Cisco Blogs


Cisco Blog > Data Center and Cloud

Securing Cloud Transformation through Cisco Domain Ten Framework v2.0

Businesses of all sizes are looking for Cloud solutions to solve some of their biggest business and technology challenges—reducing costs, creating new levels of efficiency, transform to create agile environment and facilitate innovative business models. Along with the promise of Cloud comes top concern for Security. With rise of applications, transactions and data in the Cloud, business are losing control and have less visibility on who and what is moving in and out of the business boundaries. 

Any  transformation initiative with Cloud, whether a private, hybrid or public, with early focus on security from architecture, governance, risks, threats and compliance perspective can enable the business with a compelling return on investment with a faster time to business value – regardless of geographic, industry vertical, operational diversity or regulatory needs.

Here, I would like to bring to your attention on Cisco Domain Ten framework v2.0 and my blog on What’s New in Cisco Domain Ten Framework 2.0 that is born from Cisco’s hard won experience of deploying both private, hybrid and public Cloud environments, Cisco has developed the Cisco Domain Ten framework and capabilities to help customers accelerate IT transformation.

The Cisco Domain Ten does not prescribe that customers must build each domain into their strategy – rather it provides guidance on what aspects should be considered, what impacts should be identified, and what relationships exist between domains.  Cisco Domain Ten framework 2.0, we can establish the foundation of a true IT transformation and the factors you need to consider for success. Key is to identify, establish and track strategic, operational and technological outcomes for IT transformation initiates. A major thrust of the Cisco Domain Ten is to help customers strategize for transformation vision, standardize their technology components and operational procedures, and automate their management challenges, to deliver on the potential of IT Transformation– covering Internet, Branch, Campus and Data Center environments.

Security consistently tops CIO’s list of cloud concerns. The security domain highlights identification of security and compliance requirements, along with an assessment of current vulnerabilities and deviations from security best practices for multisite, multitenant physical and virtual environments for one’s IT transformation vision.

Security should be a major consideration in any IT transformation strategy. The architecture should be designed and developed with security for applications, network, mobile devices, data, and transactions across on-premise and off-premise solutions. Moreover, security considerations for people, process, tools, and compliance needs should be assessed by experts who understand how to incorporate security and compliance safeguards into complex IT transformation initiatives.

Security is an integral part of the Cisco Domain Ten framework, applies to all ten domains, and provides guidance to customers on all security aspects that they needs. Our Senior Architect from Security Practice – Ahmed Abro articulates well in Figure – 1 Cisco Domain Ten Framework with Security Overlay that there are security considerations for all ten domains for Cloud solutions.

 d10secoverlay

Figure – 1 Cisco Domain Ten with Security Overlay

Now that we understand how Cisco’s Domain Ten Overlay approach that helps one to discuss security for each domain of Cisco Domain Ten Framework, let’s now talk about the how Cisco Domain Ten aligns with Cloud Security Alliance’s (CSA) Cloud Control Matrix to discuss the completeness and depth of the approach.

CSA Cloud Control Matrix Alignment with Cisco Domain Ten

Application & Interface Security

  • D-8 – Application

Audit Assurance & Compliance

  • D-10 – Organization, Governance, processes

Business Continuity Mgmt & Op Resilience

  • D10 – Organization, Governance, processes

Change Control & Configuration Management

  • D10 – Organization, Governance, processes and
  • D-3 – Automation

Data Security & Information Lifecycle Mgmt

  • D-9 – Security and Compliance

Datacenter Security Encryption & Key Management

  • D-9 – Security and Compliance and
  • D-1 – Infrastructure

Governance & Risk Management

  • D10 – Organization, Governance, processes

Human Resources Security

  • D10 – Organization, Governance, processes

Identity & Access Management

  • D-4 -- Customer Interface

Infrastructure & Virtualization

  • D-1 – Infrastructure and Environment and
  • D-2 – Abstraction and Virtualization

Interoperability & Portability

  • D-7 – Platform and
  • D-8 – Application

Mobile Security

  • D-8 – Application and
  • D-1 – Infrastructure and Environment

Sec. Incident Mgmt , E-Disc & Cloud Forensics

  • D-9 – Security and Compliance and
  • D10 – Organization, Governance, processes

Supply Chain Mgmt, Transparency & Accountability

  • D10 – Organization, Governance, processes
Threat & Vulnerability Management
  • D-9 – Security and Compliance

 Table – 1 CSA Cloud Control Matrix Alignment

with Cisco Domain Ten Framework

From above table, one can see that Cloud Security Alliance Cloud Control Matrix and Cisco Domain Ten aligns well and it also highlights key facts that many areas such as Mobile security requires one to focus on Application and Infrastructure (network, virtual servers), etc to address security needs. One should also note that Cisco Domain Ten’s focus on Catalog (Domain 5) & Financials (Domain 6) that highlights security specific SLA and assurance discussions for security controls.

Now that that we discussed, Cisco Domain Ten approach for Security, In the next blog, I would try to discuss how Cisco Service’s focus on the strategy, structure, people, process, and system requirements for Security can help business address an increasingly hostile threat environment and help successful migration to Secure Cloud based transformation. We will also discuss current questions in business asks or should ask to understand security and privacy in the vendor’s agreements.

 

Tags: , , , , , , , , , , , , , , , , , , , , , ,

Ask the Data Center Expert: Data Center and Cloud Trends in Asia

The following excerpts are from an interview with Bernie Trudel, Asia Pacific Regional Data Center and Cloud CTO, Cisco Systems, Inc.

As someone whose world is dominated by cloud, data center, privacy, and compliance, it was exciting to meet a long-term expert with the same-shared interests. Bernie Trudel has been with Cisco for 17 years, and in addition to his role as Regional CTO, he is Chairman of the Asian Cloud Computing Association, an industry organization dedicated to making cloud computing a reality across Asia Pacific (APAC) by addressing the needs for common platforms. He shared his ideas with me on key regional trends,  security to accelerate cloud adoption, and the future of the data center.

What are the key regional trends?

Increasingly APAC countries are adopting a national broadband policy driven by a combination of the adoption of cloud and the ubiquity of personal computing. There is a strong focus on data sovereignty and privacy in response to emerging data privacy legislative measures in Singapore, Malaysia and the Philippines and also greater awareness around consumer’s rights to protect private data. International connectivity is also emerging as an issue as smaller countries rely on networks that cross geographic borders.

Many of these trends are measured in the Cloud Readiness Index, which uses 10 parameters that focus on risk, power, sustainability, and other metrics to assess readiness across the region.

Read More »

Tags: , , , , , ,

Preventative Medicine or Emergency Surgery? Healthcare and the Cloud

While Cloud Computing is getting the majority of the headlines within the IT industry, it could easily be argued that no industry is going through as much change as Healthcare. Whether it’s Healthcare reform in the United States, the rollout of Telemedicine solutions (by corporations and municipalities), or online collaboration to educate and discuss outbreaks and crisis, the business of keeping people well is going through radical change. Not only are the economics of Healthcare being forced to change, but so to is the technology that allows doctors to deliver care, medical records to be stored and researchers to find the next cure.

This past week I had the opportunity to present at the NCHICA “Health Information in the Cloud” along with experts from industry, technology, law and standards-bodies. The conference focused on many aspects of Healthcare + Cloud, including HIPPA standards, Legal and Compliance considerations, Security, Deployments in Public vs. Private Clouds, offerings from Managed Service Providers and real-world case studies (presentations can be found here and here). The presentation we gave focused on the infrastructure required to build Private Cloud.

Read More »

Tags: , , , , , , , ,