Introduction to Data Science

and Machine Learning

• 27, 28, 29 December 2017

Unit 5

Overview of Cloud Security

• Data Science Track,
ETA, Infosys Ltd.

PUBLIC Copyright @ 2018, Infosys Limited 1

Copyright Guideline
© 2017-2018 Infosys Limited, Bangalore, India. All Rights Reserved.

Infosys believes the information in this document is accurate as of its publication date;
such information is subject to change without notice. Infosys acknowledges the
proprietary rights of other companies to the trademarks, product names and such other
intellectual property rights mentioned in this document. Except as expressly permitted,
neither this documentation nor any part of it may be reproduced, stored in a retrieval
system, or transmitted in any form or by any means, electronic, mechanical, printing,
photocopying, recording or otherwise, without the prior permission of Infosys Limited
and/ or any named intellectual property rights holders under this document.

PUBLIC Copyright @ 2018, Infosys Limited 2

 • Traditional Security
• What is Cloud Security?
Overview of Cloud Security • Security concerns of Cloud Computing
• Securing the Cloud
• Cloud Security Vendors
• Future trends that Impact Cloud Security

PUBLIC Copyright @ 2018, Infosys Limited 3

Challenges in traditional IT

• Achieving Zero Down time

• Scalability
• 24/7 support
• Variable Load handling

PUBLIC Copyright @ 2018, Infosys Limited 4

A suggested solution

To address issues like zero downtime, scalability, 24/7 support, variable load handling,
deploying the application on cloud will prove to be more efficient compared to traditional
client-server architecture
But, what will be the problems faced while moving from client-server to cloud computing?
• Choosing the deployment model (private, public, hybrid)
• Choosing the Service model (IaaS, PaaS, SaaS)
• Choosing appropriate security model based on service and deployment models chosen.

PUBLIC Copyright @ 2018, Infosys Limited 5

 Traditional Security

PUBLIC Copyright @ 2018, Infosys Limited

Application Security

• Application security is the measure taken throughout the application's life-cycle to

prevent exceptions in the security policy of an application or the underlying system
through flaws in the design, development, deployment, upgrade, or maintenance
of the application.
• Common threats are
– Authentication
– Session management
– Cryptography
– Configuration management

PUBLIC Copyright @ 2018, Infosys Limited 7

Server Security

• Attackers try gain access to server using

– Brute Force Attack
– Botnet
– DoS (Denial of Service)
– Cross-site Scripting
– SQL Injection
– Malware

PUBLIC Copyright @ 2018, Infosys Limited 8

Network Security

• Network security consists of policies adopted by a network administrator to prevent

and monitor unauthorized access, misuse, modification, or denial of a computer
network.
• Common Threats are
– Wiretapping
– Port scanner
– Spoofing
– Man-in-the-middle attack

PUBLIC Copyright @ 2018, Infosys Limited 9

Cloud Environment Presents new challenges

Virtual
Machine
• We have control Virtual
Machine • Who has control?
• It is located at X • Where is it located?
• It is stored in A,B • Where is it Stored?
• We have backup • Who backs it up?
• Our admins • Who has access?
control access

On-Premise On-Cloud

Security remains the #1 Inhibitor to broad scale Cloud adoption

PUBLIC Copyright @ 2018, Infosys Limited 10

Security Challenges in Cloud Computing

. Multiple API’s
API 2 Multiple Applications in Single
API 1 API 3 Server
Multiple Cloud Providers
App App
B A 1 2
Server
Server

Network
Network

PUBLIC Copyright @ 2018, Infosys Limited 11

What is Cloud Security?

PUBLIC Copyright @ 2018, Infosys Limited

What is Cloud Security?

• Cloud security
• Is a collection of processes and techniques which are formulated to protect client’s
infrastructure and data from security attacks.
• Provides protection to the delivery models
• Private cloud
• Public cloud
• Hybrid cloud
• Is the combined responsibility of the CSP and the client organization

PUBLIC Copyright @ 2018, Infosys Limited 13

Cloud Security is not

• A complete solution to protect all IT assets, data and Infrastructure.

• Something provided by the CSPs always. Always verify what is required and what is
delivered.
• Single solution approach to every security threat. Organizations can neither depend only on
firewalls to ensure security nor can they club together multiple security techniques as it
may leave some unsuspected leak areas.

