Five ways to demystify Zero Trust security – and the vendors who are pushing it

Bottom line: Instead of only relying on security vendors’ claims about Zero Trust, benchmark them on a series of five critical success factors instead, with customer results being key.

Analytics, Zero Trust dominated RSA

Analytics dashboards dominated RSA from a visual standpoint, while Zero Trust Security reigned from an enterprise strategy one. Over 60 vendors claimed to have Zero Trust Security solutions at RSA, with each one defining the concept in a slightly different way.

RSA has evolved into one of the highest energy enterprise-focused...

By Louis Columbus, 25 March 2019, 0 comments. Categories: Compliance, Data & Analytics, Data Loss, Data Management, Security.

Continuous compliance, continuous iteration: How to get through IT audits successfully

For most students, exam days are one of the most stressful experiences of their educational careers. Exams are a semi-public declaration of your ability to learn, absorb and regurgitate the curriculum, and while the rewards for passing are rather mundane, the ramifications of failure are tremendous. 

My educational experience indicates that exam success is primarily due to preparation, with a fair bit of luck. If you were like me in school, exam preparation consisted mostly of cramming, with a heavy reliance on hope that the hours spent jamming material into my brain would cover at least 70% of the exam contents.

After I left...

By Jonathan Eropkin, 15 March 2019, 0 comments. Categories: Compliance, Data & Analytics, Data Management, Security.

Why standardisation is good for NetOps: Innovation instead of impediment

Standardisation is sometimes viewed as an assault on innovation. Being forced to abandon a polyglot buffet and adopt a more limited menu will always sound stifling. That may be because standardisation is often associated with regulatory compliance standards that have official sounding names like ISO 8076.905E and are associated with checklists, auditors and oversight committees.

By Lori MacVittie, 14 March 2019, 0 comments. Categories: Compliance, Enterprise, Platform, Regulation, Security.

Healthcare firms go for the hybrid cloud approach with compliance and connectivity key

It continues to be a hybrid cloud-dominated landscape – and according to new research one of the traditionally toughest industries in terms of cloud adoption is now seeing it as a priority.

A report from enterprise cloud provider Nutanix has found that in two years’ time, more than a third (37%) of healthcare organisations polled said they would deploy hybrid cloud. This represents a major increase from less than a fifth...

By James Bourne, 18 February 2019, 0 comments. Categories: Compliance, Containers, Infrastructure, Research, Security.

Six best practices for increasing AWS security in a Zero Trust world

  • Amazon Web Services (AWS) reported $6.6B in revenue for Q3, 2018 and $18.2B for the first three fiscal quarters of 2018.
  • AWS revenue achieved an impressive 46% year-over-year net sales growth between Q3, 2017 and Q3, 2018 and 49% year-over-year growth for the first three quarters of the year.
  • AWS’ 34% market share is bigger than its next four competitors combined with the majority of customers taken from small-to-medium sized cloud operators according to 

By Louis Columbus, 15 January 2019, 0 comments. Categories: Amazon, Compliance, Infrastructure, Security.

Three key predictions for the cloud industry in 2019: Multi-cloud, governance and blurred lines

In 2019, we can expect the cloud industry to continue to thrive - with impressive cloud adoption across all industries, accompanied by an improvement in solutions and integrated data tools to best meet user needs. These advancements will substantially enhance operations in the cloud, leading it to ultimately become the preferred platform for all enterprise applications.

Looking ahead, we will see companies move beyond standard...

By Joe Kinsella, 14 January 2019, 0 comments. Categories: Compliance, Enterprise, Infrastructure, Trends.

Four cloud security predictions for 2019: Containerisation, load balancers, and more

The cloud is a vital part of any enterprise infrastructure. The convenience of having a database that can be accessed from any location has dramatically improved efficiency within workforces. While many companies had previously been afraid of making the move, as the open nature of the cloud makes it less secure than on-premise solutions, new advances in cloud security have vastly reduced the number of successful attacks. With 2019...

By Stephen Dallas, 08 January 2019, 0 comments. Categories: Compliance, Containers, Enterprise, Infrastructure, Security.

You've got 99 problems when it comes to public cloud compliance – but cryptojacking may not be one

If cloud is part of the conversation for organisational digital change, then cloud security will forever be not far behind. According to new research from Unit 42, compliance needs to be stepped up, yet cryptojacking may be on the decline.

The company – the threat intelligence arm of Palo Alto Networks – put together analysis based on existing threats to cloud security over the second half of 2018, focusing on Amazon Web...

By James Bourne, 14 December 2018, 0 comments. Categories: Blockchain, Compliance, Data Management, Research, Security.

How the Cloud Security Alliance Cloud Controls Matrix benefits financial institutions

The self-service and dynamic nature of cloud infrastructure creates challenges for risk and compliance professionals. Tools that worked well in the traditional data centre do not translate to the public cloud.  

Due to these concerns over regulatory compliance and security, as well as the complexity involved in replacing legacy systems, financial institutions are taking a more...

By Brian Johnson, 14 September 2018, 0 comments. Categories: Compliance, Data & Analytics, Industry, Security.

Tresorit raises €11.5 million in series B funding to help promote secure cloud collaboration

Tresorit, a European provider of cloud security and collaboration software, has announced it has raised €11.5 million (£10.4m) in series B funding to help accelerate growth and scale marketing and sales operations.

The company, which sits in the enterprise file and sync space, offers products focused at the legal, healthcare and HR departments around encrypted storage and secure file sharing, as well as...

