Digital trust: Why enterprise IT compliance matters

Do you wonder, are there significant benefits for building a culture of digital trust? New research has uncovered a direct connection between the cause and effect of bad actors in organisations across the globe. Information technology has many uses, but business leaders must be mindful of compliance.

Twenty-nine percent of employees observed at least one compliance violation at work in 2016 or 2017, according to the latest worldwide market study by Gartner. The survey, which sampled more than 5,000 employees...

By David H Deans, 16 October 2018, 0 comments. Categories: Data & Analytics, Data Management, Enterprise, Security.

Simplifying complex public sector environments through cloud: A guide

Government and public sector organisations continue to seek ways to improve services and mitigate the risk of migrating mission-critical applications to the cloud. Already, many organisations, focused on improving the citizen experience, have set their sights on the cloud. Flexible, agile and affordable, managed cloud can accelerate the agency mission.  Still, CIOs are cautious about which applications to prioritise and what steps they must take to ensure the reality fulfils the promise.

In the US, since...

By Roberto Mircoli, 11 October 2018, 0 comments. Categories: Infrastructure, PublicSector, Security.

How identities are the new security perimeter

  • Privileged credentials for accessing an airport’s security system were recently for sale on the Dark Web for just $10, according to McAfee.
  • 18% of healthcare employees are willing to sell confidential data to unauthorized parties for as little as $500 to $1,000, and 24% of employees know of someone who has sold privileged credentials to outsiders, according to a recent Accenture survey.
  • Apple employees in Ireland have been offered as much as €20,000 ($22,878) in exchange for their privilege access credentials in 2016, according to 

By Louis Columbus, 03 October 2018, 1 comment. Categories: Data & Analytics, Data Management, Security, Vulnerabilities.

The importance of APIs in public cloud security: How secure do you think yours are?

The use of the cloud is now mainstream and, despite some concerns, it is generally accepted that the public cloud is not inherently insecure. In fact, in many cases it is more secure than most data centres.

This can be explained when we consider how many opportunities there are for a piece of sensitive information that...

By Jason Macy, 01 October 2018, 0 comments. Categories: Architecture, Developers, Platform, Security, Vulnerabilities.

Five Kubernetes role-based access control mistakes to avoid

If you run workloads in Kubernetes, you know how much important data is accessible through the Kubernetes API—from details of deployments to persistent storage configurations to secrets. The Kubernetes community has delivered a number of impactful security features in 2017 and 2018, including Role-Based Access Control (RBAC) for the Kubernetes API.

RBAC is a key security feature that protects your cluster by allowing you to control who can access specific API resources. Because the feature is relatively...

By Kaizhe Huang, 26 September 2018, 0 comments. Categories: Containers, Data & Analytics, Data Management, Developers, Security.

Cloud security and small businesses – what you need to know to avoid the pitfalls

Today we work in a world that is increasingly connected, convenient and cloud-based. This comes with a world of benefits not just for enterprises, but also for small to medium sized businesses (SMBs).

It’s now easier than ever to share documents in the cloud, video-conference with colleagues across the world and compile resources so that global teams can quickly access them from shared storage. The downfall,...

By Dirk Morris, 21 September 2018, 1 comment. Categories: Infrastructure, Security, Software, Vulnerabilities.

How the Cloud Security Alliance Cloud Controls Matrix benefits financial institutions

The self-service and dynamic nature of cloud infrastructure creates challenges for risk and compliance professionals. Tools that worked well in the traditional data centre do not translate to the public cloud.  

Due to these concerns over regulatory compliance and security, as well as the complexity involved in replacing legacy systems, financial institutions are taking a more...

By Brian Johnson, 14 September 2018, 0 comments. Categories: Compliance, Data & Analytics, Industry, Security.

Why healthcare providers need Zero Trust Security to boost their digital initiatives

  • 58% of healthcare systems breach attempts involve inside actors, which makes this the leading industry for insider threats today.
  • Ransomware leads all malicious code categories, responsible for 70% of breach attempt incidents.
  • Stealing laptops from medical professionals’ cars to obtain privileged access credentials to gain access and install malware on healthcare networks, exfiltrate valuable data or sabotage systems and applications are all common breach strategies.

These and many other fascinating insights are from 

By Louis Columbus, 11 September 2018, 0 comments. Categories: Applications, Best Practice, Data & Analytics, Data Management, Security.

Tresorit raises €11.5 million in series B funding to help promote secure cloud collaboration

Tresorit, a European provider of cloud security and collaboration software, has announced it has raised €11.5 million (£10.4m) in series B funding to help accelerate growth and scale marketing and sales operations.

The company, which sits in the enterprise file and sync space, offers products focused at the legal, healthcare and HR departments around encrypted storage and secure file sharing, as well as...

By James Bourne, 04 September 2018, 0 comments. Categories: Collaboration, Compliance, Security, Software.

Google Cloud gets up to speed with AWS and Azure with launch of HSM crypto tool

Google Cloud has announced the launch of a managed cloud-hosted hardware security module (HSM) service – joining Amazon Web Services and Microsoft Azure in this security benchmark.