PUBLIC Copyright @ 2018, Infosys Limited 14

Cloud services Security Concerns

IaaS PaaS SaaS

Cloud Enabled Data Cloud Platform Services Business Solutions on
Center Cloud
Key Security Focus : Key Security Focus : Key Security Focus :

Infrastructure and Application and Data Compliance and Data

Identity Access
• Secure shared
• Managing Identities databases • Compliance
• Patch default images • Build secure requirement
• Network Isolation applications • Secure data
• Audit and movement
compliance
Security Intelligence : Threat Intelligence, user activity monitoring, real time
insights

PUBLIC Copyright @ 2018, Infosys Limited 15

Security changes as we move from
Traditional to Cloud Model

Traditional Cloud
IT Infrastructure is the responsibility of The Cloud service providers are responsible
customer for providing IT Infrastructure

Security is customer’s responsibility and Security is CSP’s responsibility as we have

controls need to be applied aptly at each less control over resources
level
Customer has a clear visibility of IT Customer has less visibility of IT Operations
operations

Customers have complete access to data Customers have limited access to data and
and application logs application logs

Customer data and applications stays inside Customer data and applications are
company firewall exposed to outside world

PUBLIC Copyright @ 2018, Infosys Limited 16

Security concerns of Cloud Computing

PUBLIC Copyright @ 2018, Infosys Limited

Abuse and Nefarious Use of Cloud Computing

• Criminals misuse cloud fundamentals to widen their reach and make their activities
more effective .
• Feeble registrations mechanisms and poor fraud detection processes attract cloud
computing threats.
• They use cloud computing for attacking, hosting illegal data, controls the bots ,issue
them commands and farms to solve CAPTCHA (Completely Automated Public Turing
test to tell Computers and Humans Apart).
Service Models : laaS, PaaS
Remediation :
– Initial registration and validation processes should be stern
– Strong fraud monitoring mechanisms for credit card payments
– Thorough analysis of network traffic at customer’s end

PUBLIC Copyright @ 2018, Infosys Limited 18

Insecure Interfaces and APIs

• Application Program Interface (API) is a software which is exposed by CSP to help

customers to access Cloud services.
• Implementing secure APIs ensure safe Cloud Computing services.

Service Models : laaS, PaaS, SaaS

Remediation :
– Implementing robust AAA(Authentication, Authorization and Accounting) model with
encryption implied both at rest and transit.
– Choose the CSP which provides best security model
– Articulate the dependencies associated with the involved APIs.

PUBLIC Copyright @ 2018, Infosys Limited 19

Malicious Insiders

• Malicious Insiders refers to the employee/insiders of the CSP who may have full access
the client’s data.
• Such situations may give opportunities to insiders to misuse the data and may lead to
hacking
• This may impact the CSP’s brand and finances

Service Models : laaS, PaaS, SaaS

Remediation :
– Make the HR processes transparent with the clients explaining the extent of data
access at each level
– In case of security breaches, process of notifying the clients should be formulated
– Security and management processes should be made transparent with clients

PUBLIC Copyright @ 2018, Infosys Limited 20

Shared Technology Issues

• IaaS vendors offer shared infrastructure to enhance scalability

• Virtualization hypervisor isolates guest operating systems and the physical compute
resources
• Hypervisors may not be strong enough to restrict the undue access to the host systems
• Due to shared host systems, it is easy for the attackers to find ways to access the guest
machines on the same host.
Service Models : IaaS
Remediation :
– Cloud environment should be regularly monitored and undesired changes should be
notified
– Implementing robust AAA(Authentication, Authorization and Accounting) model will
ensure better access control

PUBLIC Copyright @ 2018, Infosys Limited 21

Data Loss or Leakage

Data Loss may happen due to

• Malicious attackers can erase or modify data
• Accidental deletion by the cloud service provider
• If a customer encrypts data before uploading it to the cloud, but loses the encryption
key

Service Models : IaaS, PaaS, SaaS

Remediation :
– Provide proper backup strategies
– Ensuring proper mechanisms to protect the client’s data at all stages

PUBLIC Copyright @ 2018, Infosys Limited 22

Account or Service Hijacking

• Server hijacking is done with stolen credentials

• Mechanisms like phishing can be used to get the authentication details of the users.
Also the client’s software can be vulnerable to unauthorized access
• Reusing credentials and passwords may attract such attacks.

Service Models : IaaS, PaaS, SaaS

Remediation :
– Avoid the sharing of authentication details with unauthorized users and services
– Leverage MFA(Multi Factor Authentication) to avoid unauthorized access.

PUBLIC Copyright @ 2018, Infosys Limited 23

Unknown Risk Profile

Unknown Risk Profiles include

• Who is sharing infrastructure?
• Who is going to handle configuration, patching, auditing?
• Who has the access to stored data and application logs ?

