Category Archives: Security

Dismissal Of Class Action Lawsuit A Setback For Internet Privacy

Dismissal Of Class Action Lawsuit A Setback For Internet Privacy

A Setback For Internet Privacy

On Monday the Third U.S. Circuit Court of Appeals (a federal appeals court) unanimously dismissed a class action lawsuit by parents of children under the age of 13 who had used Nickelodeon’s websites against Google and Viacom (which owns the Nickelodeon websites). This was a result of litigation beginning in 2013.

The class action disputed the legality of planting of cookies to gather and track the browsing information from the computers and phones of children who had played games and watched videos on Nickelodeon’s websites. Collecting IP addresses, the Court held, was not against the law. The laws in question came from the Video Privacy Protection Act from 1988. This legislation prohibits the personally identifiable information about a person’s video viewing habits from being disclosed. This law was amended in 2013 but was regrettably not brought up to speed with current Internet privacy trends. The result was that the Court found Viacom and Google had only received the browsing and video viewing history – it did not disclose it.

data-privacy

While Google was held not to be liable at all, Viacom itself could still be liable on the promise it makes on its registration forms that “HEY GROWN-UPS: We don’t collect ANY personal information about your kids. Which means we couldn’t share it even if we wanted to!” Even though Viacom disclosed no personal information, collecting such information is potentially a breach of that promise to its users.

What this ruling illustrates is, first, that the laws around Internet privacy are severely outdated. Technology and its uses change and grow exponentially whereas lawmakers are slow to meet these demands. Secondly, it demonstrates that the Courts are willing to allow invasions of privacy by strictly interpreting the law. However, near the end of the ruling the Court does note the need for change in this area: “Our decision necessarily leaves some unanswered questions about what kinds of disclosures violate the Video Privacy Protection Act. Such uncertainty is ultimately a consequence of our common-law system of adjudication and the rapid evolution of contemporary technology. In the meantime, companies in the business of streaming digital video are well advised to think carefully about customer notice and consent. Whether other kinds of disclosure will trigger liability under the Act is another question for another day.” Hopefully that day is not too far in the future.

By Jason De Klerk

8 Cloud Characteristics Every ERP System Needs

8 Cloud Characteristics Every ERP System Needs

Characteristics Every ERP System Needs

Cloud-based ERP systems offer many benefits to a growing organization. And those benefits are catching on in a big way in recent years. In fact, according to the RightScale State of the Cloud 2016 Survey, which has collected the responses of 1,060 IT professionals, 95% of respondents are using a cloud computing solution. By selecting a cloud-based ERP system that unifies the entire company, a business can defer the burden of managing their own infrastructure. This can free up IT staff, lower overhead, offer financial and time savings, and more.

cloud-computing-trends-2016

Cloud-based ERP systems provide employees with access to critical business data regardless of location or device. This means that employees, customers, and vendors can securely access data and collaborate in real time. With an entire company standardized on one system and looking at the most up-to-date documents and data, what’s not to love? Let’s take a look at eight characteristics to search for when seeking out the perfect cloud-based ERP provider for your business.

File Versioning

If you make frequent changes to files, or you have several individuals accessing the same document, file versioning is a necessity. File versioning maintains the history and integrity of important company files, so you never lose your work. It prevents individuals from overwriting old files by automatically saving edits as a new version, and preserving the old copy for review.

It’s important to ask your ERP cloud provider how many versions the system will keep, how long the system will keep them, and where older versions are sequestered once they are deleted.

Automatic Backup

With automatic backup, an ERP system can help companies ensure that all of their data and documents are up-to-date and safe from tragedy. A cloud backup system is designed to protect against data loss and reduce the time it takes to restore data. This means minimal downtime and minimal risk to business productivity and profit. In the event that disaster strikes your physical business, you can rest assured that your data is safe and sound.

