ISO compliance in the cloud: Why should you care, and what do you need to know?

(c)iStock.com/hh5800

More and more organisations are looking to move to cloud to benefit from scalability, cost reduction and the ability to launch new service offerings fast.

The dynamic nature of cloud however necessitates security and compliance controls that frankly can be daunting. Issues around mobility and multi-tenancy, identity and access management, data protection and incident response and assessment all need to be addressed. And with multiple modes – SaaS, PaaS, IaaS, public, private, hybrid...

By Frank Krieger, 18 July 2016, 1 comment. Categories: Compliance, Data Management, Security.

Why cloud security best practices mean engagement from vendors and employees

(c)iStock.com/StockFinland

Ransomware may be the hot topic in the news at the moment, but human error is a greater threat. Human error, in fact, is often the reason ransomware is able to infiltrate a network (by staff members clicking phishing links, for example). It’s also one of the greatest causes of data loss in the cloud. The first part of this series discussed how cloud vendors, shadow...

By Matt Kingswood, 08 July 2016, 0 comments. Categories: Data & Analytics, Data Management, Security, Vendors, Vulnerabilities.

IT skills shortage leading to cybersecurity issues, research argues

(c)iStock.com/maxkabakov

If a security system flags up an issue in your organisation and nobody acts on it, is it even an issue? Many organisations are acting that way, according to a report from Skyhigh Networks and the Cloud Security Alliance (CSA).

The research found that security budgets continue to rise – more than half (53%) of the 220 IT and security professionals polled expect their allocations to go up in the coming year – and the myriad of tools at teams’ disposals is a growing...

By James Bourne, 28 June 2016, 0 comments. Categories: Data Management, Data Sovereignty, Privacy, Security.

Ransomware may be a big culprit for data loss – but it’s the wrong fall guy

(c)iStock.com/Big_Ryan

With researchers seeing a 3500% increase in the use of net infrastructure which criminals use to run ransomware campaigns, it’s not surprising that ransomware has been making big headlines.

The media laments the growing rings of cyber criminals that launch ransomware threats, but there’s another culprit that tends to slip under the radar: people like you and me. Sure,...

By Matt Kingswood, 22 June 2016, 0 comments. Categories: Data Loss, Data Management, Enterprise, Infrastructure, Security.

More than a quarter of enterprise cloud apps deemed risky, CloudLock argues

(c)iStock.com/LeoWolfert

A new piece of research from cloud security provider CloudLock argues that more than a quarter of cloud apps connected to corporate environments were seen as high risk.

The report, the firm’s Q2 2016 Cloud Cybersecurity Report, gave a generally pessimistic warning over the threats of shadow IT. From 2014 to 2016, CloudLock has observed an almost 30 times increase in apps used under shadow IT, from 5,500 to almost 160,000. What’s more, over half of third party apps are...

By James Bourne, 13 June 2016, 0 comments. Categories: Applications, Research, Security.

Netskope study argues majority of cloud apps are not ready for EU GDPR

(c)iStock.com/FrankRamspott

Three quarters of cloud apps used by businesses are not equipped for the upcoming EU General Data Protection Regulation (GDPR), according to the latest study from cloud security services provider Netskope.

The report comes hot on the heels of a survey conducted by the firm back in February which argued businesses were not sure if they would keep up with the upcoming legislation, which is set to drop in two years’ time and includes provisos over the right to be forgotten, as...

Capacity, redundancy, and transparency: The three big cloud question marks

(c)iStock.com/anilakkus

From my perch in the cloud computing ecosystem, I see three concerns on the horizon for cloud computing: capacity, redundancy, and transparency.

In certain ways, these topics are inter-related with security. Certainly, from the customer’s viewpoint, they all touch on perceptions of value and trust. And possible solutions, at least to my mind, tend to reflect old-school logic around risk management principles.

I know from my conversations with other professionals in the cloud...

By Christine Miyachi, 25 May 2016, 0 comments. Categories: Big Data, Data & Analytics, Data Management, Security.

Cloud security strategies: In the land of the blind, the one eyed man is king

(c)iStock.com/Kalawin

New research released today by enterprise cloud hosting provider iland has revealed almost half (47%) of security workers “simply trust” their cloud providers to meet security agreements.

The findings, from 100 IT decision makers and security experts, appear in a study whose title – ‘Blind Trust is Not a Security Strategy: Lessons from Cloud Adopters’ – lays the problem on thick. Even though 78% of firms polled are using the cloud in some capacity, and...

By James Bourne, 24 May 2016, 1 comment. Categories: Data Management, Security, Vendors.

An update on security in the hybrid cloud: Where do we go from here?

(c)iStock.com/BrianAJackson

Even in mid-2016, very few who are serious about cloud computing will tell customers that out of the box public cloud services are as secure as their corporate data centres. At the same time no-one would suggest introducing mission critical applications and data into a brand new data centre environment without first planning and implementing proper physical, network, server, and application security controls.

Many organisations distrust moving corporate data and application assets...

By David Auslander, 24 May 2016, 0 comments. Categories: Hybrid, Infrastructure, Security.

How Santander embraced cloud storage for greater productivity and data security

(c)iStock.com/tupungato

If you were to think of an industry that would be naturally reluctant to embrace technologies such as cloud and mobility for reasons of sensitive data privacy, which one would you think of first? The two most common answers are usually healthcare and banking – so it is therefore interesting to note how Santander has gone all in on enterprise file sync and share (EFSS) with cloud storage provider CTERA Networks.

According to the bank, the opportunity to move organisational...

By James Bourne, 17 May 2016, 0 comments. Categories: Case Studies, Enterprise, Security, Software, Storage.

