Today’s Microsoft Office 365 platform is one of the most sophisticated and comprehensive Cloud computing Software as a Service (SaaS) offerings in the world. It offers significant advantages and benefits to its users: low-cost, increased collaboration; security; and dependability. As Cloud adoption rates continue to rise (just ask Google), more and more companies are looking for ways to take advantage of the Cloud.
Businesses around the world are making the move to the Cloud in record numbers. If this is an accurate indicator, then it’s clear that the Cloud is here to stay.
Topics: Cloud Computing
Any time the Payment Card Industry (PCI) Security Standards Council releases an update to its Data Security Standard (DSS), it raises a new set of questions and concerns. The latest update, PCI DSS v3.2, came out on 4/28/16. It primarily impacts service providers and is focused on the implementation of best practices into the Standard. (For a detailed breakdown of the changes, check out Steve Levinson’s blog on the release.) One of the biggest changes in this update is the requirement to have penetration testing on the segmentation (if used) at least twice a year – this will have a significant impact on service providers and is something you need to understand and prepare for.
Lower capital expenses, access to the newest technology, and operational efficiency are among some of the most documented benefits of moving to the Cloud. The conversation gets a bit complicated when somebody invariably asks: Is the Cloud secure? Can you trust a platform with limited security controls, new security paradigms, and unfamiliar management techniques?
Service Management projects can have great results when the solution is defined parallel to the process implementation plan. At Online, we believe there are many factors that can influence how successful a project will be. Here are the top three factors for implementing a successful Service Management solution.
“Companies spend millions of dollars on firewalls, encryption and secure access devices, and it’s money wasted, because none of these measures address the weakest link in the security chain.” – Kevin Mitnick
Over the years, our team has performed thousands of penetrations tests. In the first 15 minutes of a pen test there are a handful of issues that we often discover. These issues
The PCI Standards Council typically releases a major version of the PCI Data Security Standard (DSS) every three years. The 2016 was released today; this new standard “Version 3.2” comes, with some relief, as a minor update to Version 3.0 instead of a major update to Version 4.0!
I went to this year’s RSA Conference in San Francisco with the intention of learning more about risk management, which led me to select sessions called “Advancing Information Risk Practices,” “How Infosec Maturity Models are Missing the Point,” and “How to Measure Anything in Cybersecurity Risk.” While I was intrigued by all of the presenters, it was Jack Jones that drew me in. All three of the sessions, even if not presented by him, centered on his body of work and/or examples that supported his thinking.
The cloud services industry has grown tremendously over the past several years, resulting in new vulnerabilities and associated risk. How you protected your cloud environment in the recent past no longer suffices. This was a hot topic at this year’s RSA Conference as several sessions provided strategies for securing the cloud environment.