Why a consumer approach to security – with cloud in mind – may help struggling enterprises

Are Amazon and Facebook the standard bearers when it comes to security? According to the latest identity and access management (IAM) study from Gemalto, more than half of respondents say their organisation’s work authentication methods are worse than those offered by the two tech giants.

The study, which polled more than 1,000 IT decision makers globally, found that the continued rise in cloud applications, as well as the similarly shopworn story around device proliferation, means enterprises are...

By James Bourne, 12 March 2018, 0 comments. Categories: Collaboration, Compliance, Security, Software.

Google Cloud announces healthcare APIs and updates – as Apple and Spotify revealed as customers

It has been an interesting week or so for Google Cloud, both directly and indirectly. The company has announced new APIs, updates and customers for its healthcare cloud initiative, while other high-profile customers have been disclosed.

At HiMSS, the healthcare information and management systems society conference, Google launched a new cloud healthcare API, which is better equipped to focus on data types such as HL7, FHIR and DICOM, and also allows customers to crunch the numbers using analytics and machine...

By James Bourne, 06 March 2018, 0 comments. Categories: Compliance, Infrastructure, Security.

Microsoft expands government cloud offerings as company says IT shift ‘reaches tipping point’

Microsoft has beefed up its government cloud offerings, launching government-specific editions of Microsoft 365 and Azure Stack, as well as greater security and compliance in Dynamics 365.

Microsoft 365, which comprises Office 365, Windows 10, and Enterprise Mobility + Security (EMS), and Azure Stack, which extends Azure to on-premises environments, are being upgraded as Microsoft acknowledges faster acceleration of government organisations moving to the cloud.

“This move is driven largely by the desire...

By James Bourne, 06 March 2018, 0 comments. Categories: Compliance, Data & Analytics, Data Management, Microsoft, PublicSector, Security.

Why cloud is the cornerstone of digital transformation in healthcare

Today every part of the business is subject to new expectations, competitors, channels, threats and opportunities. Every business has the potential to be a digital business. As the numbers of smart, connected devices from phones to cars to wearables are growing, companies that quickly deliver digital solutions or services, and use insights to rapidly optimise their value chain are gaining competitive advantage. Businesses that digitally transform will be able to connect more closely with customers, speed up the pace of...

By Roberto Mircoli, 25 February 2018, 1 comment. Categories: Compliance, Infrastructure, Security.

Cisco cybersecurity report shows how cloud use rises – and cyberattacks rise with it

Cloud computing usage continues to grow, but at the expense of security as attackers take advantage, according to the latest Cisco annual cybersecurity report.

The study, now in its 11th iteration, puts together threat intelligence and cybersecurity trends from researchers and six technology partners, and found more than a quarter (27%) of security professionals polled use off-premises private clouds. This is up from 20% this time last year.

Of that number, more than half (57%) say they host networks in the...

By James Bourne, 22 February 2018, 0 comments. Categories: Compliance, Research, Security.

The compliance conundrum: Why hybrid cloud is key with GDPR around the corner

With the Global Data Protection Regulation (GDPR) on the horizon, businesses that wish to operate in the European Union are having to spend more time than ever thinking about compliance.

Not only does all personally identifiable customer data need to be accounted for – a task that is easier said than done for many organisations – internal processes also have to be updated and employees need to be educated to ensure the compliance deadline of May 25 2018 is met.

Of course, GDPR is just one...

By Mark Baker, 25 January 2018, 0 comments. Categories: Compliance, Data & Analytics, Data Management, Hybrid, Public.

How cloud service providers can halt hackers – with smart security protocols and reporting

When you call yourself "the global leader in secure content collaboration," you can't afford security gaffes.

Huddle, a SaaS tool used throughout the U.K. government, learned that the hard way when a BBC journalist logged into its system and was redirected to the wrong account. Imagine his shock when he realized he had access to confidential KPMG financial data. 

Luckily for Huddle, the journalist left the...

By Brad Thies, 08 January 2018, 0 comments. Categories: Compliance, Data & Analytics, Data Management, Security.

Alibaba strengthens European cloud plans with additional C5 compliance accreditation

More evidence – as if it were needed – that Alibaba is serious about taking its cloud arm into new geographies: the company has announced compliance accreditation with Germany’s federal office for information security.

The C5 attestation – so called because its full natty title is the Cloud Computing Compliance Controls Catalogue – with additional requirements covers Alibaba’s elastic compute service, relational database, object storage, CDN, load balancer, virtual private...

By James Bourne, 14 December 2017, 0 comments. Categories: Compliance, Europe, Security, Software.

Enterprises want more public cloud – yet security issues block their path

A new survey released by AlgoSec sets the scene on organisational cloud deployments: almost a third of respondents say they plan to increase their public cloud usage in the next 12 to 18 months, but major security challenges remain across hybrid enterprise networks both during and after migrations.

The study, titled ‘Hybrid Cloud Environments: The State of Security’, polled 450 senior security and network professionals and found a lack of visibility and managing security policies consistently were...

By James Bourne, 31 October 2017, 0 comments. Categories: Compliance, Enterprise, Hybrid, Infrastructure, Public.

Why combining access governance with authorisation management is key to identity success

In virtually every organisation or university, data is stored on multiple file servers throughout the network, often in a somewhat haphazard or random structure. Access to the data is likely just as unstructured and may put the organisation at risk by allowing employees access rights where none are required. Managing access to this unstructured data is incredibly difficult, resulting in a significant challenge when the time for an IT audit rolls around.

There are methods to bring order to this madness and...

By Dean Wiech, 17 October 2017, 0 comments. Categories: Best Practice, Compliance, Security, Software.

