Tag: CloudAccess

The Cloud Guide to PCI Compliance for Retailers

One of the key drivers to IT security investment is compliance. Several industries are bound by various mandates that require certain transparencies and security features. They are designed to mitigate aspects of risk including maintaining the sacrosanctity of customer information, financial data and other proprietary information. One such affected vertical is retail. No matter if you’re Wal-Mart or Nana’s Knitted Kittens, if you store customer information; if you process payments using customer’s credit cards, you are required by law to comply with a variety of

Is your security initiative “one inch into a mile”?

In the software universe we’ve all heard the saying “We are One Inch into a Mile of Functionality but we are paying for the entire mile.” That pretty much sums up every technology initiative ever embarked upon. Whether we are talking, ERP, CRM, SIEM or a variety of other alphabet soup programs, it always looks so simple in the demo, but when rubber meets the road, there’s always some gremlin preventing or delaying full realization of the benefits or expected ROI. Now I am not

Do you want to know what you don’t know?

In my experience there are two types of enterprise IT departments -those that maintain the status quo and those looking to continuously explore and improve. It is truly unfortunate how many fall into the former category.  But the problem with IT security is that it’s an ever-evolving and moving target. So the decision to not dip your toe in the water and understand all available options could mean the difference between a panicked 3am call regarding a breach alert or a good night’s sleep. I

The Holistic Application of Cloud Security (a white paper excerpt)

The following is an excerpt from the  executive summary of CloudAccess’ latest white paper titled “Applying Security Holistically from the Cloud: A Paradigm Shift of Applying Situational Awareness in SIEM deployments. To view the entire white paper (for free) simply visit: http://www.cloudaccess.com/contact fill out the form and  put “white paper” in the message box. The landscape of a typical business no longer reflects ones that were operating 10 years ago. The advancements in communication, collaboration, information and/or currency exchange/processing and the speed in which they

FFIEC’s recognition of cloud security advantages is good for modest financial orgs

Last month the Federal Financial Institutions Examination Council (FFIEC) shared an opinion on the viability and security of cloud computing. In the four-page statement, the interagency body empowered to prescribe uniform principles, standards, stated that cloud computing is “another form of outsourcing with the same basic risk characteristics and risk management requirements as traditional forms of outsourcing.” What they are offering is a back-handed endorsement of cloud computing with the caveat that if you perform your due diligence and the solution passes the security smell

Do you leave your keys in the car too?

I heard the sky was falling. Well, at least the cloud was plummeting groundward. And all it took was one tech journalist to get his iCLoud account (and essentially his entire digital footprint) hacked. “The cloud is just like the Wild Wild West. No rules, no laws, no protection” “Just can’t trust the cloud.” I’ve seen those forum posts lately. Even the reigning high priest of computing Steve Wozniak (co-founder of Apple) voiced concern “I really worry about everything going to the cloud. I think

The DNA of Cloud Security

Just like the Boston Red Sox and lo-cal deserts and hybrid cars, everybody loves a bandwagon. We get caught up in the hype. Business concepts are not immune. Cloud and cloud-centric computing have been getting a great deal of play in business media and the blogosphere, and most companies are quickly moving to adopt various cloud platforms. So much so that that many solutions that claim to be cloud, really are nothing but server-based enterprise applications wrapped in a browser experience. Just because you access

A preposition makes all the difference in/of/for/from the cloud

No, this isn’t 7th grade English…I promise. With all the important decisions IT departments make, what’s the big deal whether cloud security means from the cloud, in the cloud, of the cloud or for the cloud. Well, a lot. Amongst the various media, blogs, professional chatter, webinars, conferences and the like, the concept of cloud security is getting a significant amount of airplay. However, the difference in the application of a simple preposition completely alters the scope and meaning of these conversations to that of

Are the costs of cloud security to good to be true?

What is it they say…you get what you pay for, right? In most cases, that is a spot on assessment but in terms of the cloud-based security, the numbers tend to add up towards the benefit of the user. But let’s get the whole idea of numbers down straight. It’s all relative. What is pricy for one organization is downright affordable to another, so in terms of costs let’s look squarely at the moving target of return on investment. What makes cloud security compelling is

The Independence of Cloud Security

I was watching fireworks over the Pacific Ocean last night (one of the benefits of living near the California coast). The Navy Band was trumpeting patriotic music and thoughts of freedom and liberty swirled in my head.  That’s when it occurred to me. Cloud computing is independence for many companies: freedom from costly infrastructure; liberty of enhanced mobility and storage; emancipation from ongoing updates and maintenance; the autonomy to scale and automate; the sovereignty to grow businesses based on need and innovation rather than anchored