how safe is my business information in the...
Post on 26-Jun-2018
214 Views
Preview:
TRANSCRIPT
1Copyright © 2013. Infor. All Rights Reserved. www.infor.comCopyright © 2013. Infor. All Rights Reserved. www.infor.com 1
How Safe is my Business Information in the Cloud?
Leo Valaris Vijay RangarajanDirector CloudSuite Solutions Ecosystem Solution ArchitectInfor Amazon Web Services
2Copyright © 2013. Infor. All Rights Reserved. www.infor.com
Leo ValarisDirector CloudSuite Solutions AP/J/MEInfor
Leo has over 20 years of experience covering enterprise
software development, sales and consulting to major
manufacturing and distribution companies in ANZ.
Providing thought leadership in solution development
and proposing value-based enterprise solutions to
businesses has earned Leo respect as a Trusted Adviser
with a track record of delivering operational efficiency
improvements through the application of technology and
process re-engineering. He has achieved success in
competitive situations positioning outcomes-focused and
compelling business case proposals for change more
recently focusing on cloud and SaaS
Today’s SpeakersVijay RangarajanEcosystem Solution ArchitectAmazon Web Services
Vijay has over 16 years' of experience in Enterprise IT
solutions. Vijay oversees customers, partners, ISV's
and GSI's across APAC to architect, implement and
manage the AWS cloud computing platform, allowing
them to save money, accelerate their time to market,
and focus on their core business.
2
3Copyright © 2013. Infor. All Rights Reserved. www.infor.com
Today’s Presentation
Why Cloud and Software as a Service Matters?
Introducing Infor’s Approach to Cloud Security
Amazon Web Services Security & Compliance
Infor Security & Compliance
Questions & Answers
4Copyright © 2013. Infor. All Rights Reserved. www.infor.comCopyright © 2013. Infor. All Rights Reserved. www.infor.com 4
Why Cloud and Software as a Service Matters?
The disruptive technology advantage
5Copyright © 2013. Infor. All Rights Reserved. www.infor.com
The Analysts Say ...
"The cloud will completely disrupt the
ERP market. The world is moving to
the cloud, and it will be the most
important factor in the development of
ERP over the next 10 years or more.”
- Nigel Rayner, Gartner, (in ZDNet, “How the Cloud is Going to Reinvent ERP – and
How Long It Will Take,” Aug 2013)
23 50%
23% to 50% increasing willingness to consider
SaaS ERP **
1/5
The cloud software model will account for $1 of
every $5 spent on software *
109%
Spend on Cloud ERP will more than double
(increase by 109%) *** * by 2016
** 2009-2012
*** 2012-2017
6Copyright © 2013. Infor. All Rights Reserved. www.infor.com
• Traditional On-Premise installations delivering software to consumers
The Cloud Computing RevolutionChallenges
• Open new offices and acquire new companies without having to worry about buying servers or managing every increasing complex technology platforms
• Expand and contract seamlessly to accommodate what can often be huge seasonal or cyclical variations in demand
• Little time available for IT to be more strategic in business
• Systems fall behind and out of step of rate of technology changes
7Copyright © 2013. Infor. All Rights Reserved. www.infor.com
• The new Cloud Computing paradigm – Software as aService (SaaS)
The Cloud Computing RevolutionAdvantages
• Lower Total Cost of Ownership
• Operating vs. Capital expense
• Reduced investment Time to Value
• Achieve greater business agility
• Increase business continuity through
• Higher system availability
• Superior disaster protection
• Solutions remain current (with technological advances)
• Higher levels of security
8Copyright © 2013. Infor. All Rights Reserved. www.infor.com
On-Premise vs. SaaS
On-Premise Hosted SaaS
Networking
Storage
Servers
O/S
Middleware
Data
Applications
Networking
Storage
Servers
O/S
Middleware
Data
Applications
Networking
Storage
Servers
O/S
Middleware
Data
Applications
Own/Manage Subscribe
Infor
Subscription
Fee(per Named User)
• Licensing
• Maintenance
• Hosting
• Application
Managed
Services (AMS)
Software
Maintenance
Software
Licenses
IT Resources
Infrastructure
Hardware
9Copyright © 2013. Infor. All Rights Reserved. www.infor.com
