,
FISMA Moderate, FIPS 140-2
Your
Apps
Applications
Flexibility to Choose the Right Security
Model for Each Application
29. Atta ki g Big Data Pro le s Should ’t Be This Co pli ated
Storing Massive Data
Volumes Into A Huge Data
Warehouse
Investing In Expensive
Server Clusters To Process
The Data
30. Amazon S3
The Cloud Makes This a Lot Simpler
Load Data in
the Cloud
Organize &
Analyze Data
Visualize
Results
1 2 3
Amazon DynamoDB
Hadoop Clusters
Amazon EMR
35. Typical Deployment
Private Connections
Workload Migrations
Access Control Integration
Work with Existing
Management Tools
On-Premises Apps
Customer Data Centers
Cloud Apps AWS
Most enterprises will run a hybrid IT architecture
Some workloads will run on-premises
Some workloads will run in the cloud
Management & Integration is mixed
Workloads can be migrated back and forth
Hybrid
(not all or nothing)
36. Typical Use Cases
Prototyping and Development
Test and Staging
Data Warehousing and Analytics
Collaboration
DR/BCP and Data Archiving
Web Application Architectures
Media caching, streaming and delivery
Tried and True
Cloud-Ready
37. Cloud Risks, Both Old and New
1. Data Breaches
2. Data Loss
3. Account Hijacking
4. Insecure APIs
5. Denial of Service
6. Malicious Insiders
7. Abuse of Cloud Services
8. Insufficient Due
Diligence
9. Shared Technology
Issues
Source- Cloud Security Alliance
Cloud Computing
Top Threats in 2013
1. Accountability & Data Risk
2. User Identity Federation
3. Regulatory Compliance (CPNI, PCI, SOX…)
4. Business Continuity & Resiliency
5. User Privacy & Secondary Usage of Data
6. Service & Data Integration
7. Multi-tenancy & Physical Security
8. Incidence Analysis & Forensics
9. Infrastructure Security
10. Non-production Environment Exposure
Top 10 Cloud Risks
Source- OWASP
Governance
& Control
Measure, Mitigate, Accept
38. We Manage Your Cloud Technology Risks
A model of shared
control
responsibility
AWS
CSP
Customer
39. We do Active Risk Tracking and Mitigation
Example Risks
Impact
Rating
Mitigation
Type
Remediation/Best Practice
Effort
Level
No formal process to
assess, track and
report cloud
computing risks.
High People, Process
1. Develop a risk and reporting policy specific to Cloud
Computing.
2. Begin project work to prioritize and address findings and
mitigate risk to within acceptable limits.
Medium
Security configuration
drifts from approved
standards.
High Technology, Process
1. Develop a change control process and testing policy for
Cloud Computing resources.
2. Implement configuration reconciliation and change
detection capabilities across App (source and runtime), OS
and infrastructure.
Medium
Unauthorized access
to xxxx.
Critical
Technology, Process
1. Institute clear standards, reference designs and scanning
for all CNPI use cases.
2. Design and implement data protection and detection for
all xxxx associated systems and networks e.g. encryption
and exfiltration monitoring.
High
Uncontrolled use and
expense of cloud
resources.
High
Technology, Process
1. Institute policy and preventative measures to disallow
unapproved end-user provisioning of resources and new
accounts.
2. Inventory and track changes to CSP accounts and
resources with periodic billing reconciliation.
Low
40. Impact on Operations
A shifting Paradigm – need for
both control and agility at web-
scale
Almost everything is automatable,
for better or worse
Autonomy and self-service
Thoughtfully extend existing
policy, tools and techniques
Develop Cloud specific policy and
standards to fill the gaps
The blending of
development and
operations functions
41. Impact Beyond Operations
Organizational
Process
Technology
New skills and new training
Agility in project teams and management
Multiple hats and blurring of legacy
boundaries
Rethinking roles
Portal-based, self provisioning
Agility in deployments
New techniques for change management
Extending access and identity management
Automating workflows and key procedures
A/B Testing and QA
Mapping vendor software licensing
New techniques for monitoring and
response
Integrating support with the CSP
Changes in networking topologies
Backup, DR and high availability
Application and infrastructure event logging
42. Your Cloud Governance Initiative
• Ensure the IT Cloud Computing strategy is
aligned with business strategy and IT delivers
against the decided strategy.
• The risks associated with Cloud Computing are
periodically assessed, tracked and mitigated in-
line with the business strategy and overall risk
appetite of the company.
• To maximize the investment, benefits and agility
of Cloud Computing as a transformative
technology, while balancing the need for
vigilance and control throughout the platform
lifecycle.
To lay the foundation and framework for a
balanced approach to compliance, control,
and acceptance of Cloud Computing within
your organization.
Goal
Objectives
Strategic Alignment
Value Delivery
Risk Management
Performance
Measurement
43. Cloud Governance as a Process
Cloud Governance Board
Provides a unified,
centrally governed
approach for the Cloud
environment.
44. New Build Guidance Control
Domains
Governance
Asset Configuration and Management
Logical Access Control
Data Encryption
Network Configuration and Management
Security Logging, Monitoring and Incident Response
Disaster Recovery
✔
✔
✔
✔
✔
✔
✔
Measure,
Confirm &
Report
Workload
Onboarding
Process
Self-service
Restricted Data- Checklist, Templates & Reference Designs
Public Data- Checklist,
Templates & Reference Designs
45. Example Process Workflow
Workload
Onboarding
Process
Requestor
Cloud
OperationsITSecurity
Opens ticket and
declares use-case,
resource and data type
Instructs on reference
design and standard
requirements
Reviews and approves
use-case with additional
security requirements
Requests deployment
based and schedule and
test plan
Deploys resources, adds
to BAU monitoring
Scans to ensure standard
builds and adds to BAU
monitoring
Concludes UAT and
closes request
46. Next Steps
We will conduct a full risk assessment of the Cloud Computing Program.
Informed by the risk findings:
1. Finalize the Your Cloud Governance Structure and workflow
2. Complete the Policies and Standards for Cloud Computing
3. Ensure technical and process controls meet all policies and standards
4. Start POC of suitable use cases and show agreed results
47. Pressmart Media Limited
India
3rd Floor, MJR Arcade,
Khanamet, Gurukul Society,
Landmark: Near Meridian School,
Madhapur, Hyderabad - 500081, AP
T : +91 (40) 6612 4000
E : sales@pressmart.com
W : www.pressmart.com