AWS and Azure get the highest federal security rating: What happens from here?

(c)iStock.com/Kevin Smart

Cloud services have been able to store customers’ data for many years now, but the number of prospective clients for several vendors has recently dramatically increased.

Back in late June, the announcement was made that three vendors had received special certifications from the federal government, allowing them to store sensitive data that the government had...

By Rick Delgado, 18 August 2016, 0 comments. Categories: Amazon, Government, Microsoft, PublicSector, Regulation, Security.

Why security and compliance are still the main blockers to cloud adoption

(c)iStock.com/LPETTET

According to the Cloud Industry Forum, 80% of UK companies are adopting cloud technology as a key part of their overall IT and business strategy. However, one of the perceived barriers to cloud adoption continues to be concerns around security and compliance, which was the key topic of discussion at a recent techUK panel in which iland took part. During this discussion, we talked about the fact that nine out of ten security professionals worry about cloud security.

One of the key aspects that...

By Monica Brink, 16 August 2016, 0 comments. Categories: Compliance, Data & Analytics, Data Management, Security.

Research suggests “tactical rather than strategic” cloud adoption in ASEAN

(c)iStock.com/NickILitov

Small to medium businesses in ASEAN (Association of South East Asian Nations) are certainly on the cloud bandwagon – but it’s a stretch to say they are confident about its capabilities.

That was the overall finding from research conducted by Data & Storage Asean and commissioned by Barracuda Networks. The survey, which polled 130 IT professionals from small businesses in Indonesia, Malaysia, the Philippines and Singapore, found 73% of respondents argued their data was...

By James Bourne, 15 August 2016, 0 comments. Categories: Adoption, Infrastructure, Research, Security.

Research argues greater confidence in public cloud security from IT pros

(c)iStock.com/scanrail

IT professionals are becoming more confident in the security of the public cloud compared to corporate data centres, according to the latest study from IT consulting firm SADA Systems.

The poll, which quizzed more than 200 IT managers around their use of public cloud services, found that 84% of respondents were using some form of public cloud infrastructure today.

49% of respondents said they used Google Cloud Platform, compared with 48% for Microsoft and 42% for AWS – although...

By James Bourne, 12 August 2016, 0 comments. Categories: Data Centres, Infrastructure, Research, Security.

Examining a new approach to data centre security

(c)iStock.com/4x-Image

Changing with the times is frequently overlooked when it comes to data security. Technology is becoming increasingly dynamic, but most data centres are still using archaic security measures to protect their network – which isn’t going to stand a chance against today’s sophisticated attacks.

Recent efforts to upgrade these massive security systems are still falling short. Data centres house a huge amount of data and there shouldn’t be any shortcuts when...

By Yoav Shay Daniely, 11 August 2016, 0 comments. Categories: Data & Analytics, Data Centres, Data Management, Infrastructure, Security.

Microsoft research aims to better utilise encrypted cloud data without privacy fears

(c)iStock.com/maxkabakov

In some instances, encryption is a double-edged sword: if data is encrypted in the cloud, it’s secure, but you can’t get access to it. Yet a new research paper presented by Microsoft may be the first step to changing it.

The paper examines the concept of secure data exchange (SDE), where the aim, as a blog post from Microsoft Research writer John Roach puts it, is to...

By James Bourne, 10 August 2016, 0 comments. Categories: Data & Analytics, Data Management, Privacy, Security.

Google launches customer-supplied encryption keys for greater cloud security

(c)iStock.com/serg3d

Google has launched customer-supplied encryption keys (CESK) for its Compute Engine infrastructure as a service (IaaS), which enables organisations to better protect their cloudy data.

The search giant automatically encrypts customer content stored at rest, including all Compute Engine disks, but in a blog post written by Maya Kaczorowski and Eric Bahna, product managers at Google Cloud Platform, the new release is aimed to be “secure, fast and easy” for users.

“With CESK, disks at...

By James Bourne, 05 August 2016, 0 comments. Categories: Data Management, Google, IaaS, Infrastructure, Security.

Microsoft secures ISO 27017 security certification around cloud-specific threats

(c)iStock.com/Gajus

Microsoft has announced it has obtained ISO 27017 compliance, a new cloud-based security certification published at the end of last year.

The certification from the ISO, the global organisation which has published more than 21,000 international standards across a variety of industries, is newer and subsequently less known than the ISO 27018 standard, which sets out guidelines to protect personally identifiable information (PII).

Microsoft claimed to be the first adopter of ISO 27018, in

By James Bourne, 04 August 2016, 0 comments. Categories: Compliance, Microsoft, Security.

Reducing threats and management headaches across private clouds: A guide

(c)iStock.com/tzahiV

While public cloud implementations are steadily increasing, private clouds in customers’ own data centres continue to be deployed because of the perceived higher levels of security and control they offer.

But the management of a private cloud can be complex and many organisations underestimate the scale of the challenge. Security and management in particular continues to be pain points. Many go in with the assumption that in a private cloud, IT departments have more control so the environment...

By Monica Brink, 03 August 2016, 0 comments. Categories: Data & Analytics, Data Management, Security.

Why CIOs need to be strong in picking a cloud strategy – and sticking to it

(c)iStock.com/Choreograph

This time last year, Fruition Partners, an IT solutions provider, released a report which assessed the state of cloud adoption through the eyes of the CIO. The study bemoaned the rise of shadow IT and gave three best practice tips to control cloud sprawl, by focusing on the user to provide a better service, focusing on business needs, and focusing on IT strategy and how to make better use of IT service management (ITSM).

12 months on and, to quote Led Zeppelin, the song remains the same. 62% of...

By James Bourne, 01 August 2016, 1 comment. Categories: Adoption, Applications, CIO, Enterprise, Security, Software.

