Upload File

cloud, big data, iot, containers...privileged user access to iot data and devices impact of attacks...

  • Home
  • Documents
  • CLOUD, BIG DATA, IOT, CONTAINERS...Privileged User Access to IoT Data and Devices Impact of Attacks on IoT Devices 24% Top Data Security Concerns for IoT 56% 55% 50% 43% 41% Encryption/Tokenization
1
RE-PRIORITIZE YOUR IT SECURITY TOOL SET 1 1 DISCOVER AND CLASSIFY 2 Cloud and SaaS break legacy IT security models – Data security with encryption and access controls across environments is required Service-based solutions and platforms that include automation are preferred for reduced costs and simplicity Get a better handle on the location of sensitive data, particularly for Cloud, Big Data, Containers and IoT DON’T JUST CHECK OFF THE COMPLIANCE BOX 3 3 ENCRYPTION AND ACCESS CONTROL 4 Move beyond compliance to greater use of encryption and BYOK, especially for cloud and other advanced technology environments Encryption needs to move beyond laptops and desktops Containers: Encrypt and control access to data – within containers and underlying storage IoT: Use secure device ID and authentication, as well as encryption of data at rest on devices, back end systems and in transit to limit data threats Data center: File and application level encryption and access controls Cloud: Encrypt and manage keys locally, BYOK enables safe SaaS, PaaS and IaaS Big Data: Encryption and access control within the environment CLICK TO DOWNLOAD REPORT FOLLOW US ON: “Without question, encryption and tokenization are seen as the top choice for securing emerging environments and in addressing concerns over data sovereignty.” —Garrett Bekker, 451 Research Principle Analyst, Information Security WHAT TO DO ABOUT IT “Most major cloud providers have larger staffs of highly trained security professionals than any enterprise, and have very high scalability and redundancy. Perhaps as a result of the recognition of these public cloud security realities, security concerns overall for public cloud are waning.” —Garrett Bekker, 451 Research Principle Analyst, Information Security “Big Data is a global juggernaut. Just as enterprises globally wrestle with determining which Big Data is potentially valuable to the organization, they wrestle as well with determining the relative sensitivity of that data, and therefore how it needs be secured.” —Garrett Bekker, 451 Research Principle Analyst, Information Security “Secure communications and data protection must be assured for each IoT endpoint, the networks that carry their data, and for the back-end systems that process the data.” —Garrett Bekker, 451 Research Principle Analyst, Information Security “Just as with the emerging IoT environment, there remains a lack of enterprise-grade security controls in most container environments today, owing largely to their relative immaturity” —Garrett Bekker, 451 Research Principle Analyst, Information Security of enterprises using advanced technologies without securing sensitive data 63% will use sensitive data in an advanced technology environment this year 93% “NEARLY TWO-THIRDS (63%) OF RESPONDENTS ADMIT THAT THEIR ORGANIZATIONS DEPLOY NEW INFORMATION TECHNOLOGIES PRIOR TO HAVING APPROPRIATE DATA SECURITY MEASURES IN PLACE.” —Garrett Bekker, 451 Research Principle Analyst, Information Security ENTERPRISES USING ADVANCED TECHNOLOGIES WITH SENSITIVE DATA ENCRYPTION AND TOKENIZATION TOP CHOICES TO SECURE ADVANCED TECHNOLOGIES AND QUELL CONCERNS OVER DATA SOVEREIGNTY CLOUD CONCERNS REMAIN HIGH 47% USING SENSITIVE DATA IN BIG DATA ENVIRONMENTS 85% ADOPTING IOT - BUT SECURITY CONCERNS REMAIN LOW IN SPITE OF EXTENSIVE FITNESS, MEDICAL DEVICE AND PHYSICAL SECURITY APPLICATIONS CONTAINER ADOPTION AT BREAKNECK SPEED SECURITY ISSUES ARE FRONT AND CENTER ADVANCED TECHNOLOGY ADOPTION CONTINUES TO DRIVE AHEAD – WITHOUT SECURITY FOR DATA CLOUD, BIG DATA, IOT, CONTAINERS SaaS IaaS PaaS Mobile Big Data IoT Containers Block Chain 2016 2017 Not Measured Not Measured 61% 48% 56% 53% Public Cloud – Customer Managed Keys Public Cloud – CSP Managed Keys IoT Containers Encryption Availability Would Increase Enterprise Adoption of Advanced Technologies Data Security Concerns for Cloud 64% 40% 36% 26% Encrypt Personal Data Collected or Processed Tokenize Personal Data Collected or Processed Migrate Customer Data to New Locations Utilize Local Hosting or Cloud Providers Enterprise Plans to Meet Data Privacy and Sovereignty Regulations 36% 30% 25% 25% Protecting Sensitive Data Generated by IoT Identifying Which Data is Sensitive Privacy Violations Privileged User Access to IoT Data and Devices Impact of Attacks on IoT Devices 24% Top Data Security Concerns for IoT 56% 55% 50% 43% 41% Encryption/Tokenization of data generated by IoT devices Secure identification and authentication of IoT devices Anti-malware IoT network Isolation Anomalous Operation Detection (Behavioral Analytics) Data security tools that would increase respondents’ willingness to implement IoT platforms in their organization’s environments. Security Breaches/Attacks at the Service Provider Shared Infrastructure Vulnerabilities Lack of Control Over Location of Data Lack of Data Privacy Policy / SLA Cloud Privileged User Abuse / Threats Meeting Compliance Requirements Custodianship of Encryption Keys Lack of Visibility into Security Practices 2016 2017 59% 57% 55% 52% 54% 47% 51% 50% 70% 66% 66% 65% 64% 62% 60% 59% Top Data Security Concerns for Big Data Security of Reports Sensitive Data May Reside Anywhere Data Privacy Violations Privileged User Access Lack of Effective Access Controls 2016 2017 44% 42% 46% 35% 36% 31% 29% 37% 40% 41% have plans to use Containers this year 87% are already in production 40% Top Data Security Concerns for Containers Security Budget Staffing Compliance 47% 44% 33% 30% Security Concerns for Containers Unauthorized Access to Containers Spread of Malware Among Containers Privacy Violations from Shared Resources Vulnerabilities in Container Images Untrusted 3rd Party Container Images Patching and Updated Containers Lack of Image Compliance Certifications 43% 39% 36% 35% 28% 25% 8% Security Controls that Would Increase Enterprise Container Adoption Encryption Anti-Malware Vulnerability Scanning Monitoring Tools for Containers Digital Signature-base Image Validation Role-based Access Controls Security Reporting Tools Image Compliance Certifications 54% 45% 42% 36% 32% 22% 18% 12% 57% 53% 49% 53% 44% 49% 34% 44% 47% 50% 31% 33% 19% 9%