Sharing and Collaboration Tools

If you run a business in which employees are team-oriented, often share documents and data, or frequently share documents with individuals outside of the company, then these tools are critical to ensuring a seamless document sharing process with a variety of viewing and editing options. Sharing and collaboration tools should include password protection and sharing options that can customize the level of security. This can keep documents available to individuals on a need-to-know basis, and allow you to set security on the document level, sub-folder level, parent folder level, and so on. This can keep your confidential documents away from prying eyes yet still accessible to those who need to see them.

Automatic Syncing

If you have employees who work off-site or are often traveling, then automatic syncing can prevent multiple versions of documents from building up. If your employees find themselves without time to manually sync document edits, then automatic syncing can help sync files immediately and offer every individual within the company the opportunity to see the latest version of a document in real-time, without having to rely on others to ensure their local copy has been uploaded for access.

Cloud-Based Viewing and Editing Options

One of the major benefits of a cloud-based ERP is its accessibility. If you have segments of your business that are off-site, or employees who travel or work remote, cloud-based viewing and editing provides your employees the ultimate flexibility with access to documents anytime, anywhere, and on any device where an internet connection is available. With the support of automated syncing, employees can confidently open documents and make quick edits. An ERP system without this feature can cause the additional hassles of having to download documents, edit them locally, and remember to manually re-upload them for company access.

Security and File Encryption

Your cloud-based ERP system should come with the latest and greatest in electronic and physical security layers. It should encrypt your document data at least once before it leaves your device. You should also be able to choose your own encryption key to assure exceptional security on the most confidential company documents. And, it should include the ability to set different levels of access for different employees.

Scalability and Customizable Storage Capacity

One of the greatest benefits of a cloud-based ERP is the exceptional ability to scale your business on-the-fly. Whether you are responding to seasonality, business growth, or global expansion, the ability to easily scale can keep your business running at top speed. Your system expansion should be as simple as subscribing to additional user accounts.

Every business is different. And one comes with its own unique storage capacity needs and decisions on how much of their business they feel they can to move to the cloud. Customizable storage capacity allows business owners the opportunity to choose to increase the percentage of their business they move into the cloud at a later date. Look for a cloud-based ERP provider that offers storage at a scalable size and honest price. It’s also important to look at how that price will grow as your business needs grow. In some cases, an unlimited data storage package is the most cost-effective.

Technical Support

When your business is in the cloud, you need to know that you can access it reliably. Your cloud-based ERP solution should not only manage the infrastructure and keep it running 24/7, they should also be available around the clock with friendly and accessible support technicians. This ensures that both you and your employees can access important business data and documents at all times, and any ERP application issues can be dealt with swiftly.

A cloud-based ERP system provides a great many benefits to today’s active, mobile, globalizing, and growing businesses. When searching to connect and standardize your business using a cloud-based ERP, search for one that offers stellar technical support, easy and cost-effective scalability, customizable storage capacity, state-of-the-art security, document viewing, editing, syncing, versioning capabilities, and innovative sharing and collaboration tools.

By Aaron Continelli

Controversial Chinese Cybersecurity Law Under Review Again

Controversial Chinese Cybersecurity Law Under Review Again

Cybersecurity Law

BEIJING. The National People’s Congress, the equivalence of the Chinese Parliament, moved forward in drafting a second version of a controversial cybersecurity law first introduced almost a year ago. This means the law is thought to be closer to passing and will bring greater censorship for both foreign and domestic citizens and businesses.

In China, popular websites like Facebook and Google are blocked, and all web traffic is openly monitored and censored by the government. The latest draft of the law aims to require network operators, foreign and domestic, to comply with the “social morals” of China and accept the supervision of government censors. According to Xinhua, China’s state-operated news agency, the law requires all Chinese citizens’ data to be stored in China along with “important business data”. Countries wishing to store this data outside of China would need to submit to a security evaluation from the Chinese government.

shutterstock_402359314

(Image Source: Shutterstock)

Critics of the law, mostly foreign governments, multinational corporations, and human rights activists, say a broad interpretation of it could give Beijing the power to do whatever they want. It is also thought to create a competitive disadvantage for foreign firms attempting to do business in China, especially those from the United States and European Union.

