Security, Compliance and Hardware Security Modules in Cloud Foundry
Many companies are making big investments in Cloud Foundry with providers such as Pivotal, IBM Bluemix, and GE Predix. The Cloud Foundry platform-as-a-service makes it easier for companies to build, test, and deploy applications more quickly – allowing them to focus on adding business value. This webinar will give an overview of how developers can build enhanced security into their applications using hardware security modules as the root of trust for their encryption and cryptographic operations.
RecordedJun 2 201643 mins
Your place is confirmed, we'll send you email reminders
Stan Mesceda, Senior Product Manager at Gemalto and Julian Fay, CTO at Senetas
Today enterprises and service providers are increasingly using network functions virtualization (NFV) and software-defined networking (SDN) technologies to design, deploy and manage their networks and cloud-based services. These software-based technologies give organizations cost and operational benefits because they move network functions from dedicated hardware appliances to virtual servers. These same technologies can be now be applied to how encryption is deployed and managed to protect sensitive data and communications the flow across SD-WANs.
In this webinar you will learn about:
•What is the best network fit for virtualized encryption
•How to implement a virtual network encryption appliance in software-defined network
•What are the cost, operational and performance benefits of virtual encryption
•What it means to be transport layer independent and how you can protect network traffic simultaneously across Layers 2, 3 and 4
Gary Marsden, Senior Director of Data Protection Solutions at Gemalto and William Fellows, Research VP 451 Research
Digital transformation is a critical part of an enterprise business strategy. However, for many organizations, having more digital assets introduces major headaches due to the complexity of technologies, the lack of available and affordable skills and the ever-changing security threat landscape. The ability to use cloud based solutions to service digital strategies is helping reduce costs but is also increasing risks, isolating data and reducing controls.
Many MSPs have recognized this as an opportunity and are building business plans and service strategies to help their customers. Being the one-stop shop for applications, cloud services and related security aspects is a path that is actively being trodden by MSP’s, MSSP’s and traditional resellers alike. According to 451 Research, it is about a “sell with” approach by addressing business requirements with security “built-in”. In this joint webinar, our guest William Fellows, 451 Research analyst will provide new research results this related data points and discuss how the cloud is creating opportunities as well as challenges. The interactive Q&A style webinar will cover:
• A current view of the cloud’s impact on digital transformation
• Opportunities for MSPs to expand service portfolios and generate new revenue streams
• What a true “sell with” partnership looks like
• Technology enabling this new sales and marketing strategy for MSPs
William Fellows is a co-founder of The 451 Group. As VP of Research, he is responsible for the Cloud Transformation Channel at 451 Research.
Gary Marsden: Senior Director of Partnerships at Gemalto
2018 has started off as an eventful year with data breaches at Saks Fifth Avenue, Lord & Taylor and Under Armour’s MyFitnessPal app. And it will continue to be a catalyst year for data security with the 25th of May deadline for the European Unions’ General Data Protection Regulation, which regards “privacy as a fundamental human right and to protect it as such.” Data exposed or breached is not only a headache for security teams, but also impacts brand reputation, customer confidence and stock prices.
Gemalto’s 2017 Breach Level Index found 2.6 billion records where compromised in 2017, a 88% increase from 2016. In this webinar our expert, Jason Hart, will walk attendees through the most shocking 2017 stats, new data breach tactics and how companies can manage risk by mapping out where your data resides. Join us to learn more about:
-Internal threats and misconfigured cloud databases
-Growing security threats like data integrity attacks
-Innovative technology that is solving some of these issues
-What we have in store for 2018
John Ray, Product Management and Danna Bethlehem, Product Marketing Gemalto and Josh Chambers, Product Management at F5
Securing and monitoring your network and cloud environments has changed over the past few years and compliance and government regulations will add to it. Network traffic monitoring tools have been presented as a solution to meeting compliance and performance on a network. But monitoring alone is not enough. In terms of security, companies need to holistically secure their network, cloud and data, no matter where their users are accessing from.
This joint webinar between F5 and Gemalto will help attendees prepare for the next-generation of secure network access as more data resides in more places with more people accessing it. It will also walk them through the integration between F5 and Gemalto and what options this partnership offers.
