May 18, 2017 | Cloud Application and Data Controls
By Dave Shackleford, IANS Faculty
Businesses are moving faster to the cloud and DevOps is accelerating scale and pushing automation. But how do we secure DevOps and cloud deployments? In this report, IANS Faculty Dave Shackleford explores the concept of security-as-code and details how security teams must fully assess their threats, collaborate with DevOps and automate scanning and configuration to ensure a secure migration to the cloud.
Read More »
May 11, 2017 | Cloud Application and Data Controls
By Aaron Turner, IANS Faculty
Whether you view the cloud as infrastructure-, platform- or application-as-a-service, identity is the only control that exists universally across all cloud environments. Unfortunately, identity lifecycle management for cloud-based systems is not as mature as we need it to be. In this report, IANS Faculty Aaron Turner details how to make wise investments in a federated identity strategy that can scale to even the most complex cloud technology models.
Read More »
April 28, 2017 | Cloud Application and Data Controls
By Dave Shackleford, IANS Faculty
A big defense against ransomware attacks is ensuring you have proper backups at the ready, but how do you do that in an Office 365 environment? In this Ask-an-Expert written response, IANS Faculty Dave Shackleford explains the process and recommends additional controls to keep data safe and available.
Read More »
April 26, 2017 | Cloud Access Security Brokers
By Rich Mogull, IANS Faculty
Over the past few years, there has been a lot of consolidation in the cloud access security broker (CASB) market. In this live Ask-an-Expert interaction, IANS Faculty Rich Mogull offers an assessment of the current CASB marketplace and explains why the recent commoditization in the space means organizations should prioritize ease of integration when choosing a CASB.
Read More »
April 7, 2017 | Cloud Network and Host Controls
By Dave Shackleford, IANS Faculty
As more organizations move services and computing assets into cloud service provider environments, the need for adequate security controls grows as well. In this quarterly research report, IANS Faculty Dave Shackleford updates IANS’ clients on the new developments occurring in the cloud security arena.
Read More »
March 31, 2017 | Cloud Network and Host Controls
By Dave Shackleford, IANS Faculty
Many organizations struggle to balance security and performance when moving to the cloud. In this Ask-an-Expert written response, IANS Faculty Dave Shackleford considers the pros and cons of leveraging carrier-provided MPLS vs. IPSec VPN tunnels to access popular cloud services.
Read More »
February 16, 2017 | Cloud Access Security Brokers
By George Gerchow, IANS Faculty
The cloud access security broker (CASB) market continues to mature. In this report, IANS Faculty George Gerchow provides an update, detailing the relevant vendors, their latest capability sets and the various deployment models available. He also offers some guidance on choosing the right CASB for your needs and cloud maturity level, as well as trends to expect in the future.
Read More »
January 25, 2017 | Cloud Access Security Brokers
By George Gerchow, IANS Faculty
The business decision to go cloud-first has many implications, not the least of which is security. What do information security teams need to do up-front to ensure critical business data remains safe in this new paradigm? In this Ask-an-Expert live interaction, IANS Faculty George Gerchow offers some key strategies, tools and processes to put in place to ensure success.
Read More »
January 6, 2017 | Cloud Application and Data Controls
By Dave Shackleford, IANS Faculty
As more organizations move services and computing assets into cloud service provider environments, the need for adequate security controls grows as well. In this quarterly research report, IANS Faculty Dave Shackleford updates IANS’ clients on the new developments occurring in the cloud security arena.
Read More »
January 5, 2017 | Malware and Advanced Threats
By Dave Shackleford, IANS Faculty
2016 was a challenging year for infosec, with the proliferation of ransomware, IoT botnets and more. What new attacks will surface in 2017, and what hot technologies are on the horizon to fight them? In this webinar and corresponding report, IANS Lead Faculty Dave Shackleford reveals major trends in store for IT security professionals in the coming year.
