Dropbox becomes latest cloud provider to adopt emerging ISO 27018 standard

(c)iStock.com/KIVILCIM PINAR

Cloud storage provider Dropbox has announced it has achieved certification with the emerging privacy standard ISO/IEC 27018, boosting its security credentials.

ISO 27018 was published on July 30 2014 by the International Organisation for Standardisation (ISO) as a follow up to the widely accepted ISO 27001 information security standard. It aims to put together a code of practice for protection of personally identifiable information (PII) in public clouds. The standard has already been...

By James Bourne, 18 May 2015, 4 comments. Categories: Security, Software, Storage.

Google Drive, Facebook and Twitter most popular business cloud apps – but are they safe?

(c)iStock.com/shutter_m

More than 15% of European organisations now use more than 1000 cloud apps with Google Drive, Facebook and Twitter the most popular, according to a report from Netskope.

The findings, which appear in the April 2015 Netskope Cloud Report, saw iCloud and Salesforce make the top five. Five cloud storage apps (Google Drive, iCloud, OneDrive for Business, OneDrive and Dropbox) made the top 12, alongside four social apps (Facebook, Twitter, Google+, LinkedIn).

Of the organisations analysed in...

By James Bourne, 15 April 2015, 1 comment. Categories: Applications, Data & Analytics, Data Loss, Data Management, Security, Software.

Security failing to keep pace with cloud technology adoption, report finds

(c)iStock.com/Melpopenem

Cloud service providers (CSPs) can no longer treat security as a luxurious add-on, and customers have to ensure their providers take care of the issue, a new report asserts.

The research, the latest cab off the rank from Ovum and FireHost entitled “The Role of Security in Cloud Adoption within the Enterprise”, offers sound advice to vendors and users alike. True, it’s stuff everyone will have heard before – but it’s worth repeating.

“On too many...

By James Bourne, 09 April 2015, 0 comments. Categories: Compliance, Research, Security, Vendors.

Majority of firms say they aren’t confident in responding to cloud-based data threats

(c)iStock.com/Imilian

If data stored in the cloud is under threat, what would you do: fight the fire or hide under the bed and hope everything goes away? The majority of respondents in a recent survey admitted they would do the latter.

The research, commissioned by Informatica and conducted by the Ponemon Institute, found 60% of global respondents were “not confident” they had the ability to proactively respond to cloud-based data threats. 80% said not knowing if sensitive or confidential...

By James Bourne, 08 April 2015, 0 comments. Categories: Data & Analytics, Data Loss, Data Management, Security, Vulnerabilities.

Why organisations need to be extra vigilant over their cloud security and partner use

(c)iStock.com/pinstock

A report from Skyhigh Networks has examined the issues for enterprises who share cloud data with partners, with almost 30% of data shared with partners considered “high risk.”

The report, the latest Cloud Adoption and Risk Report, argues the case that security does not end at the corporate perimeter. The average number of cloud services in use by company has risen again, from 545 in Q313 to 923 in Q115. Broken down by cloud service category the average company uses 162...

By James Bourne, 01 April 2015, 1 comment. Categories: Data & Analytics, Data Management, Security, Vulnerabilities.

Compliance remains the key cloud security challenge, according to CipherCloud report

(c)iStock.com/magann

Almost two thirds of organisations in a CipherCloud survey on cloud data protection say compliance and auditing privacy is the biggest security challenge associated with cloud computing.

CipherCloud, which has released its inaugural “Global Cloud Data Security Report”, found a number of interesting findings in the research, and the challenges associated with data security for Global 2000 companies.

Compliance and data protection concerns continue to remain the top barriers for...

By James Bourne, 26 March 2015, 1 comment. Categories: Compliance, Data & Analytics, Data Management, Data Sovereignty, Security.

Opinion: Sorry, Europe: Data localisation is not the killer app for privacy

(c)iStock.com/maxkabakov

By Kenneth N. Rashbaum, Esq.

This blog post is for informational and educational purposes only. Any legal information provided in this post should not be relied upon as legal advice. It is not intended to create, and does not create, an attorney-client relationship and readers should not act upon the information presented without first seeking legal counsel.

Edward Snowden has unleashed a torrent of activity in the name of data security and...

By Logicworks, 24 March 2015, 0 comments. Categories: Data & Analytics, Data Centres, Data Management, Privacy, Security.

Dropbox Android SDK vulnerability revealed, cloud storage provider praised for response

(c)iStock.com/funky-data

A major vulnerability in the Dropbox SDK for Android has been revealed by IBM Security, whereby attackers can connect applications on mobile devices to a Dropbox account controlled by the attacker.

The vuln has since been fixed, with IBM praising Dropbox for its response to the issue; the company acknowledged receipt of the disclosure within six minutes, confirmed the vulnerability within the day, and issued a patch within four days.

It’s slightly better than the flaw in Moonpig’s API,...

By James Bourne, 12 March 2015, 0 comments. Categories: Security, Storage, Vulnerabilities.

Organisations are aggressively adopting cloud – but can’t find the right security roadmap

(c)iStock.con/yvon52

90% of users polled in the LinkedIn Information Security group claim they are either very or moderately concerned about public cloud security.

The survey, sponsored by CloudPassage, aimed to give a comprehensive examination of current security mindsets from a more than 250,000 respondent base with a broad section of company sizes, experience and cloud mindset.

Here are the key stats:

  • 71% of respondents are either in planning stages, actively implementing or in production with cloud environments. Hybrid cloud deployments are most common with 7 out...

By James Bourne, 10 March 2015, 0 comments. Categories: Architecture, Infrastructure, Security, Virtualisation.

