Category Archives: Cloud Computing

Cybersecurity Camps Teach Students How To Counter Online Threats

Cybersecurity Camps Teach Students How To Counter Online Threats

Cybersecurity Camps Teach Students

A US federal government cyber-security camp pilot program, launched recently to show students how to counter online security threats, has been hugely successful and could lead to an unprecedented increase in the number of people wanting to become computer scientists specializing in cyber-security.

The camps, launched in 2014 and which offer a new solution to this problem, were the brainchild of Steven La Fountain, dean of the College of Cyber at the National Security Agency. His idea  was not only to train people who would become part of a successful future cyber-security force, but also to improve teacher skills and inform civilians about what was required.

cybersecurity

(Image Source: Shutterstock)

The cyber-security camps, specifically, are a result of a program funded by the National Science Foundation (NCF) and National Security Agency (NSA), GenCyber, that have a mission to increase the body of cyber-security experts needed by both private companies and government agencies. These organizations maintain that by teaching young people about potential online threats at an early age, they will gain respect for online information and make sure that they don’t misuse it later in life.

Associated Press reported that hundreds of students in various parts of the USA would be participating in GenCyber camps in Vermont, South Dakota and southern California. This presumably means that the program is growing.

The first prototype camps were launched late 2014, and at the time the NSA stated it hoped that there would be an eventual “presence” in schools in all 50 American states. Today Josh Pauli, associate professor at Dakota State University, where 200 students are reportedly joining the program, said it was important for students to be “really cyber aware,” or at least “be ready for the next wave of the cybersecurity workforce.” He also said he believed around 200 students would enroll in the next summer program.

Last year (2014) the pilot program ran six camps. This summer the goal was 30, and according to LaFountain, already more than 43 camps have been held at a cost of $4 million. LaFountain initially nominated a goal of 200 camps by 2020, but now says he realizes that this will happen a lot sooner than anticipated.

CybercampAccording to Dr.Victor Piotrowski, lead program director of CyberCorps’ Scholarship for Service program that the NCF runs, every company now has cyber-security on its radar, and everyone wants to hire computer science specialists to deal with the problem. But, “unfortunately we don’t have the capacity.”

The camps are clearly a new way that could prove to be the answer to the need for more cyber-security specialists.

With the probability of cyber-attacks increasing worldwide, the Information Systems Audit and Control Association (ISACA) has warned that it is vital to prepare as best as possible. The problem, though is that there is a lack of “skilled talent,” says an ISACA report. A global survey indicates that 16 percent of IT and cyber-security managers think that at least 50 percent of the people who apply for jobs are qualified, another 53 percent say it takes on average three to six months to find applicants who fit the qualifications they require. In addition to this, there are many organizations that have very little confidence in the cyber-security abilities of their existing staff members.

attempts-security

The study reveals “a high-risk environment” that is made a lot worse by “a lack of skilled talent.” It seems that the biggest problem is a lack of ability to understand the business, followed by skills deficiencies in both communications and technical skills. Further, more than half (52 percent) of the IT managers responding to the study believed that not even a quarter of those applying for jobs were qualified.

This particular study also reported a large number of security breaches, most of which (33 percent) were considered to be the result of personal gain.

It is certainly clear that education is key, and that cyber-security camps have a vital role to play.

By Penny Swift

Layering Governance Over Cloud: Do Not Re-Build Perpetually!

Layering Governance Over Cloud: Do Not Re-Build Perpetually!

Layering Governance Over Cloud 

As the latest Amazon earnings announcement for AWS suggests, enterprises have adopted cloud at a rapid pace over the last few years as a part of the emerging Bimodal IT paradigm. However, given the focus on cost and agile development, the sourcing of cloud vendors has typically been cost-based, and the governance framework adopted across empirical. The recent Sony cyberattacks have proved beyond doubt, that enterprise data is the biggest source of competitive advantage in today’s digital era and needs to be preserved and protected at all costs. Today, as critical business processes and data have started moving to the cloud, there is an increasing clamour for newer and more specific risk and control measures to ensure information security. At the same time, the threat landscape and information security requirements changes with each vendor, location, service, business priority and more. But, this does not and should not mean that organizations need re-invent their cloud management systems and governance processes again every time the threat landscape evolves.