The Cloud HSM will enable customers to host encryption keys and perform cryptographic operations in FIPS 140-2 Level 3 certified HSMs, according

By James Bourne, 22 August 2018, 0 comments. Categories: Compliance, Data Management, Google, Security.

Protecting your company’s crown jewels: Building cloud-based backup and DR into ransomware defence

It’s a sad fact of life that whenever someone owns anything of value, there’s someone else out there who wants to get their hands on it illegally. Today’s corporate crown jewels are the critical data on which organisations depend and the highwaymen are cybercriminals, who have built a lucrative industry from ransomware attacks that disrupt businesses, steal data and aim to extract payment from their victims.

Tackling this scourge is a critical challenge for IT managers on several levels, but...

Alibaba Cloud focuses on Asia Pacific with latest launches – and expands Elasticsearch partnership

It has been another busy week at Alibaba Cloud, with the company’s latest releases focusing on both Asia Pacific and European expansion.

The increased focus on Asia Pacific comes through the launch of no fewer than nine products around cloud architecture, machine learning, the Internet of Things (IoT), and security.

These include PAI, Alibaba Cloud’s proprietary machine...

By James Bourne, 16 August 2018, 0 comments. Categories: Alibaba, Infrastructure, Security.

Risk and finance industry still see cloud as a concern, notes Gartner

Even the slowest industries are moving workloads to the cloud – take risk, audit and finance as an example. Yet there is still plenty more to be done before these verticals become truly comfortable.

That’s according to the latest report from analyst firm Gartner. In the company’s most recent Emerging Risks study, cloud computing remains the primary concern for those in risk and compliance. Cloud was ahead of...

By James Bourne, 15 August 2018, 0 comments. Categories: Infrastructure, Research, Security, Vulnerabilities.

Demytisfying the public or private cloud choice: Compliance, cost, and technical requirements

Every business wants to operate like a tech company today. Companies can’t thrive without improving IT, and executives must decide where to house and process data – under these circumstances, cloud strategies are increasingly nuanced.

A Forrester study found that just 4% of organisations run their applications exclusively in the public cloud today, and 77 percent of organisations are using multiple types of clouds, both on-premises and off-premises.

So do you take the public or private cloud...

By Michael Coté, 13 August 2018, 0 comments. Categories: Compliance, Infrastructure, Private, Public, Security.

Making the cloud a safe space: Organisational security, identity, and more

The cloud has brought about many benefits for organisations and adoption is understandably increasing. Gartner earlier this year projected that the worldwide public cloud services market would grow 21.4 percent in 2018 whilst Forrester has found that global cloud services revenues totaled £112.5 billion in 2017, and is predicted to grow up to...

By Ronald Sens, 10 August 2018, 0 comments. Categories: Data & Analytics, Data Management, Security, Vulnerabilities.

IBM’s 2018 data breach study shows why we’re in a Zero Trust world now

  • Digital businesses that lost less than 1% of their customers due to a data breach incurred a cost of $2.8M, and if 4% or more were lost the cost soared to $6M.
  • U.S. based breaches are the most expensive globally, costing on average $7.91M with the highest global notification cost as well, $740,000.
  • A typical data breach costs a company $3.86M, up 6.4% from $3.62M last year.
  • Digital businesses that have security automation can minimize the costs of breaches by $1.55M versus those businesses who are not ($2.88M versus $4.43M).
  • 48% of all breaches are initiated by malicious or criminal...

By Louis Columbus, 09 August 2018, 0 comments. Categories: Data & Analytics, Data Management, Security, Software.

Samsung Heavy Industries chooses AWS to help take shipbuilding into the cloud

Another example of cloud computing infiltrating key enterprises; shipbuilding firm Samsung Heavy Industries is moving to Amazon Web Services (AWS) as its preferred cloud provider.

The company says it wants to be seen as a ‘cloud-first maritime business’, with Samsung using a variety of AWS’ services. These include EC2 and S3, naturally, alongside Amazon’s relational database, RDS, AWS Key Management, and governance and compliance tool CloudTrail.

By putting sensors in a variety of devices and...

By James Bourne, 09 August 2018, 0 comments. Categories: Compliance, Enterprise, Infrastructure, Security.

Hammering home public cloud shared security obligations: The importance of education

Public cloud customers need to become clearer on what their responsibility is for securing their data and applications hosted by public cloud providers. I believe there is a misunderstanding on how much responsibility the likes of AWS, Azure, and Google Cloud Platform have for securing their customers. Their platforms are definitely secure and migrating workloads into the cloud can be much more secure than on premise data centers, however organisations do have a responsibility in securing their workloads...

By Hatem Naguib, 07 August 2018, 0 comments. Categories: Infrastructure, Public, Security.

Cisco to acquire Duo Security to beef up multi-cloud efforts

Here’s a good example of how security underlines – or should underline – pretty much everything in the cloud: Cisco has announced it is to acquire Michigan-based Duo Security for upwards of $2.3 billion (£1.8bn).

The deal, which expects to close during the first quarter of Cisco’s fiscal year 2019, aims to help give the networking giant’s customers straightforward and secure access to any application on any networked device through Duo’s platform.

Duo Security offers...

By James Bourne, 06 August 2018, 0 comments. Categories: M&A, Platform, Security.