How the Cloud Security Alliance Cloud Controls Matrix benefits financial institutions

The self-service and dynamic nature of cloud infrastructure creates challenges for risk and compliance professionals. Tools that worked well in the traditional data centre do not translate to the public cloud.  

Due to these concerns over regulatory compliance and security, as well as the complexity involved in replacing legacy systems, financial institutions are taking a more...

By Brian Johnson, 14 September 2018, 0 comments. Categories: Compliance, Data & Analytics, Industry, Security.

Tresorit raises €11.5 million in series B funding to help promote secure cloud collaboration

Tresorit, a European provider of cloud security and collaboration software, has announced it has raised €11.5 million (£10.4m) in series B funding to help accelerate growth and scale marketing and sales operations.

The company, which sits in the enterprise file and sync space, offers products focused at the legal, healthcare and HR departments around encrypted storage and secure file sharing, as well as...

By James Bourne, 04 September 2018, 0 comments. Categories: Collaboration, Compliance, Security, Software.

Why data sovereignty is the only truly safe path to avoid Privacy Shield turmoil

Privacy is not just a legal obligation, it is an ethical commitment and a demonstration that you care about your customers’ privacy as much as they do.

Many people will be surprised to hear that although the EU General Data Protection Regulation (GDPR) took effect on May 25, many companies are not yet GDPR-compliant. The regulation  requires organisations to comply, and our Information Commissioner has...

By Bill Mew, 30 August 2018, 0 comments. Categories: Compliance, Data & Analytics, Data Management, Data Sovereignty.

Google Cloud gets up to speed with AWS and Azure with launch of HSM crypto tool

Google Cloud has announced the launch of a managed cloud-hosted hardware security module (HSM) service – joining Amazon Web Services and Microsoft Azure in this security benchmark.

The Cloud HSM will enable customers to host encryption keys and perform cryptographic operations in FIPS 140-2 Level 3 certified HSMs, according

By James Bourne, 22 August 2018, 0 comments. Categories: Compliance, Data Management, Google, Security.

Demytisfying the public or private cloud choice: Compliance, cost, and technical requirements

Every business wants to operate like a tech company today. Companies can’t thrive without improving IT, and executives must decide where to house and process data – under these circumstances, cloud strategies are increasingly nuanced.

A Forrester study found that just 4% of organisations run their applications exclusively in the public cloud today, and 77 percent of organisations are using multiple types of clouds, both on-premises and off-premises.

So do you take the public or private cloud...

By Michael Coté, 13 August 2018, 0 comments. Categories: Compliance, Infrastructure, Private, Public, Security.

Samsung Heavy Industries chooses AWS to help take shipbuilding into the cloud

Another example of cloud computing infiltrating key enterprises; shipbuilding firm Samsung Heavy Industries is moving to Amazon Web Services (AWS) as its preferred cloud provider.

The company says it wants to be seen as a ‘cloud-first maritime business’, with Samsung using a variety of AWS’ services. These include EC2 and S3, naturally, alongside Amazon’s relational database, RDS, AWS Key Management, and governance and compliance tool CloudTrail.

By putting sensors in a variety of devices and...

By James Bourne, 09 August 2018, 0 comments. Categories: Compliance, Enterprise, Infrastructure, Security.

Majority of organisations favouring multi-cloud strategies, Virtustream argues

Multi-cloud is here to stay, that much we already know – but the sheer extent of its growth is helping enterprises move mission-critical applications to the cloud.

That is the key finding from a new report by cloud technology provider Virtustream. The study, titled ‘Multi-cloud Arises from Changing Cloud Priorities’ and conducted alongside Forrester, found the vast majority (86%) of respondents see their current cloud strategy as multi-cloud. What’s more, 60% of enterprises polled said...

By James Bourne, 13 July 2018, 0 comments. Categories: Compliance, Infrastructure, Research, Security.

Google Cloud launches sole-tenant nodes for improved compliance and utilisation

Google Cloud has announced the launch of sole-tenant nodes on Google Compute Engine – helping customers in various industries around compliance in the process.

The new service, which is currently in beta availability, gives customers ownership of all VMs, hypervisor and host hardware, going against the traditional cloud use case of multi-tenant architecture and shared resources.

“Normally, VM instances run on physical hosts that may be shared by many customers,” explained Google’s Manish Dalwadi and...

By James Bourne, 08 June 2018, 0 comments. Categories: Applications, Architecture, Compliance, Google, Infrastructure, Security.

Five tips for creating successful company-wide data security training

Creating a safe online environment for your business is a major concern for leaders today. With the amount of data breaches increasing steadily and consumer trust in data management declining, it’s no wonder that improving the security of IT systems is the number one priority for 55% of companies.

Employees...

By Pratik Dholakiya, 08 June 2018, 0 comments. Categories: Compliance, Data & Analytics, Data Management, Security.

How the changing security landscape is forcing cloud providers to respond

The RSA Conference in San Francisco is a hotbed of news, analysis and reports on the security industry, with research from the Cloud Security Alliance (CSA) and automation software provider Sonatype being of particular interest.

The CSA report, State of Cloud Security 2018, assesses the steps cloud providers and enterprises are taking when it comes to security, as well as regulation and the changing threat landscape.

The report notes that as the landscape for cloud services expands, so do the security options...

By James Bourne, 17 April 2018, 0 comments. Categories: Compliance, Data Management, Research, Security.

