As we evolve more and more to complete self-contained services like the mainstream Cloud services of Microsoft, Amazon, IBM and Google, I often express concerns about the Cyber aspects being coupled. Enterprises and users are, if they haven’t already, getting more and more comfortable with giving up their physical/virtual servers, applications and storage but are not, and should not, be comfortable giving up control of their sensitive data. The shared responsibility models of Cloud Services Providers (CSPs) delineates between the physical aspects (network, disks, memory, etc.) and the responsibility of what resides in the storage and computer.
It’s Time for a Better IaaS Security Solution
Earlier this month, WinMagic announced the general availability of the new security software solution that provides full enterprise controlled key management and encryption for virtual works load running in public and private IaaS environments, SecureDoc CloudVM.
The Shifting Sands of the Cloud Market
The ever shifting sands of the cloud market are driving a re-think on management and security.
What to Expect at RSA 2016
Arguably the world’s largest and most important Cybersecurity show is just around the corner. With over 30,000 attendees and over 500 highly specialized security specific exhibitors, it is the show which the industry benchmarks itself.
Cybersecurity Predictions: A WinMagic Cloud Expert Weighs In
The cybersecurity landscape is constantly changing, it’s up to us to ensure that we are not only keeping up with trends, but forecasting them to stay ahead of the curve. Here are 7 key predictions that organizations will face this year and how best to navigate them.
Data Sovereignty, Safe Harbor & Protection Regulation
First, an explanation on the concepts in the title of this piece. Data Sovereignty is the concept that digital data and information is subject to the laws of the country in which it is located and/or created. Safe Harbor is an agreement between the USA and EU that regulated and control import, export and processing of personal data and information. And the most recent, EU General Data Protection Regulation (GDPR) is the regulation of “processing’, ownership, rights and storage of personal data and information within the 28 member EU states.
Cloud Computing: Responsibility & Accountability of Security
It’s all about the data. I have been involved in cloud computing since 1999 (although we called it multi-tenant hosting & ASP – application service provider) and for sixteen years security has consistently been the #1 concern when organizations are asked about their adoption of cloud models. The concern does not reside with the use of a storage array they have no access to or the utilization of a virtual machine cluster in some unknown data center, it’s all about the data and sensitive information.
Mitigating the Risk of “Man In The Middle” Cloud Attacks
Last week at Black Hat in Las Vegas, IT security firm Imperva discussed a “man-in-the-middle” attack that affects certain enterprise file-sync-and-share (EFSS) services, allowing hackers access to files transferred into the cloud. This is a very relevant and interesting vector of attack for EFSS services.