Half of companies fail to meet PCI DSS compliance standards: Is your infrastructure up to it?

Only 55.4% of companies meet all PCI DSS compliance standards, according to a new report released by Verizon. While this number is up 7% from 2015, it still translates to nearly half of retailers, IT services companies, payment software providers and hospitality organisations do not adequately protect credit cardholder information.

Companies had the greatest difficulty meeting the following requirements, many of which are related to infrastructure compliance and policies:

  • Requirement 3 – Protect...

By Logicworks, 22 September 2017, 0 comments. Categories: Applications, Compliance, Infrastructure, Security.

Why businesses must not assume GDPR compliance in the cloud

You may have noticed that more companies are storing data in the cloud and utilising cloud-based services than ever before. But many are failing to ensure that the data is secured or stored in a compliant manner, placing themselves and their customers at risk from data breaches.

With the European Parliament passing the new General Data Protection Regulation (GDPR) last year, businesses have less than a year before fundamental changes to the way they store and secure data come into effect. As cloud adoption...

By Joseph Pindar, 02 June 2017, 0 comments. Categories: Compliance, Data Management, Data Sovereignty, Europe.

One year GDPR countdown is a final warning for organisations to sort compliance out

May 25 2018 will see the General Data Protection Regulation (GDPR) legislation come into effect.

Organisations will by now be more than aware of the penalties – 4% of annual turnover or €20 million (£17.3m), whichever is greater, and if not take this as your final warning – but how are companies reacting to it?

Keyrus is a data intelligence and master data management (MDM) provider. The company has been putting its message out there at various events – including at the Information...

By James Bourne, 25 May 2017, 0 comments. Categories: Compliance, Data & Analytics, Data Management, Europe, Security.

Don’t let your data get out of control: Six steps to cloud governance success


Cloud usage is accelerating at a rapid rate, and it’s showing no signs of slowing down. Right now, 90 percent of all companies are using the cloud in some way, and, in the next 10 years, spending on public cloud alone is slated to multiply by a factor of five to $500 billion, according to recent studies by North Bridge and Wikibon.

Enterprises are launching new infrastructure at a furious pace, migrating workloads of all kinds and big chunks of data to public and private cloud...

By Melodye Mueller, 12 April 2017, 0 comments. Categories: Compliance, Data & Analytics, Data Management, Security.

Oracle secures ISO 27001, HIPAA and SOC certifications for its cloud portfolio

Oracle has announced its public cloud services have achieved various security and compliance certifications, including ISO 27001, HIPAA, SOC1 and SOC2, in what the company describes as ‘continued momentum’ for its products.

The Redwood giant’s platform as a service (PaaS) and infrastructure as a service (IaaS) has received Service Organisation Control (SOC) attestations across a variety of key services, while its Fusion software as a service (SaaS) is HIPAA-accredited and the ISO 27001 was...

By James Bourne, 03 April 2017, 2 comments. Categories: Compliance, Industry, Infrastructure, Platform, Security, Software.

Microsoft study warns of difficulty organisations face in attracting cloud skills

More than one in three companies admit it has been either ‘difficult’ or ‘very difficult’ to find specific cloud skills for their organisation, according to a new study from Microsoft.

The dreaded ‘cloud skills gap’ has been long reported by this publication – ‘the trend will continue further through 2013’, this reporter once warned – but in the Microsoft...

By James Bourne, 29 March 2017, 0 comments. Categories: Adoption, Best Practice, Compliance, Microsoft.

Access governance and the cloud: Security and organisational insight are the bottom line

How does access governance apply to the cloud? Well, while the cloud has been established as a standard for many organisations, access and governance to manage such solutions has not yet become a standard solution.

Access governance helps organisations of all sizes in every industry by ensuring that each employee has the correct access to the systems that they need to perform their jobs while keeping the company’s data and network secure. Access governance specifically allows organisational leaders to...

By Dean Wiech, 13 March 2017, 0 comments. Categories: Applications, Compliance, Data & Analytics, Data Management, Security.

Amazon, Apple and Microsoft vow to improve cloud conditions after CMA review


Amazon, Apple and Microsoft have vowed to improve their terms and conditions of cloud storage contracts after a review from the Competition and Markets Authority (CMA), the body has announced.

The giants join BT, Dixons Carphone, Dropbox, Google, JustCloud, Livedrive and Mozy in moving forward with improved conditions. Common areas where Amazon, Apple, and Microsoft will make changes include giving ‘adequate notice’ to customers before significant changes are made to the...

By James Bourne, 20 February 2017, 0 comments. Categories: Compliance, SLA, Software, Storage.

Netskope gives another warning to businesses struggling with GDPR compliance


An overwhelming 94% of cloud apps in enterprises across EMEA are not enterprise-ready, while two thirds of overall cloud services are not up to scratch, according to the latest research from Netskope.

The findings, which appear in the company’s latest quarterly cloud report, found that 82.4% of services do not encrypt data at rest, 66.4% of cloud services do not specify that the customers owns the data in their terms of services, while 42% do not allow admins to enforce password...

By James Bourne, 12 January 2017, 0 comments. Categories: Compliance, Data & Analytics, Data Management, Security.

‘Security by design’ and adding compliance to automation


By Jason McKay, CTO and SVP of Engineering, Logicworks

Security is “job zero” for every company. If you are putting your customers or users at risk,  you will not be in business for long. And that begins with taking a more proactive approach to infrastructure security — one that does not rely on the typical protective or reactive third party security tools, but builds security into your infrastructure from the ground...

By Logicworks, 09 January 2017, 1 comment. Categories: Compliance, DevOps, Infrastructure, Security.