Protecting against ransomware in the cloud: A guide

(c)iStock.com/Maciej Noskowski 

A recent survey of 500 businesses revealed that nearly half were brought to a standstill by a ransomware attack within the last 12 months. Ransomware is computer malware that installs covertly on a victim's computer, executes a cryptovirology attack that adversely affects it, and demands a ransom payment to decrypt it or to not publish it.

Recently, there has...

By Justin Giardina, 29 November 2016, 0 comments. Categories: Data Management, Security, Vulnerabilities.

Advanced cloud security: Standards and automation in a multi-vendor world

(c)iStock.com/maxkabakov

Enterprise IT has long struggled to develop common standards for the security of cloud deployments. With multiple cloud vendors, fast-moving product teams, and a changing security landscape, it is perhaps no wonder that enterprises are left asking:

  • What is the right cloud security standard?
  • What level of security is “good enough”?
  • And most importantly — how do we apply these standards in a consistent way to existing and new cloud environments?

In July 2016, the Ponemon Institute published 

By Logicworks, 27 October 2016, 1 comment. Categories: DevOps, Security, Vendors, Vulnerabilities.

Why it’s time to take new strategies for beating ransomware

(c)iStock.com/Leonardo Patrizi

The sad facts of ransomware are that no-one is immune and attacks are impacting hospitals, schools, government, law enforcement agencies and businesses of all sizes. The increased frequency – and scale – of attacks has organisations thinking differently about their approach to ransomware. According to the FBI, ransomware attacks have increased 35-fold in 2016, resulting in an estimated $209 million paid out every quarter.

In addition, there has recently been a string...

By Jeff Denworth, 26 October 2016, 0 comments. Categories: Privacy, Security, Vulnerabilities.

How cloud and IoT services are driving deployment of public key infrastructures

(c)iStock.com/cherezoff

A new study from Thales and the Ponemon Institute has found that, for more than three in five businesses polled, cloud-based services were the biggest trend driving the deployment of applications using public key infrastructures (PKI).

PKI refers to the ability for users and organisations to send secure data over networks; as defined by TechTarget, it “supports the distribution and identification of public encryption...

By James Bourne, 11 October 2016, 0 comments. Categories: Applications, Data Management, Security, Vulnerabilities.

Netskope research shows how cloud malware and ransomware remain issues

(c)iStock.com/DundStock

According to the latest research from cloud security provider Netskope, almost 44% of malware found in cloud apps have delivered ransomware, while almost 56% of malware-infected files in cloud apps are shared publicly.

The study, which appears in the company’s latest Netskope Cloud Report, found that the number of cloud apps keep going up in enterprises; 824 on average, up from 777 during the last quarter. Microsoft continues to beat Google as the most popular cloud app, with...

By James Bourne, 08 September 2016, 0 comments. Categories: Data & Analytics, Data Loss, Data Management, Security, Vulnerabilities.

Dropbox says password reset measures have worked following leak revelations

(c)iStock.com/KIVILCIM PINAR

Cloud storage provider Dropbox has said the password reset measures the company put in place has prevented any hacking of user data, following revelations made in stories which argued that millions of account details had been accessed.

Certain Dropbox users received an email from the cloud storage provider earlier this week advising that if their account password was the same as before mid-2012, they will be prompted to change it the next time they sign in.

A blog post at the time from Patrick...

By James Bourne, 31 August 2016, 0 comments. Categories: Data Management, Security, Software, Storage, Vulnerabilities.

The top 100 best practices in big data – revealed

(c)iStock.com/ismagilov

The Cloud Security Alliance (CSA) has today released a mammoth document detailing the 100 best practices in big data security – running the gamut from traditional cybersecurity measures to cutting edge cryptographic technologies.

The document discusses each tip at more of a cursory than comprehensive level, offering a few sentences on why and how organisations should implement them. The report goes through 10 areas with 10 tips for each, from real-time security and compliance...

By James Bourne, 26 August 2016, 1 comment. Categories: Big Data, Data & Analytics, Security, Vulnerabilities.

Why cloud security best practices mean engagement from vendors and employees

(c)iStock.com/StockFinland

Ransomware may be the hot topic in the news at the moment, but human error is a greater threat. Human error, in fact, is often the reason ransomware is able to infiltrate a network (by staff members clicking phishing links, for example). It’s also one of the greatest causes of data loss in the cloud. The first part of this series discussed how cloud vendors, shadow...

By Matt Kingswood, 08 July 2016, 0 comments. Categories: Data & Analytics, Data Management, Security, Vendors, Vulnerabilities.

A disaster recovery plan: What is your IT team keeping from you?

(c)iStock.com/Dimitrios Stefanidis

Your disaster recovery program is like a parachute - you don’t want to find yourself in freefall before you discover it won’t open. But amid hastening development cycles, and cost, resource and time pressures, many CIOs are failing to adequately prioritise DR planning and testing.

While IT teams are running to stand still with day-to-day responsibilities, DR efforts tend to be focused solely on infrastructure, hardware and software, neglecting the people and...

The top five in-demand cloud security skills for 2016

(c)iStock.com/Jirsak

The cloud computing market continues to expand at a phenomenal rate. According to a recent report from IDC, worldwide spending on public cloud services will grow 19.4% annually through to 2019. Six times the rate of overall IT spend growth, this will double the current spend from $70 billion to $141 billion.

As more businesses transition to the cloud this will drive up demand for IT professionals with the skills to make the most of the technology. A market, which...

By Ed Jones, 20 April 2016, 0 comments. Categories: Compliance, Security, Vulnerabilities.

