Items Tagged with "Managed Services"
May 16, 2012 Added by:Ben Kepes
Purists were adamant that the Private Cloud was flawed and that it could not deliver the benefits of the Public Cloud. On the other hand organizations were highly skeptical of the Public Cloud, listing its shortcomings in terms of security, reliability, compliance and control...
May 15, 2012 Added by:Jayson Wylie
I don’t want to see the main outcome of security and data breaches become lengthy litigation. If cloud security boils down to he who has the best law team, the direction of security will have an approach of least exposure to litigation versus Cyber threats. This does not settle with me as a valid security driver for improving security posture...
May 15, 2012 Added by:Rafal Los
Portability is important not just across your various cloud providers but also internally. What are we talking about here? First is the acknowledgement that security isn't exclusively about the perimeter anymore. The move to cloud computing environments hastens this awareness...
May 12, 2012 Added by:Dan Dieterle
Many companies are turning to online services to help cut costs and restore some level of IT support to their organizations. But what truly makes you think that these online services are not going through the same internal cutbacks and employee changes to cut costs of their own?
May 11, 2012 Added by:Rafal Los
When someone mentions public cloud, you quickly see the polarizing effects the topic has, generating a very negative reaction to the idea of putting anything corporate in the public cloud. What does that mean for the future of corporate information security and risk management?
May 11, 2012 Added by:Kevin L. Jackson
FedRAMP is a government-wide program that provides a standardized approach to security assessment, authorization, and monitoring for Cloud Service Providers. This document has been designed for Third-Party Independent Assessors to use for planning security testing of CSPs...
May 09, 2012 Added by:Jayson Wylie
Cloud security threats can come from the lack of designed and implemented security by the provider. This may be intentional or not but the lack of oversight or negligence in this area can potentially cause disputes over the difference of control versus accountability...
May 05, 2012 Added by:Rafal Los
When we think about cloud computing we can think of security as getting a bit of a gentle push, or shove in some cases. The way it is built and billed as services instead of individual components, and the increased emphasis on automation - security has a real chance of not being a roadblock...
May 03, 2012 Added by:Rafal Los
We need to move away from the control model into a governance model and acknowledge we're not going to have control over all of our risk. Any notion that you have control is a delusion. Assuming that if you control the environment you have better security is a fallacy...
April 30, 2012 Added by:Rafal Los
Agility is the ability of the IT department to provide services that adapt to the changing needs of your organization faster than before, with on-premise servers, systems and staff. Increasing your business' agility means that IT has done something to contribute to a business...
April 29, 2012 Added by:Marc Quibell
What are the risks of MSSPs managing the detection and analysis of network activity data for your company? There are some events that, if detected early, may avert lawsuits, data breaches and other embarrassing or career-ending moments for a company...
April 27, 2012 Added by:Rafal Los
As we discussed at OWASP AppSec APAC in Sydney recently, there is still too much focus being given to the security of infrastructure, and we're spending a disproportionate amount of time on the security of networks, servers, etc. rather than actually looking at the applications...
April 26, 2012 Added by:Jack Daniel
Monitoring the performance of your MSSP is cheap insurance- the last thing you want to face is a failure of your service and the need to rebuild an in-house program. You thought getting all that data pushed out to the MSSP was a pain- just imagine trying to get it back...
April 25, 2012 Added by:Electronic Frontier Foundation
The government, which had originally seized files and still apparently holds all of Megaupload's financial assets, had argued that it had no obligation to make sure the files of innocent Megaupload users were returned and, in fact, believed that they could be destroyed...
April 23, 2012 Added by:Rafal Los
Is trust a binary decision? Can you trust something to varying levels? These are important questions for any security professional to have good answers to. Applying this logic to computing - can we ever really trust any computer environment, system, or application?
April 22, 2012 Added by:Ben Kepes
This tension between old and new is interesting to watch and has some interesting parallels within organizations. I’m talking about the tension that exists between IT and business units. The former who want to ensure security and control, the latter who simply want to get stuff done...