cloud landscape

As the phenomena of cloud-based software deployments become the new normal, enterprises need to take a deeper and renewed look into Information Security and Risk Management instead of perpetually trying to re-build their Governance, Risk and Compliance (GRC) programs to keep pace with regulations and emerging cloud service models and technologies. The modern and leading organizations of tomorrow need to adopt a layering approach. Organizations need to create a single GRC layer over their cloud ecosystem, which can expand across multiple cloud vendors and models. The layering approach is imperative to ensure the cloud ecosystem can scale securely across the following attributes:

  • Heterogeneity: The ecosystem can support heterogeneous platforms in terms of their operating systems, technology ecosystems, devices and user base to ensure economies of scale and lower total cost of ownership.
  • Virtualization: The ecosystem will adopt cloud-based virtualized environments.
  • Big Data: The ecosystem can manage the complexity, volume and variety of data being created as the phenomena of social collaboration and mobility takes centerstage in enterprises.

shutterstock_214315015

The GRC layer should have capabilities to consolidate information from various end-point data sources within the cloud ecosystem and aggregate them into a single container. The layer should be able to provide a common taxonomy and orchestration for system level controls, risk assessments, access control audits and compliance checks across the cloud ecosystem. It needs to have aggregation dashboards and reporting mechanisms to consolidate the data, and provide a single source of truth to IT and business leaders. As business resilience becomes paramount in modern digital enterprises, the governance layer will also need to include the business continuity and disaster recovery related audits, plans and ownership. The layer can be used to define, create and enforce a common set of policies across all cloud vendors. It can act as the repository for all historical information in terms of compliance and control measures. The GRC layer will also provide a common framework for the risk and compliance evaluation of future cloud service providers that an organization may be considering. Having a common risk and control framework will allow the organization to set the right benchmarks and service-level agreements for the providers and aid in assimilating them with the ecosystem in a timely manner.

Cloud Ecosystem Downtime

While the naysayers will debate the cost and complexity of the tasks at hand, the cost of not having the GRC layer within the cloud ecosystem is enormous. Analysts estimated a $5 million USD loss from one single hour of outage of AWS for Amazon itself. Today most businesses are not even able to assess the true cost of cloud ecosystem downtime. The ability to handle these outages, compliance costs and threats leveraging a comprehensive GRC layer can save trillion of dollars in business operations losses, regulatory fines and service restoration costs. A fragmented or silo-based approach not only exposes the organization to the risk of operational loss or data theft, but also increases the cost of replicating the layer separately across each silo.

In conclusion, adopting a GRC layering approach allows organizations to create a single source of truth in terms of cloud governance, as well as superimpose a business context onto cloud-based assets. It is a priority that organizations recognize cloud factors such as the total cost of ownership model, the cost of disruption and the lack of organizational governance, control and provisions. The one stop assurance framework provided by a GRC layer can allow organizations to choose across the variety of emerging service and delivery models allowing them to optimize their total cost of ownership while ensuring governance across cloud ecosystem.

(Image Source: Shutterstock)

By Vibhav Agarwal

Managed Cloud Services and The Small Business

Managed Cloud Services and The Small Business

Managed Cloud Services

The age-old adage jack of all trades, master of none, is as true today as ever. Companies are often required to focus on so many diverse fields in the basic running of their businesses that they spend less time focusing on the reason for their business. With the legal and security implications surrounding IT and data management, it is essential that these services be top of the line and entirely current, but the cost implications for many smaller businesses can be excessive. As with many other divisions such as HR, payroll and maintenance, IT services can be outsourced, though this often comes at a high cost too. Another option is managed cloud services.

Managed cloud services give businesses the ability to tap into cloud services without being experts in the field. Benefits include excellent security, high availability and back-up, as well as cost efficiency. The flexibility this offers is indispensable, and ensures that the back-end is always cutting edge, thus giving you the best resources available to pursue your business’s potential.