Lack of encryption for sensitive cloud data worrying for businesses, argues Gemalto

(c)iStock.com/Jirsak

Though cloud-based resources are becoming increasingly important to companies’ IT operations and business strategies, only a third of sensitive cloudy data is encrypted, according to the latest research from digital security provider Gemalto.

The findings, conducted in association with the Ponemon Institute, found more than nine in 10 UK firms (92%) don’t encrypt more than three quarters of their sensitive data sent via the cloud, while almost four in 10 (39%) do not encrypt...

By James Bourne, 28 July 2016, 0 comments. Categories: Adoption, Privacy, Security.

ISO compliance in the cloud: Why should you care, and what do you need to know?

(c)iStock.com/hh5800

More and more organisations are looking to move to cloud to benefit from scalability, cost reduction and the ability to launch new service offerings fast.

The dynamic nature of cloud however necessitates security and compliance controls that frankly can be daunting. Issues around mobility and multi-tenancy, identity and access management, data protection and incident response and assessment all need to be addressed. And with multiple modes – SaaS, PaaS, IaaS, public, private, hybrid...

By Frank Krieger, 18 July 2016, 1 comment. Categories: Compliance, Data Management, Security.

Why cloud security best practices mean engagement from vendors and employees

(c)iStock.com/StockFinland

Ransomware may be the hot topic in the news at the moment, but human error is a greater threat. Human error, in fact, is often the reason ransomware is able to infiltrate a network (by staff members clicking phishing links, for example). It’s also one of the greatest causes of data loss in the cloud. The first part of this series discussed how cloud vendors, shadow...

By Matt Kingswood, 08 July 2016, 0 comments. Categories: Data & Analytics, Data Management, Security, Vendors, Vulnerabilities.

IT skills shortage leading to cybersecurity issues, research argues

(c)iStock.com/maxkabakov

If a security system flags up an issue in your organisation and nobody acts on it, is it even an issue? Many organisations are acting that way, according to a report from Skyhigh Networks and the Cloud Security Alliance (CSA).

The research found that security budgets continue to rise – more than half (53%) of the 220 IT and security professionals polled expect their allocations to go up in the coming year – and the myriad of tools at teams’ disposals is a growing...

By James Bourne, 28 June 2016, 0 comments. Categories: Data Management, Data Sovereignty, Privacy, Security.

Ransomware may be a big culprit for data loss – but it’s the wrong fall guy

(c)iStock.com/Big_Ryan

With researchers seeing a 3500% increase in the use of net infrastructure which criminals use to run ransomware campaigns, it’s not surprising that ransomware has been making big headlines.

The media laments the growing rings of cyber criminals that launch ransomware threats, but there’s another culprit that tends to slip under the radar: people like you and me. Sure,...

By Matt Kingswood, 22 June 2016, 0 comments. Categories: Data Loss, Data Management, Enterprise, Infrastructure, Security.

More than a quarter of enterprise cloud apps deemed risky, CloudLock argues

(c)iStock.com/LeoWolfert

A new piece of research from cloud security provider CloudLock argues that more than a quarter of cloud apps connected to corporate environments were seen as high risk.

The report, the firm’s Q2 2016 Cloud Cybersecurity Report, gave a generally pessimistic warning over the threats of shadow IT. From 2014 to 2016, CloudLock has observed an almost 30 times increase in apps used under shadow IT, from 5,500 to almost 160,000. What’s more, over half of third party apps are...

By James Bourne, 13 June 2016, 0 comments. Categories: Applications, Research, Security.

Netskope study argues majority of cloud apps are not ready for EU GDPR

(c)iStock.com/FrankRamspott

Three quarters of cloud apps used by businesses are not equipped for the upcoming EU General Data Protection Regulation (GDPR), according to the latest study from cloud security services provider Netskope.

The report comes hot on the heels of a survey conducted by the firm back in February which argued businesses were not sure if they would keep up with the upcoming legislation, which is set to drop in two years’ time and includes provisos over the right to be forgotten, as...

Capacity, redundancy, and transparency: The three big cloud question marks

(c)iStock.com/anilakkus

From my perch in the cloud computing ecosystem, I see three concerns on the horizon for cloud computing: capacity, redundancy, and transparency.

In certain ways, these topics are inter-related with security. Certainly, from the customer’s viewpoint, they all touch on perceptions of value and trust. And possible solutions, at least to my mind, tend to reflect old-school logic around risk management principles.

I know from my conversations with other professionals in the cloud...

By Christine Miyachi, 25 May 2016, 0 comments. Categories: Big Data, Data & Analytics, Data Management, Security.

Cloud security strategies: In the land of the blind, the one eyed man is king

(c)iStock.com/Kalawin

New research released today by enterprise cloud hosting provider iland has revealed almost half (47%) of security workers “simply trust” their cloud providers to meet security agreements.

The findings, from 100 IT decision makers and security experts, appear in a study whose title – ‘Blind Trust is Not a Security Strategy: Lessons from Cloud Adopters’ – lays the problem on thick. Even though 78% of firms polled are using the cloud in some capacity, and...

By James Bourne, 24 May 2016, 1 comment. Categories: Data Management, Security, Vendors.

An update on security in the hybrid cloud: Where do we go from here?

(c)iStock.com/BrianAJackson

Even in mid-2016, very few who are serious about cloud computing will tell customers that out of the box public cloud services are as secure as their corporate data centres. At the same time no-one would suggest introducing mission critical applications and data into a brand new data centre environment without first planning and implementing proper physical, network, server, and application security controls.

Many organisations distrust moving corporate data and application assets...

By David Auslander, 24 May 2016, 0 comments. Categories: Hybrid, Infrastructure, Security.