In this webinar, you will earn how to:
•Reduce the risk of breaches by ensuring that only authorized users are accessing network, using the F5 environment as an example
•Protect & encrypt your customer data
•Manage secure cloud access
•Comply with regulations
Paul Lockley, VP of Partnerships at Device Authority and Gorav Arora, CTO Office Director of Products
One of the biggest obstacles to IoT adoption is security. Our recent survey found 65% of consumers are concerned about hackers controlling IoT devices and 60% worry about their data being stolen. Recent widespread attacks using IoT device vulnerabilities has also highlighted how interconnected the system is and one weak link creates a ripple effect Securing the identities of both humans and machines, access to the devices and protecting the integrity of the data and device opens the door to more opportunities. For example, the ability to manage blockchain identities and data security policies across any IoT deployment.
In our joint webinar with Device Authority, our experts will outline how security by design methodology helps future proof IoT deployments. They will have an open conversation and a question and answer session on topics that customers are dealing with, related news topics, compliance and government regulations, business opportunities and technologies that are changing the game. Join us to hear more about how using the security by design approach can help:
•Identify and manage risks and challenges in the short and long term
•Prepare for legislation and compliance
•Create new opportunities for a secure blockchain-based IoT
•Leverage new technology like machine learning and analytics
The security challenges of companies large and small is changing. This is especially pronounced in the access management space as IT admins and CISOs are faced with more identities and devices across a growing number of cloud applications. In our recent survey, we found 72% of respondents found cloud access management tools as a solution to reducing the threat of large scale data breaches, while 62% highlighted the tools ability to help simplify the login process for their enterprise users.
In an organization, individuals dealing with security have different goals and objectives. Aligning them can be a challenge. We will look at the priorities of the user, IT teams and CISOs – where they are linked and where they diverge. To build effective risk-based access policies, you need to start with a living IAM strategy that takes into account geolocation, threats, unusual behavior and scenario based data. Using policy-based access management, internally and externally for example in the cloud, is helping enables aligning the different security teams in an organization and automate and simplify the log-in process for users as well. During the webinar attendees will walk away with an understanding of:
-Analyzing personas within your organizations security team to improve IAM solution implementations
-Things to consider when building your access management strategy
-Building risk-based access management policies across multiple applications or cloud environments
With a growing number of cloud apps in use, more employees working remotely increasing the need for stronger authentication. This is driving IT decision makers to find ways to ‘consumerize’ the login process. To get a better understanding of access management challenges and views on the industry Gemalto surveyed 1,000 IT decision makers to compile the 2018 Identity and Access Management Index. During this webinar, we will share some of the fascinating key findings that will shape cybersecurity and the way enterprise IT professionals evaluate and implement access management technology. Join us to learn more about:
•2018 key findings and trends
•How consumerization of IAM can be achieve in the enterprise security space
•How organizations can maintain security while lowering barriers to authentication
•Evolution of IAM Trends: A look at the historical numbers compared to the new findings
Larry Ponemon, Chairman and Founder of the Ponemon Institute and Jason Hart, CTO office for data protection
95% of companies have adopted cloud services but the 2018 Global Cloud Data Security Survey found there is a wide gap in the level of security precautions applied by companies in different markets. Organizations admitted that on average, only two-fifths (40%) of the data stored in the cloud is secured with encryption and key management solutions. This is disturbing since only a quarter (25%) of IT and IT security practitioners revealed they are very confident they know all the cloud services their business is using,
The reality is cloud creates challenges in knowing where your data resides and what or who has access to it. In 2018, breaches like Uber and Accenture occurred because of improperly configured security for web and cloud applications that were connected to a company’s network. A major catalyst to address this is upcoming regulations and compliance, which are trying to catch up with cloud adoption. Over the next few years, companies will be faced with more complicated and intricate auditing to demonstrate security and privacy best efforts in the cloud.
During this webinar, Larry Ponemon, Chairman and Founder of the Ponemon Institute, and Jason Hart, CTO of Data Protection, will walk attendees through the research methodology, key findings and how things have changed over the past couple of years. Join us to learn more about:
-2018 Global Cloud Data Security Findings
-Compliance and cloud security: How will this work?
-A shift in the budget: Where is IT spending their money?
-Country breakdown of IT cloud security: Who is doing the best?
-What can you do to secure the cloud and comply with regulations?
Mor Ahuvia, Authentication Product Marketing at Gemalto
Organizations with Microsoft environments, such as Azure or Office 365, are inclined to implement Microsoft’s native access management solutions (namely, Azure AD and AD FS). Defaulting to Microsoft’s cloud SSO solutions may appear to be the best choice, a closer examination of these solutions reveals critical downsides, as well.
