Hybrid cloud security strategies analysed in new research

Hybrid cloud and multi-cloud security is becoming top of mind for organisations – but many still persist with best of breed tools for both systems rather than combining into one ‘best of suite’ offering.

That is the key finding following a report from Santa Clara-based Cavirin Systems. The report, which polled more than 350 IT admins, IT decision makers and C-suite executives, found 81% of organisations currently deploy a hybrid or multi-cloud strategy, with 11% only going on-premise and 8%...

By James Bourne, 12 April 2018, 0 comments. Categories: Hybrid, Research, Security.

Learning from the masters of DevSecOps: Getting security right at scale

With the relentless 24/7 nature of the digital economy, many customers I talk to are under pressure to continually release and update their apps. Making this happen is a challenge in itself. But keeping those apps secure can be even more problematic – especially when security is left to the end of the development cycle.

That may seem an unlikely approach in today’s heightened IT security climate. But in my experience, it’s all too common. Under pressure to get their apps out fast, firms...

By Aruna Ravichandran, 09 April 2018, 0 comments. Categories: Applications, Data & Analytics, Developers, DevOps, Security.

Five ways machine learning can save your company from a security breach meltdown

  • $86bn was spent on security in 2017, yet 66% of companies have still been breached an average of five or more times.
  • Just 55% of CEOs say their organizations have experienced a breach, while 79% of CTOs acknowledge breaches have occurred. One in approximately four CEOs (24%) aren’t aware if their companies have even had a security breach.
  • 62% of CEOs inaccurately cite malware as the primary threat to cybersecurity.
  • 68% of executives whose companies experienced significant breaches in hindsight believe that the breach could have been prevented by implementing more...

By Louis Columbus, 09 April 2018, 0 comments. Categories: Applications, Big Data, Data & Analytics, Data Management, Security, Software.

Microsoft responds to speed of CLOUD Act enactment and data privacy concerns

Microsoft has admitted the speed in which the CLOUD Act was enacted was ‘a bit of a shock’ – but added there was more to do to protect users’ privacy rights across borders.

The act, which stands for ‘clarifying lawful overseas use of data’, was signed into law two weeks ago and ultimately represents the culmination of a case which began four years ago concerning an email in Dublin.

During a drug trafficking investigation in 2013, Microsoft refused to provide details of an...

By James Bourne, 06 April 2018, 0 comments. Categories: Compliance, Data & Analytics, Data Management, Security.

How should businesses respond to the security challenges of multi-cloud?

More and more, hybrid multi-cloud is generally accepted to be the IT architecture of the future.

Only multi-cloud offers the flexibility, the scalability and the security benefits that modern businesses demand. But a decision to embrace a multi-cloud-first strategy is only the beginning - companies need to spend serious time on careful preparations to optimise this approach. For instance, there are security challenges that inevitably follow when data is spread across multiple cloud environments, and companies...

By Russell Poole, 06 April 2018, 0 comments. Categories: Data & Analytics, Data Management, Hybrid, Security.

Eight steps for a pain-free cloud migration: Assessment, migration and support

Cloud adoption by UK companies has now neared 90%, according to Cloud Industry Forum, and it won’t be long before all organisations are benefiting to some degree from the flexibility, efficiency and cost-savings of the cloud. Moving past the first wave of adoption we’re seeing businesses ramp up the complexity of the workloads and applications that they’re migrating to the cloud. Perhaps...

By Monica Brink, 29 March 2018, 0 comments. Categories: Adoption, Infrastructure, Migration, Security.

More cloud security education needed – but shared responsibility message getting through

Organisations still believe their information is safer on-premise rather than in the cloud – and it’s a mindset that IT security firm Barracuda Networks wants to change.

According to the company, who polled more than 600 respondents around their experiences with cloud security, more than four in five (83%) said they were concerned about deploying firewalls in the cloud, while more than half (57%) of EMEA-based respondents said their on-premises security was superior to cloud.

When it came to the...

By James Bourne, 26 March 2018, 0 comments. Categories: Data & Analytics, Data Management, DevOps, Research, Security.

Keeping the multi-cloud world safe: Ensuring control and visibility

The world is going multi-cloud. Organisations seek the efficiency, speed, scalability and reduced costs that cloud promises and are rapidly moving applications and data into more hybrid environments – including to more than one cloud.

According to Cisco’s most recent Global Cloud Index, data centre application growth is exploding in this new multi-cloud world. By 2021,...

By Chintan Patel, 23 March 2018, 0 comments. Categories: Applications, Architecture, Best Practice, Infrastructure, Security.

Google Cloud beefs up security on GCP, G Suite and more in major update

Google Cloud has unveiled major security revamps to its portfolio, across Google Cloud Platform (GCP), G Suite, Chrome Enterprise, and more.

The company has made 20 announcements in total in conjunction with the CEO Security Forum in New York. GCP had no fewer than eight notes, with alpha services around security perimeters and cloud asset management the highlights.

VPC Service Controls aims to stop identity mismanagement, misconfigured policies and compromised virtual machines by creating a security...

By James Bourne, 22 March 2018, 0 comments. Categories: Data & Analytics, Data Management, Enterprise, Google, Security.