Service Models : IaaS, PaaS, SaaS

Remediation :
– The access levels for data and application logs should be defined appropriately
– Strong monitoring mechanisms should be implemented on important data and
information.
– Monitoring and alerting on necessary information

PUBLIC Copyright @ 2018, Infosys Limited 24

 Securing the Cloud

PUBLIC Copyright @ 2018, Infosys Limited

Securing the Cloud – A suggested approach

• Identity and Access management

• Web Application Security
• Network Security
• Data Security
• Virtualization Security
• Endpoint Security
• Mobile Device Security Management
• BYOD Security Management

PUBLIC Copyright @ 2018, Infosys Limited 26

Identity and Access management

• Enterprise single sign-on services

• Total authentication solution
• User provisioning services
• Identity lifecycle management - managed identity services
• Web access management services
• Managed services for security information and event management

PUBLIC Copyright @ 2018, Infosys Limited 27

Web Application Security

• Application security assessment

• Application source code security assessment
• Managed Web security
• Hosted application security management
• Secure web gateway management
• Unified Threat Management (UTM) Service

PUBLIC Copyright @ 2018, Infosys Limited 28

Network Security

• Managed identity services

• Managed and monitored firewall service
• Unified threat management
• Penetration testing services
• Managed intrusion prevention and detection services
• vulnerability management and PCI scan services
• Deployment and migration services
• Managed protection services for server

PUBLIC Copyright @ 2018, Infosys Limited 29

Data Security

• Data Loss Protection

• Enterprise Content Protection
• Hosted email and web security
• Messaging Security
• Data Security Strategy and Assessment

PUBLIC Copyright @ 2018, Infosys Limited 30

 Cloud Security Vendors

PUBLIC Copyright @ 2018, Infosys Limited

Trend Micro Inc

Business Overview:
Trend Micro Inc. is a major security solutions provider. The company was
incorporated in 1988, is listed on the Tokyo Stock Exchange, and is headquartered
in Tokyo, Japan.
Strengths:
– The company is the leader in both the Cloud Security and Virtualization
Security markets
– Its solutions provide granular fine detailed control, providing a policy-based
approach to key management and data access
Weaknesses:
– It draws the majority of its revenue, at 41 percent from Japan; thus, it has a
geographic diversification risk

PUBLIC Copyright @ 2018, Infosys Limited 32

McAfee Inc.

Business Overview :
McAfee Inc., founded in 1987, is a leading provider of network security solutions. The
company’s security products are for sectors such as Data Protection, Email and Web
Security, Endpoint Protection, Mobile Security, Network Security, Risk and
Compliance, Security SaaS, and Security Management
Strengths:
• The company’s cloud access control solution allows control over the entire lifecycle
of cloud access security, providing technologies and solutions such as strong
authentication, authorization, and audit
• Its cloud security solution allows fine granular authorization
Weaknesses:
• Some of its competitors, such as Trend Micro, provides better key management
options/features

PUBLIC Copyright @ 2018, Infosys Limited 33

 CA Technologies

Business Overview:
CA Technologies is one of the leading independent software corporations in the
world. The company has technology alliances with other players such as VMware,
Salesforce.com, Microsoft Corp., Cisco, and SAP

Strengths:
• The company acquired Arcot which has provided it with a stronger advanced
authentication technology
Weaknesses:
• Despite having a strong identity and an access control product, the solutions from
some of its competitors fare slightly better on the identity management features front

PUBLIC Copyright @ 2018, Infosys Limited 34

 Symplified Inc.

Business Overview:
Symplified Inc., founded in 2006 and based in the US, is a leading cloud identity
management provider. It provides solutions such as Symplified Access Manager,
Symplified Identity Manager, Symplified Sign-On, and Symplified SinglePoint PaaS

Strengths:
• It has a much stronger and better cloud security solutions, purposely built for
specific cloud architectures
Weaknesses:
• It is not as strong in other spaces such as application security, encryption, and
access control

PUBLIC Copyright @ 2018, Infosys Limited 35

Symantec

Business Overview :
Symantec Corporation is an American global computer security software corporation
headquartered in Mountain View, California. It is a Fortune 500 company. Products
are Control Compliance Suite, Data Loss Prevention Suite and Encryption ,VeriSign
Identify and Authentication, Symantec Web Security cloud
Strengths:
• Roaming and remote user support options are available for distributed workers.
• Provides access to a dedicated team of SaaS specialists who understand the
importance of service excellence.
Weaknesses:
• Symantec network was hacked and norton source code was stolen

PUBLIC Copyright @ 2018, Infosys Limited 36

Learning Outcomes
After going through this unit, you are able to :
• Articulate the difference in security features while we move from traditional to Cloud models
• Understand what are various security concerns in Cloud Migration and how to overcome
the same
• Choose the right cloud security vendor based on their offerings

PUBLIC Copyright @ 2018, Infosys Limited 37

Thank You

PUBLIC Copyright @ 2018, Infosys Limited 38