Join this webinar to learn the five things to consider before implementing Microsoft’s access management solutions. You will also see a demo of how you can centrally define access management policies (including cloud SSO and step-up authentication) for Microsoft and 3rd party apps with a vendor agnostic-solution.
Jean-Pierre Mistral, Director of Global Data Privacy and Alex Hanway, Encryption Product Marketing
Join us for a new webinar in our series focused on helping companies prepare for the upcoming global government regulations, like European General Data Protection Regulation (GDPR). Data sovereignty, especially for cloud-first companies, is becoming an important part of any security strategy as these data breach regulations go into effect next year. Being able to demonstrate best efforts to protect the privacy of an individual’s data will be a requirement and non-compliance will have hefty monetary ramifications.
This webinar will walk attendees through what Gemalto has already done and is doing to prepare for data privacy regulations from product management to sales operations and more. Our Director of Global Data Privacy, Jean-Pierre Mistral, will share how and what we have done, takeaways and timelines and Alex Hanway, Product Marketing, will cover the different technologies companies can use to mitigate the risk of non-compliance and what this means for business operations globally.
Join us to hear more about:
•What is GDPR?
•Case Study: A look at how Gemalto has prepared for GDPR
•The implications for local businesses and technologies that can help mitigate risk around complying with data privacy regulations
Jean -Pierre Mistral, Legal Counsel for Data Privacy and Graeme Pyper, Regional Director of Enterprise and Cybersecurity
Join us for part two of our webinar series focused on helping companies prepare for the upcoming Australian Privacy Act and global government regulations, like European General Data Protection Regulation (GDPR).
Data sovereignty, especially for cloud first companies, is becoming an important part of any security strategy as these data breach regulations go into effect next year. Being able to demonstrate best efforts to protect the privacy of an individual’s data will be a requirement and non-compliance will have hefty monetary ramifications.
This follow up webinar will walk attendees through what Gemalto has already done and is doing to prepare for data privacy regulations from product management to sales operations and more. Our legal counsel for global data privacy, Jean-Pierre Mistral, will share how and what we have done, takeaways and timelines and Graeme Pyper, Regional Director for New Zealand and Australia, will cover the different technologies companies can use to mitigate the risk of non-compliance and what this means for business operations globally.
Join us to hear more about:
•The Mandatory Data Breaches scheme
•Case Study: A look at how Gemalto is preparing for Australia’s NDB & GDPR
•The implications for local businesses and technologies that can help mitigate risk around complying with data privacy regulations
Danna Bethlehem, Director Product Marketing, Gemalto
The deadline to comply with Payment Card Industry Data Security Standard (PCI DSS) 3.2 is quickly approaching, leaving many businesses scrambling to understand and meet compliance requirements. Join us for an hour and learn more about the mandate and how you can prepare and be ready by February 2018.
This webinar will discuss and provide helpful information on the upcoming mandate including:
•Overview of PCI DSS 3.2
•What is new in PCI DSS 3.2 and what that means for your business
•Comprehensive solutions that will help you ensure compliance
•Mapping solutions to the needs of your department
Please visit our BrightTalk channel to register for the webinar.
Eric Hanselman, Chief Analyst at 451 Research and Michael Gardiner, Security Lead for CTO office, Gemalto
The cloud provides organizations with elasticity and speed and by 2018 60% of an enterprises’ workloads will run in the cloud says 451 Research. The amount of business operations running in the cloud means organizations have more cloud computing service providers, with a typical enterprise having roughly six. This requires companies to develop and implement a multi-cloud strategy, especially when it comes to security. But each CSP has its own security offerings and integrations sometimes making the process confusing and complex. Even prior to the cloud, encryption and key management have presented challenges for many organizations, but with encryption becoming ubiquitous – a strong key management strategy is key. This is especially important with industry mandates and government regulations like European General Data Protection Regulation (GDPR) and U.S state data breach disclosure laws.
In this joint webinar with 451 Research, we will cover topics including:
-Building a multi-cloud security strategy for encryption and key management
-Best practices, benefits and pitfalls of managing your own security
-Impact of regulations on data protection in the next few years
-Understanding the different CSP requirements for key management:
oCustomer-Supplied Encryption Key (CSEK)
oBring Your Own Key (BYOK)
oHold Your own Key (HYOK)
oGeneral cloud service provider key management services overview
Eric Avigdor, Director of Product Management at Gemalto
With the deadline for DFARS (Defense Federal Acquisition Regulation Supplement) quickly approaching, many business are scrambling to meeting compliance requirements. An important part of DFARS addresses the need for strong, two-factor authentication, as well as physical access controls to organizational information systems, equipment, and the respective operating environments to authorized individuals.