Chinese lawmakers often review and revise several drafts of legislation before finally enacting its contents. The original draft introduced nearly a year ago was said to protect Chinese citizens from hackers and data resellers in addition to block the dissemination of private information records, which are illegal in China. The moving forward with a second draft increases the likelihood of these regulations becoming a reality.

An example of Chinese oversight on these matters came just last month when Chinese officials set limits on the volume of advertising from healthcare groups featured on the country’s largest search engine, Baidu Inc. The backlash comes after a student died from participating in an experimental cancer treatment program he discovered online. The second draft of the law is still in construction, and it is unclear when it will be finalized.

What is interesting about this law is that Chinese officials already have control of Chinese citizens’ data and internet use through overarching personal property laws and strict human rights allowances. The average Chinese citizen may not see a change from this law being enacted, but it will mean major changes for foreign businesses hungry to tap into a Chinese market with over a billion consumers.

By Thomas Dougherty

Personal Account of Google CEO Compromised

Personal Account of Google CEO Compromised

Personal Account Compromised

The security of our information online, whether it’s our banking details, emails or personal information, is important. Hackers pose a very real threat to our privacy when there are vulnerabilities in the security of the services we use online. It can be worrying then when the CEO of perhaps the largest holder of our information online has their own accounts hacked.

On June 27 2016, the personal Quora account of Google CEO Sundar Pichai was hacked by group OurMine. The group posted on his Twitter account and announced on their website that their efforts were merely to test the strength Pichai’s security. Unsurprisingly, they were not impressed. The breach they claimed was due to a weakness in the security of Quora, a popular Q&A website. While OurMine notified Quora of this vulnerability, no statement has yet been made thereby.

data-breach

This is not OurMine’s first high-profile hack. The group recently gained access to the Twitter and Pinterest accounts of Mark Zuckerberg. Posting to his Twitter account, it was revealed that Zuckerberg’s passwords were included in a leak of 117 million LinkedIn users’ passwords in May. A few days ago the hacker group also managed to access the Twitter account of Spotify CEO Daniel Elk. Other prominent figures that have been victims of OurMine’s hacks include David Guetta, YouTube star PewDiePie and Channing Tatum.

Various Methods To Access

OurMine seems to use various methods to access the accounts they target. However, their objective appears to be solely to test and highlight the weaknesses of online security. They do not change the passwords or maliciously use the information of the accounts they hack. The group does appear to be setting up its own online security service packages, advertising them somewhat humorously in the tweet posted on Elk’s account.

It is alarming to the users of such online services that even their creators or managers are unable to wade of attacks of hacker groups, regardless of their intentions. So what can the average user do? As always, a longer password that includes a variety of characters is advantageous as it makes it harder for hackers to guess. It is suggested that you use a creative way to remember complicated passwords. Secondary password confirmation apps could also be helpful. Short of having a software engineering degree however, the options are limited, and the hope is that the online services we use will take security more seriously in future.

By Jason de Klerk

Data Protection and Session Fixation Attacks

Data Protection and Session Fixation Attacks

Keeping the man out of the middle: preventing session fixation attacks

In a nutshell, session fixation is a type of man in the middle attack where an attacker is able to pretend to be a victim using a session variable. For instance, let’s say you have an application that uses sessions to validate the user. You retrieve a session variable from the URL’s query string. You then validate the session string and authenticate the user without requiring a username and password.

A hacker can log in to your website and obtain his own session. With that session in hand, he then sends a phishing email to a victim and tricks him into clicking a URL with the hacker’s session variable. Your application sees the session variable, verifies that it’s an active session, and then automatically logs in the user. This then allows the attacker to see the victim’s information as they work with the shared session.

