Security Management Strategies for the CIO
Email Alerts
-
Security School: Cloud app security best practices
In this Security School lesson, expert Diana Kelley examines what enterprises need to know about application security in the cloud. AIOG
-
Phil Agcaoili: Consumerization of IT and enterprise evolution
Consumer devices in the workplace and the shift to cloud services require new security standards and heightened security awareness. Feature
-
Azure boosts CSA’s STAR
Cloud Security Alliance transparency effort expands with addition of Windows Azure. News | 11 Apr 2012
-
Microsoft vows to improve cloud service after Azure outage
Software giant said it will apply lessons learned after Leap Day outage of its cloud service. News | 23 Mar 2012
-
DHS cloud computing: Homeland Security’s model private cloud strategy
Using private cloud at separate data centers has allowed the Department of Homeland Security to strike a balance between security and cost savings. News | 05 Oct 2011
-
CSA cloud provider registry aims to boost cloud transparency
Free online registry will provide documentation of cloud provider security controls. News | 04 Aug 2011
-
Amazon launches new cloud identity management functionality
AWS customers can now use their existing identity management systems. News | 04 Aug 2011
-
Symantec executives caution customers on cloud provider security
Businesses must hold cloud providers to the same security standards they hold themselves to, Symantec executives said at the company’s annual Vision user conference. News | 04 May 2011
-
Cloud computing compliance: Visibility key
Transparency is essential for security and compliance when working with cloud services providers, RSA panelists say. News | 17 Feb 2011
-
Zscaler launches cloud-based mobile device security service
Zscaler launched its mobile device security service to provide continuity of each user's security policy across a variety of devices including iPhones, iPads and Android devices. Article | 15 Feb 2011
-
Fidelis and CloudShield partner to prevent data breaches
Fidelis Security Systems and CloudShield Technologies Inc. have entered into an agreement to offer Fidelis' data breach prevention solutions on CloudShields bladecenter. Article | 15 Feb 2011
-
Juniper Networks moving forward with gateway for VM security
Juniper Networks has begun unifying products from its acquisition of Altor Networks, combining vGW Virtual gateway with SRS Series Services Gateway for virtual machine security. Article | 15 Feb 2011
- See More: News on Secure SaaS: Cloud services and systems
-
Compensating controls can help boost cloud compliance
Cloud computing can be attractive for IT services, except when it's time to figure out a compliance strategy. Chenxi Wang of Forrester Research explains the cloud compliance complexities and offers four compensating controls that can help. Tip
-
Analyzing MSSP providers' log files for IT security events
Analyzing firewall, Windows server and antivirus log files can seem like an endless and tedious task, especially for an understaffed security team, but it's extremely important for detecting IT security events. Read more in this network security expe... Tip
-
Cloud computing compliance: Exploring data security in the cloud
If you're looking to outsource sensitive data with a cloud service provider, you'll want to ask the right questions regarding cloud computing compliance and security issues. Learn more about the questions to ask providers about cloud computing data s... Tip
-
Cloud computing in 2010: Be ready for risk management challenges
As our tip series continues, Michael Cobb predicts some risk management challenges in 2010 as more companies get caught with their head in the 'cloud.' Tip
-
Maintaining security after a cloud computing implementation
You've just migrated your organization's applications and data in the cloud. The task of ensuring ongoing security has only just begun. Michael Cobb reviews how to work with your cloud provider. Tip
-
Preparing the network for a cloud computing implementation
Although a cloud provider may offer specific defenses, you are ultimately responsible for the security of your data. Michael Cobb explains how to prepare when your network infrastructure extends to the cloud. Tip
-
Cloud computing security: Infrastructure issues
Cloud computing offers many benefits by cutting costs and enabling a distributed workforce, but learning how the cloud computing infrastructure operates is essential to ensuring secure services. Diana Kelley and Char Sample offer a primer on cloud co... Tip
-
Cloud computing security: Choosing a VPN type to connect to the cloud
How do VPNs interact with the cloud, and how can enterprises best utilize the combined technologies? In this tip, experts Diana Kelley and Char Sample lay out the devices to consider securing when connecting to the cloud, as well as possible VPN opti... Tip
-
Cloud computing security: Routing and DNS security threats
Outsourcing services to the cloud can reduce IT spending, but it's important to account for the security risks. Learn about the routing and DNS security threats that exist in the cloud, including evil twin attacks, the re-routing of Internet traffic ... Tip
-
Cloud computing security model overview: Network infrastructure issues
In this primer on cloud computing security, learn about the basics of data security in the cloud, how to secure network infrastructure and devices that interact with cloud-based services and the threats and attacks that pose a risk to enterprises. Tip
- See More: Tips on Secure SaaS: Cloud services and systems
-
SaaS access management: Finding the best single sign-on technology
Expert Randall Gamby details key strategies for SaaS access management and contemporary single sign-on technology that's truly interoperable. Answer
-
Cloud endpoint security: Considerations for cloud security services
Mike Chapple details discuses considerations for using cloud security services, specifically cloud endpoint security. Answer
-
Enterprise antivirus comparison: Is cloud-based antivirus better?