Are you prepared? If you’re like many other government contractors and subcontractors, a little advice may be needed to navigate the waters of physical and user access controls.
Gemalto’s Identity and Protection expert, Eric Avigdor, will be present and informative look at DFARS and what options are available to ensure compliance. What Eric will discuss:
•Overview of DFARS mandate
•Use cases – our experience from the field
•Comprehensive solutions that meet the multi-factor authentication and physical access controls required by the DFARS mandate
•Mapping solutions to the needs of your department
Blockchain technology is popping up everywhere from the currency market to smart contracts. The growth in the technology is evident from the investments being made, for example, PwC estimated that in the last nine last nine months of 2016, $1.4 billion had been invested globally in blockchain startups. This stems from its potential to enable efficiencies and cost-saving opportunities based on moving to a decentralized approach and away from the current centralized systems. With all the hype around blockchain, companies need to cut through the hype and ask the question - when does blockchain actually make business sense?
Blockchain is not a silver bullet and cannot solve every problem. There is also the added complexity of managing the security of many distributed nodes can only be justified by gaining business benefits from using blockchain. In this webinar, we will look at a business qualifying approach to blockchain to help you evaluate valid blockchain use cases and identify the security needs surrounding blockchain operations. Join us to learn more on:
•Securing blockchain from the edge to the core
•The operational benefits and pitfalls of blockchain technology
•Our 4 step qualification process for blockchain business opportunities:
1.Is there an established business process?
2.Are there more 3 parties involved – i.e. is it a distributed problem?
3.Is it important that the data being exchanged is trusted and considered to be factually accurate?
4.Would automation improve the performance of the process?
The explosion of cloud-based applications in the enterprise is making IT and security professionals rethink their cloud identity management strategy. By default, every cloud user creates an average of 17 cloud identities. But catering to 17 different user stores per employee or partner is simply not scalable from an administration perspective. And as if IT’s time is not precious enough, password resets account for 20% of helpdesk tickets. This adds to the compliance and security risks associated with cloud-based applications, which by default require only weak static passwords and offer no central point of management across disparate cloud-based services.
Join Stephen Allen, Gemalto Product Manager for Authentication and Access Management, and learn how deploying an Identity Provider enables:
•Cloud Single Sign-On for easy access to cloud apps
•Regulatory compliance with standards such as PCI DSS
•Reduced identity lifecycle overheads
•Centralized management of cloud access policies
•Increased security with step-up authentication
Nanda Mohan Shenoy, CAIIB, CISA - Bestfit Business Solutions and Prasun Srivastava - Solution Expert, IDP, Enterprise & Cyber
The India's Unique Identification numbers (UIDs), also named "Aadhaar numbers" contain Personally Identifiable Information (PII), the Unique Identification Authority of India (UIDAI) has mandated that the private cryptographic keys used to digitally sign and authenticate the UIDs must be stored in a Hardware Security Module (HSM).
In addition to HSMs, the UIDAI has also mandated the use of tokenization – replacing sensitive data with a token that can be securely stored, processed and transmitted as of August 2017.
Join this live webinar to know more about how to easily conform to the mandate:
•What is UIDAI's requirements?
•Why HSM and tokenization?
•How to ensure Aadhaar numbers are protected?
•What makes Gemalto's SafeNet Luna HSM and KeySecure unique?
•How to meet UIDAI's compliance mandates?
Adrian Davis, Managing Director, (ISC)² EMEA, Jan Smets, Certified Data Protection Officer, Gemalto
The introduction of GDPR is set to bring data protection to the top of businesses’ priority lists. So how can businesses ensure they are compliant and what steps do they need to take?
In this webinar, certified DPO Jan Smets with provide a six-step overview to help achieve compliance:
1) Understand the GDPR legal framework
2) Create a Data Register
3) Classify your data
4) Start with your top priority
5) Assess and document additional risks and processes
6) Revise and repeat
Security, Compliance and Hardware Security Modules in Cloud FoundryJoe Pindar, Director of Strategy, CTO Office, Gemalto; Abby Kearns, VP, Industry Strategy - Cloud Foundry Foundation[[ webcastStartDate * 1000 | amDateFormat: 'MMM D YYYY h:mm a' ]]42 mins