Keeping secrets: Tips for protecting your data in AWS S3

Amazon Web Services is the juggernaut in the cloud provider space, and with any piece of technology comes the need for proper security. In this regard, AWS is no exception. In this piece, we will shortly discuss the latest breaches of public S3 buckets, provide an overview of the two ways to protect data in these storage spaces, and discuss how the new Amazon Secrets Manager utility can assist in securing AWS cloud applications.

Recent breaches

There have been a couple of recent instances in which company S3 buckets have been read by...

By Doug Hazelman, 23 April 2018, 0 comments. Categories: Amazon, Privacy, Public, Security, Software, Storage.

The key challenges of migrating databases to the cloud: Planning and performance

As enterprises continue to embark on their digital transformation journeys part of this change may involve migrating in-house applications, databases and data to the cloud.  But while all the benefits of cloud are widely understood, migrating a database or an application to the cloud is not always smooth sailing and there can be challenges to overcome when transitioning.  Here I wanted to highlight some of the steps enterprises should take to ensure their database migration is successful.

Why migrate to the...

By Roberto Mircoli, 17 April 2018, 0 comments. Categories: Data & Analytics, Data Management, Infrastructure, Migration, Security.

How the changing security landscape is forcing cloud providers to respond

The RSA Conference in San Francisco is a hotbed of news, analysis and reports on the security industry, with research from the Cloud Security Alliance (CSA) and automation software provider Sonatype being of particular interest.

The CSA report, State of Cloud Security 2018, assesses the steps cloud providers and enterprises are taking when it comes to security, as well as regulation and the changing threat landscape.

The report notes that as the landscape for cloud services expands, so do the security options...

By James Bourne, 17 April 2018, 0 comments. Categories: Compliance, Data Management, Research, Security.

Automation, DevOps and unified security management key to cure cloud ills, says McAfee

Cloud services are becoming practically ubiquitous – but according to the latest study from McAfee, one in four organisations who use the public cloud has had their data stolen.

The findings appear in ‘Navigating a Cloudy Sky: Practical Guidance and the State of Cloud Security’, a report which surveyed more than 1,400 IT professionals around security concerns with private and public cloud services.

Usage numbers are as strong as one would expect – except for one. 97% of respondents...

By James Bourne, 16 April 2018, 0 comments. Categories: DevOps, Infrastructure, Research, Security.

Singapore overtakes Hong Kong to become strongest Asia Pacific cloud nation

Singapore has overtaken Hong Kong to be the number one cloud-ready Asia Pacific nation, according to the latest report from the Asia Cloud Computing Association (ACCA).

The two regions have swapped places since the previous analysis two years ago, with New Zealand retaining bronze medal position, and Japan and Taiwan overtaking Australia. While the latter has slipped a couple of places in the rankings, ACCA said it was still a ‘strong regional contender’ which performed well in most areas but was...

By James Bourne, 16 April 2018, 0 comments. Categories: Adoption, Data & Analytics, Infrastructure, Migration, Research, Security.

How machine learning quantifies trust and improves employee experiences

By enabling enterprises to scale security with user behaviour-based, contextual intelligence, next-gen access strategies are delivering Zero Trust Security (ZTS) enterprise-wide, enabling the fastest companies to keep growing strong.

Every digital business is facing a security paradox today created by their proliferating amount of applications, endpoints and infrastructure on the one hand and the need to scale enterprise security without reducing the quality of user experiences on the other. Businesses face a...

By Louis Columbus, 16 April 2018, 0 comments. Categories: Applications, Security, Software.

Why trust and transparency are key for companies complying with new EBA cloud guidance

New guidance from official regulators should be music to the ears of anyone involved in compliance. Clarification, reference points and approved examples make the business of compliance that much more straightforward and are generally welcomed by compliance experts. In that spirit, it was with the best intentions - to clear the pathway to cloud adoption for financial services companies - that the European...

By Frank Krieger, 13 April 2018, 0 comments. Categories: Compliance, Data & Analytics, Data Management, Privacy, Security.

Data centres and cloud networks: Security in the modern context

Traditionally, companies have sought to create a hardened IT network perimeter that kept all potential cyber threats out and to protect organisations through the use of network security platforms such as firewalls. In the modern context, however, this has become a restrictive and dangerous approach and I will explain why. 

What we think of as traditional firewalls are only really able to inspect unencrypted traffic. This means that attackers will use encrypted communications to exploit and maintain...

By Neil Anderson, 13 April 2018, 0 comments. Categories: Data & Analytics, Data Centres, Infrastructure, Security.

Hybrid cloud security strategies analysed in new research

Hybrid cloud and multi-cloud security is becoming top of mind for organisations – but many still persist with best of breed tools for both systems rather than combining into one ‘best of suite’ offering.

That is the key finding following a report from Santa Clara-based Cavirin Systems. The report, which polled more than 350 IT admins, IT decision makers and C-suite executives, found 81% of organisations currently deploy a hybrid or multi-cloud strategy, with 11% only going on-premise and 8%...

By James Bourne, 12 April 2018, 0 comments. Categories: Hybrid, Research, Security.

Learning from the masters of DevSecOps: Getting security right at scale

With the relentless 24/7 nature of the digital economy, many customers I talk to are under pressure to continually release and update their apps. Making this happen is a challenge in itself. But keeping those apps secure can be even more problematic – especially when security is left to the end of the development cycle.

That may seem an unlikely approach in today’s heightened IT security climate. But in my experience, it’s all too common. Under pressure to get their apps out fast, firms...

By Aruna Ravichandran, 09 April 2018, 0 comments. Categories: Applications, Data & Analytics, Developers, DevOps, Security.