1 / 12

Secure Cloud Solutions Open Government Forum Abu Dhabi 28-30 April 2014

Secure Cloud Solutions Open Government Forum Abu Dhabi 28-30 April 2014. Karl Chambers CISSP PMP President/CEO Diligent eSecurity International. The e-Government Challenge. Securely delivering high-quality digital government information and services utilizing cloud IT solutions: Anywhere

trey
Download Presentation

Secure Cloud Solutions Open Government Forum Abu Dhabi 28-30 April 2014

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Secure Cloud SolutionsOpen Government ForumAbu Dhabi28-30 April 2014 Karl Chambers CISSP PMP President/CEO Diligent eSecurity International

  2. The e-Government Challenge Securely delivering high-quality digital government information and services utilizing cloud IT solutions: Anywhere Anytime On any device

  3. Three Key Principles to a Secure Cloud Solution Design and Build it Securely Operate it Securely Always Encrypted Data

  4. Design and Build it Securely Using Cloud Risk Management Framework (CRMF) Federal Risk and Authorization Management Program (FedRAMP)

  5. Design and Build it Securely Using Cloud Risk Management Framework (CRMF) Step 1:Categorize the Cloud Solution Step 2: Identify Security Controls to Protect the Cloud Solution Step 3: Implement the Selected Security Controls in the Cloud Security Architecture Step 4: Assess the Security Controls of the Cloud Solution using the FedRAMP process Step 5: Authorize the use of the Cloud Solution Step 6: Monitor the Cloud Solution Continually

  6. Design and Build it Securely Using Federal Risk and Authorization Management Program (FedRAMP)

  7. Three Key Principles to a Secure Cloud Solution Design and Build it Securely Operate it Securely Always Encrypted Data

  8. Operate it Securely Using Automated Continuous Security Monitoring Automated Continuous Security Monitoring is a risk management approach to Cybersecurity that: Maintains a picture of an organization’s security posture Provides continuous visibility into information assets Leverages use of automated data feeds and data analytics Monitors effectiveness of security controls Enable prioritization of remedies.

  9. Automated Continuous Security Monitoring (ACSM) Case Study – US Department of State ACSM Tool: Analytics and Continuous monitoring Engine (ACE) solution from Virtustream ACE receives and analyzes continuous inputs from: Asset Management Vulnerability Scanners Patch Management Event Management Incident Management Malware Detection Configuration Management Network Management License Management Information Management Software Management ACE provides continuous risk updates to management dashboard.

  10. Three Key Principles to a Secure Cloud Solution Design and Build it Securely Operate it Securely Always Encrypted Data

  11. Always Encrypted Data In transit between systems and locations Stored in the cloud

  12. Questions Karl Chambers PMP CISSP President/CEO Diligent eSecurity International, Inc. 1954 Airport Road Suite 233 Atlanta, Ga 30341 Karl.chambers@desintl.com 01-678-591-7764

More Related