Fixation

A session fixation attack isn’t like a standard phishing ruse where users are sent to a bogus website with red flags all over the place. The user clicks a link in a phishing email that leads them to the official website. The process looks completely legitimate to the user.

The consequences of an attack like this are stark for both the user and the organization. Consider your internal corporate application. What happens if the attacker is able to gain access to the internal application’s data using a session fixation hack? This type of data breach is completely possible if you don’t know how to stop the attack from happening.

A few different types of fixations

The above section explains how a session fixation works, but according to application security software provider Checkmarx, there are actually three different kinds of session fixation attacks.

Session token in the URL argument: Just as in the example above, the attacker sends the session in the URL’s query string. The application reads the session and uses it to validate the user.

Session token in a hidden form field: Some applications store a session in a hidden form variable. The attacker can create his own form and send it to the victim in a phishing email. The attacker can then trick the application using his own custom form with the malicious session.

Session ID in a cookie: This type of session fixation attack can occur if the application retrieves the session from a cookie. The attacker mixes client side scripting attacks or cross-site scripting to execute this attack. The application retrieves the cookie from the victim’s PC and uses it to authenticate the user.

Timeouts aren’t just for toddlers

Many developers design applications to recognize a session and use it to automatically authorize a user. It’s been done this way for years, but with the prevalence of data breaches developers just can’t trust input from a querystring, cookie or even a hidden form variable anymore. All of these can be manipulated from the user’s PC or an attacker.

There are several ways a developer can either prevent session fixation attacks or minimize the possibility of an attacker’s success. The first way is to avoid authenticating a user from a simple session ID in the query string, cookie or hidden form variable.

After disabling this type of programming, session variables should be forced to timeout after a while. When a session variable times out, it’s no longer valid. Timeouts can be set on your server for varying intervals. The shorter the time frame, the less time the attacker has to perform the attack. If the attacker can’t get the user to click a phishing link fast enough, the attack will fail.

Session fixation attacks are a favorite for attackers, especially hackers targeting corporate applications to obtain customer data. Use the best practices for session IDs to protect your critical data.

By  Brent Anderson

Cloud Comings and Goings

Cloud Comings and Goings

Cloud Power

Amazon Web Services – the giant of cloud computing – is on track to do $10 Billion in revenue this year. Yet, rumors swirl that Apple may take a huge chunk of business away from them and Dropbox has definitely left AWS. Is something wrong at AWS? Wait, Salesforce.com (SFDC) – the granddaddy of applications in the cloud – and AWS just announced a strategic relationship where SFDC plans to run its entire suite of services in AWS. What does this tell us about the market? Should you be concerned if your company uses or plans to use AWS?

Many folks thought that AWS was a money loser or maybe just a break even venture for Amazon until it was broken out separately in the parent company’s financials. The scales fell from our eyes. It turned out that not only was it a behemoth, it was a very profitable behemoth powering a great deal of Amazon’s overall bottom line. Its latest operating margin is about 29% or a whopping $687 Million in the last quarter. If you are a big customer of AWS that margin is coming out of your pocket.

The rumors swirling around Apple and the actual departure of Dropbox has a lot to do with that extra margin that they could keep. While this makes straightforward economic sense it is not for the faint hearted. There are two big challenges.

CloudTweaks Comic

First, building and operating a cloud platform at anywhere near the efficiency of AWS requires scale – you have got to be big and be able to manage that. Dropbox manages to do both. It is one of the largest file sharing offerings in the world so it has scale.  The people who designed the new Dropbox cloud came from Google. So they had been to the movie before and knew what they were getting into.

Second, there is the risk that you won’t be able to maintain your scale. This is what Zynga faced when it too left AWS for its own cloud only to have to return when its business prospects dimmed and there wasn’t enough demand to justify doing it in house. To some extent, Dropbox faces a similar risk as AWS itself, Microsoft, Apple and others encroach on Dropbox’s offerings with their own.

