Compliance

CASE STUDY: Overcoming compliance burdens while maximizing 24/7 security

A case study for integrated SIEM and Log Management for Orbis Financial From investment management to custodial holdings, Orbis Financial is directly responsible for the safety of assets and securities worth hundreds of millions of dollars since 2005. They utilize and employ innovative technology and “zero-conflict” practices for a variety of India-based and foreign concerns wishing to grow and safeguard their investments in India. Orbis is a registered member of the Securities and Exchange Board of India (SEBI). Though their primary headquarters is located in

Analyzing the Top 10 benefits of Unified Security from the cloud (Part 1)

Of all the strategies and tactics available to prevent breaches, deter data leakage and theft, control access and secure beyond the so-called network perimeter, the one that is emerging as an achievable and affordable best practice is that of unified security from the cloud. But if you look across the web, you will no doubt come across various versions of what constitutes “unified,” what is “protected,” and, what is “security from the cloud?” Luckily this means that the concept of unified security from the cloud

Beyond building houses, homebuilders faced with IT security challenges too

Just as home builders across the country install state of the art security and anti-theft devices in many of the beautiful new homes they build, this consideration must extend to the personal and financial information of its homeowner customers stored on its or its subsidiaries servers. Because pre-loan and mortgage applications loan digs deeper into a person’s financial life than any other commercial form, it holds a treasure trove of information for hackers. Top 10 builder D.R. Horton found this out first hand last year.

What retailer BCBGMAXAZRIA learned about cloud security, SIEM

The following is an excerpt of the recently released case study on how a major retailer, BCBG, migrated to a cloud security platform and discovered how SIEM and Log Management capabilities enhanced their abilities for enterprise security. For the entire case study, you may download a PDF version here. There was a time the only security issues retailers needed to be concerned with was theft. Put a guard in the store and a couple of video cameras and prevent as much loss as possible. Those

How do you eat a network security elephant?

One byte at a time. Now before you roll your eyes at my stupid pun, consider the deeper wisdom to this IT twist on an very old adage. Security is big. It encompasses a great many definitions, confronts a great many issues and is addressed through a great many solutions using a great many formats. For many organizations, it can be an overwhelming proposition. Beyond the issues of data defense, regulatory compliance, traffic management, identity regulation, archiving, reporting, access control, intrusion detection, encryption, app administration,

Mapping Compliance Requirements to an Integrated Cloud Security Platform

Much has been written about compliance. Best practices. New regulations. Technology cure-alls. Nevertheless, regulatory compliance remains a critical and strategic business need for most companies. If you process payments online; if you store sensitive customer data; if you transit financial or health information; you are bound by the mandates of an alphabet soup of state, federal and industrial regulatory agencies. Compliance is a reality of everyday business life, but often times becomes a burdensome cost center. Over the past several months I have had the

7 Causes of Security Paralysis & Cloud-based Cures

Over and over again the team at CloudAccess are pummeled with statistics on how risk is growing in disproportion to security readiness. -91% of companies have experienced at least one IT security event from an external source. -90% of all cyber crime costs are those caused by web attacks, malicious code and malicious insiders. -40% reported rogue cloud issues (shadow IT) experienced the exposure of confidential information as a result -34% share passwords with their co-workers for applications like FedEx, Twitter, Staples, LinkedIn. These are

Brass tacks: answering the cloud security questions that matter

Enterprise security can be a labyrinthine, complex beast with many moving parts, dozen upon dozen of requirements, needs, implications, options and alternatives. But when we get down to the nitty gritty (the brass tacks if you will), cloud security can be simplified by six simple questions: WHO is logging in? WHAT are they accessing/viewing? WHERE is the device from which that person logs in? WHEN was any asset changed/modified/moved HOW are they authorized/credentialed? WHAT is the impact of the event? Now determining the answers to

When the security bill comes due

I love sushi. I love big fat burritos. I love tikka masala. So now that my taste buds are salivating, what do my epicurean preferences have to do with cloud security? They all come from restaurants I frequent, and 9 time out of ten I pay for these delights with my credit card. I never thought  twice about it, until I read Tracy Kitten’s article for BankInfoSecurity here: It details how many restaurants are falling victim to attacks that put their customer’s credit card information at

The Secret Sauce of User Provisioning

If you want the secret to user provisioning and de-provisioning in an enterprise setting, I’ll give you the one word answer, and then you can get on with the rest of your day… Integration. However, if you need to know why, how and with what…read on. The need to credential authorized users to your network and other proprietary assets is clear. You only want those with the proper rights in…and all others out. Complicating matters is that there are so many users these days…employees, channel