intiGrow

 

cloud-compliance innerbanner

Cloud Compliance

A promise of significant, secured, economic & efficiency benefits

Cloud computing moves us away from the traditional model, where organizations dedicate computing power to a particular business application, to a flexible model for computing where users access business applications and data in shared environments. Cloud is a new consumption and delivery model; resources can be rapidly deployed and easily scaled (up and down), with processes, applications and services provisioned ‘on demand’. In these models the risk profile for data and security changes and is an essential factor in deciding which cloud computing models are appropriate for an organization.

 

 

Governance

Data

Architecture

Application

Assurance

Jurisdiction and regulatory requirements

Data location and segregation

Protection

Software Vulnerabilities

Operational oversight

Complying with Export/Import controls

Data footprints

Hypervisor vulnerabilities

Patch management

Audit and assurance

Compliance of the infrastructure

Backup and recovery

Multi-tenant environments

Application devices

Investigating an incident

Audit and reporting

Administration

Security policies & Identity Management

Experience of new cloud providers

 

 

 

 

 

 

 

 

 

 

intiGrow Cloud Readiness

Many of the risks identified can be managed through the application of appropriate security and governance measures. Which risks you choose to address will be different depending on your business, your appetite for risk and how costly these measures are. In many cases the complexity of securing cloud comes not just from the individual application but how it integrates into the rest of the organization.

      Define a cloud strategy with security in mind:
Identify the different workloads and how they need to interact. Which models are appropriate based on their security and trust requirements and the systems they need to interface to?

      Identify the security measures needed:
Using a framework that allows teams to capture the measures that are needed in areas such as governance, architecture, applications and assurance.

      Enabling security for the cloud:
The upfront set of assurance measures you will want to take. Assessing that the applications, infrastructure and other elements meet your security requirements, as well as operational security measures.

A promise of significant, secured, economic & efficiency benefits

 

?      We have control

?      It’s located at X

?      It’s stored in servers Y, Z

?      We have backups in place

?      Our admins control access

?      Our uptime is sufficient

?      The auditors are happy

?      Our security team is engaged

?      Who has control?

?      Where is it located?

?      Where is it stored?

?      Who backs it up?

?      Who has access?

?      How resilient is it?

?      How do auditors observe?

?     How does our security team engage?

Tomorrow’s Cloud

Today’s Datacenter

Cloud computing moves us away from the traditional model, where organizations dedicate computing power to a particular business application, to a flexible model for computing where users access business applications and data in shared environments. Cloud is a new consumption and delivery model; resources can be rapidly deployed and easily scaled (up and down), with processes, applications and services provisioned ‘on demand’. In these models the risk profile for data and security changes and is an essential factor in deciding which cloud computing models are appropriate for an organization.

Offerings

Access Management
Data Loss Prevention
Database Security
Email Security
Federated Identity Management
Identity Management
Intrusion Detection and Prevention
Multifactor Authentication
Privileged Account Management
Secure Enterprise Mobile Management
Single Sign On
Static and Dynamic Code Analysis
Vulnerability Assessment & Scanning

Access Management

Data Loss Prevention

Database Security

Email Security

End Point Protection

Federated Identity Management

Identity Management

Intrusion Detection and Prevention

Multifactor Authentication

Privileged Account Management

Single Sign On

Static and Dynamic Code Analysis

Vulnerability Assessment & Scanning