Our Thinking

"You've Got Mail!" - Now how do you move it?

Posted by William Mabley on Jul 22, 2016 4:59:49 PM

Today’s Microsoft Office 365 platform is one of the most sophisticated and comprehensive Cloud computing Software as a Service (SaaS) offerings in the world. It offers significant advantages and benefits to its users: low-cost, increased collaboration; security; and dependability. As Cloud adoption rates continue to rise (just ask Google), more and more companies are looking for ways to take advantage of the Cloud. 

Read More

Top 10 Considerations When Moving to the Cloud

Posted by William Mabley on Jul 20, 2016 10:16:08 AM

Businesses around the world are making the move to the Cloud in record numbers. If this is an accurate indicator, then it’s clear that the Cloud is here to stay.

Read More

Topics: Cloud Computing

Attention Service Providers – Penetration Testing on Segmentation is Now Required Every Six Months

Posted by Rob Harvey on Jul 13, 2016 2:47:38 PM

Any time the Payment Card Industry (PCI) Security Standards Council releases an update to its Data Security Standard (DSS), it raises a new set of questions and concerns. The latest update, PCI DSS v3.2, came out on 4/28/16. It primarily impacts service providers and is focused on the implementation of best practices into the Standard. (For a detailed breakdown of the changes, check out Steve Levinson’s blog on the release.) One of the biggest changes in this update is the requirement to have penetration testing on the segmentation (if used) at least twice a year – this will have a significant impact on service providers and is something you need to understand and prepare for. 

Read More

The (Security) Business Case for Moving to the Cloud

Posted by James Adamson on Jun 15, 2016 9:00:00 AM

Lower capital expenses, access to the newest technology, and operational efficiency are among some of the most documented benefits of moving to the Cloud. The conversation gets a bit complicated when somebody invariably asks: Is the Cloud secure? Can you trust a platform with limited security controls, new security paradigms, and unfamiliar management techniques?

Read More

Top 3 Factors for Delivering a Successful Service Management Project

Posted by David Wang on Jun 14, 2016 2:29:55 PM

Service Management projects can have great results when the solution is defined parallel to the process implementation plan. At Online, we believe there are many factors that can influence how successful a project will be. Here are the top three factors for implementing a successful Service Management solution.

Read More

Topics: Project Management, Service Management

The University of Calgary Under Siege

Posted by Todd Mackey on Jun 13, 2016 9:30:00 AM

“Companies spend millions of dollars on firewalls, encryption and secure access devices, and it’s money wasted, because none of these measures address the weakest link in the security chain.” – Kevin Mitnick

Read More

The First 15 Minutes - Common Pentest Findings

Posted by Security Consulting Team on May 20, 2016 3:58:53 PM

Introduction

Over the years, our team has performed thousands of penetrations tests. In the first 15 minutes of a pen test there are a handful of issues that we often discover. These issues

Read More

Topics: Uncategorized

PCI DSS 3.2 Standard Released – Here’s What you Need to Know

Posted by Steve Levinson on Apr 28, 2016 5:03:40 PM

The PCI Standards Council typically releases a major version of the PCI Data Security Standard (DSS) every three years. The 2016 was released today; this new standard “Version 3.2” comes, with some relief, as a minor update to Version 3.0 instead of a major update to Version 4.0!

Read More

Topics: Uncategorized

Do You Know Jack About Managing Cybersecurity Risk?

Posted by Jerry Holcombe on Apr 8, 2016 2:56:08 PM

I went to this year’s RSA Conference in San Francisco with the intention of learning more about risk management, which led me to select sessions called “Advancing Information Risk Practices,” “How Infosec Maturity Models are Missing the Point,” and “How to Measure Anything in Cybersecurity Risk.” While I was intrigued by all of the presenters, it was Jack Jones that drew me in. All three of the sessions, even if not presented by him, centered on his body of work and/or examples that supported his thinking.

Read More

Topics: Uncategorized

Don't have your head in the clouds – protect against risk in your cloud environment

Posted by James Adamson on Mar 30, 2016 2:49:09 PM

The cloud services industry has grown tremendously over the past several years, resulting in new vulnerabilities and associated risk. How you protected your cloud environment in the recent past no longer suffices. This was a hot topic at this year’s RSA Conference as several sessions provided strategies for securing the cloud environment.

Read More

Topics: Uncategorized

Our Thinking - The Online Blog is a source for insights, resources, best practices, and other useful content from our multi-disciplinary team of Onliners.

Subscribe to Blog Updates