1 / 46

Asia-Pacific Information Management Conference 2012

Asia-Pacific Information Management Conference 2012. The Global Bridge of Information Management. “…What, me worry ?” ”. It’s in the Cloud…. About the Presenter. Norman K. Weiner

carla-oneil
Download Presentation

Asia-Pacific Information Management Conference 2012

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Asia-Pacific Information Management Conference 2012 The Global Bridge of Information Management

  2. “…What, me worry ?”” It’s in the Cloud…

  3. About the Presenter • Norman K. Weiner • 25 years’ experience as CIO, SVP, VP and Director providing IT strategic solutions for information management planning, operations, and consulting services • Providing IT solutions: • Healthcare • Law Firm, Legal • Education • Technology

  4. Learning Objectives Identify key issues and best practices for managing information in the cloud, virtualized,and across borders

  5. Learning Objectives • Virtualization and Cloud services • Should you know if they are in use ? • Should you care ? • Where is your cloud data ? • Should you worry ? • Why ? • Why not ?

  6. Learning Objectives • Should information management and compliance professionals outside of IT’s decision making realm have a place at the “Cloud” and “Virtualization” decision tables ? • Why ? • Why not ?

  7. Where is Your Data ? • Internal Network storage • Local PC’s • Thumb drives, USB drives • Internet websites • “In the Cloud” • Portable computers • Smart phones and tablets

  8. Cloud Computing Evolution into Varietals

  9. “Internal Cloud” Pooled computing resources within your company

  10. “Public Cloud” Pooled computing resources and services delivered to your company and others on the web

  11. “Private Cloud” Pooled computing resources on the web dedicated to one company

  12. “Mix and Match Clouds” • Hybrid:mix of public and private clouds • Managed:cloud managed by vendor • Converged: mix of client and vendor management of a mixture of any cloud types

  13. Extensive Planning and Collaboration

  14. Extensive Testing

  15. Cloud Computing Advantages * Hewlett Packard • Pay-as-you-go per user for shared hardware, software, administration and support • Flexibility for expansion or contraction • Restructure, reduce IT staffing, and costs • Ease of deployment • IT focus on service

  16. Cloud Computing Disadvantages Cloud Security Alliance (CSA), “Top Threats to Cloud Computing,” March 2010 • Abuse and nefarious use of cloud computing • Insecure application programming interfaces • Malicious insiders • Shared technology vulnerabilities • Data loss/leakage • Account, service, and traffic hijacking • Unknown risk

  17. Virtualization Enabling Platform For Cloud Computing

  18. Virtualization • It’s why the cloud exists • A new old game • CFO’s love it • IT staffs must embrace it • Records Managers shouldshudder

  19. Virtualization • Perform tasks of multiple physical computers on one physical computer • Operate multiple disparate operating systems on one physical computer • Store information outside of an organization on shared or dedicated equipment on the internet

  20. “Cloud” Must Haves • Multi-layered security • Intrusion detection – performed and certified by an independent vendor • Security - support confidentiality and required segregation of financial information • DR/BC – capabilities extend your policies and procedures

  21. Virtualization Advantages Reduced hard costs • Use of idle computing resources: • CPU, memory, storage • Fewer physical computers • Save: space, utilities • DR/BC • IT focus on delivery of service

  22. Virtualization Disadvantages • Compatibility issues • Operating system • Application software • Application integration • Stability • Increased security risk • Co-mingling information

  23. The Cloud and RIM

  24. RIM Cloud Planning Questions Should the cloud design specification include vendor’s ability to meet RIM, Compliance and Legal Hold, requirements? Are RIM, Compliance, and Legal team included in vetting vendors for cloud services?

  25. Cloud Audit Compliance • Compliance Monitoring • Document full electronic audit trail (chain-of-custody) • Keep vendor compliance statements (test them as well) • Periodic department and user testing • Compliance and remediation reporting

  26. Cloud Litigation Discovery • Does Information management policy coordinate with your discovery policy ? • Are Cloud computing services addressed ? • Is information in other countries considered? • Where is your cloud data? • Are backups and archival data included in discovery responses ? Are they indexed ? • Current ESI data map ?

  27. When information is moved to the cloud and across borders, every requirement related to Records Information Management, Compliance, Legal Hold, archiving, etc. continues, with more complexity and risk

  28. Benefits of Cloud services are widely advertised • Impact on operations are not limited to IT • Impact of change must be identified, researched, vetted, and tested to meet all enterprise requirements, not limited to IT • Cloud services require finely tuned Service Level Agreements to address every risk

  29. The Cloud brings significant change • Opportunity to reduce IT costs and improve efficiency • Reduces capital outlays • Refocuses IT assets, resources • Adds IT operational flexibility • Adds unknown risks for all

  30. Hacking • Loss of government secrets • Loss of military secrets • Industrial espionage • Loss of intellectual property • Potential physical damage • Stuxnetand Flame

  31. Which attack helicopter is the US AH-64 and which is the Chinese Z-10 Wikipedia wikipedia

  32. Both are the US AH-64 Wikipedia wikipedia

  33. China’s Z-10 Attack Helicopter Stalled in development for years due to insurmountable engineering and design issues, the Z-10 was completed after China “obtained” highly sophisticated, export prohibited, software to operate the Z-10’s flight controls and engines Ars technica

  34. Information Security Across Borders Stalled in development for years due to insurmountable engineering and design issues, the Z-10 was completed with US national treasure in the form of highly sophisticated, export prohibited, commercial intellectual property, modified to operate the Z-10’s flight controls and engines. Ars technica

  35. Disaster RecoveryBusiness Continuityin the Cloud

  36. Man Made Emergencies • Terrorist Incidents • Fires, Power Outages • Governmental Espionage • Corporate Espionage • Data Security Breaches • Data Theft • Viruses • Human Error

  37. Co-Location - Business ContinuityDisaster Recovery • Identify mission-critical applications and data • needed to keep your business operating • Include all cloud based services • Ensure cloud vendor’s • DR/BC service level • agreements satisfy • operational requirements

  38. Crossing Borders Each topic has been a component of information security and information management which crosses borders All information “crosses borders” of some kind, be it within your walls, in the cloud, and around the world. ; .

  39. Crossing Borders Across each border and behind each cloud are challenges being created you must address. Shared responsibility with others who manage and use the same data for diverse purposes. You should know these concepts. You must know their impact on your responsibilities to manage your information and to comply.

  40. Advances • Virtualization continues to advance to more computing platforms • Virtualized Smartphone • Run two copies of the phone software on the same phone. One for personal information. The other for segregated business data. VMWare and IBM. • Clouds will continue to evolve in form and functionality…

  41. More Clouds

  42. Storm Cloud Your next eDiscovery request ? Choose Cloud services carefully

  43. Mushroom Cloud You Must Engage and Partner with IT You Must Know and Care About the Cloud

  44. Thank You ! ENGAGE and PARTNER with IT Build successful relationship to manage the same information for multiple purposes

  45. Questions ? Norman K. Weiner SVP, Technology Services Kaizen InfoSource LLC (916) 290-3424 nweiner@2kaizen.com www.2kaizen.com

More Related