By James Bourne, 04 September 2018, 0 comments. Categories: Collaboration, Compliance, Security, Software.

Why data sovereignty is the only truly safe path to avoid Privacy Shield turmoil

Privacy is not just a legal obligation, it is an ethical commitment and a demonstration that you care about your customers’ privacy as much as they do.

Many people will be surprised to hear that although the EU General Data Protection Regulation (GDPR) took effect on May 25, many companies are not yet GDPR-compliant. The regulation  requires organisations to comply, and our Information Commissioner has...

By Bill Mew, 30 August 2018, 0 comments. Categories: Compliance, Data & Analytics, Data Management, Data Sovereignty.

Google Cloud gets up to speed with AWS and Azure with launch of HSM crypto tool

Google Cloud has announced the launch of a managed cloud-hosted hardware security module (HSM) service – joining Amazon Web Services and Microsoft Azure in this security benchmark.

The Cloud HSM will enable customers to host encryption keys and perform cryptographic operations in FIPS 140-2 Level 3 certified HSMs, according

By James Bourne, 22 August 2018, 0 comments. Categories: Compliance, Data Management, Google, Security.

Demytisfying the public or private cloud choice: Compliance, cost, and technical requirements

Every business wants to operate like a tech company today. Companies can’t thrive without improving IT, and executives must decide where to house and process data – under these circumstances, cloud strategies are increasingly nuanced.

A Forrester study found that just 4% of organisations run their applications exclusively in the public cloud today, and 77 percent of organisations are using multiple types of clouds, both on-premises and off-premises.

So do you take the public or private cloud...

By Michael Coté, 13 August 2018, 0 comments. Categories: Compliance, Infrastructure, Private, Public, Security.

Samsung Heavy Industries chooses AWS to help take shipbuilding into the cloud

Another example of cloud computing infiltrating key enterprises; shipbuilding firm Samsung Heavy Industries is moving to Amazon Web Services (AWS) as its preferred cloud provider.

The company says it wants to be seen as a ‘cloud-first maritime business’, with Samsung using a variety of AWS’ services. These include EC2 and S3, naturally, alongside Amazon’s relational database, RDS, AWS Key Management, and governance and compliance tool CloudTrail.

By putting sensors in a variety of devices and...

By James Bourne, 09 August 2018, 0 comments. Categories: Compliance, Enterprise, Infrastructure, Security.

Majority of organisations favouring multi-cloud strategies, Virtustream argues

Multi-cloud is here to stay, that much we already know – but the sheer extent of its growth is helping enterprises move mission-critical applications to the cloud.

That is the key finding from a new report by cloud technology provider Virtustream. The study, titled ‘Multi-cloud Arises from Changing Cloud Priorities’ and conducted alongside Forrester, found the vast majority (86%) of respondents see their current cloud strategy as multi-cloud. What’s more, 60% of enterprises polled said...

By James Bourne, 13 July 2018, 0 comments. Categories: Compliance, Infrastructure, Research, Security.

Google Cloud launches sole-tenant nodes for improved compliance and utilisation

Google Cloud has announced the launch of sole-tenant nodes on Google Compute Engine – helping customers in various industries around compliance in the process.

The new service, which is currently in beta availability, gives customers ownership of all VMs, hypervisor and host hardware, going against the traditional cloud use case of multi-tenant architecture and shared resources.

“Normally, VM instances run on physical hosts that may be shared by many customers,” explained Google’s Manish Dalwadi and...

By James Bourne, 08 June 2018, 0 comments. Categories: Applications, Architecture, Compliance, Google, Infrastructure, Security.

Five tips for creating successful company-wide data security training

Creating a safe online environment for your business is a major concern for leaders today. With the amount of data breaches increasing steadily and consumer trust in data management declining, it’s no wonder that improving the security of IT systems is the number one priority for 55% of companies.

Employees...

By Pratik Dholakiya, 08 June 2018, 0 comments. Categories: Compliance, Data & Analytics, Data Management, Security.

How the changing security landscape is forcing cloud providers to respond

The RSA Conference in San Francisco is a hotbed of news, analysis and reports on the security industry, with research from the Cloud Security Alliance (CSA) and automation software provider Sonatype being of particular interest.

The CSA report, State of Cloud Security 2018, assesses the steps cloud providers and enterprises are taking when it comes to security, as well as regulation and the changing threat landscape.

The report notes that as the landscape for cloud services expands, so do the security options...

By James Bourne, 17 April 2018, 0 comments. Categories: Compliance, Data Management, Research, Security.

Why trust and transparency are key for companies complying with new EBA cloud guidance

New guidance from official regulators should be music to the ears of anyone involved in compliance. Clarification, reference points and approved examples make the business of compliance that much more straightforward and are generally welcomed by compliance experts. In that spirit, it was with the best intentions - to clear the pathway to cloud adoption for financial services companies - that the European...

By Frank Krieger, 13 April 2018, 0 comments. Categories: Compliance, Data & Analytics, Data Management, Privacy, Security.

Microsoft responds to speed of CLOUD Act enactment and data privacy concerns

Microsoft has admitted the speed in which the CLOUD Act was enacted was ‘a bit of a shock’ – but added there was more to do to protect users’ privacy rights across borders.

The act, which stands for ‘clarifying lawful overseas use of data’, was signed into law two weeks ago and ultimately represents the culmination of a case which began four years ago concerning an email in Dublin.

During a drug trafficking investigation in 2013, Microsoft refused to provide details of an...

By James Bourne, 06 April 2018, 0 comments. Categories: Compliance, Data & Analytics, Data Management, Security.