The modern face of cyberthreats (Updated)
Editor's note: This post was updated after publication to remove references to discarded reports related to the Target breach.
A multimillion-dollar security infrastructure, built and maintained by one of the world’s largest...
How the NSA is preventing another Snowden (and why you should do the same)
On December 11th, the director of the National Security Agency (NSA), Gen. Keith Alexander, stood before the Senate Judiciary Committee to discuss actions being taken in the wake of Edward Snowden’s disclosures.
Gen. Alexander...
3 reasons perimeter security is not enough for the cloud
The “M & M” model of data security (hard shell, soft inside) has been the standard for most enterprises for decades, based on a number of assumptions:
All our mission-critical and Tier 1 applications are maintained inside...
Virtualized environments. Real risk.
Unfortunately, it's not always this obvious when your privileged user accounts or data have been hacked.
New reports from security investigators are estimating that the recent Adobe breach may in fact be the biggest known...
When insiders become outsiders (and other cloud security challenges)
If you've ever been an IT hiring manager, you know the scrutiny that goes into the interview process as you seek to bring trustworthy and effective talent into your organization. (Also, it's a bonus when those potential employees...
Why a secure, multi-vendor strategy is crucial for the cloud
A few weeks ago, one of the well-regarded vendors of the cloud storage world, Nirvanix, abruptly announced that it was closing its doors, giving its more than 1000 customers just two weeks to migrate their data off Nirvanix...
Going to the cloud? BYOS (bring your own security)
There are many benefits to be gained by using the public cloud. Cost efficiencies, elasticity and collaborative access are mentioned most often. But will your data be secure in the cloud? And who is responsible for keeping it safe?...
Regardless of the NSA, you still need encryption
It seems as though everywhere you turn lately, another story breaks revealing information about PRISM and Edward Snowden. And it just keeps coming. Snowden’s latest disclosure builds on the story that not only has the NSA...
HIPAA compliance in the cloud
Remember how when you were a kid, and you went to spend the night at a friend’s house, you were faced with all kinds of new and different ‘rules of the house’? Maybe your friend’s parents made you eat whatever was on your plate at...
Secure migration to the cloud: A not impossible mission
Cloud security is not just a popular topic these days, it could be the storyline for the next Tom Cruise movie. In just a few months, we’ve seen disclosures by a whistle-blowing former NSA spy, user errors that exposed over 126...
Will FISMA, FedRAMP impact cloud security?
I can usually tell when a regulation has teeth when I start to hear multiple customers asking about it. Interestingly, the Federal Information Security Amendments Act of 2013, also known as HR 1163, isn't even in effect yet, but...
Data privacy and PRISM: When politics and technology collide
If you are both a news and a cloud junky as I am, there has never been a more interesting -- or distracting -- time to hit refresh on your favorite online news site. The recent statements by whistle-blower Edward Snowden about the...
Banking on the public cloud
What do banks and the public cloud have in common? More than you might think. Let’s use the concept of banking as we jump into the root of the public cloud debate.
Do you remember when you were a kid and your parents first walked...
Virtualization security 101: A user's primer
While the virtues (and pitfalls) of the cloud have been exhaustively documented, the fact remains that it's highly likely that the servers that house your applications and data are virtualized, whether those servers live in your...
PCI forecast: Cloudy, with a chance of compliance
When IT teams start talking Infrastructure as a Service, I expect corporate compliance officers hear virtual alarm klaxons, along with the not-so-friendly warning, "Sir, step away from the cloud."
We have been taught that data...
Cloud security: A real concern or just an excuse?
Is cloud security the chicken or the egg? Are CSOs playing the ‘it’s not secure’ card to avoid anything that, well, smells like work? Are IT pros rabidly defending their turf because they fear their jobs might also be outsourced,...
Here, there, everywhere: Data residency and the public cloud
It's 10:00 PM. Do you know where your data is?
Is it nestled securely within the firewalls of your data center, or is it more adventurous, spanning the boundaries of various public clouds? Cloud adoption continues to grow at...
What you can't see can hurt you!
We've all seen them, compressed files with the .zip extension. Unfortunately, virus writers, to compress all manner of malicious code in their attempts to avoid detection by antivirus software, also use "zipping". Today, many...
Top Blog Posts