Cloud-based antivirus has pros and cons, but, on the whole, can it be more effective than regular antivirus products? Learn more from expert Nick Lewis. Answer
-
What is SQL Server Atlanta?
Have you heard about Microsoft’s cloud-based SQL Server Atlanta service? Expert Michael Cobb discusses how Atlanta can help improve performance and security. Answer
-
Will Certificate of Cloud Security Knowledge boost cloud security best practices?
The Cloud Security Alliance has created a new certification to help promote cloud security best practices. Platform security expert Michael Cobb explains whether it's worth obtaining. Ask the Expert
-
Is Internet hijacking one of the main cloud computing threats?
Does cloud computing lend itself particularly to Internet traffic hijacking, or are there other more serious cloud computing threats that infosec pros should address first? In this expert response, Michael Cobb discusses what threats to be on the loo... Ask the Expert
-
Cloud computing risks: Secure encryption key management on virtual machines
As cloud computing grows in popularity, secure encryption key management becomes more vital. Michael Cobb explains the security risk affecting cloud computing and virtualized computing and why encryption key management policies need to be included in... Ask the Expert
-
Is Identity Management as a Service (IDaaS) a good idea?
Identity Management as a Service (IDaaS) is new on the managed security service provider scene, so how can you know which of these SaaS service providers to trust with your identity and management access tools? Find out in this expert response. Ask the Expert
-
How secure is 'Platform as a Service (PaaS)?'
There's no doubt that companies will want to leverage cloud computing and platform as a service, but expert Michael Cobb explains why enterprises should proceed with caution. Ask the Expert
-
When to use the service features of the Metasploit hacking tool
In this expert response, Michael Cobb explains why offloading resource-intensive penetration testing tasks to Metasploit may be an attractive option. Ask the Expert
- See More: Expert Advice on Secure SaaS: Cloud services and systems
-
Security as a Service (SaaS)
Security-as-a-service (SaaS) is an outsourcing model for security management. Typically, Security as a Service involves applications such as anti-virus software delivered over the Internet but the term can also refer to security management provided i... Definition
-
Q&A: Forrester's Chenxi Wang discusses cloud compliance
Forrester's Chenxi Wang discusses cloud compliance and the issues involved with maintaining compliance with PCI, SOX and HIPAA and using cloud-based services. Video
-
Social media and cloud computing for financial services
Paul Smocer of BITS discusses the use of social media and cloud computing by financial services firms, including the inherent risks, and what you can do to mitigate them Video
-
Noted cryptographer on SSL, encryption and cloud computing
Cryptographer, Taher Elgamal of Axway Inc., the inventor and initial driving force behind SSL, explains how applications may be better adapted to defend against attacks. Video
-
Countdown: Top 5 issues involving data loss and the virtualized cloud
In this podcast, learn the issues to consider when moving data into the cloud and how to work with your provider on security. Podcast
-
Face-off: Assessing cloud computing risks
Security experts Bruce Schneier and Marcus Ranum debate the kinds of risks associated with cloud computing and whether they should be absorbed by the customer. Video
-
Will cloud computing and virtualization save the day?
Will cloud computing and virtualization make enterprises more secure or leave them more vulnerable? At Information Security Decisions 2008, security researchers discuss the pros and cons of the inevitable cloud (part 3 of 4). Video
-
Fact or fiction: The security risks of cloud computing
Check out this expert podcast and learn about the benefits of cloud computing and SaaS and get tips for addressing the security challenges of these business options. Podcasts
-
Security School: Cloud app security best practices
In this Security School lesson, expert Diana Kelley examines what enterprises need to know about application security in the cloud. AIOG
-
Azure boosts CSA’s STAR
Cloud Security Alliance transparency effort expands with addition of Windows Azure. News
-
Microsoft vows to improve cloud service after Azure outage
Software giant said it will apply lessons learned after Leap Day outage of its cloud service. News
-
SaaS access management: Finding the best single sign-on technology
Expert Randall Gamby details key strategies for SaaS access management and contemporary single sign-on technology that's truly interoperable. Answer
-
Cloud endpoint security: Considerations for cloud security services
Mike Chapple details discuses considerations for using cloud security services, specifically cloud endpoint security. Answer
-
DHS cloud computing: Homeland Security’s model private cloud strategy
Using private cloud at separate data centers has allowed the Department of Homeland Security to strike a balance between security and cost savings. News
-
Enterprise antivirus comparison: Is cloud-based antivirus better?
Cloud-based antivirus has pros and cons, but, on the whole, can it be more effective than regular antivirus products? Learn more from expert Nick Lewis. Answer
-
What is SQL Server Atlanta?
Have you heard about Microsoft’s cloud-based SQL Server Atlanta service? Expert Michael Cobb discusses how Atlanta can help improve performance and security. Answer
-
CSA cloud provider registry aims to boost cloud transparency
Free online registry will provide documentation of cloud provider security controls. News
-
Amazon launches new cloud identity management functionality
AWS customers can now use their existing identity management systems. News
- See More: All on Secure SaaS: Cloud services and systems
About Secure SaaS: Cloud services and systems
In this free resource you will learn how to secure Software as a Service (SaaS) systems and applications to prevent attack. Information on cloud computing security systems and applications is also offered, as well as vendor pricing and costs.