Upload: others

Post on 10-Aug-2020

9 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: CLOUD, BIG DATA, IOT, CONTAINERS...Privileged User Access to IoT Data and Devices Impact of Attacks on IoT Devices 24% Top Data Security Concerns for IoT 56% 55% 50% 43% 41% Encryption/Tokenization

RE-PRIORITIZEYOUR IT SECURITY TOOL SET

11 DISCOVER AND CLASSIFY

2

Cloud and SaaS break legacy IT security models – Data security with encryptionand access controls across environments is required Service-based solutionsand platforms that include automation are preferred for reduced costs and simplicity

Get a better handle on the location of sensitive data,particularly for Cloud, Big Data, Containers and IoT

DON’T JUST CHECK OFFTHE COMPLIANCE BOX

33

ENCRYPTION AND ACCESS CONTROL4

Move beyond compliance to greater use ofencryption and BYOK, especially for cloud andother advanced technology environments

Encryption needs to move beyond laptops and desktops

Containers: Encrypt and control access to data –within containers and underlying storage

IoT: Use secure device IDand authentication, as wellas encryption of data at reston devices, back end systems and in transit to limit data threats

Data center: File and application level encryption and access controls

Cloud: Encrypt andmanage keys locally,BYOK enables safe SaaS, PaaS and IaaS

Big Data: Encryption and access control within the environment

CLICK TO DOWNLOAD REPORT

FOLLOW US ON:

“Without question, encryption and tokenization are seen as the top choice for securing emerging environments and in addressing concerns over data sovereignty.”

—Garrett Bekker, 451 Research Principle Analyst, Information Security

WHAT TO DO ABOUT IT

“Most major cloud providers have larger staffs of highly trained security professionals than any enterprise, and have very high scalability and redundancy. Perhaps as a result of the recognition of these public cloud security realities, security concerns overall for public cloud are waning.”

—Garrett Bekker, 451 Research Principle Analyst, Information Security

“Big Data is a global juggernaut. Just as enterprises globally wrestle with determining which Big Data is potentially valuable to the organization, they wrestle as well with determining the relative sensitivity of that data, and therefore how it needs be secured.”

—Garrett Bekker, 451 Research Principle Analyst, Information Security

“Secure communications and data protection must be assured for each IoT endpoint, the networks that carry their data, and for the back-end systems that process the data.”