Cloud Economics

So much for the traditional Economics 101 on vertical integration to capture the margins of your suppliers in order to enhance your own – what is going on with the Salesforce deal? More economics and a little quid pro quo is the answer. In announcing the expanded relationship Salesforce pointed to using AWS for its international expansion and that all of Amazon has adopted the Salesforce offering suite across its operations.

Only 20% of SFDC’s revenues come from outside the US. That is not small but it is fragmented by the various country and regional privacy and data location requirements. These mandate cloud providers data centers must be resident in country. Salesforce’s business in any one country is just not big enough to meet the scale needed to justify the investment. Meanwhile AWS has been building out new data centers at a very strong clip just to meet these requirements. All in all it’s a good complementary relationship. Plus SFDC gets the Amazon mothership as a client.

Cloud is the new foundation for the digitization of our lives. Companies are increasingly turning to it and AWS’s growth prospects continue to shine. There is little worry that it is going away anytime soon. You can do cloud yourself but only if you have the massive scale and talent to make it work. Otherwise, think about using a public cloud provider. Even somebody like Salesforce, who pioneered Software as a Service, ran the numbers and concluded it made more sense to go with AWS internationally.

By John Pienka

(Originally published June, 9th, 2016. You can periodically read John’s syndicated articles here on CloudTweaks. Contact us for more information on these new programs)

Digital Transformation: Not Just For Large Enterprises Anymore

Digital Transformation: Not Just For Large Enterprises Anymore

Digital Transformation

Digital transformation is the acceleration of business activities, processes, and operational models to fully embrace the changes and opportunities of digital technologies. The concept is not new; we’ve been talking about it in one way or another for decades: paperless office, BYOD, user experience, consumerization of IT – all of these were stepping stones along the path to digital transformation.

Today, digital business transformation is driven by technology innovation and user/customer behavior. Technology innovation leads to disruption. But transformation is also about how these technological innovations are adopted and used, and how they improve upon a process, to help the user get work done.

The IT organizations and line-of-business managers charged with making digital decisions must ask:

  • Do these innovations bring value to the organization?
  • Are these innovations easily adopted, or is the organization struggling to implement change?
  • Are we factoring in regulatory compliance, security, and business partner demands?

Digital transformation is not just the domain of the “big guys” anymore. Smaller organizations are often more nimble and can realize huge efficiencies by digitizing processes that have historically been a drag on productivity. Organizations of all sizes and operational budgets are looking at digital transformation strategies as a way to improve a process, and ultimately, better serve their customers.

Going digital to break boundaries: Three Rivers Legal

Three Rivers Legal Services of South Florida is a great example of a small organization that made huge improvements though going digital. Three Rivers is a nonprofit law firm dedicated to delivering quality legal assistance to the poor, abused, disabled and neglected, offering empowerment through preventive legal education.

shutterstock_275044886

A large segment of the clients they serve are homeless. As you might imagine, keeping track of paper documents when you have no permanent place to store them is almost impossible. While living on the streets and in shelters, the clients of Three Rivers experience theft, weather damage and incidental losses to vital paperwork. These are documents they need to receive medical care, veterans’ benefits, public assistance, or to apply for jobs – essentially, everything that helps them build a path to independent living.

Digital Documents

The firm was storing legal documents and other files belonging to homeless clients on an internal case management system, but it couldn’t be accessed beyond the boundaries of the office. For legal aides in the field working with people at libraries, parks, shelters and government offices, this was a frustration point that slowed down productivity. And because of the situation many of their clients were in, mailing copies of documents to people with no permanent address wasn’t feasible. The firm realized that they needed a reliable, secure and easy way to access these important documents – and digital was the way to go.

Initially, the firm considered storing client documents through consumer file sync and share tools, but became concerned about the security and privacy issues. Today, the firm uses an enterprise-grade, secure collaboration platform where they can quickly and easily store digital versions of sensitive client documents. The legal team and their clients can access these documents from a smartphone, tablet, or from a computer at a local library.

