1 / 20

Data Protection - Challenges and Solutions

Data Protection - Challenges and Solutions. -- Enabling transborder communications. Content. 1. Emerging Trend. 2. Mobile Internet Security. 3. Cloud Computing Security. 4. Summary. ICT Evolution Trends. ICT Evolution Trends. Software as a Service. Platform as a Service.

tambre
Download Presentation

Data Protection - Challenges and Solutions

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Data Protection- Challenges and Solutions -- Enabling transborder communications

  2. Content 1 Emerging Trend 2 Mobile Internet Security 3 Cloud Computing Security 4 Summary

  3. ICT Evolution Trends ICT Evolution Trends Software as a Service Platform as a Service Infrastructure as a Service Everything as a Service Cloud Computing Is Dissolving the Border of Data Center Corporate Border Mobility and Collaboration Are Dissolving the Border of Internet Branch Office Applications and Data Corporate Office

  4. New Security Mobility Internet More Freedom Cloud Computing More Trusted Global Internet

  5. Content 1 Emerging Trend 2 2 New IT New Security Mobile Internet Security 3 Cloud Computing Security 4 Summary

  6. 487M Smart phone taking over PC since year 2011 1.2B employees using Mobile Internet Devices in 2013 50%+ mobile devices brought by employees connect to the corporate network Sourced: IDC2009-2015 Mobile Office Forecast

  7. Challenge of Mobile Internet TOP security issues caused by smart devices connect to the enterprise 55% surveyed enterprises thought security is the biggest challenge 71% 47% surveyed enterprises have lots of customer data stored in mobile devices 47% 71% surveyed enterprises thought mobile devices increase the security issues Source: Mocana-Mobile & Smart Device Security Survey Source: Dimensional Research

  8. Mobile Security Challenges Data mixed: Corporate VS. Personal Device easy to lose Data Leakage 3000+virus 27.3% infected by Trojan Mobile Virus Security Rogue Consumer Application 50000+ Malwares No application certification rules Device Diversity Management No configuration mgmt plan NoFW/SW updates No patches/fixes

  9. Huawei Mobile Internet Security Architecture Mobile Internet SecurityPlatform • UIdesign • Application integration DMZ Intranet Device Access • Security management • Asset management Develop platform Office-based • Application compile • Application management Businessobject Workflow • Application distribution • ITservice WiFi Smart Phone PC Support platform LDAP SACG Pad VDI Access switch Non Office-based Email SSL FW Unified policy (include MDM) FW VPN Pad 2G/GPRS/3G Smart Phone MEAP server OA WiFi PC Identity Confidentiality Compliance Data Protection APP Security authentication Access Control Network Security Threat Prevention Management Security • Security management • Application management • Asset management • ITservice • Mobile sandbox • Web/Email; DLP • Anti-theft • DDoS • Network AV • Network IDS/IPS • Application monitor • Mobile strong authentication • Mobile NAC • SSL/UDPencryption • WebVPN • L3 VPN

  10. Mobile Security Solution Topology Mobile Security Solution Topology • Authentication • Terminal health check • Data separation and deletion • AV/AS/FW AAA DHCP DNS Mobile Management Console 1. MEAP Solution (B/S) SVN • Security policy management • Inventory management • Software distribution • Audit and Compliance • Data segregation • Data deletion after logout • Save, download and upload restriction MEAP Server IT Systems 2. Virtual Desktop Solution(C/S) • Secure Transmission • NAC • Network-based AV,AM • Network-based Web Security • Network-based Application Control FW VDI Servers IT Systems

  11. Data Leakage protection Data Leakage protection E2E security SVN Mobile Management Console FW At rest on device Transmitted over the air Transmitted over the perimeter Backed up on Servers • Data backup and auditing • Remote data backup • Backup data storage with encryption • Remote data access/ deletion • E2Eencrypted transmission • AES256encryption • Dual tunnel protection • Voice encryption • Content-based filtering • Content filter for Email and Webcontent • Secure segregated workspace • Mobile OS Sandbox • Local data encryption(AES256) • Access data seamless erasure

  12. Security Application Security Browser Push Mail Virtual Desk eSpace Document approval Desktop application Real time Email Online meeting Business process Schedulersynchronization Real-time communication Connect to PC Business acceptance Screen share Address book synchronization Connect to Cloud desk Data access Security attachment reading

  13. Content 1 Emerging Trend 2 Mobile Internet Security 3 Cloud Computing Security 4 Summary

  14. Security Needs Security Needs for Data Center Private Cloud Public Cloud SaaS Confidentiality Multi-tenancy Analysis Finance Network Medical HPC Data Integrity PaaS System Platform Security Management Tools Data Management User Management IaaS Files Database Others Infrastructure Security Virtual Security

  15. Data Center Security Solution Data Center Security Solution Multi-tenant Security Solution-> SaaS Security Gateway Virtualization(vFW, vIPS, vAnti-DDoS, vWAF) Computing Data Security Solution Data Security Security Management vGuard-VES KMIP SOC Network Virtualization Security Virtualisation Security Solution vGuard-vFW (inter-VM FW/IPS/AV/Redirection) Core Firewall Storage Virtual Machine Management Network Security Data Center Border Security Solution NGFW WAF IPS Anti-DDOS Cloud Service Security Delivery Solution Load Balance SSL VPN SACG(Authentication)

  16. Security Solution Security Solution • Security Manager • Components Management • VM Management • Policy update without service disruption Security-Manager VM1 VM2 VM3 VM4 App1 ------ OS1 App2 ------ OS2 App3 ------ OS3 App4 ------ OS4 • VM-Firewall • Firewall • Redirection • Edge Firewall • Border Protection • FW/IPS/Anti-DDOS vGuard(vFW、VES) vGuard(vFW、VES) Core-Switch vSwitch-2 vSwitch-1 • Data Security • Data Confidentiality • Data Leakage Prevention VM5 VM6 VM7 VM8 Switch Edge-FW/IPS App1 ------ OS1 App2 ------ OS2 App3 ------ OS3 App4 ------ OS4 SVN • Authentication • Transmission Security vGuard(vFW、VES) vGuard(vFW、VES) Core-FW • Core Firewall • Processing the redirected inter-VM traffic • AV/IPS vSwitch-2 vSwitch-1

  17. E2E Data Security E2E Data Security • Data Encryption • User data encryption—— protect from device theft & loss • Full Virtual disk encryption—— prevent data leakage • Storage space reallocation to avoid residual data leak Core-Switch Switch Edge-FW/IPS VM5 VM6 VM7 VM8 SVN App1 ------ OS1 App2 ------ OS2 App3 ------ OS3 App4 ------ OS4 • Security Transmission • Authentication • SSL Encryption Core-FW vGuard(vFW、VES) vSwitch-2 vSwitch-1

  18. Content 1 Emerging Trend 2 Mobile Internet Security 3 Cloud Computing Security 4 Summary

  19. Summary – Security Vision Intelligent Security • Adapted to a changing business environment • Effective communication between staff • Efficient expansion of business collaboration • Ability to respond quickly to customers Operational Efficiency Business Development • Protect business applications and data security • To track record of information compliance • To ensure business continuity • Rapid disaster recovery operations Business Continuity Business Security • Intelligent Security enables new generation Information and Communication Technologies such Mobile Internet and Cloud Computing • This enhances personal data protection and facilitate the transborder information interaction.

More Related