Category


Latest Blogs

All Blogs »

April 7, 2017 | Cloud Network and Host Controls
By Dave Shackleford, IANS Faculty

 IANS Cloud Security Update: Q1 2017

As more organizations move services and computing assets into cloud service provider environments, the need for adequate security controls grows as well. In this quarterly research report, IANS Faculty Dave Shackleford updates IANS’ clients on the new developments occurring in the cloud security arena.

Read More »


February 16, 2017 | Cloud Access Security Brokers
By George Gerchow, IANS Faculty

 Deciphering the Dynamic CASB Marketplace

The cloud access security broker (CASB) market continues to mature. In this report, IANS Faculty George Gerchow provides an update, detailing the relevant vendors, their latest capability sets and the various deployment models available. He also offers some guidance on choosing the right CASB for your needs and cloud maturity level, as well as trends to expect in the future.

Read More »


January 25, 2017 | Cloud Access Security Brokers
By George Gerchow, IANS Faculty

 Security Considerations Before Going Cloud-First

The business decision to go cloud-first has many implications, not the least of which is security. What do information security teams need to do up-front to ensure critical business data remains safe in this new paradigm? In this Ask-an-Expert live interaction, IANS Faculty George Gerchow offers some key strategies, tools and processes to put in place to ensure success.

Read More »


January 6, 2017 | Cloud Application and Data Controls
By Dave Shackleford, IANS Faculty

 IANS Cloud Security Update: Q4 2016

As more organizations move services and computing assets into cloud service provider environments, the need for adequate security controls grows as well. In this quarterly research report, IANS Faculty Dave Shackleford updates IANS’ clients on the new developments occurring in the cloud security arena.

Read More »


January 5, 2017 | Malware and Advanced Threats
By Dave Shackleford, IANS Faculty

 Information Security Trends for 2017

2016 was a challenging year for infosec, with the proliferation of ransomware, IoT botnets and more. What new attacks will surface in 2017, and what hot technologies are on the horizon to fight them? In this webinar and corresponding report, IANS Lead Faculty Dave Shackleford reveals major trends in store for IT security professionals in the coming year.

Read More »


October 20, 2016 | Cloud Network and Host Controls
By Dave Shackleford, IANS Faculty

 Securing Hybrid Clouds

Hybrid clouds offer organizations the ultimate in flexibility, enabling IT to keep sensitive workloads in-house while taking advantage of the efficiencies and scalability of public clouds for everything else. But how secure is the setup? In this report, IANS Faculty Dave Shackleford steps you through the challenges of securing hybrid clouds and provides advice to ensure workloads remain secure, no matter where they are run.

Read More »


October 3, 2016 | Cloud Network and Host Controls
By Dave Shackleford, IANS Faculty

 IANS Cloud Security Update: Q3 2016

As more organizations move services and computing assets into cloud service provider environments, the need for adequate security controls grows as well. In this quarterly research report, IANS Faculty Dave Shackleford updates IANS’ clients on the new developments occurring in the cloud security arena.

Read More »


September 29, 2016 | Cloud Application and Data Controls
By Dave Shackleford, IANS Faculty

 Detailing Security Controls For Office 365

When deploying Office 365, organizations need to take a number of steps to ensure they are implementing the proper security controls as well. In this Ask-an-Expert written response, IANS Faculty Dave Shackleford explains the core security controls and settings that should be implemented, including configuring TLS encryption connectors for mail and enabling content searches for e-discovery.

Read More »


August 26, 2016 | Cloud Application and Data Controls
By George Gerchow, IANS Faculty

 Securing Microsoft Office 365 and OneDrive for Mobile Access

Moving to Office 365 and other cloud applications presents both security and compliance challenges. In this Ask-an-Expert live interaction, IANS Faculty George Gerchow recommends using a CASB, together with Microsoft's own DLP and SharePoint data classification schemes to keep corporate data safe while easing access for mobile and cloud users.

Read More »


July 5, 2016 | Cloud Network and Host Controls
By Dave Shackleford, IANS Faculty

 IANS Cloud Security Update: Q2 2016

As more organizations move services and computing assets into cloud service provider environments, the need for adequate security controls grows as well. In this quarterly research report, IANS Faculty Dave Shackleford updates clients on the new developments occurring in the cloud security arena. 

Read More »


June 27, 2016 | Cloud Access Security Brokers
By Ed Moyle, IANS Faculty

 Identity as a Service: Deciding When It Makes Sense

As more companies start using cloud services, many are considering identity as a service (IDaaS) to help simplify identity management, but is it a good idea? In this report, IANS Faculty Ed Moyle provides a quick market overview, some common use cases, and tips for deciding when IDaaS can work – and when it can’t.

Read More »


April 21, 2016 | Cloud Access Security Brokers
By George Gerchow, IANS Faculty

 CASBs: Determining the Best Fit

The cloud access security broker (CASB) space is getting even more crowded, making vendor evaluation and finding the best fit for your particular use case even more challenging. In this report, IANS Faculty George Gerchow details exactly what today’s CASBs offer and advises security organizations on how to determine the best feature set for their particular environment.

Read More »


March 30, 2016 | Cloud Network and Host Controls
By Dave Shackleford, IANS Faculty

 IANS Cloud Security Update: Q1 2016

As more organizations move services and computing assets into cloud service provider environments, the need for adequate security controls grows as well. In this quarterly research report, IANS Faculty Dave Shackleford updates clients on the new developments occurring in the cloud security arena.