The dangers of the 1% in cloud environments: Users remain the big security risk

(c)iStock.com/Jirsak

The concept of the 1%, in economic terms, usually refers to wealth inequality; however, a recent report from CloudLock shows that in cloud environments, 75% of the security risk can be attributed to just 1% of users.

This instance, of course, has more in common with the Pareto principle, whereby approximately 80% of the effects come from 20% of the causes, than anything else. Yet the report analyses a trend familiar to the readers of this publication; a key security risk when moving data...

By James Bourne, 26 August 2015, 0 comments. Categories: Applications, Enterprise, Security, Vulnerabilities.

Four in five execs think conventional security is not enough for cloud environments

(c)iStock.com/alengo

Earlier this week, this publication reported on a C-level study which showed a distinct lack of trust in cloud storage for fully securing corporate data. Now, a new survey from CloudPassage sheds light on the security executive perspective; 80% of security execs in North America don’t believe conventional network security...

By James Bourne, 01 July 2015, 0 comments. Categories: Adoption, Research, Security, Vulnerabilities.

IT managers unconvinced on getting ROI from cloud adoption

(c)iStock.com/malerapaso

More than half of IT managers surveyed by West IP Communications say they expect to get full return on investment by moving to the cloud – but it’s an unconvincing figure.

54% of the more than 300 respondents said they would be able to fully recoup their costs of cloud computing adoption, which of course means 46% aren’t so sure. Yet those with bigger IT budgets were more confident: two thirds (66%) of managers with company IT budgets over $5m were...

By James Bourne, 26 May 2015, 1 comment. Categories: Adoption, Security, Vulnerabilities.

Majority of firms say they aren’t confident in responding to cloud-based data threats

(c)iStock.com/Imilian

If data stored in the cloud is under threat, what would you do: fight the fire or hide under the bed and hope everything goes away? The majority of respondents in a recent survey admitted they would do the latter.

The research, commissioned by Informatica and conducted by the Ponemon Institute, found 60% of global respondents were “not confident” they had the ability to proactively respond to cloud-based data threats. 80% said not knowing if sensitive or confidential...

By James Bourne, 08 April 2015, 0 comments. Categories: Data & Analytics, Data Loss, Data Management, Security, Vulnerabilities.

Why organisations need to be extra vigilant over their cloud security and partner use

(c)iStock.com/pinstock

A report from Skyhigh Networks has examined the issues for enterprises who share cloud data with partners, with almost 30% of data shared with partners considered “high risk.”

The report, the latest Cloud Adoption and Risk Report, argues the case that security does not end at the corporate perimeter. The average number of cloud services in use by company has risen again, from 545 in Q313 to 923 in Q115. Broken down by cloud service category the average company uses 162...

By James Bourne, 01 April 2015, 1 comment. Categories: Data & Analytics, Data Management, Security, Vulnerabilities.

Dropbox Android SDK vulnerability revealed, cloud storage provider praised for response

(c)iStock.com/funky-data

A major vulnerability in the Dropbox SDK for Android has been revealed by IBM Security, whereby attackers can connect applications on mobile devices to a Dropbox account controlled by the attacker.

The vuln has since been fixed, with IBM praising Dropbox for its response to the issue; the company acknowledged receipt of the disclosure within six minutes, confirmed the vulnerability within the day, and issued a patch within four days.

It’s slightly better than the flaw in Moonpig’s API,...

By James Bourne, 12 March 2015, 0 comments. Categories: Security, Storage, Vulnerabilities.

The cloud service provider and security vulnerabilities: Three steps to prevention

(c)iStock.com/cherezoff

IT departments worldwide face a dizzying array of security threats, whether they manage traditional or NextGen/cloud based environments. IT security experts report some very frightening statics:

  • Approximately 400,000 new malware instances are recognised daily
  • New kinds of malware are gaining prominence including Ransomware, Scareware, and banking malware.
  • New attack vectors include public cloud, software-as-a-service provider environments, third party services providers and mobile devices.
  • Reports of politically or cause sponsored terrorism and corporate espionage are on the rise...

By David Auslander, 09 March 2015, 0 comments. Categories: Data & Analytics, Data Management, Security, Vulnerabilities.

Shining a light on shadow IT - and how to ensure you get it right

(c)iStock.com/jrwasserman

The nature of work is evolving; employees are mobile and cloud-enabled, free to work anywhere from almost any device. In response to this shift, the BYOD trend has emerged stronger than ever. Coupled with this is the growth of employees desiring more accessible applications. However, these factors have undoubtedly contributed to the emergence of shadow IT, which is creating a problem for many IT departments.

Applications such as Dropbox are increasingly being used by employees for business...

By Angelo di Ventura, 25 February 2015, 0 comments. Categories: Applications, SaaS , Security, Software, Vulnerabilities.

Healthcare data security: Is cloud encryption alone enough?

By Kenneth N. Rashbaum, Esq. and Liberty McAteer, Esqs.

This blog post is for informational and educational purposes only. Any legal information provided in this post should not be relied upon as legal advice. It is not intended to create, and does not create, an attorney-client relationship and readers should not act upon the information presented without first seeking legal counsel.

What if the data of 80 million Anthem subscribers were encrypted at rest? And...

By Logicworks, 16 February 2015, 1 comment. Categories: Data & Analytics, Data Loss, Data Management, Security, Vulnerabilities.

Five tips to secure your cloud future

(c)iStock.com/maxkabakov

The cloud has been central to the business workings of organisations. Reliance on the cloud as a central storage tool highlights the importance of security. With important data and documents and sensitive information stored away on the cloud, there is too much at stake. Intense effort and investment needs to be put into making sure cloud providers are providing these five main security features:

Standards based integration with identity management providers

Forming an integrated...

By William Rabie, 22 January 2015, 0 comments. Categories: Security, Vulnerabilities.