Transforming lives

By going digital, Three Rivers’ clients have a portable but secure solution they can use to share documents with medical professionals, government entities and others. With online access to digital medical records and patient history, the legal aides at Three Rivers can work in real time with the psychiatrists who are serving their clients, collaborating to make better-informed diagnoses and prescribe medications that help clients stabilize to the point where they can get jobs and housing. Collaboration also decreases the chance of psychiatrists prescribing medications that produce bad reactions in their patients that could result in loss of housing or jobs.

files-health

(Image Source: Shutterstock)

This change in process has freed the organization to deliver better quality service, on a faster timetable, to people who really need it. Since making the change, the legal team at Three Rivers has seen the waiting time for their clients go from up to two years to less than one month – all because the clients have secure, anytime access to digital versions of their documents. So far, 25 percent of the firm’s homeless clients have moved out of shelters and off the streets into stable living situations – and once they’ve completed the digitization of the rest of their client documents, they expect this number to increase.

Digital transformation is a challenge – and businesses must ask the right questions and make the right decisions about which technologies they’ll implement, and which processes must change. But as this use case illustrates, even a small firm can make incremental changes that yield significant improvements.

By Daren Glenister

Developing Security Policies That Incorporate Cloud Solutions

Developing Security Policies That Incorporate Cloud Solutions

Developing Security Policies

Implementing cloud computing services and technology means, to most, employing the latest solutions available, taking advantage of high-quality services that would be unaffordable in an on-premise situation, and benefiting from the skills and expertise required to ensure responsible compliance and absolute security. Although it is possible to find these complete solutions, business leaders should be aware that all cloud service providers are not alike. Notably, the development and execution of cloud security policies should be dealt with in-house as enterprises rely more and more on cloud storage, and data privacy and security concerns mount.

Implementing a Cloud Security Policy

Although security professionals often don’t advocate a move to the cloud, the benefits it provides for business transformation and performance, agility, and cost savings has made the action indubitable. However, most organizations aren’t moving all of their data to the public cloud, and connections with cloud services change repeatedly. When developing security policies, internal infrastructure is typically considered, but the security of cloud networks and storage should also be defined. Because cloud service providers aren’t always transparent around their own security, organizations need in-house cloud security policies which define the type of data that can move to the cloud, and tackle the associated risks. Defining who has decision-making capabilities around data transfers and who can access data across various applications is the first step of a cloud risk assessment.

threat-data

When developing a cloud security policy, it’s important to have proper organizational support in place, ensuring it will be accepted and enforced by the entire business. Operators authorized to sign off cloud projects must be appointed, and an explicit approval and review of procurement workflow established. Once the framework is in place, address data type classifications and sensitivity, considering what can and cannot be done for data categories including customer and employee information, financial and accounting records, structured and unstructured data, etcetera. Finally, confirm your cloud security policy is compliant with internal policies, data security laws, privacy regulations, and government directives. Specifically detailing these obligations can help align your cloud security policy with other controls.

Security Questions for Cloud Service Providers

Jamie-TischartCloud service providers aren’t required to provide their clients with the minutiae of their security controls, and so businesses are forced to put a certain amount of faith in their chosen providers. Although SLAs and contracts provide some power, it’s difficult to make any changes to these documents. Of course, the larger and respected cloud providers will customarily have a better handle on security than the average organization; this, however, does not mean it should be left entirely in their hands.

Jamie Tischart, CTO for cloud/security as a service, Intel, proposes some significant questions organizations should be asking their cloud service providers. It’s important not to assume anything is or isn’t provided, and find out for yourself how your cloud service provider handles data security and privacy through in-depth reviews of terms and conditions, and additional discussions after that.

