Tag: security-as-a-service

Unified Security: Avoid becoming a statistic

Take 3 minutes to learn why this best practice is not only the next evolutionary step in IT security management, but affordable, manageable and more effective than individual point solutions. Unified security from the cloud transforms IT security from reactive collection to proactive and actionable defense while limiting costs and preserving resources.  It leverages the the collective power and intelligence capabilities of SIEM, log management, vulnerability scanning/assessment, Identity management (IDM), access management and single sign on under a single pain of glass…and in real time

What retailer BCBGMAXAZRIA learned about cloud security, SIEM

The following is an excerpt of the recently released case study on how a major retailer, BCBG, migrated to a cloud security platform and discovered how SIEM and Log Management capabilities enhanced their abilities for enterprise security. For the entire case study, you may download a PDF version here. There was a time the only security issues retailers needed to be concerned with was theft. Put a guard in the store and a couple of video cameras and prevent as much loss as possible. Those

Law firms in the security cross-hairs: how cloud security can level the playing field.

“Law firms are a back door to clients’ confidential information,” Business Week. As corporations have become more aware of threats to data, hackers and other fraudsters are quickly discovering a new, softer target to attack and siphon highly confidential corporate details, proprietary personal information, and trade secrets. Even as stewards of trust for their corporate and private clients, law firms have traditionally been slow to embrace new technologies. Cloud computing has been no exception because many mistakenly believe the cloud is less secure than traditional

Continuous monitoring is enough for compliance, but ISN’T enough for securing data

Every 4,000 miles or so I bring my car into have the oil changed, the brakes checked and tires rotated. Why? Because I know if I leave it to chance, at some point down the road something much more devastating will affect the car. Many of us follow this simple preventive best practice. Then why is it major corporations and modest enterprises alike wait until their security is breached to address growing concerns of data theft, private information leakage or worse? Many of these companies

Mapping Compliance Requirements to an Integrated Cloud Security Platform

Much has been written about compliance. Best practices. New regulations. Technology cure-alls. Nevertheless, regulatory compliance remains a critical and strategic business need for most companies. If you process payments online; if you store sensitive customer data; if you transit financial or health information; you are bound by the mandates of an alphabet soup of state, federal and industrial regulatory agencies. Compliance is a reality of everyday business life, but often times becomes a burdensome cost center. Over the past several months I have had the

7 Causes of Security Paralysis & Cloud-based Cures

Over and over again the team at CloudAccess are pummeled with statistics on how risk is growing in disproportion to security readiness. -91% of companies have experienced at least one IT security event from an external source. -90% of all cyber crime costs are those caused by web attacks, malicious code and malicious insiders. -40% reported rogue cloud issues (shadow IT) experienced the exposure of confidential information as a result -34% share passwords with their co-workers for applications like FedEx, Twitter, Staples, LinkedIn. These are

Can your company afford to lose $400 million?

Of course not. But that’s the dollar figure companies stand to lose in terms of consumer trust when security protocols are breached according to a new study by the research firm Ponemon. In terms of dollars and cents on a risk analysis spreadsheet, it is easier to put a value on a particular asset than the potential recurring value of a client, customer or even partner. Beyond lawsuits and capital and operational expenses to repair a mea culpa, weak cryptography, hack defenses or shoring an

The Secret Sauce of User Provisioning

If you want the secret to user provisioning and de-provisioning in an enterprise setting, I’ll give you the one word answer, and then you can get on with the rest of your day… Integration. However, if you need to know why, how and with what…read on. The need to credential authorized users to your network and other proprietary assets is clear. You only want those with the proper rights in…and all others out. Complicating matters is that there are so many users these days…employees, channel

Cloud-based SIEM frees that one hand tied behind your back

Have you ever been asked to fight the state boxing champion with one hand tied behind your back? Or metaphorically experience the old adage of bringing a knife to a gunfight? Many security professionals face this scenario every day. For many companies with whom I talk, there isn’t a lack of IT talent when it comes to security–just a lack of hours in the day, computing resources and necessary headcount with specific expertise to change the culture from reactive to proactive and strategic risk management.

A de-provisioning proverb: When a door closes, just make sure you don’t leave a window open

Earlier this week I attended a local cloud developers group, and I met a gentleman who consults with companies to engage in deep dive forensic examinations of their networks. He looks for the virtual fingerprints of misdeeds, fraud, and misdoings that can be used for e-discovery in legal cases. He essentially gets down to the bits and bytes of how much information flows to certain IP addresses to ascertain whether or not proprietary data has been tampered or stolen. He confirmed something that I long