Reuters news

China cries foul over Facebook, Twitter block of fake accounts

BEIJING (Reuters) - China said on Tuesday it had a right to put out its own views after Twitter and Facebook said they had dismantled a state-backed social media campaign originating in mainland China that sought to undermine protests in Hong Kong. Twitter Inc said
/
MIT tech review

MIT – Facebook paid people to listen to voice recordings, too

It’s the fifth big tech company forced to admit to the practice this year. The news: Facebook paid contractors to listen to, and transcribe, audio clips generated by people using its Messenger app, according to Bloomberg. They were not told where the clips were recorded, or how
/

How Security Certification Helps Cloud Service Providers Stay Transparent and Credible

Security Certification Helps Cloud Service Providers

If you are a cloud service provider (CSP), you know your customers have a choice as to who to work with, but do you know what will help tip the scales in your favor? It’s not just robust security or scalability. Much of your credibility will come from a heightened level of transparency that will resonate with the internal IT department and the C-suite.

It is a given that the concept of cloud technology has become more normalized over the past few years. Most companies now have a plan in place for migration and operation, and much of the discussion centers around which types of cloud to focus on: private, public or hybrid, and who to use as the provider. But this still requires a commitment on the part of a company to let go of its data and its processes, and hand it all over to an outside party.

Consequently, this places a requirement on the CSP to not only make good on the physical end of the deal – having a robust and secure platform to host the data – but also to remain transparent and provide solid evidence of its trustworthiness. A key point here is that robust security is not enough. There must be clear proof of this security, delivered in a fashion and frequency that will satisfy. It is not negotiable.

Part of the reasoning may stem from high-profile leaks and breaches that occur with disturbing frequency, but a major part of the concern will come from the fact that CSPs are external companies with their own rules and governance. Clients will constantly worry about a cloud provider’s ability to remain secure and reliable in all areas of its operations, and they will compare it to what they know best – their own in-house rules, regulations, and security. A CSP that fails to prove that it is equal or better than their clients’ own systems will not succeed.

The Problem with Being Focused on Security

Often a company that is a specialist in one area will inevitably lack somewhere else. It is expected that a CSP will focus intently on robust security, scalability, and accessibility, but this makes it easy for it to overlook the bedside manner that clients expect. Also branded as “customer experience” (CX), bedside manner is the art of communicating with the client and managing their customers’ expectations and worries. CSPs must be able to deliver on this.

Rich Campagna ‎the CEO of cloud security provider Bitglass. “If you compare cloud security to premises security,” he says, “often the two types of services are solving similar issues with similar technology, like encryption and data. But the big challenge and difference with cloud is that in the premises world you can stack or layer many security technologies together, which you cannot do in the cloud.” This is just one example of the types of security concerns a customer will experience, and which need to be clearly communicated by a CSP to prove they have a better, more secure method.

The CCSP

With security being such a multi-layered and ever-evolving challenge, it only makes sense that a cloud service provider should reach out and work with cloud security specialists whose sole purpose is to be the go-to expert and problem solver. This is precisely what a Certified Cloud Security Professional (CCSP) does.

In addition to a wealth of up-to-date technical knowledge around security issues and threats, a CCSP can also deliver strategic awareness and communications skills to the CSP’s management team. This in turn can help the CSP to communicate, strategize, and deliver to their own customers the necessary evidence of superior security and permanent transparency.

The CCSP designation was co-created by (ISC)² and Cloud Security Alliance, and is a globally recognized credential representing the highest standard of cloud security expertise. The certification attests to deep, up-to-date knowledge and hands-on experience with cloud security architecture, design, operations, and service orchestration.

To qualify, candidates must already possess a minimum of five years cumulative, paid, full-time work experience in information technology, of which three years must be in information security and one year in one or more of the six domains of the CCSP Common Body of Knowledge (CBK).

The need for such actions might seem self-evident, but as is often the case in busy, high-tech companies, the human touch goes missing due to the sheer busy-ness of the operation. What cannot be overlooked, however, is that this type of “human-touch” is not superficial feel-good verbiage. It is the tangible proof that a company’s most valuable asset – its data – is safe.

A recent report released by the Enterprise Management Association (EMA) points out that “annoyance with lack of vendor support” is a key source of disappointment among customers. It continues, “executives were not aware that the monthly or annual subscription they purchased did not include full support…[and even] customers purchasing higher-end support may still have difficulty getting access to adequate levels of hands-on expertise.” This is another example of where CSPs can “drop the ball.” The consequent disappointment felt by a nervous customer will radiate out into its sense of trust, and this has the capacity of completely destroying whatever reputation the CSP has already worked hard to build.

It may be unfair to suggest that a CSP drops a few points down the scale even when its security is already top-notch. But this is the truth of the matter. Customers must feel confident, and if the evidence of rock-solid security is not there, they won’t. Negative experiences tend to turn customers’ eyes either toward the horizon, looking for a new supplier to take care of the next stage of their cloud journey, or inwards, to bring everything back in-house.

A CCSP provides a CSP with some of the transparency and credibility skills to mitigate this risk, and ensure the relationship between CSP and customer remains as secure on the trust front as it does on the technical one.

Interested in learning more about the CCSP certification? Download the Ultimate Guide to the CCSP or visit the (ISC)² website at www.isc2.org/ccsp.

By Steve Prentice

Steve Prentice

Steve Prentice is a project manager, writer, speaker and expert on productivity in the workplace, specifically the juncture where people and technology intersect. He is a senior writer for CloudTweaks.

David Friend

De-Archiving: What Is It and Who’s Doing It?

De-Archiving I first heard the term “De-Archiving” a few months ago on a visit to a few studios in Hollywood. On that trip, I learned ...
ERP Ain’t Got the Same Soul, I Like that Old Time Rock ‘n’ Roll

ERP Ain’t Got the Same Soul, I Like that Old Time Rock ‘n’ Roll

Designing Enterprise Software around People Looking back, business owners talked to their customers and employees in person or by phone. This human contact was more ...
Numeraire Cryptocurrency

Digital Cashless Society: Dystopian Nightmares or Utopian Dreams

Digital Cashless Society A truly digital cashless society was long the realm of dystopian nightmares (or utopian dreams depending on how you look at it), ...
How Can We Use Artificial Intelligence When We Can't Handle Real Intelligence?

How Can We Use Artificial Intelligence When We Can’t Handle Real Intelligence?

Artificial Versus Real Intelligence In this article we will be discussing the pitfalls of societal disillusionment with facts, and how this trend may become troubling ...
Reuters news

China cries foul over Facebook, Twitter block of fake accounts

/
BEIJING (Reuters) - China said on Tuesday it had a right to put out its own views after Twitter and Facebook said they had dismantled a state-backed social media campaign ...
Breached Data

New Data Breach Has Exposed Millions Of Fingerprint And Facial Recognition Records: Report

/
It has been coming for some time, but now the major breach of a biometric database has actually been reported—facial recognition records, fingerprints, log data and personal information has all ...
ZDnet

700,000 Choice Hotels records leaked in data breach, ransom demanded

/
Researchers found the unsecured database, but hackers got there first 700,000 records belonging to Choice Hotels have reportedly been stolen with hackers demanding payment for their return. Comparitech, in collaboration ...