Cisco Blogs


Cisco Blog > Data Center and Cloud

Drivers for Managed Security and what to look for in a Cloud Provider

The first blog of this series discussing the role of data security in the cloud can be found here.

In 2014 and onward, security professionals can expect to see entire corporate perimeters extended to the cloud, making it essential to choose a service provider that can deliver the security that your business needs.

While organizations can let business needs trade down security we’ve begun to see how a recent slew of data breaches are encouraging greater vigilance around security concerns. For example, a recent CloudTweaks article highlights the need for organizations to be confident in their choice of cloud providers and their control over data. IT leaders have the power to control where sensitive information is stored. They also have the power to choose how, where and by whom information can be accessed.

An important driver in mitigating risk and increasing security is to ask the right questions.

An important driver in mitigating risk and increasing security is to ask the right questions.

Institute Control By Asking the Right Questions

However, adding to fears about ceding the control of data to the cloud is lack of transparency and accountability about how cloud hosting partner/ providers secure data and ensure a secure and compliant infrastructure.  Cloud consuming organizations often don’t ask enough questions about what is contained in their  service-level agreements, and about the process for updating security software and patching both network and API vulnerabilities.

Organizations need reassurance that a cloud provider has a robust set of policies, process and than is using automated as well as the latest technologies to detect, thwart and mitigate attacks, while in progress as well as be prepared to mitigate after an attack.

 

Read More »

Tags: , , , , , , , , , , , , , , , , ,

Data Security Through the Cloud [summary]

Is the combination of cloud computing and mobility a perfect storm of security threats?

Actually, yes. And you should prepare for them as if there is a storm coming.

As businesses become increasingly mobile, so does sensitive data. In fact, in a recent survey conducted by ESG,

31% of security professionals say that the biggest risk associated with cloud infrastructure services is, “privacy concerns associated with sensitive and/or regulated data stored and/or processed by a cloud infrastructure provider.”

Data Security Through the Cloud

 

With cloud-based services, it is key to have visibility into applications and provide consistent experience across devices accessing the web and cloud applications. More users are leaving the standard PC behind and engaging cloud applications through a mobile device, making application-layer security and user access security critical. Smartphones and tablets are able to connect to applications running anywhere, including public, private and hybrid cloud applications, opening your data to potential attacks. Security professionals need assurances that their cloud security provider will appropriately secure customer data while ensuring availability and uptime.

 

The conversation is no longer if you’ll be attacked, but when. And will you be prepared?

Read the full article: Data Security Through the Cloud

Tags: , , , , , , , , , , , ,

Data Security Through the Cloud

Is the combination of cloud computing and mobility a perfect storm of security threats?

Actually, yes. And you should prepare for them as if there is a storm coming. As businesses become increasingly mobile, so does sensitive data. In fact, in a recent survey conducted by ESG,

31% of security professionals say that the biggest risk associated with cloud infrastructure services is, “privacy concerns associated with sensitive and/or regulated data stored and/or processed by a cloud infrastructure provider.”

Data Security Through the CloudDid you know:

16 billion web requests are inspected every day through Cisco Cloud Web Security

93 billion emails are inspected every day by Cisco’s hosted email solution

 200,000 IP addresses are evaluated daily

400,000 malware samples are evaluated daily

33 million endpoint files are evaluated every day by FireAMP

28 million network connects are evaluated every day by FireAMP

Read More »

Tags: , , , , , , , , , , , ,

CIO or IT Services Broker?

In the heart of the overall shift from cloud computing as an isolated project to a central IT strategy, a particular tenet is reigning supreme: hybrid IT strategies. As cloud computing continues to evolve, new technologies are emerging to support the dynamic creation of cloud services. CIOs are increasingly feeling the need to deal with hybrid environments.  But how? Enter the rise of hybrid IT process models and the positioning of IT as a service broker.

Gartner recently identified hybrid cloud and IT as a Service broker (ITaaSB) in its Top 10 Strategic Technology Trends; they also highlighted how to move to an ITaaSB environment in their research titled: Top 10 Technology Trends, 2013: Cloud Computing and Hybrid IT Drive Future IT Models.

 
ITServiceBroker

But what exactly is an IT services broker? And how can we help make this shift?

Read More »

Tags: , , , ,

The Cisco IT Story: ITaaS with Cisco Prime Service Catalog

We had some exciting sessions featuring Cisco Prime Service Catalog at Cisco Live Milan a few weeks ago. In case you missed it, we featured two great customer case studies.

One of them was Steria, a multinational service provider headquartered in France who has deployed Cisco Prime Service Catalog and FlexPod for their cloud services and innovative Bring-Your-Own-Device (BYOD) solution: “Workplace on Command.” You can click here to download their Cisco Live presentation, and check out their written case study here.

The other customer we featured was a Fortune 100 enterprise: none other than our very own Cisco IT.  The Cisco Live presentation about their internal IT service catalog deployment (dubbed “eStore”) is here – you can also read a detailed case study write-up here.

estore1

[Screenshot of eStore: the Cisco IT deployment of Cisco Prime Service Catalog]

Adel du Toit, who heads the Cisco eStore project, wrote a blog post about Cisco IT’s initiative here last June.  Led by Adel and her colleageues, the internal Cisco IT eStore has been rapidly evolving, and has been deployed for a variety of use cases, including BYOD, mobile apps, collaboration, communications, desktop services, employee onboarding, networking, data center computing, and much more.  Powered by Cisco Prime Service Catalog together with Cisco Process Orchestrator for automated service provisioning, the eStore is the “one stop shop” for all IT services within Cisco.

estore2

[Cisco IT’s eStore: a unified IT service catalog for all internal tools, apps, and services]

Recently, the eStore upgraded to the latest version of Cisco Prime Service Catalog, version 10.0. The eStore has also rolled out a mobile user interface that allows Cisco employees to download mobile apps to increase productivity and reduce unproductive approval cycles.

estore3

[The Cisco IT eStore mobile version]

 This has enabled Cisco IT to provide a consumer-oriented shopping experience for IT services to all our employees, not unlike their experience as consumers with Amazon.com and the Apple App Store.

Interested in learning more? Join us on February 26th at 11 am EST / 8 am PST to learn more about how Cisco IT is automating IT-as-a-Service via the eStore and Cisco Prime Service Catalog. You can register here: http://cs.co/6014eN9j.

And don’t forget to follow @CiscoUM and @CiscoIT for the latest updates.

Tags: , , , , , , , , , , ,