Before settling on a service, find out:

  • Who has access to my data, both physically and virtually?
  • Does the cloud service provider outsource any data storage?
  • How does the cloud service provider handle legal requests for data review?
  • How and when is data deleted?
  • How is my data isolated from the data of other customers?
  • What certifications or third-party audits are performed on the service?
  • How is data kept private?
  • For how long is data retained?
  • What data encryption protocols are employed?
  • Where is data stored?
  • Is data transmitted to other external or internal entities?
  • What is the backup frequency?
  • What is the recovery time from failure?

These questions provide a strong foundation, but be sure to ask for clarification should anything be vague or appear risky. Too many organizations are obliviously trusting of the experts they engage with; understanding security processes and requirements fosters a safer business environment that benefits us all.

By Jennifer Klostermann

CloudTweaks Comics
Cloud Computing – The Good and the Bad

Cloud Computing – The Good and the Bad

The Cloud Movement Like it or not, cloud computing permeates many aspects of our lives, and it’s going to be a big part of our future in both business and personal spheres. The current and future possibilities of global access to files and data, remote working opportunities, improved storage structures, and greater solution distribution have…

12 Promising Business Intelligence (BI) Services For Your Company

12 Promising Business Intelligence (BI) Services For Your Company

12 Promising Business Intelligence (BI) Services Business Intelligence (BI) services have recently seen an explosion of innovation and choices for business owners and entrepreneurs. So many choices, in fact, that many companies aren’t sure which business intelligence company to use. To help offer you a solution, we’ve compiled a list of 12 Business Intelligence companies…

Cloud Infographic – The Future Of Big Data

Cloud Infographic – The Future Of Big Data

The Future Of Big Data Big Data is BIG business and will continue to be one of the more predominant areas of focus in the coming years from small startups to large scale corporations. We’ve already covered on CloudTweaks how Big Data can be utilized in a number of interesting ways from preventing world hunger to helping teams win…

M2M, IoT and Wearable Technology: Where To Next?

M2M, IoT and Wearable Technology: Where To Next?

M2M, IoT and Wearable Technology Profiling 600 companies and including 553 supporting tables and figures, recent reports into the M2M, IoT and Wearable Technology ecosystems forecast opportunities, challenges, strategies, and industry verticals for the sectors from 2015 to 2030. With many service providers looking for new ways to fit wearable technology with their M2M offerings…

Cloud Computing Checklist For Startups

Cloud Computing Checklist For Startups

Checklist For Startups  There are many people who aspire to do great things in this world and see new technologies such as Cloud computing and Internet of Things as a tremendous offering to help bridge and showcase their ideas. The Time Is Now This is a perfect time for highly ambitious startups to make some…

Cloud Infographic: IoT For Automotive Deconstructed

Cloud Infographic: IoT For Automotive Deconstructed

IoT For Automotive Deconstructed The IoT automotive industry is moving rapidly with many exciting growth opportunities available. We’ve written about some of the risks and benefits as well as some of the players involved. One thing for certain as that the auto industry is starting to take notice and we can expect the implementation of a…

Cloud Infographic – Big Data Predictions By 2023

Cloud Infographic – Big Data Predictions By 2023

Big Data Predictions By 2023 Everything we do online from social networking to e-commerce purchases, chatting, and even simple browsing yields tons of data that certain organizations collect and poll together with other partner organizations. The results are massive volumes of data, hence the name “Big Data”. This includes personal and behavioral profiles that are stored, managed, and…

Unusual Clandestine Cloud Data Centre Service Locations

Unusual Clandestine Cloud Data Centre Service Locations

Unusual Clandestine Cloud Data Centre Service Locations Everyone knows what the cloud is, but does everybody know where the cloud is? We try to answer that as we look at some of the most unusual data centre locations in the world. Under the Eyes of a Deity Deep beneath the famous Uspenski Cathedral in the…