Niche Operations

managed-cloud-service

 

(Image Source: Shutterstock)

While all of the large IT outsourcing companies offer managed cloud services, niche operations have come to the fore offering fast, focused and flexible services at reasonable prices. Rackspace is one of the larger managed cloud service providers, and promises infrastructure provision with system monitoring, DNS management and backup and disaster recovery, as well as management of applications and tools such as specialised database management and application deployment, scaling and lifecycle management. Keytech Managing IT offers similar services in the United Kingdom, Cloud Solutions Group operating out of Melbourne, Australia is another up-and-comer. The list of companies offering these solutions is as substantial as the variety of management options they offer.

As well as offering the basic cloud solutions that any business requires to run efficiently, managed cloud services also level the playing field for small businesses by offering access to complex tools that would otherwise be too costly to consider. The expertise available from these specialised companies far outweighs what any small or medium business could provide in-house, and is provided at a budgeted monthly cost.

Internap is another provider of managed cloud solutions, and offers its customers additional flexibility in its ‘solution builder’. Businesses are able to tailor-make their solution by building an environment that meets their specific needs while filtering out any unnecessary excesses. With the constant evolution of services, reliability and customisation provided, it seems likely that managed cloud service providers will be indispensable to any small business wishing to compete in today’s market.

Sponsored by Keytech Managing IT 

By Jennifer Klostermann

New Cloud Security Certification In A Maturing Industry

New Cloud Security Certification In A Maturing Industry

New Cloud Security Certification

Cloud security certification is getting a new dimension. At the RSA conference earlier this month the Cloud Security Alliance (CSA) and (ISC)² announced a new cloud security certification: Certified Cloud Security Professional, or CCSP for short.

(ISC)² is most famous for its flagship certification: Certified Information Systems Security Professional or CISSP. More than 100,000 professionals maintain this certification and it is widely recognized. The Cloud Security Alliance pioneered the cloud security field a few years ago, and runs the CCSK (Certificate of Cloud Security Knowledge) programme.

cloud-security-certification

The CCSP body of knowledge covers 6 domains:

  • Architectural Concepts and Design Requirements
  • Cloud Data Security
  • Cloud Platform and Infrastructure Security
  • Cloud Application Security
  • Operations
  • Legal and Compliance

CCSP is supposed to be a more extensive certification than CCSK. It has a more formal exam and a requirement for five years in IT of which three years must be spent in security and one year in cloud computing. On top of that, similar to CISSP, there is a requirement to uphold the certification by earning CPE (continuing professional education) points.

It is a sign of a maturing industry that these two forces are combining their best practices. Cloud computing has left the pioneering stage, and there are currently multiple cloud providers that count their yearly revenue in the billions of dollars.

jim-reavisMany enterprises have told us that cloud computing is becoming their primary IT system,” says Jim Reavis, CEO of the Cloud Security Alliance. “An effective cloud security strategy and architecture adds several nuances to traditional security best practices; which is why it’s critical to accelerate efforts to address the cloud security skills gap. CCSP helps to set the highest standard for cloud security expertise. The program we have developed with (ISC)² creates strong incentives for information security professionals to obtain both the CCSK and CCSP, which will create a workforce of experts who possess a mastery of the broadest cloud security body of knowledge.”

While (ISC)² coming to the game underlines the relevance and maturity of cloud security, there will be some questions left for people who either have or are pursuing CCSK certification. (Disclaimer: I am an active CCSK trainer, and I wrote one of the chapters of the CCSP study guide.)

According to the founding fathers of CCSP, both certifications will co-exist. The (ISC)² website states: “The typical cloud security professional will likely achieve the CCSK first, and then the CCSP credential. Attainment of the CCSK can also be substituted for the one year of cloud security experience

Other text on the website suggests that CCSK can be seen as somewhat of a broad base, on top of which CCSP is built as a more extensive certification. However, in my experience as a CCSK trainer, even though CCSK is a good introduction into cloud security, it is not shallow. It takes a few days of dedicated training and study to pass the exam.

cloud_57

So is there any sense in still going for CCSK, or should you wait for CCSP to become available? To answer that question you first need to consider why you would want to take the training and the certification. If you want to collect badges, you might want to attain both certifications. If you need to address cloud security in your job right now, it makes sense to do CCSK soon. Participants in my CCSK training report that it helps them now in their day jobs, even more so if they take it as a team. Looking at the CCSP release schedules gives the impression that general availability of training is still at least months away. On the other hand, if you are already very knowledgeable and experienced in cloud and cloud security, CCSK may not add much to your current business value other than public recognition.