Hong Kong overtakes Japan as most mature Asia Pacific cloud nation

(c)iStock.com/luxizeng

Hong Kong is the most ‘cloud-ready’ Asia Pacific nation with an overall ranking higher than that of the US and UK, according to the latest analysis from the Asia Cloud Computing Association (ACCA).

Japan, previously the leader, moved down four places to #5 in the chart with an overall score of 73.0 compared to Hong Kong’s 78.1, with the latter scoring top markets in broadband quality, privacy, and data centre risk. Singapore (76.7), New Zealand (74.4) and Australia...

By James Bourne, 28 April 2016, 2 comments. Categories: Data & Analytics, Data Management, Infrastructure, Privacy, Security.

Businesses suffering from lack of knowledge over GDPR, report finds

(c)iStock.com/BrianAJackson

The updated EU General Data Protection Regulation (GDPR) legislation is coming in the next two years – but businesses are at risk of fines because of gaps in knowledge, according to new research from Trend Micro.

More than a quarter (26%) of companies don’t know how much time they have to become compliant, according to the report which surveyed 100 senior IT decision makers in the UK. Almost one in five (18%) are not currently aware that they face fines, while a third...

By James Bourne, 26 April 2016, 0 comments. Categories: Data & Analytics, Data Management, Privacy, Security.

The top five in-demand cloud security skills for 2016

(c)iStock.com/Jirsak

The cloud computing market continues to expand at a phenomenal rate. According to a recent report from IDC, worldwide spending on public cloud services will grow 19.4% annually through to 2019. Six times the rate of overall IT spend growth, this will double the current spend from $70 billion to $141 billion.

As more businesses transition to the cloud this will drive up demand for IT professionals with the skills to make the most of the technology. A market, which...

By Ed Jones, 20 April 2016, 0 comments. Categories: Compliance, Security, Vulnerabilities.

The key to maximising the advantages of cloud security

(c)iStock.com/LeoWolfert

By Paul Fletcher, Security Evangelist at Alert Logic

Despite the pervasive use of the cloud to handle complex, secure workloads, many organisations question whether the cloud is natively secure. They still think that the security of a system depends on their ability to touch and control a physical device. Visibility from layer one (physical) up to layer seven (application) of the OSI Model gives us security professionals a good gut feeling.

Veteran systems administrators are challenged to both...

By Logicworks, 14 April 2016, 0 comments. Categories: Infrastructure, Security.

Organisations start to address the subtleties of securing 'as a service' propositions

(c)iStock.com/BlackJack3D

According to a recent Verizon report, 94% of companies expect more than a quarter of their workloads to be in the cloud within two years. The enterprise is moving to a cloud model of IT service consumption and delivery for a variety of reasons: IT organisations can become more responsive to business requirements by scaling up on demand, operations are refocused toward the...

By Jeff Denworth, 01 April 2016, 0 comments. Categories: Data Management, Infrastructure, Privacy, Security.

Data resilience: Why CEOs and CFOs need to understand the CIO agenda

(c)iStock.com/Akindo

The CIO agenda changes each year, albeit not drastically. In 2015 part of their focus was on hybrid cloud spending, but this year research and analyst firm Gartner says that it’s now about how they enhance the power of digital platforms. The company’s ‘Building the Digital Platform: Insights From the 2016 Gartner CIO Agenda Report’ says: “As digitalisation moves from an innovative trend to a core...

By Graham Jarvis, 31 March 2016, 0 comments. Categories: CIO, Data & Analytics, Data Management, Security.

Analysing security and regulatory concerns with cloud app migration

(c)iStock.com/baluzek

As businesses look to clouds for faster, more flexible growth, they confront significant challenges from a legacy application base that has varying levels of cloud suitability. It is therefore worth examining how security and compliance requirements can impact choice of cloud or architecture strategies within a cloud. 

Maintaining privacy for data that must be protected for business or regulatory reasons is a substantial concern in cloud migration, public or private. Security and...

By Bryan Solie, 11 March 2016, 0 comments. Categories: Applications, Compliance, Data & Analytics, Data Management, Security.

A warning shot: Why cloud security remains more important than ever

(c)iStock.com/LeoWolfert

With all the recent well-publicised hacking and malware attacks, not to mention numerous meteorological events that have affected companies around the globe over the last year, IT leaders are very aware of the need for robust cloud security and compliance.

That said it is infact now easier for companies to engage in poor security practices because users do not have the same control over their cloud infrastructure that they have over their own on-premise infrastructure. Often,...

By Monica Brink, 10 March 2016, 0 comments. Categories: Applications, Infrastructure, Security.

The cloud is becoming more secure – but it’s still costly to keep it that way

(c)iStock.com/RyanKing999

Fears over cloud security will continue to linger, but the situation is improving: almost two thirds (64%) of enterprises polled by analyst house Clutch argue cloud infrastructure is more secure than legacy systems.

36% of the 300 respondents polled said cloud was much more secure than legacy infrastructure, compared to 28% who argued it was “somewhat” more secure. Only 11% of respondents argued cloud was in any way less secure, with 1% saying it was ‘much...

By James Bourne, 04 March 2016, 0 comments. Categories: Infrastructure, Research, Security.

MWC takeaways: Making sure your infrastructure is secure for the connected world

(c)iStock.com/Maciej Noskowski

With Mobile World Congress over for another year, I’ve now had a chance to digest everything that was on show last week. This conference, which is arguably the planet’s best venue for mobile industry networking, looked at the Internet of Things and the connected world, anything and everything from developments such as 5G to newly connected toothbrush devices that ensure consumers brush their teeth as the dentist intended.

What all these new technology innovations...

By Monica Brink, 02 March 2016, 0 comments. Categories: Data Management, Infrastructure, Privacy, Security.