Dropbox becomes latest cloud provider to adopt emerging ISO 27018 standard

(c)iStock.com/KIVILCIM PINAR

Cloud storage provider Dropbox has announced it has achieved certification with the emerging privacy standard ISO/IEC 27018, boosting its security credentials.

ISO 27018 was published on July 30 2014 by the International Organisation for Standardisation (ISO) as a follow up to the widely accepted ISO 27001 information security standard. It aims to put together a code of practice for protection of personally identifiable information (PII) in public clouds. The standard has already been...

By James Bourne, 18 May 2015, 0 comments. Categories: Security, Software, Storage.

Six steps to effective vulnerability response

The number of vulnerabilities identified in servers, operations systems, applications, and databases has increased at an alarming rate in the past several years—and the outlook going forward is no better. Systems, networks, and applications will continue to be susceptible to vulnerabilities, so it is important to be prepared for response when a vulnerability is identified.

By James Bourne, 13 May 2015, 0 comments. Categories: Security, Vulnerabilities.

Google Drive, Facebook and Twitter most popular business cloud apps – but are they safe?

(c)iStock.com/shutter_m

More than 15% of European organisations now use more than 1000 cloud apps with Google Drive, Facebook and Twitter the most popular, according to a report from Netskope.

The findings, which appear in the April 2015 Netskope Cloud Report, saw iCloud and Salesforce make the top five. Five cloud storage apps (Google Drive, iCloud, OneDrive for Business, OneDrive and Dropbox) made the top 12, alongside four social apps (Facebook, Twitter, Google+, LinkedIn).

Of the organisations analysed in...

By James Bourne, 15 April 2015, 1 comment. Categories: Applications, Data & Analytics, Data Loss, Data Management, Security, Software.

Security failing to keep pace with cloud technology adoption, report finds

(c)iStock.com/Melpopenem

Cloud service providers (CSPs) can no longer treat security as a luxurious add-on, and customers have to ensure their providers take care of the issue, a new report asserts.

The research, the latest cab off the rank from Ovum and FireHost entitled “The Role of Security in Cloud Adoption within the Enterprise”, offers sound advice to vendors and users alike. True, it’s stuff everyone will have heard before – but it’s worth repeating.

“On too many...

By James Bourne, 09 April 2015, 0 comments. Categories: Compliance, Research, Security, Vendors.

Majority of firms say they aren’t confident in responding to cloud-based data threats

(c)iStock.com/Imilian

If data stored in the cloud is under threat, what would you do: fight the fire or hide under the bed and hope everything goes away? The majority of respondents in a recent survey admitted they would do the latter.

The research, commissioned by Informatica and conducted by the Ponemon Institute, found 60% of global respondents were “not confident” they had the ability to proactively respond to cloud-based data threats. 80% said not knowing if sensitive or confidential...

By James Bourne, 08 April 2015, 0 comments. Categories: Data & Analytics, Data Loss, Data Management, Security, Vulnerabilities.

Why organisations need to be extra vigilant over their cloud security and partner use

(c)iStock.com/pinstock

A report from Skyhigh Networks has examined the issues for enterprises who share cloud data with partners, with almost 30% of data shared with partners considered “high risk.”

The report, the latest Cloud Adoption and Risk Report, argues the case that security does not end at the corporate perimeter. The average number of cloud services in use by company has risen again, from 545 in Q313 to 923 in Q115. Broken down by cloud service category the average company uses 162...

By James Bourne, 01 April 2015, 1 comment. Categories: Data & Analytics, Data Management, Security, Vulnerabilities.

Compliance remains the key cloud security challenge, according to CipherCloud report

(c)iStock.com/magann

Almost two thirds of organisations in a CipherCloud survey on cloud data protection say compliance and auditing privacy is the biggest security challenge associated with cloud computing.

CipherCloud, which has released its inaugural “Global Cloud Data Security Report”, found a number of interesting findings in the research, and the challenges associated with data security for Global 2000 companies.

Compliance and data protection concerns continue to remain the top barriers for...

By James Bourne, 26 March 2015, 1 comment. Categories: Compliance, Data & Analytics, Data Management, Data Sovereignty, Security.

Opinion: Sorry, Europe: Data localisation is not the killer app for privacy

(c)iStock.com/maxkabakov

By Kenneth N. Rashbaum, Esq.

This blog post is for informational and educational purposes only. Any legal information provided in this post should not be relied upon as legal advice. It is not intended to create, and does not create, an attorney-client relationship and readers should not act upon the information presented without first seeking legal counsel.

Edward Snowden has unleashed a torrent of activity in the name of data security and...

By Logicworks, 24 March 2015, 0 comments. Categories: Data & Analytics, Data Centres, Data Management, Privacy, Security.

Dropbox Android SDK vulnerability revealed, cloud storage provider praised for response

(c)iStock.com/funky-data

A major vulnerability in the Dropbox SDK for Android has been revealed by IBM Security, whereby attackers can connect applications on mobile devices to a Dropbox account controlled by the attacker.

The vuln has since been fixed, with IBM praising Dropbox for its response to the issue; the company acknowledged receipt of the disclosure within six minutes, confirmed the vulnerability within the day, and issued a patch within four days.

It’s slightly better than the flaw in Moonpig’s API,...

By James Bourne, 12 March 2015, 0 comments. Categories: Security, Storage, Vulnerabilities.