The cloud service provider and security vulnerabilities: Three steps to prevention

(c)iStock.com/cherezoff

IT departments worldwide face a dizzying array of security threats, whether they manage traditional or NextGen/cloud based environments. IT security experts report some very frightening statics:

  • Approximately 400,000 new malware instances are recognised daily
  • New kinds of malware are gaining prominence including Ransomware, Scareware, and banking malware.
  • New attack vectors include public cloud, software-as-a-service provider environments, third party services providers and mobile devices.
  • Reports of politically or cause sponsored terrorism and corporate espionage are on the rise...

By David Auslander, 09 March 2015, 0 comments. Categories: Data & Analytics, Data Management, Security, Vulnerabilities.

Financial firms accessing cloud more readily yet roadblocks still remain, say CSA

(c)iStock.com/eve_eve01genesis

61% of financial businesses are developing a cloud strategy within their organisation, according to a report from the Cloud Security Alliance (CSA).

The paper, in conjunction with CipherCloud and interviewing over 100 global participants across the financial sector, found that businesses are slowly but surely moving into the cloud, with a mix of leveraging private and public cloud the optimum strategy.

The findings came out of the Financial Services Working Group (FSWG), an...

By James Bourne, 06 March 2015, 2 comments. Categories: Adoption, Hybrid, Infrastructure, Security.

Shining a light on shadow IT - and how to ensure you get it right

(c)iStock.com/jrwasserman

The nature of work is evolving; employees are mobile and cloud-enabled, free to work anywhere from almost any device. In response to this shift, the BYOD trend has emerged stronger than ever. Coupled with this is the growth of employees desiring more accessible applications. However, these factors have undoubtedly contributed to the emergence of shadow IT, which is creating a problem for many IT departments.

Applications such as Dropbox are increasingly being used by employees for business...

By Angelo di Ventura, 25 February 2015, 0 comments. Categories: Applications, SaaS , Security, Software, Vulnerabilities.

Federation of Small Businesses warns of continued security fears for SMBs in the cloud

(c)iStock.com/rvlsoft

The Federation of Small Businesses (FSB) has found nearly two fifths of small businesses are sceptical about the benefits of cloud technology when compared against security risks.

The survey, which was conducted in association with Verve and polled over 1200 SMB professionals, found 59% were using cloud services of some description, and of those, the biggest worry was a risk of data being lost, stolen or damaged, cited by 61% of respondents.

55% were worried about not being able to...

By James Bourne, 20 February 2015, 0 comments. Categories: Data & Analytics, Data Loss, Data Management, Security.

Healthcare data security: Is cloud encryption alone enough?

By Kenneth N. Rashbaum, Esq. and Liberty McAteer, Esqs.

This blog post is for informational and educational purposes only. Any legal information provided in this post should not be relied upon as legal advice. It is not intended to create, and does not create, an attorney-client relationship and readers should not act upon the information presented without first seeking legal counsel.

What if the data of 80 million Anthem subscribers were encrypted at rest? And...

By Logicworks, 16 February 2015, 1 comment. Categories: Data & Analytics, Data Loss, Data Management, Security, Vulnerabilities.

A matter of trust: The importance of backups in cloud computing

(c)iStock.com/kjekol

Strong security is a foundational element of every public, private and hybrid cloud implementation and will be a top concern for all businesses as part of a macro trend taking grip in 2015. Research shows that 90 percent of the world’s data has been generated in the past two years – calling into question not only data storage, but also data safety.

When it comes to security in the cloud, disaster recovery (DR), backup and...

By Chad Buzzard, 30 January 2015, 0 comments. Categories: Data & Analytics, Data Loss, Disaster Recovery, Security.

Frequency vs. size of cloud data breaches: Which is worse?

(c)iStock.com/sproetniek

Let’s face it, 2014 was a busy year for hacks and data breaches. There were the high profile Sony hacks, the record breaking fines handed out as a result of ePHI (electronic Protected Health Information) healthcare data breaches in the US, and sites such as Gmail and eBay were also targeted by hackers.

The potential for breaches to occur more frequently as businesses collect increasing amounts of consumer data was

By Aleks Szymanski, 28 January 2015, 0 comments. Categories: Data & Analytics, Data Loss, Data Management, Security.

What happens when data gets lost from the cloud?

(c)iStock.com/imilian

Let’s be clear: you need to store all that data somewhere. Hard drives were your only resort a few decades ago. Today, cloud is the new frontier on the data storage land, brimming with features.

So you’ve got data stored somewhere on cloud servers – your photos on Facebook, conversations in Skype, and projects in Asana – but what happens if one of these services take a knock and your data gets wiped?

Here’s the kicker: the cloud has many benefits (affordable...

By Dan Virgillito, 26 January 2015, 2 comments. Categories: Data & Analytics, Data Loss, Security.

Five tips to secure your cloud future

(c)iStock.com/maxkabakov

The cloud has been central to the business workings of organisations. Reliance on the cloud as a central storage tool highlights the importance of security. With important data and documents and sensitive information stored away on the cloud, there is too much at stake. Intense effort and investment needs to be put into making sure cloud providers are providing these five main security features:

Standards based integration with identity management providers

Forming an integrated...

By William Rabie, 22 January 2015, 0 comments. Categories: Security, Vulnerabilities.

How cloud providers can prevent data loss: A guide

(c)iStock.com/4774344sean

Feature Cloud service providers find themselves in a struggle balancing responsibility for maintaining data integrity with delivering cost effective solutions to their customers, all the while protecting their own data assets and bottom line.

Generally, the type of service they are delivering limits a provider’s responsibility level. In the case of infrastructure as a service (IaaS) a provider might just be delivering infrastructure and a means of creating cloud environments with no...

By David Auslander, 15 January 2015, 0 comments. Categories: Data & Analytics, Data Loss, Security.