By Peter Hj van Eijk

Using Mobile Technology To Price, Quote and Engage Customers

Using Mobile Technology To Price, Quote and Engage Customers

Using Mobile Technology To Price, Quote and Engage Customers

To remain competitive in the e-commerce age, companies are starting to recognize that one price does not fit all, and in fact, the marketplace demands a great deal of versatility. Individual consumers have experienced this when dealing with sophisticated B2C retailers such as Amazon, a company well known for adjusting prices by the minute. A TV that is on sale for $450 might quickly change down to $397 a few minutes later, thanks to algorithms that constantly check the prices and inventories of its competitors. That is how e-commerce business is done – dynamically and in real time across all channels.

algo

In many cases, the customization of an order is now essential to its successful completion. With buyers legitimately feeling more empowered and educated, there is no longer patience for static ordering and pricing systems owned and controlled entirely by the vendor. Today, the sales rep must visit the customer with wireless tablet in hand, ready to review and construct an order and pass it back to the customer, either for a signature then-and-there, or for review by the buyer’s team. Consumerization of the enterprise is happening, and so, too is enterprise mobility.

Configure Price Quote (CPQ)

One of the most dynamic demonstrations of this mobile approach can be seen in the technique of configure-price-quote (CPQ). This refers to a software solution that helps companies become more aware of their own data, especially pricing and inventory, in order to stay more competitively in line with the market. CPQ helps companies calculate discounts and close sales while still maintaining a margin.

price-quote

(Image Source: Shutterstock)

Although such competitive pricing techniques might not be new in and of themselves, the way in which sales reps can now access them, wirelessly and through the cloud, means the process of selling can move forward and stay at the leading edge of both competitiveness and cost-effectiveness. Similarly, the other areas of the vendor business, such as back office/ERP, which have traditionally existed in siloes, have access to the same cloud-based data, thus improving the other support elements in the transaction, including shipping, support, and commission management.

CPQ software generally includes price sheets, catalog information and inventory data. They form an integral part of a customized sales process, assisting and even predicting a customer’s needs based on past purchases and the intelligent use of big data and predictive analytics. In short, CPQ software pulls together a range of market pricing variables, including discounts and up-sells, and configures for idealized pricing. Hence the acronym, CPQ.

 

CPQ helps companies better manage their pricing, which can be a challenge as they grow larger and employ more sales representatives and related support staff, while maintaining a growing customer base. Sales are lost when up-to-date pricing and quote opportunities are lost, and this is something that is no longer acceptable in a mobile first economy.

Though innovative practices such as CPQ are gradually inserting themselves into the commercial world, they continue to be hamstrung by legacy systems, outdated management attitudes, and inadequate communication of knowledge and data. This becomes part of the challenge of being, as KPMG calls it, “responsibly mobile.”

Companies today must build:

  • a sound strategy and roadmap for all the devices and apps that they identify as useful, competitive and cost-effective
  • a delivery method for an effective and consistent customer experience
  • an operational structure to manage data, both inbound and outbound

As Martin Sokalski and Max Hanson, both of KPMG IT Advisory Services, write in their white paper, A Framework for Responsibly Mobile, “many [companies] attempt to address these challenges [of mobile commerce], but their efforts are often siloed and fragmented. For example, some will focus all efforts on securing data on mobile devices, but fail to consider business use cases, user experience or alignment to a broader enterprise strategy.” The authors of this piece call for a coordinated “mobility center of excellence to better pull things together.”

Although CPQ is not the only solution available to companies, it represents the dynamic and centerless cloud-based world in which all businesses must exist. Some C-level decision-makers may observe cloud technology as simply an external storage space, or at best a communications and marketing vehicle. But the evolution of customer pricing and quotations as embodied by CPQ demonstrates that the entire sales process can benefit from being mobile and cloud-based. There are both cost savings and profits to be realized by moving to a state of true mobile.

