Can I Trust the Cloud?

1. Can I Trust the Cloud?W. Wyatt StarnesVP Advanced Concepts

2. Background Harris Corporation

3. More than 16,000 employees including nearly 7,000 engineers and scientists

4. $6 billion annual revenue

5. Industry leader in mission critical networked systems

6. Significant investment in Cyber Integrated SolutionsWyatt StarnesLeads research and development for Harris Trusted Enterprise Cloud and the Harris Cyber Integration CenterInstrumental in establishing industry standards for security, compliance, and systems measurementFounder and former CEO of Signacert and Tripwire36 years experience in high technology with eight startupsHarris has a 115-year history of engineering excellence, technical innovation, and customer delight.

7. The Buzz about Cloud

8. Everyone is Talking Cloud…

9. …but Which Cloud and Can I Trust it?Can I Trust the Cloud?Which Cloud?Private CloudOn premise enterprise data centerPublic CloudOff premise, multi-tenantShared resourcesCommunity CloudEnterprise membershipHybrid CloudMultiple elements of the aboveInformation Week Analytics Cloud Computing Survey, 2009. Respondents were asked: How concerned are you with the following issues as they relate to cloud computing? (range from 1 to 5)

10. Barriers to the Cloud are RealTrustCost & Control

11. What is Trust in the Cloud?

12. What is Trust?Trust - Noun. Reliance on the integrity, strength, ability, surety, etc., of a person or thing.

13. Confident expectation of something.What is Trust in the Cloud?“Trust in cloud computing is defined as the continuous monitoring of all quality of service (QoS) elements that impact business service delivery and continuity. These include supply chain provenance, life cycle integrity, governance, security, privacy and transparency.”

14. What is Trust in the Cloud?“…..….the commission supports programs such as Security Content Automation Protocol, or S-CAP, a standard which enables the automation of reporting and verifying IT security control parameters. S-CAP provides a ready method to capture, test and continuously monitor the controls and integrity settings required to achieve the respective standard and/or compliance requirements.”

15. Security ≠ TrustTraditional security methods focus on keeping bad code outHarris adds Positive Assurance enabling full integrity verification All active elements in the infrastructure are monitored and validated including servers & network components (firewalls, routers, switches)Explicit Trust through Positive Platform Assurance

16. The Pillars of TrustTRUSTSupply ChainPositive AssuranceService DeliverySecurity & Compliance

17. Building the Trusted Cloud

18. The Trusted Enterprise CloudWorld-class and purpose-built infrastructure – the Cyber Integration Center and Harris’ network of cyber facilities and operations centersBest-of-breed systems and processes – focused on virtualization, automation, a unique end-to-end service model, and customized control through the client portalTrust Enablement Technology – continuous monitoring and assessment of the device and software supply chain using our Global Trust Repository of 3 billion (growing by 3 million a day!) industry standard reference images and external vulnerability feedsApplication Data and Signature Database+2000 other vendorsGlobal Trust Repository(GTR)Enterprise Trust ServerCompliance AssessmentReferenceConfigurationsReportingInventory ReportsChange ReportsCompliance ReportsNotificationsIT InfrastructureEcommerce Service

19. Trading Service

20. Virtual Infrastructure

21. Web Servers

22. Database Servers

23. File Servers

24. Directory ServersThe industry’s first enterprise-grade, high-assurance cloud computing solution

25. Proof that the code was actually built by the named supplier is a crucial element of software and device validation or attestationTrust and Supply ChainDo I know that the software elements that I am loading and running on my platform ARE what they say they are?What proof do I have that the code I am using was actually built by the named vendor?Is an increasing concern for software & hardware vendors and users in all sectors

26. Cyber Integration Center100,000 sq ft dedicated facility

27. Buffered VA location

28. Operations support ISO 20000, ISO 27001, SAS70 Type 2, NIST 800-53-High

29. Three secure data rooms

30. IT capacity > 340 W/sq ft

31. On site Client Operations & Security Center

32. LEED Silver designed

33. Green construction

34. Five, 500 ton, high efficiency centrifugal chillers

35. Chemical free cooling water reuse

36. Green IT Audacious Idea AwardTwo physically diverse telecom pathways Two water sources used for coolingDual power sources from two separate substationsNine generators for backup power100’ perimeter security fence with intrusion detection

