1 / 6

Cloud Security & Compliance

Cloud Security & Compliance. Presented by: Matt Stamper, CISA VP of Professional & Security Services mstamper@castleaccess.com 858-836-0224. The Cloud Environment Security Concerns The impact of multi-tenancy Can your ‘neighbors’ impact your environment?

richard-rivas
Download Presentation

Cloud Security & Compliance

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cloud Security & Compliance Presented by: Matt Stamper, CISA VP of Professional & Security Services mstamper@castleaccess.com 858-836-0224

  2. The Cloud Environment • Security Concerns • The impact of multi-tenancy • Can your ‘neighbors’ impact your environment? • How can you evaluate shared infrastructure (e.g. vulnerability assessments)? • High-profile targets? • Right to audit • Is the SAS 70 Type II audit sufficient? • Right-to-know vs. good cloud security practices • Administrative privileges & audit trails / logs

  3. Vulnerability Management in the Cloud • Challenges with PCI • PCI DSS vulnerability scans • Will the cloud service provider allow scans? • Will the scans impact service? • How do you remediate vulnerabilities of a third-party? • PCI DSS & change management • Beware of ‘PCI-Compliant’ Claims

  4. Cloud Security Standards? • Work-in-Progress • OSF / cloutage.org • COBIT • ITIL • Cloud-migration

  5. Physical Location Network Servers/OS Applications Storage Data Think about how clouds impact each layer of your security – What is happening and why?

  6. About Castle Access Castle Access is a global provider of enterprise data centers and IT managed services. We’re in the business of helping companies in industries such as healthcare, biotech, government, legal, and finance with their mission-critical IT infrastructure requirements. Our newest facility in San Diego is 88,000 square feet, SAS 70 Type II audited, carrier neutral, and 2N with regard to power infrastructure. The data center is designed to meet the most demanding requirements and provides the best uptime records in the region.

More Related