Blog Posts Tagged with "Outsourcing"
January 24, 2013 Added by:Rafal Los
In order to not incur additional risk to the business, the organization being outsourced to must be heavily vetted and contractually obligated to maintain secrecy and integrity. It can be done, but it's tricky, and requires work in due-diligence to ensure the result isn't a train wreck during a worst-case scenario...
January 21, 2013 Added by:Rafal Los
Change control, application security reviews, incident response, policy review, audit preparation, acquisition due-diligence... all of these require people, money and time - but you've got it all in short supply. Here's one way of looking at making the decision of what to build, and what to outsource...
August 30, 2012 Added by:Bozidar Spirovski
Assuming you have selected a service to migrate to a cloud provider, and have selected the cloud provider, even after contract signing, things may still be far from complete. The migration process is the thing that can be very painful and can break the entire service for an extended amount of time...
August 21, 2012 Added by:Ben Kepes
As far as I’m concerned, the future will see a gradual shift from on-premise, to private cloud, to public cloud – that’s a factor of economics and scale. But the bottom line is that cloud isn’t about meeting a series of technical check boxes; it’s about meeting the needs of the business...
August 16, 2012 Added by:Thomas Fox
As Chinese companies engage with partners, globally and locally, their internal and external business practices are evolving. The article “The Myths of Gift Giving” found that many Chinese companies now put greater emphasis on professionalism and building trust and confidence in business capabilities...
August 06, 2012 Added by:Ben Kepes
For Dropbox to admit that they were investigating the issue internally is a tacit admission that it is an internal issue rather than anything external. Yes Dropbox has issues, and yes those issues would appear to be indicative of something broader – but that doesn’t call into question the entire concept of cloud...
June 27, 2012 Added by:Rafal Los
One cloud does not fit all. Your cloud should be customized to fit your business. I believe that if you're going to have a cloud strategy you need to have a pragmatic approach which has you doing your due diligence, proper risk analysis, and understanding your cloud vendor...
June 11, 2012 Added by:Ben Kepes
Some cloud vendors are engaged with IT and following a top down adoption approach while others are aiming for a more viral bottom up adoption. What issues do these different approaches raise and how do we navigate this path while ensuring agility and compliance?
June 06, 2012 Added by:Neira Jones
There are numerous third parties and cloud providers around. A few have already achieved a dominant position, but a recent article highlighted that "others have opportunities to get into the act by offering more security and protection". So there you are, security can be a unique selling proposition...
June 05, 2012 Added by:Ben Kepes
"Migrating to the cloud is not an easy process but good preparation goes a long way toward making it easier. Many businesses do not have their internal systems in good shape in the first place so migrating them to the cloud in bad condition must be horrendous"...
June 04, 2012 Added by:Bill Gerneglia
Beyond managing regulations and liability, companies outsource their IT functions to third parties create infosec privacy and legal difficulties, including loss of control and challenges with enforcement. Risk and compliance obligations do not disappear when using a third-party service provider...
May 16, 2012 Added by:Ben Kepes
Purists were adamant that the Private Cloud was flawed and that it could not deliver the benefits of the Public Cloud. On the other hand organizations were highly skeptical of the Public Cloud, listing its shortcomings in terms of security, reliability, compliance and control...
May 15, 2012 Added by:Jayson Wylie
I don’t want to see the main outcome of security and data breaches become lengthy litigation. If cloud security boils down to he who has the best law team, the direction of security will have an approach of least exposure to litigation versus Cyber threats. This does not settle with me as a valid security driver for improving security posture...
April 29, 2012 Added by:Marc Quibell
What are the risks of MSSPs managing the detection and analysis of network activity data for your company? There are some events that, if detected early, may avert lawsuits, data breaches and other embarrassing or career-ending moments for a company...
April 22, 2012 Added by:Ben Kepes
This tension between old and new is interesting to watch and has some interesting parallels within organizations. I’m talking about the tension that exists between IT and business units. The former who want to ensure security and control, the latter who simply want to get stuff done...
April 19, 2012 Added by:Ben Kepes
On the side of IT it’s all about security, control and transparency. On the side of the business, it’s years of frustration at slow and cumbersome IT procurement processes – they want to get stuff done. It’s fair to say that we’re still in the Wild West of cloud adoption...
Join the Security Intelligence Network on Li... aafawfwafa afwafafa on 11-24-2014
Join the Security Intelligence Network on Li... mark lewis on 11-24-2014
Your CISSP is Worthless - So Now What?... Olin jaems on 11-23-2014