IT managers unconvinced on getting ROI from cloud adoption

(c)iStock.com/malerapaso

More than half of IT managers surveyed by West IP Communications say they expect to get full return on investment by moving to the cloud – but it’s an unconvincing figure.

54% of the more than 300 respondents said they would be able to fully recoup their costs of cloud computing adoption, which of course means 46% aren’t so sure. Yet those with bigger IT budgets were more confident: two thirds (66%) of managers with company IT budgets over $5m were...

By James Bourne, 26 May 2015, 1 comment. Categories: Adoption, Security, Vulnerabilities.

Majority of firms say they aren’t confident in responding to cloud-based data threats

(c)iStock.com/Imilian

If data stored in the cloud is under threat, what would you do: fight the fire or hide under the bed and hope everything goes away? The majority of respondents in a recent survey admitted they would do the latter.

The research, commissioned by Informatica and conducted by the Ponemon Institute, found 60% of global respondents were “not confident” they had the ability to proactively respond to cloud-based data threats. 80% said not knowing if sensitive or confidential...

By James Bourne, 08 April 2015, 0 comments. Categories: Data & Analytics, Data Loss, Data Management, Security, Vulnerabilities.

Why organisations need to be extra vigilant over their cloud security and partner use

(c)iStock.com/pinstock

A report from Skyhigh Networks has examined the issues for enterprises who share cloud data with partners, with almost 30% of data shared with partners considered “high risk.”

The report, the latest Cloud Adoption and Risk Report, argues the case that security does not end at the corporate perimeter. The average number of cloud services in use by company has risen again, from 545 in Q313 to 923 in Q115. Broken down by cloud service category the average company uses 162...

By James Bourne, 01 April 2015, 1 comment. Categories: Data & Analytics, Data Management, Security, Vulnerabilities.

Dropbox Android SDK vulnerability revealed, cloud storage provider praised for response

(c)iStock.com/funky-data

A major vulnerability in the Dropbox SDK for Android has been revealed by IBM Security, whereby attackers can connect applications on mobile devices to a Dropbox account controlled by the attacker.

The vuln has since been fixed, with IBM praising Dropbox for its response to the issue; the company acknowledged receipt of the disclosure within six minutes, confirmed the vulnerability within the day, and issued a patch within four days.

It’s slightly better than the flaw in Moonpig’s API,...

By James Bourne, 12 March 2015, 0 comments. Categories: Security, Storage, Vulnerabilities.

The cloud service provider and security vulnerabilities: Three steps to prevention

(c)iStock.com/cherezoff

IT departments worldwide face a dizzying array of security threats, whether they manage traditional or NextGen/cloud based environments. IT security experts report some very frightening statics:

  • Approximately 400,000 new malware instances are recognised daily
  • New kinds of malware are gaining prominence including Ransomware, Scareware, and banking malware.
  • New attack vectors include public cloud, software-as-a-service provider environments, third party services providers and mobile devices.
  • Reports of politically or cause sponsored terrorism and corporate espionage are on the rise...

By David Auslander, 09 March 2015, 0 comments. Categories: Data & Analytics, Data Management, Security, Vulnerabilities.

Shining a light on shadow IT - and how to ensure you get it right

(c)iStock.com/jrwasserman

The nature of work is evolving; employees are mobile and cloud-enabled, free to work anywhere from almost any device. In response to this shift, the BYOD trend has emerged stronger than ever. Coupled with this is the growth of employees desiring more accessible applications. However, these factors have undoubtedly contributed to the emergence of shadow IT, which is creating a problem for many IT departments.

Applications such as Dropbox are increasingly being used by employees for business...

By Angelo di Ventura, 25 February 2015, 0 comments. Categories: Applications, SaaS , Security, Software, Vulnerabilities.

Healthcare data security: Is cloud encryption alone enough?

By Kenneth N. Rashbaum, Esq. and Liberty McAteer, Esqs.

This blog post is for informational and educational purposes only. Any legal information provided in this post should not be relied upon as legal advice. It is not intended to create, and does not create, an attorney-client relationship and readers should not act upon the information presented without first seeking legal counsel.

What if the data of 80 million Anthem subscribers were encrypted at rest? And...

By Logicworks, 16 February 2015, 1 comment. Categories: Data & Analytics, Data Loss, Data Management, Security, Vulnerabilities.