This post is brought to you by The CIO Agenda.

KPMG LLP is a Delaware limited liability partnership and is the U.S. member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. The KPMG name, logo and “cutting through complexity” are registered trademarks or trademarks of KPMG International. The views and opinions expressed herein are those of the authors and do not necessarily represent the views and opinions of KPMG LLP.

By Steve Prentice

The Lighter Side Of The Cloud – New Responsibilities

The Lighter Side Of The Cloud – New Responsibilities



8CyberSecurity(FP)

By Al Johnson

Are you looking to supercharge your Newsletter, Powerpoint presentation, Social media campaign or Website? Our universally recognized tech related comics can help you. Contact us for information on our commercial licensing rates. 

What Did Cyber Week Achieve?

What Did Cyber Week Achieve?

What Did Cyber Week Achieve?

Last week’s “Cyber Week” was all about cybersecurity and the ongoing threat of cyber attacks against the federal government, non-profits and private companies in the US. But what did it achieve?

Ultimately, two new bills were passed by the House both aiming to enable both companies and government to withstand cyber attack and increase the country’s cybersecurity.

One aims primarily to strengthen government’s ability to deal with the ongoing cyber war in an attempt to effectively fight hackers more effectively. The other strives to enable companies to legitimately share cyber-threat and -attack information without the fear of being held liable.

Recent cyber attacks include the Home Depot hack last year that involved credit cards and effectively exposed 56 million card numbers. In January this year hackers accessed insurance provider Anthem’s database and accessed information relating to 80 million people, reportedly targeting social security numbers. In 2014 there were in excess of 1,500 data breaches reported worldwide – an increase in 50 percent from 2013.

cyber-security

While both pieces of legislation have been widely welcomed, there is some concern that they overlap and possibly undermine one another. For instance, during the floor debate, Colorado’s Democratic Representative, Jared Polis drew attention to this fact, stating that there seemed to be “some kind of turf war” going on between the government’s Homeland Security and Intelligence Committees.

While both bills have privacy protection that has been designed to restrict companies from sharing personal information, and in that way safeguard personal data, there are differences. Perhaps the most obvious difference is where cybersecurity issues must be reported.

The Protecting Cyber Networks Act (also referred to as the Intelligence Committee’s information sharing bill) is aimed at US companies, and encourages them to report any high-profile data breach to any federal agencies except the Department of Defense. Information will be shared with civilian agencies and not the Department of Homeland Security.

The National Cybersecurity Protection Advancement Act focuses on liability protection for companies sharing information on cyber attacks and cybersecurity breaches. Introduced by the Homeland Security Committee, the Act specifies that information must be reported to the Department of Homeland Security’s National Cybersecurity and Communications Integration Center. It may then be shared with other companies to increase “network awareness.

It has been reported that the legislation will be “merged” before it goes to the Senate.

In spite of the focus on US cybersecurity during Cyber Week, some have warned that the new legislation will not be enough to stop the ongoing threat. Even the White House has conceded that the liability protection offered is too broad, and could protect “grossly negligent and even reckless” entities.

In a statement of administration policy  issued on the eve of Cyber Week, the White House said that appropriate liability protections should not “grant immunity to a private company for failing to act on information it receives about the security of its networks.” Instead, it was important that liability protection was in place to ”incentivize good cybersecurity practices.

Further, since the first major cybersecurity breach was reported in 2005, more than 40 bills have been introduced to Congress, and yet the threat appears to continue to increase.

It has been reported that President Barrack Obama has earmarked an amount of $14 billion to fight cyber attacks. He has also announced that a new government agency will be created. The Cyber Threat Intelligence Integration Center will be the pivotal body, presumably relying partly on the new legislation voted on during Cyber Week. In addition, the Senate is expected to consider the Cybersecurity Information Sharing Act and additional data-security very soon.

At the end of the day (or week), it is not clear how much was achieved during Cyber Week 2015, if anything.