The top five reasons for a multi-cloud infrastructure

Having been focused in the cloud sector for more than 12 years now, I have experienced much fast paced change and continued assumptions, misunderstanding and over-promising of cloud as the saviour of all ills.

Cloud is used as a generic term and yet covers a wide plethora of sub form factors (SaaS – software as a service, PaaS – platform as a service and IaaS – infrastructure as a service) and delivery mechanisms (private, public and hybrid clouds). Within these you then have a growing...

By Ian Moyse, 19 March 2018, 0 comments. Categories: IaaS, Infrastructure, Regulation, SaaS , Security, Software.

Why a consumer approach to security – with cloud in mind – may help struggling enterprises

Are Amazon and Facebook the standard bearers when it comes to security? According to the latest identity and access management (IAM) study from Gemalto, more than half of respondents say their organisation’s work authentication methods are worse than those offered by the two tech giants.

The study, which polled more than 1,000 IT decision makers globally, found that the continued rise in cloud applications, as well as the similarly shopworn story around device proliferation, means enterprises are...

By James Bourne, 12 March 2018, 0 comments. Categories: Collaboration, Compliance, Security, Software.

Google Cloud announces healthcare APIs and updates – as Apple and Spotify revealed as customers

It has been an interesting week or so for Google Cloud, both directly and indirectly. The company has announced new APIs, updates and customers for its healthcare cloud initiative, while other high-profile customers have been disclosed.

At HiMSS, the healthcare information and management systems society conference, Google launched a new cloud healthcare API, which is better equipped to focus on data types such as HL7, FHIR and DICOM, and also allows customers to crunch the numbers using analytics and machine...

By James Bourne, 06 March 2018, 0 comments. Categories: Compliance, Google, Infrastructure, Security.

Microsoft expands government cloud offerings as company says IT shift ‘reaches tipping point’

Microsoft has beefed up its government cloud offerings, launching government-specific editions of Microsoft 365 and Azure Stack, as well as greater security and compliance in Dynamics 365.

Microsoft 365, which comprises Office 365, Windows 10, and Enterprise Mobility + Security (EMS), and Azure Stack, which extends Azure to on-premises environments, are being upgraded as Microsoft acknowledges faster acceleration of government organisations moving to the cloud.

“This move is driven largely by the desire...

By James Bourne, 06 March 2018, 0 comments. Categories: Compliance, Data & Analytics, Data Management, Microsoft, PublicSector, Security.

Why cloud is the cornerstone of digital transformation in healthcare

Today every part of the business is subject to new expectations, competitors, channels, threats and opportunities. Every business has the potential to be a digital business. As the numbers of smart, connected devices from phones to cars to wearables are growing, companies that quickly deliver digital solutions or services, and use insights to rapidly optimise their value chain are gaining competitive advantage. Businesses that digitally transform will be able to connect more closely with customers, speed up the pace of...

By Roberto Mircoli, 25 February 2018, 1 comment. Categories: Compliance, Infrastructure, Security.

Cisco and Rackspace come together for multi-cloud security

Multi-cloud continues to be on the agenda – this time, a collaboration between Cisco and Rackspace whereby the former will provide the latter’s customers with security protection for multi-cloud environments.

Rackspace will deploy high volumes of Cisco’s next-generation firewalls and integrate them directly into its services, according to Cisco. The managed cloud provider had previously served as a testing partner for Cisco’s ASA firewall series.

According to the most recent annual...

By James Bourne, 25 February 2018, 0 comments. Categories: Data Management, Security, Vulnerabilities.

Cisco cybersecurity report shows how cloud use rises – and cyberattacks rise with it

Cloud computing usage continues to grow, but at the expense of security as attackers take advantage, according to the latest Cisco annual cybersecurity report.

The study, now in its 11th iteration, puts together threat intelligence and cybersecurity trends from researchers and six technology partners, and found more than a quarter (27%) of security professionals polled use off-premises private clouds. This is up from 20% this time last year.

Of that number, more than half (57%) say they host networks in the...

By James Bourne, 22 February 2018, 0 comments. Categories: Compliance, Research, Security.

Hackers ran crypto mining scripts on Tesla’s cloud, research reveals

Hackers have been running crypto mining scripts on unsecured Kubernetes instances owned by Tesla, according to new research from security monitoring provider RedLock.

According to the study, which analysed public cloud environments monitored by RedLock – more than 12 million resources processing petabytes of network traffic – the unsecured Kubernetes pod exposed access credentials to Tesla’s Amazon Web Services (AWS) environment. From there, the environment contained an AWS S3 bucket which...

By James Bourne, 21 February 2018, 0 comments. Categories: Containers, Infrastructure, Security.

The importance of getting security on-board early in cloud projects

It goes without saying that security is a vital part – the most vital part – of cloud projects. But getting security engagement in early will make the whole process easier, from reduced risk of data loss to quicker project delivery.

That is the key finding from a new report by Hurwitz & Associates. The paper, sponsored by Lacework and titled ‘Balancing Velocity and Security in the Cloud’, polled 85 IT leaders from the Americas and Europe and examined the importance of automation in...

By James Bourne, 06 February 2018, 0 comments. Categories: Data Management, Infrastructure, Research, Security.