Read More »


February 9, 2016 | Cloud Access Security Brokers
By George Gerchow, IANS Faculty

 Best Practices for Selecting, Managing a CASB

Many organizations are deploying cloud access security brokers (CASBs) in an effort to improve visibility into their cloud applications. In this Ask-an-Expert written response, IANS Faculty George Gerchow details specific use cases and requirements to consider when choosing a CASB and provides recommendations for ensuring the proper controls are in place.

Read More »


February 4, 2016 | Cloud Application and Data Controls
By Adam Ely, IANS Faculty

 Leveraging an ESB to Ease Cloud Integration - and Enhance Security

An enterprise service bus (ESB) can make real-time integration of cloud apps with internal services easier to implement, but can it also help with security? In this Ask-an-Expert live interaction, IANS Faculty Adam Ely explains that ESBs, while costly, not only help ease integration but also reduce code vulnerabilities and the overall attack surface.

Read More »


January 21, 2016 | Cloud Network and Host Controls
By Dave Shackleford, IANS Faculty

 Moving Email Archiving to the Cloud

Can cloud-based email archiving match the features, security and compliance capabilities of an on-premises solution? In this Ask-an-Expert live interaction, IANS Faculty Dave Shackleford say yes (for the most part) and offers a rundown of the top cloud archival vendors as well as implementation advice.

Read More »


December 28, 2015 | Privileged Access Management
By Gunnar Peterson, IANS Faculty

 IDAM in the Cloud

Managing identity across cloud services and applications is becoming increasingly critical for many organizations. In this report, IANS Faculty Gunnar Peterson examines what needs to be handled in the cloud and what should be kept on-premises, as well as current best practices for managing identity in the cloud.

Read More »


December 21, 2015 | Cloud Network and Host Controls
By Dave Shackleford, IANS Faculty

 IANS Cloud Security Update: Q4 2015

As more organizations move services and computing assets into cloud service provider environments, the need for adequate security controls grows as well. In this quarterly research report, IANS Faculty Dave Shackleford updates clients on the new developments occurring in the cloud security arena.

Read More »


November 19, 2015 | Enterprise and IT Compliance Management
By Ed Moyle, IANS Faculty

 CSA STAR Certification: A Primer

In this CSA STAR primer document, IANS Faculty Ed Moyle outlines the three levels of the certification, explains how organizations can attain them and details the various benefits of the program for both cloud services providers and their customers.

Read More »


October 22, 2015 | Cloud Application and Data Controls
By David Etue, IANS Faculty

 From Dropbox to OneDrive: Securing Cloud Storage (Webinar Replay/Slides)

A recent SailPoint survey found that 1 in 5 workers uploads proprietary corporate data to personal cloud storage services, and 66% continue to have access to that data well after they leave the company. In this webinar, IANS Faculty David Etue details the best practices for ensuring cloud storage services don’t open up your organization to data loss.

Read More »


October 20, 2015 | Cloud Application and Data Controls
By Dave Shackleford, IANS Faculty

 Detailing the Options for Application Data Storage in the Cloud

Storing application data in the cloud comes with certain obstacles, particularly when it comes to selecting the right AWS or Google storage option. In this Ask-an-Expert written response, IANS Faculty Dave Shackleford details the advantages and disadvantages of various cloud storage solutions, including S3, DynamoDB, Amazon Glacier and Google Cloud Storage.

Read More »


October 2, 2015 | Cloud Network and Host Controls
By Dave Shackleford, IANS Faculty

 IANS Cloud Security Update: Q3 2015

As more organizations move services and computing assets into cloud service provider environments, the need for adequate security controls grows as well. In this quarterly research report, we update IANS’ clients on the new developments occurring in the cloud security arena.

Read More »


September 8, 2015 | Cloud Network and Host Controls
By George Gerchow, IANS Faculty

 Leveraging Active Defense in the Cloud

Moving from the traditional data center to Amazon Web Services (AWS) brings with it a number of security questions, particularly when it comes to data security. In this Ask-an-Expert written response, IANS Faculty George Gerchow details various aspects of AWS that are designed to help secure data and offers some key security strategies when moving to AWS, including separating data in a logical way and regularly rotating encryption keys.

Read More »


July 29, 2015 | Cloud Services Contracts and SLAs
By George Gerchow, IANS Faculty

 Streamlining the Cloud Service Provider Contract Process

Maintaining data privacy and protection while engaging with cloud services providers (CSPs) can be a daunting challenge for organizations. In this Ask-an-Expert written response, IANS Faculty George Gerchow explains the four key areas to focus on when it comes to negotiating contracts with CSPs: encryption, logging, usage and data retention.

Read More »


July 6, 2015 | Cloud Network and Host Controls
By Dave Shackleford, IANS Faculty

 IANS Cloud Security Update: Q2 2015

Regain Control: As more organizations move services and computing assets into the cloud, the need for adequate security controls grows as well. In this quarterly research report, IANS Lead Faculty Dave Shackleford updates clients on the latest developments in the cloud security arena.

Read More »


May 14, 2015 | Cloud Network and Host Controls
By George Gerchow, IANS Faculty

 Best Practices in Securing Hybrid Clouds (Webinar Replay/Slides)

Regain Control: Few companies are either all in the cloud or all on premises. Most work somewhere in the middle, which can be a challenge when it comes to securing business-critical data and applications. In this webinar, IANS Faculty George Gerchow details the tools, strategies and policies necessary to truly secure hybrid cloud environments.

Read More »