Read More »
October 20, 2016 | Cloud Network and Host Controls
By Dave Shackleford, IANS Faculty
Hybrid clouds offer organizations the ultimate in flexibility, enabling IT to keep sensitive workloads in-house while taking advantage of the efficiencies and scalability of public clouds for everything else. But how secure is the setup? In this report, IANS Faculty Dave Shackleford steps you through the challenges of securing hybrid clouds and provides advice to ensure workloads remain secure, no matter where they are run.
Read More »
October 3, 2016 | Cloud Network and Host Controls
By Dave Shackleford, IANS Faculty
As more organizations move services and computing assets into cloud service provider environments, the need for adequate security controls grows as well. In this quarterly research report, IANS Faculty Dave Shackleford updates IANS’ clients on the new developments occurring in the cloud security arena.
Read More »
September 29, 2016 | Cloud Application and Data Controls
By Dave Shackleford, IANS Faculty
When deploying Office 365, organizations need to take a number of steps to ensure they are implementing the proper security controls as well. In this Ask-an-Expert written response, IANS Faculty Dave Shackleford explains the core security controls and settings that should be implemented, including configuring TLS encryption connectors for mail and enabling content searches for e-discovery.
Read More »
August 26, 2016 | Cloud Application and Data Controls
By George Gerchow, IANS Faculty
Moving to Office 365 and other cloud applications presents both security and compliance challenges. In this Ask-an-Expert live interaction, IANS Faculty George Gerchow recommends using a CASB, together with Microsoft's own DLP and SharePoint data classification schemes to keep corporate data safe while easing access for mobile and cloud users.
Read More »
July 5, 2016 | Cloud Network and Host Controls
By Dave Shackleford, IANS Faculty
As more organizations move services and computing assets into cloud service provider environments, the need for adequate security controls grows as well. In this quarterly research report, IANS Faculty Dave Shackleford updates clients on the new developments occurring in the cloud security arena.
Read More »
June 27, 2016 | Cloud Access Security Brokers
By Ed Moyle, IANS Faculty
As more companies start using cloud services, many are considering identity as a service (IDaaS) to help simplify identity management, but is it a good idea? In this report, IANS Faculty Ed Moyle provides a quick market overview, some common use cases, and tips for deciding when IDaaS can work – and when it can’t.
Read More »
April 21, 2016 | Cloud Access Security Brokers
By George Gerchow, IANS Faculty
The cloud access security broker (CASB) space is getting even more crowded, making vendor evaluation and finding the best fit for your particular use case even more challenging. In this report, IANS Faculty George Gerchow details exactly what today’s CASBs offer and advises security organizations on how to determine the best feature set for their particular environment.
Read More »
March 30, 2016 | Cloud Network and Host Controls
By Dave Shackleford, IANS Faculty
As more organizations move services and computing assets into cloud service provider environments, the need for adequate security controls grows as well. In this quarterly research report, IANS Faculty Dave Shackleford updates clients on the new developments occurring in the cloud security arena.
Read More »
February 9, 2016 | Cloud Access Security Brokers
By George Gerchow, IANS Faculty
Many organizations are deploying cloud access security brokers (CASBs) in an effort to improve visibility into their cloud applications. In this Ask-an-Expert written response, IANS Faculty George Gerchow details specific use cases and requirements to consider when choosing a CASB and provides recommendations for ensuring the proper controls are in place.
Read More »
February 4, 2016 | Cloud Application and Data Controls
By Adam Ely, IANS Faculty
An enterprise service bus (ESB) can make real-time integration of cloud apps with internal services easier to implement, but can it also help with security? In this Ask-an-Expert live interaction, IANS Faculty Adam Ely explains that ESBs, while costly, not only help ease integration but also reduce code vulnerabilities and the overall attack surface.
Read More »
January 21, 2016 | Cloud Network and Host Controls
By Dave Shackleford, IANS Faculty
Can cloud-based email archiving match the features, security and compliance capabilities of an on-premises solution? In this Ask-an-Expert live interaction, IANS Faculty Dave Shackleford say yes (for the most part) and offers a rundown of the top cloud archival vendors as well as implementation advice.