1. Stronger Protection
2. Advanced Security Framework
3. Immediate Response to Emerging Threats
4. Continuous, Predictive Monitoring
5. Network Reliability
10Copyright © 2013. Infor. All Rights Reserved. www.infor.comCopyright © 2013. Infor. All Rights Reserved. www.infor.com 10
Introducing Infor’s Approach to Cloud Security
11Copyright © 2013. Infor. All Rights Reserved. www.infor.com
Infor CloudSuite■
Solutions
Business Vault
Cloud Motion
ApplicationApplication
12Copyright © 2013. Infor. All Rights Reserved. www.infor.com
Infor CloudSuite Powered by AWSIaaS market leader
• 5 times more compute capacity than
14 other competitors combined
• 70-75% IaaS market share
Industry compliancePublic Sector
• FERPA, FedRAMP, ITAR, FIPS 140,
FISMA
Healthcare • HIPAA
Cross Industry• PCI, ISO27001, SSAE 16
Open Architecture Support
Certified enterprise SI ecosystem • Expedite moving customers to the cloud
Speed of innovation and global expansion• Value Added Services:
CloudFormation (Provisioning), RedShift (Analytics),
CloudTrail (Audit/Logging) – 516 features added last year
• China added to Global Footprint
Cost Scalability• Low TCO
Proven over last 4 years of partnership
13Copyright © 2013. Infor. All Rights Reserved. www.infor.com
s
s
sEAM XM HCM LMS HRSD PA LTM MRM IQM Collect SCM Financials Supplier Exchange Automotive ExchangeAMSI iProcure
Support CertificationTrainingProfessional Services
Technology
PartnersChannel Partners
Regions Content delivery POPsAvailability zones
Infor Industry CloudSuites
Auto Corporate Hospitality HCM Healthcare A&D Business Rhythm Fashion F&B Equipment Distribution Public Sector
EC2 Auto Scaling Route 53 EBS RDS SQS CloudFormation Cloud Watch Workspaces
ELB VPC S3 Glacier DynamoDB CloudTrail Cloud HSM IAM
Database Shared Storage Document Storage Batch Admin Access Logging File Transfer Monitoring
ION IFS Printing Portal d/EPM/BI/BV Local.ly Motion
AWS Services
Infor Base Services
Infor Application Services
Constructing an Infor CloudSuite™
14Copyright © 2013. Infor. All Rights Reserved. www.infor.com
Infor and AWS Shared Responsibility
AWS Responsibility
Infor Responsibility
15Copyright © 2013. Infor. All Rights Reserved. www.infor.comCopyright © 2013. Infor. All Rights Reserved. www.infor.com 15
Amazon Web Services Security & Compliance
Presented by
Vijay RangarajanEcosystem Solution ArchitectAmazon Web Services
Security is Our No.1 PriorityComprehensive Security Capabilities to Support Virtually Any Workload
PEOPLE &
PROCEDURES
NETWORK
SECURITY
PHYSICAL
SECURITY
PLATFORM
SECURITY
Architected for Enterprise Security Requirements
Certifications and accreditations for workloads that matter
MTCS (SS584) Level 3
Every customer gets the same AWS security foundationsIndependent validation by experts
• Every AWS Region is in scope
• SOC 1 (SSAE 16 & ISAE 3402) Type II
• SOC 2 Type II and public SOC 3 report
• ISO 27001 Certification
• Certified PCI DSS Level 1 Service Provider
• FedRAMP Certification, HIPAA capable
AWS Foundation Services
Compute Storage Database Networking
AWS Global
Infrastructure Regions
Availability
Zones Edge
Locations
MTCS (SS584) Level 3
AWS Foundation Services
Compute Storage Database Networking
AWS Global
Infrastructure Regions
Availability
Zones Edge
Locations
Infor Compliant
solutions
• Culture of security and
continual improvement
• Ongoing audits and
assurance
• Protection of large-scale
service endpoints
Customers can still audit your AWS environment
Infor ISO
certifications
External audits
and assurance• Achieve PCI, HIPAA and
MPAA compliance
• Certify against ISO 27001
with a reduced scope
• Have key controls audited
or publish your own
independent attestationsCusto
mers
Infor and AWS take care of the heavy lifting for you
Facilities
Physical security
Compute infrastructure
Storage infrastructure
Network infrastructure
Virtualization layer (EC2)
Hardened service endpoints
Rich IAM capabilities
Network configuration
Security groups
OS firewalls
Operating systems
Applications
Proper service configuration
AuthN & acct management
Authorization policies
+ =
Customers get to choose the right level of security for their business. As a
cloud customer you can focus on your business.