The Future Of Cybersecurity

The Future Of Cybersecurity

The Future of Cybersecurity In 2013, President Obama issued an Executive Order to protect critical infrastructure by establishing baseline security standards. One year later, the government announced the cybersecurity framework, a voluntary how-to guide to strengthen cybersecurity and meanwhile, the Senate Intelligence Committee voted to approve the Cybersecurity Information Sharing Act (CISA), moving it one…

How Data Science And Machine Learning Is Enabling Cloud Threat Protection

How Data Science And Machine Learning Is Enabling Cloud Threat Protection

Data Science and Machine Learning Security breaches have been consistently rising in the past few years. Just In 2015, companies detected 38 percent more security breaches than in the previous year, according to PwC’s Global State of Information Security Survey 2016. Those breaches are a major expense — an average of $3.79 million per company,…

Cloud Native Trends Picking Up – Legacy Security Losing Ground

Cloud Native Trends Picking Up – Legacy Security Losing Ground

Cloud Native Trends Once upon a time, only a select few companies like Google and Salesforce possessed the knowledge and expertise to operate efficient cloud infrastructure and applications. Organizations patronizing those companies benefitted with apps that offered new benefits in flexibility, scalability and cost effectiveness. These days, the sharp division between cloud and on-premises infrastructure…

Protecting Devices From Data Breach: Identity of Things (IDoT)

Protecting Devices From Data Breach: Identity of Things (IDoT)

How to Identify and Authenticate in the Expanding IoT Ecosystem It is a necessity to protect IoT devices and their associated data. As the IoT ecosystem continues to expand, the need to create an identity to newly-connected things is becoming increasingly crucial. These ‘things’ can include anything from basic sensors and gateways to industrial controls…

The Fully Aware, Hybrid-Cloud Approach

The Fully Aware, Hybrid-Cloud Approach

Hybrid-Cloud Approach For over 20 years, organizations have been attempting to secure their networks and protect their data. However, have any of their efforts really improved security? Today we hear journalists and industry experts talk about the erosion of the perimeter. Some say it’s squishy, others say it’s spongy, and yet another claims it crunchy.…

Virtual Immersion And The Extension/Expansion Of Virtual Reality

Virtual Immersion And The Extension/Expansion Of Virtual Reality

Virtual Immersion And Virtual Reality This is a term I created (Virtual Immersion). Ah…the sweet smell of Virtual Immersion Success! Virtual Immersion© (VI) an extension/expansion of Virtual Reality to include the senses beyond visual and auditory. Years ago there was a television commercial for a bathing product called Calgon. The tagline of the commercial was Calgon…

Using Cloud Technology In The Education Industry

Using Cloud Technology In The Education Industry

Education Tech and the Cloud Arguably one of society’s most important functions, teaching can still seem antiquated at times. Many schools still function similarly to how they did five or 10 years ago, which is surprising considering the amount of technical innovation we’ve seen in the past decade. Education is an industry ripe for innovation…

Cloud Services Providers – Learning To Keep The Lights On

Cloud Services Providers – Learning To Keep The Lights On

The True Meaning of Availability What is real availability? In our line of work, cloud service providers approach availability from the inside out. And in many cases, some never make it past their own front door given how challenging it is to keep the lights on at home let alone factors that are out of…

The Cancer Moonshot: Collaboration Is Key

The Cancer Moonshot: Collaboration Is Key

Cancer Moonshot In his final State of the Union address in January 2016, President Obama announced a new American “moonshot” effort: finding a cure for cancer. The term “moonshot” comes from one of America’s greatest achievements, the moon landing. If the scientific community can achieve that kind of feat, then surely it can rally around…

Data Breaches: Incident Response Planning – Part 1

Data Breaches: Incident Response Planning – Part 1

Incident Response Planning – Part 1 The topic of cybersecurity has become part of the boardroom agendas in the last couple of years, and not surprisingly — these days, it’s almost impossible to read news headlines without noticing yet another story about a data breach. As cybersecurity shifts from being a strictly IT issue to…