—Garrett Bekker, 451 Research Principle Analyst, Information Security

“Just as with the emerging IoT environment, there remains a lack of enterprise-grade security controls in most container environments today, owing largely to their relative immaturity”

—Garrett Bekker, 451 Research Principle Analyst, Information Security

of enterprises using advanced technologies

without securing sensitive data

63%will use sensitive data in an advanced technology

environment this year

93%

“NEARLY TWO-THIRDS (63%) OF RESPONDENTS ADMIT THAT THEIR ORGANIZATIONS DEPLOY NEW INFORMATION TECHNOLOGIES PRIOR

TO HAVING APPROPRIATE DATA SECURITY MEASURES IN PLACE.”—Garrett Bekker, 451 Research Principle Analyst, Information Security

ENTERPRISES USING ADVANCED TECHNOLOGIES WITH SENSITIVE DATA

ENCRYPTION AND TOKENIZATION TOP CHOICES TO SECURE ADVANCED TECHNOLOGIES AND QUELL CONCERNS OVER DATA SOVEREIGNTY

CLOUD CONCERNS REMAIN HIGH

47% USING SENSITIVE DATA IN BIG DATA ENVIRONMENTS

85% ADOPTING IOT - BUT SECURITY CONCERNS REMAIN LOW IN SPITE OF EXTENSIVE FITNESS, MEDICAL DEVICE AND PHYSICAL SECURITY APPLICATIONS

CONTAINER ADOPTION AT BREAKNECK SPEEDSECURITY ISSUES ARE FRONT AND CENTER

ADVANCED TECHNOLOGY ADOPTION CONTINUES TO DRIVE AHEAD – WITHOUT SECURITY FOR DATA

CLOUD, BIG DATA,IOT, CONTAINERS

SaaS

IaaS

PaaS

Mobile

Big Data

IoT

Containers

Block Chain

20162017

Not Measured

Not Measured

61%48%

56%53%

Public Cloud – Customer Managed KeysPublic Cloud – CSP Managed Keys

IoTContainers

Encryption Availability Would Increase Enterprise Adoption of Advanced Technologies

Data Security Concerns for Cloud

64%40%

36%26%

Encrypt Personal Data Collected or ProcessedTokenize Personal Data Collected or Processed

Migrate Customer Data to New LocationsUtilize Local Hosting or Cloud Providers

Enterprise Plans to Meet Data Privacy and Sovereignty Regulations

36%30%

25%25%

Protecting Sensitive Data Generated by IoTIdentifying Which Data is Sensitive

Privacy ViolationsPrivileged User Access to IoT Data and Devices

Impact of Attacks on IoT Devices 24%

Top Data Security Concerns for IoT

56%55%

50%43%

41%

Encryption/Tokenization of data generated by IoT devicesSecure identification and authentication of IoT devices

Anti-malwareIoT network Isolation

Anomalous Operation Detection (Behavioral Analytics)

Data security tools that would increase respondents’ willingness to implement IoT platforms in their organization’s environments.

Security Breaches/Attacks at the Service Provider

Shared Infrastructure Vulnerabilities

Lack of Control Over Location of Data

Lack of Data Privacy Policy / SLA

Cloud Privileged User Abuse / Threats

Meeting Compliance Requirements

Custodianship of Encryption Keys

Lack of Visibility into Security Practices

20162017

59%

57%

55%

52%

54%

47%

51%

50%

70%

66%

66%

65%

64%

62%

60%

59%

Top Data Security Concerns for Big Data

Security of Reports

Sensitive Data May Reside Anywhere

Data Privacy Violations

Privileged User Access

Lack of Effective Access Controls

20162017

44%42%

46%

35%

36%

31%29%

37%

40%

41%

have plans to use Containers this year

87%are already in

production

40%

Top Data Security Concerns for Containers

Security Budget Staffing Compliance

47% 44%

33% 30%

Security Concerns for ContainersUnauthorized Access to Containers

Spread of Malware Among Containers

Privacy Violations from Shared Resources

Vulnerabilities in Container Images

Untrusted 3rd Party Container Images

Patching and Updated Containers

Lack of Image Compliance Certifications

43%

39%

36%

35%

28%

25%

8%

Security Controls that Would IncreaseEnterprise Container Adoption

Encryption

Anti-Malware

Vulnerability Scanning

Monitoring Tools for Containers

Digital Signature-base Image Validation

Role-based Access Controls

Security Reporting Tools

Image Compliance Certifications

54%

45%

42%

36%

32%

22%

18%

12%

57%53%

49%53%

44%49%

34%44%

47%50%

31%33%

19%

9%

https://twitter.com/thalesesecurity
https://www.youtube.com/user/ThalesEsecurity
http://www.linkedin.com/company/thales-e-security
https://www.facebook.com/ThalesTeS
https://www.thales-esecurity.com/blogentries
http://dtr.thalesesecurity.com/