You choose where to store it and who can use it
• Customers manage their privacy objectives how they
choose to
• Select the AWS geographical Region and no automatic
replication elsewhere
• Customers can encrypt their content and implement
additional controls to protect their content within AWS
Customers retain full ownership and control of their content
Customers choose where their compute and storage is located
11 Regions
28 Availability Zones
53 Edge Locations
Powering Resilient, Fault Tolerant Solutions
AWS operates scalable, fault tolerant services
Build resilient solutions operating in multiple datacenters
AWS helps simplify active-active operations
All AWS facilities are always onNo need for a “Disaster Recovery Datacenter” when you can
have resilience
Every one managed to the same global standards
AWS has robust connectivity and bandwidthEach AZ has multiple, redundant Tier 1 ISP Service Providers
Resilient network infrastructure
24Copyright © 2013. Infor. All Rights Reserved. www.infor.comCopyright © 2013. Infor. All Rights Reserved. www.infor.com 24
Infor Security & Compliance
25Copyright © 2013. Infor. All Rights Reserved. www.infor.com
SecurityInfrastructure and Application Controls
Secure Remote Access
Secure administrative access to all hosted
environments is a key component to protecting the
AWS VPC’s
Secure Access to AWS VPC
• Multi-tenant uses AWS WorkSpaces with VPC
peering
• Single tenant migrating to SecureLink to provide
access to customer-dedicated VPC’s
Duo (two-factor authentication)
• Common tool across Infor and Infor’s hosting
environments
Infrastructure Protection and Operations
Management
AWS Virtual Private Cloud (VPC)
• Amazon’s best practices
Hardened Systems
• Reliance on Center for Internet Security (CISecurity)
benchmarks
IT Service Management System
• Required change and patch management (product
and system level)
• Incident, problem and task management
Products and hosts protected with …
• Firewalls & Host-based Intrusion Protection Systems
• Anti-malware
• Web Application Firewall (future)
• Database Access Monitor (future)
Application Controls
Logging and Monitoring
• Application/DB ->Sumo Logic -> S3 -> Glacier
• Moves logs from real-time to long term (> 6 years)
storage
Encryption when appropriate
• Data at rest
• Data in transit
Standardized communications & data exchange
• Infor standards for data exchange mechanisms
Secure Development Framework
26Copyright © 2013. Infor. All Rights Reserved. www.infor.com
SecurityDevelopment Tools and Testing
Certified Ethical Hackers
Internal Infor Team
• Reporting to Information Security Officer
Broad Skillset
• Trained in latest hacking tools
• Extensive development background
• Networking experts
Advisers to Development Teams
• Demonstrate pitfalls of some programming
practices
• Show how exploits can compromise entire systems
Continuous Testing
• With flexibility to change priorities
Secure Development Framework
Building Security Into Maturity Model (BSIMM)
• Security designed into the system
Code reviews
• Applications must have code reviews (either manual,
automated or both) performed.
Vulnerability testing
Applications must perform vulnerability assessments
during development and address potential vulnerabilities.
• Tenable Nessus
• (OWASP) Zap
• BURP - optional
Independent 3rd Party Audits
Contractual and Statutory Requirements
• Required independent third party audits of our
software.