Five tips to secure your cloud future

(c)iStock.com/maxkabakov

The cloud has been central to the business workings of organisations. Reliance on the cloud as a central storage tool highlights the importance of security. With important data and documents and sensitive information stored away on the cloud, there is too much at stake. Intense effort and investment needs to be put into making sure cloud providers are providing these five main security features:

Standards based integration with identity management providers

Forming an integrated...

By William Rabie, 22 January 2015, 0 comments. Categories: Security, Vulnerabilities.

User credentials remain the Achilles heel of cloud apps: How you can prevent an attack

(c)iStock.com/bestdesigns

High-profile security breaches have dominated the headlines in 2014. Two notable examples over the last few months, the Apple iCloud and Dropbox breaches, have revealed a juicy target for attackers: user credentials.

Rather than try to hack into the application itself like iCloud, Dropbox, Salesforce, or Amazon Web Services (AWS), an easier and much more feasible approach to gaining access to sensitive data, celebrity photos, or whatever else an attacker is after, is through stolen...

By Ofer Hendler, 02 January 2015, 3 comments. Categories: Exploits, Security, Vulnerabilities.

KPMG survey shows how cloud “continues to drive disruption in the business world”

(c)iStock.com/mihtiander

Almost half of respondents in KPMG’s 2014 cloud computing survey are using cloud to drive cost efficiencies, with a similar number utilising it to better enable their mobile workforce.

The study, of 500 global C-suite executives, saw a variety of ways in which businesses are using cloud to drive business transformation. Aside from cost savings (49%) and enabling a mobile workforce (42%), CXOs also see the benefit of cloud as improving alignment with customers and partners (37%),...

By James Bourne, 02 January 2015, 1 comment. Categories: Adoption, Compliance, Privacy, Security, Vulnerabilities.

The cryptic cloud: Can cloud encryption operate effectively right now?

©iStock.com/Henrik5000

Encryption in the digital world is akin to a safe in the physical world. Data is locked away and can only be seen by those who have the correct key. Among other things, encryption is what provides an assurance of confidentiality in data security and it is fast gaining ground in the cloud. But is encrypted data therefore more secure? Not if your keys are transferred in the clear, duplicated or mismanaged.

Data that goes to the public cloud is usually transferred securely and files are...

By Pedro Venda, 23 December 2014, 0 comments. Categories: Exploits, Security, Vulnerabilities.

Meet Zenedge, the firm which protects the entire enterprise ecosystem in the cloud

Picture credit: iStockPhoto

Zenedge has announced the general availability of its latest Zenshield DOME platform with a simple goal: to protect your enterprise from what it perceives to be its weakest link.

That weakest link is a firm’s partner and supplier ecosystem, which Zenedge insists is a more likely target for hackers trying to infiltrate an enterprise in the cloud.

The product is a security platform as a service (SPaaS), and can be extended to a retailer’s partner and supplier network so...

By James Bourne, 28 November 2014, 0 comments. Categories: Exploits, Platform, Security, Vulnerabilities.

Docker vulnerability exposed, users urged to upgrade for cloud security

Picture credit: iStockPhoto

Docker, the Linux container for run-anywhere apps, has a major vulnerability in all but the latest version of its software which can enable malicious code to extract hosted files.

The vuln, described as ‘critical’ in severity, was first spotted by Red Hat’s security researcher Florian Weimer and independent researcher Taunis Tiigi, with Docker crediting them in a security advisory.

“The Docker engine, up to and...

By James Bourne, 27 November 2014, 0 comments. Categories: Security, Vulnerabilities.

Four key ways to overcome security concerns in the cloud

Picture credit: iStockPhoto

Ten days ago I hosted a seminar on cloud security at the Public Sector Enterprise ICT conference in London. In a show of hands at the start of the discussion, the forty or so attendees were unanimous in their agreement that the issue of security is one of the most important considerations in the journey to the cloud.

Joining me on the panel was Tony Richards, the head of security at G-Cloud and Ian Gale from Bristol...

By Ivan Harris, 25 November 2014, 0 comments. Categories: Government, Security, Vulnerabilities.

The top cloud computing threats and vulnerabilities in an enterprise environment

Picture credit: iStockPhoto

Analysis I’ve seen different companies with operational models 90% based on cloud services, where the rest of the 10% is constituted of in-house servers. The basic response after asking about security issues related to cloud services was that the cloud service provider will take care of them and they don’t have to worry about it.

This isn’t necessarily the case with every cloud service provider, since some CSPs have a good security model in place, while others clearly do...

By Dejan Lukan, 21 November 2014, 0 comments. Categories: Security, Vulnerabilities.