By Penny Swift

5 Ways Unified Communications Can Benefit Your Employees

5 Ways Unified Communications Can Benefit Your Employees

Unified Communications

Could you imagine a world where successful companies no longer needed office space to function on a day-to-day basis. Defined as “an industry term used to describe all forms of call and multimedia/cross-media message management functions,” unified communications is quickly making this dream more of a reality for any firm looking to achieve long-term scalability and success in today’s business world.

Helping Employees

Embracing UC technology can assist company leaders in helping employees better navigate their daily tasks while also keeping communications reliable by deploying this new technology in the workplace. In addition, UC systems help businesses promote remote work capabilities, which are becoming more popular by the day. Jumping on board with this movement assists your employees with staying productive and engaged by allowing them to step away from their desks without running the risk of missing phone calls or emails. By focusing on achieving the work anywhere at anytime mentality, employees can maintain a sense of teamwork and collaboration regardless of where they are physically located. In addition, unified communications offers a simple solution to centralizing communications in your firm, meaning that any employee has access to any necessary information for their telephone, email, or conferencing needs.

Here is an infographic courtesy of ShoreTel which shows you 5 excellent examples of how unified communications can benefit your employees:

Shoretel_5Benefits_72-01 (1)

CloudTweaks Comics
Cost of the Cloud: Is It Really Worth It?

Cost of the Cloud: Is It Really Worth It?

Cost of the Cloud Cloud computing is more than just another storage tier. Imagine if you’re able to scale up 10x just to handle seasonal volumes or rely on a true disaster-recovery solution without upfront capital. Although the pay-as-you-go pricing model of cloud computing makes it a noticeable expense, it’s the only solution for many…

The Cloud Above Our Home

The Cloud Above Our Home

Our Home – Moving All Things Into The Cloud The promise of a smart home had excited the imagination of the movie makers long ago. If you have seen any TV shows in the nineties or before, the interpretation presented itself to us as a computerized personal assistant or a robot housekeeper. It was smart,…

How Formal Verification Can Thwart Change-Induced Network Outages and Breaches

How Formal Verification Can Thwart Change-Induced Network Outages and Breaches

How Formal Verification Can Thwart  Breaches Formal verification is not a new concept. In a nutshell, the process uses sophisticated math to prove or disprove whether a system achieves its desired functional specifications. It is employed by organizations that build products that absolutely cannot fail. One of the reasons NASA rovers are still roaming Mars…

What You Need To Know About Choosing A Cloud Service Provider

What You Need To Know About Choosing A Cloud Service Provider

Selecting The Right Cloud Services Provider How to find the right partner for cloud adoption on an enterprise scale The cloud is capable of delivering many benefits, enabling greater collaboration, business agility, and speed to market. Cloud adoption in the enterprise has been growing fast. Worldwide spending on public cloud services will grow at a…

Infographic: IoT Programming Essential Job Skills

Infographic: IoT Programming Essential Job Skills

Learning To Code As many readers may or may not know we cover a fair number of topics surrounding new technologies such as Big data, Cloud computing , IoT and one of the most critical areas at the moment – Information Security. The trends continue to dictate that there is a huge shortage of unfilled…

Choosing IaaS or a Cloud-Enabled Managed Hosting Provider?

Choosing IaaS or a Cloud-Enabled Managed Hosting Provider?

There is a Difference – So Stop Comparing We are all familiar with the old saying “That’s like comparing apples to oranges” and though we learned this lesson during our early years we somehow seem to discount this idiom when discussing the Cloud. Specifically, IT buyers often feel justified when comparing the cost of a…

Big Data and Financial Services – Security Threat or Massive Opportunity?

Big Data and Financial Services – Security Threat or Massive Opportunity?

