Tag: cloud security

SECM vs SIEM—not more alphabet soup, but new proactive, integrated cloud security strategy

Forrester Research’s recent white paper, called Security’s Cloud Revolution identified a new generation of protection best practices that expands the boundaries of traditional IT security solutions by applying proactive behavioral analysis intelligence to the end result. They call it SECM: security event correlation management. This is not SIEM and not another marketing ploy to repackage SIEM as some holistic cure-all. SECM, as defined by Forrester, is an adjustment in strategy that continuously monitors and integrates identity and user activity and application intelligence. Although a traditional

Unified Security: Avoid becoming a statistic

Take 3 minutes to learn why this best practice is not only the next evolutionary step in IT security management, but affordable, manageable and more effective than individual point solutions. Unified security from the cloud transforms IT security from reactive collection to proactive and actionable defense while limiting costs and preserving resources.  It leverages the the collective power and intelligence capabilities of SIEM, log management, vulnerability scanning/assessment, Identity management (IDM), access management and single sign on under a single pain of glass…and in real time

Analyzing the Top 10 benefits of Unified Security from the cloud (Part 2)

If you missed Part 1: read it HERE More than security from the cloud, the concept of unified security takes the method another step forward in terms of best practices—the ability to deploy a holistic security initiative, AND  one that seamlessly collaborates with the other components; that shares input across the enterprise so that a clearer understanding of vulnerabilities can lead to effective preventive policies and actions. They say the whole is greater than the sum of its parts. And that is the core of

Analyzing the Top 10 benefits of Unified Security from the cloud (Part 1)

Of all the strategies and tactics available to prevent breaches, deter data leakage and theft, control access and secure beyond the so-called network perimeter, the one that is emerging as an achievable and affordable best practice is that of unified security from the cloud. But if you look across the web, you will no doubt come across various versions of what constitutes “unified,” what is “protected,” and, what is “security from the cloud?” Luckily this means that the concept of unified security from the cloud

Beyond building houses, homebuilders faced with IT security challenges too

Just as home builders across the country install state of the art security and anti-theft devices in many of the beautiful new homes they build, this consideration must extend to the personal and financial information of its homeowner customers stored on its or its subsidiaries servers. Because pre-loan and mortgage applications loan digs deeper into a person’s financial life than any other commercial form, it holds a treasure trove of information for hackers. Top 10 builder D.R. Horton found this out first hand last year.

Consolidating the Variables: Augmenting Existing Identity Management Systems

The modern enterprise is a fluid entity. As an IT construct it expands and contracts (sometimes simultaneously), and many of the moving parts (like users and applications) are themselves evolving and changing. This creates unique challenges in operational efficiencies, core competency support, compliance observance and risk management.  The central theme to all these challenges is establishing and maintaining control of applications which serve as gateways to all the valuable data (personal, trade secrets and other IP) on which an enterprise exists. Many companies have turned

Synchronization enforces control for cloud integrated IDaaS and Access Management (SSO)

When Olympic rowers glide across the water’s surface at speeds of more than 25 mph, it’s because all the crew are in synch with one another. It’s a collaborative effort. As appropriate…if you are of a certain age and watched films from in science class and the guy in the lab coat was speaking but his words would burble out a second of two later. Not only is this synch off, but the power of the message of symbiosis is gone too. And in cloud

What retailer BCBGMAXAZRIA learned about cloud security, SIEM

The following is an excerpt of the recently released case study on how a major retailer, BCBG, migrated to a cloud security platform and discovered how SIEM and Log Management capabilities enhanced their abilities for enterprise security. For the entire case study, you may download a PDF version here. There was a time the only security issues retailers needed to be concerned with was theft. Put a guard in the store and a couple of video cameras and prevent as much loss as possible. Those

Law firms in the security cross-hairs: how cloud security can level the playing field.

“Law firms are a back door to clients’ confidential information,” Business Week. As corporations have become more aware of threats to data, hackers and other fraudsters are quickly discovering a new, softer target to attack and siphon highly confidential corporate details, proprietary personal information, and trade secrets. Even as stewards of trust for their corporate and private clients, law firms have traditionally been slow to embrace new technologies. Cloud computing has been no exception because many mistakenly believe the cloud is less secure than traditional

Mirror Mirror: the difference between Identity Management & Access Management

One of the biggest misconceptions in cloud security is the perception that identity management (IDaaS) and access management (SSO) are the same thing. They’re not. And it took a viewing of the famous Star Trek episode called Mirror Mirror for me to best illustrate and articulate the difference between the creation and management of a user account and credentialed rights and the funneled applications that entity is allowed to see. For those unfamiliar with the episode, it’s the one where Kirk is transported into an