Keeping secrets: Tips for protecting your data in AWS S3

Amazon Web Services is the juggernaut in the cloud provider space, and with any piece of technology comes the need for proper security. In this regard, AWS is no exception. In this piece, we will shortly discuss the latest breaches of public S3 buckets, provide an overview of the two ways to protect data in these storage spaces, and discuss how the new Amazon Secrets Manager utility can assist in securing AWS cloud applications.

Recent breaches

There have been a couple of recent instances in which company S3 buckets have been read by...

By Doug Hazelman, 23 April 2018, 0 comments. Categories: Amazon, Privacy, Public, Security, Software, Storage.

Why trust and transparency are key for companies complying with new EBA cloud guidance

New guidance from official regulators should be music to the ears of anyone involved in compliance. Clarification, reference points and approved examples make the business of compliance that much more straightforward and are generally welcomed by compliance experts. In that spirit, it was with the best intentions - to clear the pathway to cloud adoption for financial services companies - that the European...

By Frank Krieger, 13 April 2018, 0 comments. Categories: Compliance, Data & Analytics, Data Management, Privacy, Security.

The key aspects to consider when executing a smooth move to the cloud

As the benefits of cloud computing become more pronounced, more businesses are migrating to the cloud. Greater scalability, flexibility and financial security often come as a result of making the shift to cloud computing - and those are just a few of the advantages. The allure of the cloud is well known. However, the fine details of cloud migration and implementation are often overlooked.

Migrating to the cloud is more

By Rick Delgado, 24 March 2017, 0 comments. Categories: Adoption, Data & Analytics, Infrastructure, Migration, Privacy.

Why it’s time to take new strategies for beating ransomware

(c)iStock.com/Leonardo Patrizi

The sad facts of ransomware are that no-one is immune and attacks are impacting hospitals, schools, government, law enforcement agencies and businesses of all sizes. The increased frequency – and scale – of attacks has organisations thinking differently about their approach to ransomware. According to the FBI, ransomware attacks have increased 35-fold in 2016, resulting in an estimated $209 million paid out every quarter.

In addition, there has recently been a string...

By Jeff Denworth, 26 October 2016, 0 comments. Categories: Privacy, Security, Vulnerabilities.

Microsoft launches cloud services due diligence checklist

(c)iStock.com/cruphoto

Microsoft has launched a cloud services due diligence checklist aimed at providing organisations with more standardised procedures for their potential cloud push.

The checklist is based on the emerging ISO/IEC 19086 standard which focuses on cloud service level agreements, and gives structure to organisations of all sizes and sectors to identify their objectives and requirements, before comparing the offerings of different cloud service providers.

“Cloud adoption is no longer simply a...

By James Bourne, 17 October 2016, 1 comment. Categories: Microsoft, Privacy, Security, SLA.

Two in three CIOs yet to formulate ‘comprehensive’ GDPR strategy

(c)iStock.com/Leonardo Patrizi

Businesses have been warned and they’ve been previously shown up for not having the required knowledge over the European Union General Data Protection Regulation (GDPR) – now, a new piece of research from mainframe firm Compuware argues that more than two thirds of...

By James Bourne, 13 September 2016, 0 comments. Categories: CIO, Data & Analytics, Data Management, Data Sovereignty, Europe, Privacy.

Why vendor lock-in remains a big roadblock to cloud success

(c)iStock.com/LeoWolfert

Despite the clear advantages of cloud, enterprises can be skittish about getting “trapped” in a public cloud vendor. But unfortunately, this may prevent them from achieving success in the cloud, a new survey finds.

According to a Logicworks survey by Wakefield Research, 78% of IT decision makers believe that concerns about vendor lock-in prevent their organisation from maximising the benefits of cloud resources. This...

By Logicworks, 01 September 2016, 1 comment. Categories: Privacy, Security, Vendors.

Microsoft research aims to better utilise encrypted cloud data without privacy fears

(c)iStock.com/maxkabakov

In some instances, encryption is a double-edged sword: if data is encrypted in the cloud, it’s secure, but you can’t get access to it. Yet a new research paper presented by Microsoft may be the first step to changing it.

The paper examines the concept of secure data exchange (SDE), where the aim, as a blog post from Microsoft Research writer John Roach puts it, is to...

By James Bourne, 10 August 2016, 0 comments. Categories: Data & Analytics, Data Management, Privacy, Security.

Lack of encryption for sensitive cloud data worrying for businesses, argues Gemalto

(c)iStock.com/Jirsak

Though cloud-based resources are becoming increasingly important to companies’ IT operations and business strategies, only a third of sensitive cloudy data is encrypted, according to the latest research from digital security provider Gemalto.

The findings, conducted in association with the Ponemon Institute, found more than nine in 10 UK firms (92%) don’t encrypt more than three quarters of their sensitive data sent via the cloud, while almost four in 10 (39%) do not encrypt...

By James Bourne, 28 July 2016, 0 comments. Categories: Adoption, Privacy, Security.

An enterprise security blind spot: Are cybercriminals hiding in your SSL traffic?

SSL traffic is pervasive in today’s enterprises and is expected to grow rapidly over the next several years; according to Gartner, SSL/TLS traffic now comprises 15% to 25% of total web traffic. The problem is the bad guys have noticed.

This report from Venafi examines how enterprises can eliminate the blind spots in SSL traffic, maximise the powers of decryption, and uncover threats.

By James Bourne, 19 July 2016, 0 comments. Categories: Enterprise, Privacy, Security.