Why trust and transparency are key for companies complying with new EBA cloud guidance

New guidance from official regulators should be music to the ears of anyone involved in compliance. Clarification, reference points and approved examples make the business of compliance that much more straightforward and are generally welcomed by compliance experts. In that spirit, it was with the best intentions - to clear the pathway to cloud adoption for financial services companies - that the European...

By Frank Krieger, 13 April 2018, 0 comments. Categories: Compliance, Data & Analytics, Data Management, Privacy, Security.

Microsoft responds to speed of CLOUD Act enactment and data privacy concerns

Microsoft has admitted the speed in which the CLOUD Act was enacted was ‘a bit of a shock’ – but added there was more to do to protect users’ privacy rights across borders.

The act, which stands for ‘clarifying lawful overseas use of data’, was signed into law two weeks ago and ultimately represents the culmination of a case which began four years ago concerning an email in Dublin.

During a drug trafficking investigation in 2013, Microsoft refused to provide details of an...

By James Bourne, 06 April 2018, 0 comments. Categories: Compliance, Data & Analytics, Data Management, Security.

Why a consumer approach to security – with cloud in mind – may help struggling enterprises

Are Amazon and Facebook the standard bearers when it comes to security? According to the latest identity and access management (IAM) study from Gemalto, more than half of respondents say their organisation’s work authentication methods are worse than those offered by the two tech giants.

The study, which polled more than 1,000 IT decision makers globally, found that the continued rise in cloud applications, as well as the similarly shopworn story around device proliferation, means enterprises are...

By James Bourne, 12 March 2018, 0 comments. Categories: Collaboration, Compliance, Security, Software.

Google Cloud announces healthcare APIs and updates – as Apple and Spotify revealed as customers

It has been an interesting week or so for Google Cloud, both directly and indirectly. The company has announced new APIs, updates and customers for its healthcare cloud initiative, while other high-profile customers have been disclosed.

At HiMSS, the healthcare information and management systems society conference, Google launched a new cloud healthcare API, which is better equipped to focus on data types such as HL7, FHIR and DICOM, and also allows customers to crunch the numbers using analytics and machine...

By James Bourne, 06 March 2018, 0 comments. Categories: Compliance, Google, Infrastructure, Security.

Microsoft expands government cloud offerings as company says IT shift ‘reaches tipping point’

Microsoft has beefed up its government cloud offerings, launching government-specific editions of Microsoft 365 and Azure Stack, as well as greater security and compliance in Dynamics 365.

Microsoft 365, which comprises Office 365, Windows 10, and Enterprise Mobility + Security (EMS), and Azure Stack, which extends Azure to on-premises environments, are being upgraded as Microsoft acknowledges faster acceleration of government organisations moving to the cloud.

“This move is driven largely by the desire...

By James Bourne, 06 March 2018, 0 comments. Categories: Compliance, Data & Analytics, Data Management, Microsoft, PublicSector, Security.

Why cloud is the cornerstone of digital transformation in healthcare

Today every part of the business is subject to new expectations, competitors, channels, threats and opportunities. Every business has the potential to be a digital business. As the numbers of smart, connected devices from phones to cars to wearables are growing, companies that quickly deliver digital solutions or services, and use insights to rapidly optimise their value chain are gaining competitive advantage. Businesses that digitally transform will be able to connect more closely with customers, speed up the pace of...

By Roberto Mircoli, 25 February 2018, 1 comment. Categories: Compliance, Infrastructure, Security.

Cisco cybersecurity report shows how cloud use rises – and cyberattacks rise with it

Cloud computing usage continues to grow, but at the expense of security as attackers take advantage, according to the latest Cisco annual cybersecurity report.

The study, now in its 11th iteration, puts together threat intelligence and cybersecurity trends from researchers and six technology partners, and found more than a quarter (27%) of security professionals polled use off-premises private clouds. This is up from 20% this time last year.

Of that number, more than half (57%) say they host networks in the...

By James Bourne, 22 February 2018, 0 comments. Categories: Compliance, Research, Security.

The compliance conundrum: Why hybrid cloud is key with GDPR around the corner

With the Global Data Protection Regulation (GDPR) on the horizon, businesses that wish to operate in the European Union are having to spend more time than ever thinking about compliance.

Not only does all personally identifiable customer data need to be accounted for – a task that is easier said than done for many organisations – internal processes also have to be updated and employees need to be educated to ensure the compliance deadline of May 25 2018 is met.

Of course, GDPR is just one...

By Mark Baker, 25 January 2018, 0 comments. Categories: Compliance, Data & Analytics, Data Management, Hybrid, Public.

How cloud service providers can halt hackers – with smart security protocols and reporting

When you call yourself "the global leader in secure content collaboration," you can't afford security gaffes.

Huddle, a SaaS tool used throughout the U.K. government, learned that the hard way when a BBC journalist logged into its system and was redirected to the wrong account. Imagine his shock when he realized he had access to confidential KPMG financial data. 

Luckily for Huddle, the journalist left the...

By Brad Thies, 08 January 2018, 0 comments. Categories: Compliance, Data & Analytics, Data Management, Security.

Alibaba strengthens European cloud plans with additional C5 compliance accreditation

More evidence – as if it were needed – that Alibaba is serious about taking its cloud arm into new geographies: the company has announced compliance accreditation with Germany’s federal office for information security.

The C5 attestation – so called because its full natty title is the Cloud Computing Compliance Controls Catalogue – with additional requirements covers Alibaba’s elastic compute service, relational database, object storage, CDN, load balancer, virtual private...

By James Bourne, 14 December 2017, 0 comments. Categories: Alibaba, Compliance, Europe, Security, Software.