• Best practice
• ISO 27001, Cloud Security Alliance, NIST
800-53
Multiple Vendors
• WhiteHat
• Veracode (required by some contracts)
• Leviathan
27Copyright © 2013. Infor. All Rights Reserved. www.infor.com
Privacy
SecurityCompliance and Certification
Compliance
HIPAA (HealthCare)
• Established and audited an AWS single tenant
environment designed for CloudSuite HealthCare
• Auditors favorable attestation
ITAR
• Dedicated personnel to manage ITAR compliance
• All access must be performed by US-based
personnel
Best Practices
• ISO 27001
• NIST 800-53
• Cloud Security Alliance
Alignment to Privacy Requirements
• 47 Different US privacy laws
• Multiple International Laws
• U.K. and German Privacy Laws
• Safe Harbor
Security team works with various groups
• Integrated with Infor Legal to meet contractual and
regulatory requirements for a privacy matters
• Meet with AWS representatives to insure that AWS
hosting locations and capabilities meet regional
requirements
• Customer inquiries
28Copyright © 2013. Infor. All Rights Reserved. www.infor.comCopyright © 2013. Infor. All Rights Reserved. www.infor.com 28
In Summary
29Copyright © 2013. Infor. All Rights Reserved. www.infor.com
1. Stronger Protection
• Potentially costly & risky misconception of on-premise installations
• Cloud host data centre security breaches are incredibly rare
• Significant costs to achieve and maintain high security standards
accreditation & compliance
• Top-tier cloud infrastructure suppliers comply with many security
standards
• ISO 27001, U.S. Fed. & DoD, PCISSC
• CIA issued a $600m contract to Amazon
30Copyright © 2013. Infor. All Rights Reserved. www.infor.com
1. Stronger Protection
2. Advanced Security Framework
• Cloud infrastructure security frameworks scale up to cover
everyone
• Investment in staffing required to establish and maintain security
frameworks is applied broadly with consistent enforcement at a
lower cost to consumers
31Copyright © 2013. Infor. All Rights Reserved. www.infor.com
1. Stronger Protection
2. Advanced Security Framework
3. Immediate Response to Emerging Threats
• Cloud vendors can rapidly deploy a fully tested response to all
customers virtually simultaneously
• Superior coverage costs less than developing, testing and
deploying your own countermeasures
32Copyright © 2013. Infor. All Rights Reserved. www.infor.com
1. Stronger Protection
2. Advanced Security Framework
3. Immediate Response to Emerging Threats
4. Continuous, Predictive Monitoring
• Tools & staff to monitor integrations, systems availability and data
confidentiality protection is expensive
• All part of the cloud service and at a significantly lower cost
33Copyright © 2013. Infor. All Rights Reserved. www.infor.com
1. Stronger Protection
2. Advanced Security Framework
3. Immediate Response to Emerging Threats
4. Continuous, Predictive Monitoring
5. Network Reliability
• Top-tier cloud vendors with a global footprint can build far more
extensive redundancy, scalability, and unauthorised intrusion
protection
34Copyright © 2013. Infor. All Rights Reserved. www.infor.com
Infor Value Engineering
Value Discovery:
• Where can the business add or create value? Who are the
executive sponsors?
• What business processes need to be impacted (functional
scope)?
• What is the current state vis-à-vis industry peers?
• Where are the opportunities for improvement?
• What are the quantified business benefits?
• What will the go-forward roadmap look like?
Value Realization:
• How can the business case be made actionable at the operating
level?
• How should the business govern the program to achieve value?
• How will the business measure value attainment (key
performance indicators)?
• How does the implementation compare to best practices?
• How can the business derive more value from existing
investments?
Value Discovery and Value Realization
complement each other in the value lifecycle
Infor Value
Engineering
Value Discovery
Value Realization
Finalize
commercial
agreementExecutive
alignment
Go-Live
Go-Live
Go-Live
Go-Live
Infor Value Engineering works with you to identify the capabilities that can bring the greatest value, and define your blueprint for change
35Copyright © 2013. Infor. All Rights Reserved. www.infor.com
Additional ResourcesWebsite Resources
• AWS White Papersaws.amazon.com
• Infor CloudSuite micro-sitewww.infor.com/cloud
• Whitepapers, Brochures, Testimonials, Videos, etc.
Cloud Readiness Assessment
UpgradeX Program
infor.marketingasean@infor.com
infor.marketingasean@infor.com
36Copyright © 2013. Infor. All Rights Reserved. www.infor.comCopyright © 2013. Infor. All Rights Reserved. www.infor.com 36
Questions & Answers
Please direct your Questions to our hosts
37Copyright © 2013. Infor. All Rights Reserved. www.infor.comCopyright © 2013. Infor. All Rights Reserved. www.infor.com 37
Thank You
Thank you for joining our webinar today and we look forward to seeing and hearing from you all again very soon.
Leo Valaris Vijay RangarajanDirector CloudSuite Solutions Ecosystem Solution ArchitectInfor Amazon Web Services
leo.Valaris@infor.com vijr@amazon.com
top related