Read More »
December 28, 2015 | Privileged Access Management
By Gunnar Peterson, IANS Faculty
Managing identity across cloud services and applications is becoming increasingly critical for many organizations. In this report, IANS Faculty Gunnar Peterson examines what needs to be handled in the cloud and what should be kept on-premises, as well as current best practices for managing identity in the cloud.
Read More »
December 21, 2015 | Cloud Network and Host Controls
By Dave Shackleford, IANS Faculty
As more organizations move services and computing assets into cloud service provider environments, the need for adequate security controls grows as well. In this quarterly research report, IANS Faculty Dave Shackleford updates clients on the new developments occurring in the cloud security arena.
Read More »
November 19, 2015 | Enterprise and IT Compliance Management
By Ed Moyle, IANS Faculty
In this CSA STAR primer document, IANS Faculty Ed Moyle outlines the three levels of the certification, explains how organizations can attain them and details the various benefits of the program for both cloud services providers and their customers.
Read More »
October 22, 2015 | Cloud Application and Data Controls
By David Etue, IANS Faculty
A recent SailPoint survey found that 1 in 5 workers uploads proprietary corporate data to personal cloud storage services, and 66% continue to have access to that data well after they leave the company. In this webinar, IANS Faculty David Etue details the best practices for ensuring cloud storage services don’t open up your organization to data loss.
Read More »
October 20, 2015 | Cloud Application and Data Controls
By Dave Shackleford, IANS Faculty
Storing application data in the cloud comes with certain obstacles, particularly when it comes to selecting the right AWS or Google storage option. In this Ask-an-Expert written response, IANS Faculty Dave Shackleford details the advantages and disadvantages of various cloud storage solutions, including S3, DynamoDB, Amazon Glacier and Google Cloud Storage.
Read More »
October 2, 2015 | Cloud Network and Host Controls
By Dave Shackleford, IANS Faculty
As more organizations move services and computing assets into cloud service provider environments, the need for adequate security controls grows as well. In this quarterly research report, we update IANS’ clients on the new developments occurring in the cloud security arena.
Read More »
September 8, 2015 | Cloud Network and Host Controls
By George Gerchow, IANS Faculty
Moving from the traditional data center to Amazon Web Services (AWS) brings with it a number of security questions, particularly when it comes to data security. In this Ask-an-Expert written response, IANS Faculty George Gerchow details various aspects of AWS that are designed to help secure data and offers some key security strategies when moving to AWS, including separating data in a logical way and regularly rotating encryption keys.
Read More »
July 29, 2015 | Cloud Services Contracts and SLAs
By George Gerchow, IANS Faculty
Maintaining data privacy and protection while engaging with cloud services providers (CSPs) can be a daunting challenge for organizations. In this Ask-an-Expert written response, IANS Faculty George Gerchow explains the four key areas to focus on when it comes to negotiating contracts with CSPs: encryption, logging, usage and data retention.
Read More »
July 6, 2015 | Cloud Network and Host Controls
By Dave Shackleford, IANS Faculty
Regain Control: As more organizations move services and computing assets into the cloud, the need for adequate security controls grows as well. In this quarterly research report, IANS Lead Faculty Dave Shackleford updates clients on the latest developments in the cloud security arena.
Read More »
May 18, 2015 | Cloud Access Security Brokers
By Dave Shackleford, IANS Faculty
Provide Perimeter-less Data Protection: In this Ask-an-Expert written response, IANS Faculty Dave Shackleford offers analysis of various cloud access security brokers (CASBs), as well as best practices for implementing a CASB solution.
Read More »
May 14, 2015 | Cloud Network and Host Controls
By George Gerchow, IANS Faculty
Regain Control: Few companies are either all in the cloud or all on premises. Most work somewhere in the middle, which can be a challenge when it comes to securing business-critical data and applications. In this webinar, IANS Faculty George Gerchow details the tools, strategies and policies necessary to truly secure hybrid cloud environments.
Read More »
April 16, 2015 | Cloud Application and Data Controls
By Dave Shackleford, IANS Faculty
In this Ask-an-Expert written response, IANS Lead Faculty Dave Shackleford details best practices for cloud logging and monitoring and offers some examples of effective technologies and solutions.
Read More »