(MBL303) Build Mobile Apps for IoT Devices and IoT Apps for Devices

Embedded Rust on IoT devices

Using GZIP Data Compression to Reduce Power Consumption in IoT Devices

App Development: IoT - MQTT Connects Mobile App & IoT Devices

IoT Data Collection from Control Devices€¦ · KOBAYASHI Yoshiaki IoT Data Collection from Control Devices Contact : KOBAYASHI Yoshiaki [email protected] IoT Data Collection

Wireless Charging for IoT devices

IoT on AWS - chariotsolutions.com€¦ · An AWS IoT Sensor Data Flow IoT devices with sensors IoT Core Mobile or Web Client (AWS ... Building Data Pipelines with Kinesis Keith Gregory

AI in Health Care: Critical Data Regulations · Networked Devices: IoT devices are generally vulnerable. Risk Analysis and Risk Management Access Controls Data Repositories: Large

Developing Wi-Fi® Connected IoT Devices”I can see three IoT devices with .x 1, 10.x.x.2 and 10.x.x.3" How to Transmit Data? • UDP – Connectionless data transfer – Enables

POINT OF VIEW: IOT AND ANALYTICS - VMware Blogs · POINT OF VIEW: IOT AND ANALYTICS An IoT solution ingests data from sensors and devices, the analytics component then uses this data

IoT sensor devices

FEATURES APPLICATIONS Wearable electronic & IoT devices ...products.illinoiscapacitor.com/seriesDocuments/RJD_series.pdf · APPLICATIONS Wearable electronic & IoT devices – Memory

Making IoT data consumable across all devices, environments and communication mediums

Using MATLAB with Big Data from Sensors and IoT Devices

HOW WILL DEVICE AND DATA MANAGEMENT ... - IoT Global …...04 I IoT Device & Data Management I Vol. 1, No.2 Editor’s overview IoT DEVICES SET THE CHALLENGE OF DATA WITH DESTINY The

IoT Devices And Arduino

Achieving Digital Transformation Using IoT and Big Data · 2 Digital Transformation Using IoT and Big Data Sports Data collected from IoT devices can mitigate the risks associated

Architecting the - Sciences · IoT devices Sensors Cloud IoT solutions. ... language IoT devices Sensors Cloud IoT solutions. Benefits. Making IoT seamless. Solution architecture—IoT

IoT Marketplace: A data and API market for IoT devices · IoT Marketplace is a new platform to integrate IoT applications with financial transactions ... Overview of the Proposed

Simple Steps to Secure your IoT Devices · IoT Device • Provision, manage identities • Implementing data protection • Managing encryption keys • Authenticating devices, not

ROHM IoT SolutionsROHM Group IoT Solutions When introducing IoT, the first step is to acquire sensor data from various devices and use a network to collect this data. However, many

Iot secure connected devices indicthreads

IoT Devices / Sensors Installation & Support

Packet Tracer Adding IoT Devices

Internet of Things (IoT)를위한애널리틱개발및적용...6 IoT Analytics Devices Analytics Insight Preprocess Data Data Reduction/ Transformation Feature Extraction Develop Predictive

Using Azure Data Services for Modern Data …...Azure IoT Suite: IoT Hub Connect millions of devices to a partitioned application back-end Devices are not servers Use IoT Hub to enable

Docker on IoT Devices

IoT devices Blockchain Asset Tracking

IoT Marketplace: A data and API market for IoT devices · Amazon AWS IoT, MS Azure IoT, etc. The purpose of any IoT device is to connect with other IoT devices and applications (cloud-based

Thanh Van INTEGRATING HETEROGENEOUS IOT DEVICES TO IOT

IOT Connected Devices Report

IoT Marketplace: A data and API market for IoT devices · we are seeing a surge in the number of connected IoT devices. Thus, many targeted IoT cloud and application platforms have

Big Data and use of AI in IoT - UNECE · People Behind Devices. Connected Devices. IoT Big Data AI Innovation. 5. Billion. Smart phones. Shipped in 2017 (estimate) 50 billion. Connected

IoT – Connected Devices

Building Blocks for IoT Devices