Big Data and Financial Services Cloud Banking Insights Series focuses on big data in the financial services industry and whether it is a security threat or actually a massive opportunity. How does big data fit into an overall cloud strategy? Most FI’s have a positive mind-set towards cloud IT consumption as it not only enables…

The Monstrous IoT Connected Cloud Market

The Monstrous IoT Connected Cloud Market

What’s Missing in the IoT? While the Internet of Things has become a popular concept among tech crowds, the consumer IoT remains fragmented. Top companies continue to battle to decide who will be the epicenter of the smart home of the future, creating separate ecosystems (like the iOS and Android smartphone market) in their wake.…

Consequences Of Combining Off Premise Cloud Storage and Corporate Data

Consequences Of Combining Off Premise Cloud Storage and Corporate Data

Off Premise Corporate Data Storage Cloud storage is a broad term. It can encompass anything from on premise solutions, to file storage, disaster recovery and off premise options. To narrow the scope, I’ve dedicated the focus of today’s discussion to the more popular cloud storage services—such as Dropbox, Box, OneDrive—which are also known as hosted,…

Cloud Infographic – Disaster Recovery

Cloud Infographic – Disaster Recovery

Disaster Recovery Business downtime can be detrimental without a proper disaster recovery plan in place. Only 6% of businesses that experience downtime without a plan will survive long term. Less than half of all businesses that experience a disaster are likely to reopen their doors. There are many causes of data loss and downtime —…

Lavabit, Edward Snowden and the Legal Battle For Privacy

Lavabit, Edward Snowden and the Legal Battle For Privacy

The Legal Battle For Privacy In early June 2013, Edward Snowden made headlines around the world when he leaked information about the National Security Agency (NSA) collecting the phone records of tens of millions of Americans. It was a dramatic story. Snowden flew to Hong Kong and then Russia to avoid deportation to the US,…

Cost of the Cloud: Is It Really Worth It?

Cost of the Cloud: Is It Really Worth It?

Cost of the Cloud Cloud computing is more than just another storage tier. Imagine if you’re able to scale up 10x just to handle seasonal volumes or rely on a true disaster-recovery solution without upfront capital. Although the pay-as-you-go pricing model of cloud computing makes it a noticeable expense, it’s the only solution for many…

Don’t Be Intimidated By Data Governance

Don’t Be Intimidated By Data Governance

Data Governance Data governance, the understanding of the raw data of an organization is an area IT departments have historically viewed as a lose-lose proposition. Not doing anything means organizations run the risk of data loss, data breaches and data anarchy – no control, no oversight – the Wild West with IT is just hoping…

Adopting A Cohesive GRC Mindset For Cloud Security

Adopting A Cohesive GRC Mindset For Cloud Security

Cloud Security Mindset Businesses are becoming wise to the compelling benefits of cloud computing. When adopting cloud, they need a high level of confidence in how it will be risk-managed and controlled, to preserve the security of their information and integrity of their operations. Cloud implementation is sometimes built up over time in a business,…

How The CFAA Ruling Affects Individuals And Password-Sharing

How The CFAA Ruling Affects Individuals And Password-Sharing

Individuals and Password-Sharing With the 1980s came the explosion of computing. In 1980, the Commodore ushered in the advent of home computing. Time magazine declared 1982 was “The Year of the Computer.” By 1983, there were an estimated 10 million personal computers in the United States alone. As soon as computers became popular, the federal government…

Connecting With Customers In The Cloud

Connecting With Customers In The Cloud

Customers in the Cloud Global enterprises in every industry are increasingly turning to cloud-based innovators like Salesforce, ServiceNow, WorkDay and Aria, to handle critical systems like billing, IT services, HCM and CRM. One need look no further than Salesforce’s and Amazon’s most recent earnings report, to see this indeed is not a passing fad, but…

Three Factors For Choosing Your Long-term Cloud Strategy

Three Factors For Choosing Your Long-term Cloud Strategy

Choosing Your Long-term Cloud Strategy A few weeks ago I visited the global headquarters of a large multi-national company to discuss cloud strategy with the CIO. I arrived 30 minutes early and took a tour of the area where the marketing team showcased their award winning brands. I was impressed by the digital marketing strategy…

Having Your Cybersecurity And Eating It Too

Having Your Cybersecurity And Eating It Too

The Catch 22 The very same year Marc Andreessen famously said that software was eating the world, the Chief Information Officer of the United States was announcing a major Cloud First goal. That was 2011. Five years later, as both the private and public sectors continue to adopt cloud-based software services, we’re interested in this…