Cloud Computing Security Issues: The Vendor

cloud computing security issues

This series examines security in the cloud, showing how companies can mitigate cloud computing security issues and risks. This post specifically addresses vendors. The cloud is not “one-size-fits-all.” Every company must examine their own security requirements, often on an application-by-application basis, to determine which cloud solution is most appropriate to their needs. Once the type of cloud solution has been selected, they must determine how they can mitigate any security risks. It is important to recognize that risk cannot be 100% eliminated. However, it can be significantly reduced to a level that is acceptable for a given business. The most crucial step in reducing risk is ven … Read more

Are You Investing In The Right IT Security Technologies?

security technologies

IT security technologies are not a one-size-fits-all proposition. Every company has its own specific business requirements related to security, and the key word here is business. All too often, companies evaluate their security posture from the perspective of technology. They ask questions like, "Do we need ingress filtering? Do we need intrusion detection?" These may well be legitimate questions, but technology is not the right place to begin. When it comes to security, companies should first and foremost determine the business consequences of a security breach, and do so on a system-by-system basis. The successful hack of a database that contains sensitive information like credit card … Read more

How Flexible Should An Information Technology Department Be?

information technology department

Flexibility: More and more studies are showing how much employees value flexibility with regard to their work schedule. But no one wants their information technology department support to be anything but consistent. While accounting or marketing departments might be able to deal with lighter staffing on certain days of the week or times of the day, what happens when a system crashes or a rush of help requests comes in and half of the IT department is simply not there? And yet, IT professionals are people, too. Don't they deserve one of the most coveted of work options? Can information technology departments offer both flexibility to their staff and serve their companies to the best of … Read more

A CISO’s Job Description: What is a Day in the Life of the CISO?

CISO job description

So, you want to take the next step up the security corporate ladder and become a CISO. Or perhaps your company’s decision leaders are re-considering their approach to cyber security and want to create a CISO position. What is a real, down-to-earth CISO job description? What can a CISO expect an average day to look like? The “average” day will depend on several different factors, according to Dan Lohrmann, former CISO for the State of Michigan and current Chief Strategist and Chief Security Officer at Security Mentor. What the CISO’s job description entails will depend on the size and complexity of the organization, as well as the scope of overall duties. “Some government and business … Read more

7 Key Elements Of A Successful Cloud Migration Strategy

cloud migration strategy

Cloud technology can seem as intangible and mercurial as its namesake. But with a solid strategy and the right guidance, businesses can confidently move forward: making sound business decisions, charting a direct course through migration, and reaping the many benefits the cloud offers. But what are the key elements of a successful cloud migration strategy? Forgetting for a moment the over-hyped assertions that “everyone is moving to the cloud” and “the cloud is the right decision for every business,” how will you determine if the cloud is the single best solution for your organization, or is just part of a more complex composite solution? A solid strategy requires depth of understanding. No … Read more

You Can Get Good Cyber Security, But Not At Wal-Mart

get good cyber security

Cyber security is a top concern in the IT industry today. In this series, we will look at various threats to cyber security - and what steps businesses can take to meet those threats head on in order to get good cyber security. If the solution to the problem of how to get good cyber security was packaged in a box and sold at Wal-Mart, IT professionals would have nothing to worry about. They could arrange for employees to pick up their security package when activating their new smartphones. Unfortunately, getting good cyber security isn’t that simple. Good cyber security practices aren’t purchased in a store: they have to be taught. And the sad reality is, most employees aren’t receiving … Read more

How To Pick A Colocation Provider

colocation provider

The relentless pace of business automation and Internet commerce has led to a staggering increase in the amount of data that businesses need to store. And that growth has created a corresponding need for businesses to expand their IT capabilities. However, a direct investment distracts from your core business and can cost up to $10 million for buildout and $5,000 per square foot for operational overhead. That’s why many companies are opting to outsource their IT through colocation providers. Colocation is all about economies of scale, focusing on your core competencies as a business and letting someone else handle the data center aspect. From a financial perspective, it allows you to take a … Read more

The CISO’s Worst Nightmare In Two Words: Data Breach

data breach

There are certain words and phrases that strike fear in particular situations. For the parent, it is a phone call that begins, “There’s been an accident.” For a person in a relationship, it is the conversation that starts, “We need to talk.” For the politician running for president, it is hearing, “There’s a video.” And for the CISO, there are two words that create panic: “Data breach.” There are plenty of reasons why the data breach is every CISO’s worst nightmare. There is the cost in dollars and cents. Companies can expect to pay, on average, $200 per compromised file, and the subsequent post-breach clean-up costs come in at $20,000 per day. There is reputation damage, especially if … Read more