37. Interior and exterior motion-activated video monitoring

38. Biometric access scanners and man-trap portal

39. 24/7/365 on-site security guards & video surveillanceDelivering Cyber Assurance Through Continuous Monitoring and ControlAutomation, Vulnerability Identification & Software Authenticity ValidationExplicit TrustAutomated Positive Platform Assurance and S/W Supply Chain validationS-CAP:Security Content Automated ProtocolConfiguration Management & Vulnerability AssessmentHigh Fidelity Software SignaturesSecurity Foundation is NIST SP800-53 (High Impact)Security Tools & Components (Based on SP800-53)Log MonitoringIntrusion PreventionAnti-MalwareDLPOtherFoundationAutomated Defense In Depth Security Controls via NIST SP800-53/37Risk Management – NIST SP800-37Complete Cyber Assurance

40. Marquee Facility Backed by a Global Support NetworkHarris Cyber Integration CenterMultiple Harris Cyber facilities

41. CapRock, GCS & Other network backbones

42. 24/7/365 field support locations

43. Readily Accessible Partner Facilities

44. 18 Teleports Across 6 Continents

45. 6 Network Operations Centers (24x7)

46. 83 PoPs on Global Terrestrial Network

47. 140 Countries ServedBuilding Your Cloud

48. Choose the Cloud That’s Right for YouHarris Trusted Enterprise Cloud™Trusted Dedicated CloudClient ATrusted Dedicated CloudClient BTrusted Dedicated CloudClient CVPN or VPLSTrustedPrivateCloudTrusted Multi-Tenant CloudClient AClient BClient CClient EnterpriseCyber Integrated Solutions Client Operations & Security CenterChoose the elements of your cloud. Manage as one system.

49. Choose the Cloud That’s Right for YouHarris Trusted Enterprise Cloud™Three core components to create the cloud architecture that is right for your enterprise

50. Each component features:

51. Cloud Infrastructure as a Service (IaaS)

52. Harris Trusted Enterprise Cloud security controls and trust enablement technology

53. Embedded continuous monitoring

54. Control & management via the Cyber Operations and Security Center (COSC)Trusted Dedicated CloudClient ATrusted Dedicated CloudClient BTrusted Dedicated CloudClient CVPN or VPLSTrustedPrivateCloudTrusted Multi-Tenant CloudClient AClient BClient CClient EnterpriseCyber Integrated Solutions Client Operations & Security CenterChoose the elements of your cloud. Manage as one system.

55. Trusted Enterprise Cloud ConfigurationsHosted cloud infrastructure for provisioning on demand

56. Secure multi-tenant or dedicated single tenant infrastructure

57. Hosted private cloud

58. Public cloud

59. Designed to exceed the VCE VMDC 2.0 Reference ArchitectureTrusted Dedicated CloudClient ATrusted Dedicated CloudClient BTrusted Dedicated CloudClient CVPN or VPLSTrustedPrivateCloudTrusted Multi-Tenant CloudClient AClient BClient CClient EnterpriseCyber Integrated Solutions Client Operations & Security CenterChoose the elements of your cloud. Manage as one system.

60. Trusted Private CloudOn-premise cloud – remotely managed by Harris Client Operations and Security Center

61. Capacity and agility benefits of cloud computing with the control of on-premise equipment

62. Harris trust enablement technologies

63. Eases migration path to the cloudTrusted Enterprise CloudTrusted Dedicated CloudClient ATrusted Dedicated CloudClient BTrusted Dedicated CloudClient CVPN or VPLSTrustedPrivateCloudTrusted Multi-Tenant CloudClient AClient BClient CClient EnterpriseCyber Integrated Solutions Client Operations & Security CenterChoose the elements of your cloud. Manage as one system.

64. Key Features & Benefits

65. You Can Trust the Cloud!

66. You Can Trust the Cloud!

67. You Can Trust the Cloud!“The Harris Trusted Enterprise Cloud clearly offers advanced security and trust capabilities far in excess of what you'd normally find in the vast majority of enterprise IT environments. It's arguably much better than you could do yourself, or – at least – do in a reasonable fashion.”“They created a purpose-built enterprise cloud that was arguably orders of magnitude more secure and more trusted than anything an IT environment could do for themselves.”“You'll see, it's far far better in many regards.”

68. Trust In The CloudThe industry’s first enterprise-grade, high-assurance cloud computing solutionWorld class partners providing best of breed technologyCyber integration expertise to cost effectively meet the unique needs of your businessTrust enablement technology that goes beyond security to unprecedented visibility and control of your infrastructurewww.cyber.harris.com

69. Thank [email protected]

Can I Trust the Cloud?

More Related Content

What's hot (20)

Similar to Can I Trust the Cloud? (20)

Recently uploaded (20)

Can I Trust the Cloud?