Access "Cloud computing risks and how to manage them"
This article is part of the June 2010 issue of Finding affordable encryption options for laptop data security
As cloud computing moves from marketing hype to reality -- real customers with real utilization, it's increasingly important that information security practitioners understand the significant change in computing the cloud heralds and how that impacts enterprise risk. Cloud computing is evolving rapidly, and there is no shortage of vendors suddenly claiming to be "cloudy," which can make it all the harder to discern the critical security ramifications of the cloud for the enterprise. We'll shine a light on cloud computing and examine how the public cloud model alters the enterprise risk posture. We'll also look at how information security practitioners should prepare for moving into the cloud as well as emerging governance frameworks and other changes that must happen to make cloud computing more trustworthy. HOW THE CLOUD IMPACTS SECURITY To begin, cloud computing is an evolution in computing, and does not introduce new technology. Instead, the cloud is about a different business and operating model -- one based on shared resources. Those shared resources ... Access >>>
Premium Content for Free.
Cloud computing risks and how to manage them
by Tim Mather
Cloud computing alters enterprise risk. Here's what you need to know in order to safely navigate the cloud.
Use full disk or file/folder encryption for laptop data security
by Dave Shackleford
Learn about the options for protecting laptop data, including full disk encryption and file/folder encryption, and their associated deployment and management challenges.
- Cloud computing risks and how to manage them by Tim Mather
Symantec acquisitions cement encryption-as-a-feature
Symantec acquisitions of PGP and Guardian Edge future ensures that encryption is becoming less of a standalone security tool.
Demystifying governance, risk and compliance
by David Schneier
GRC aims to bring together disparate compliance efforts in the enterprise, but the concept has been stymied by a lack of clarity. Developing a GRC program requires three key steps.
- Symantec acquisitions cement encryption-as-a-feature
Don't keep quiet after a data security breach
by Kim Getgen and Kimberly Kiefer Peretti
Organizations who stay silent after a data security breach end up paying a higher price and helping cybercriminals.
Weighing the risk of hiring hackers
Bruce Schneier and Marcus Ranum debate the risks associated with hiring hackers.
Information security spending shouldn't be driven by compliance
If you're spending more to protect custodial data because of compliance than you are to protect company secrets, you're missing the big picture.
- Don't keep quiet after a data security breach by Kim Getgen and Kimberly Kiefer Peretti
More Premium Content Accessible For Free
Cloud and mobility in the enterprise has caused a heightened need for organizations to take a closer look at next generation authentication ...
Virtualization and cloud computing are part and parcel of enterprise networks today. Virtualization security, however, is still a bolt-on affair ...
Mobile device security is one of the biggest nightmares InfoSec pros face in the era of bring your own everything (BYOE). Simply banning employees ...