Filter By:

Type

Topic

Recent Blogs & Podcasts

Insights Portal

\ Cloud Computing 



February 15, 2018 | DevOps Organization and Strategy
By Dave Shackleford, IANS Faculty

 Best Practices in Container Security

While many organizations are deploying containers for all kinds of applications, few fully understand - and implement - strong container security today. In this Ask-an-Expert live interaction, IANS Faculty Dave Shackleford recommends ways to secure the underlying platform and ensure the integrity of repositories, in addition to other best practices.

Read More »


January 30, 2018 | Encryption, Digital Signatures, Certificates, Tokenization
By Steve Coplan, IANS Faculty

 Cloud Key Management Services: An Overview

Moving to the cloud is fraught with critical decisions, not the least of which is key management. in this Ask-an-Expert written response, IANS Faculty Steve Coplan explains the challenges in implementing strong cloud key management and provides an overview of cloud service provider and partner offerings, as well as newer as-a-service options.

Read More »


January 11, 2018 | Cloud Application and Data Controls
By George Gerchow, IANS Faculty

 Architect and Secure Your Office 365 Migration

Moving from a traditional Windows environment to Office 365 in the cloud requires quite a bit of planning and forethought. In this Ask-an-Expert written response, IANS Faculty George Gerchow recommends leveraging the security extras in Microsoft's E5 licenses, as well as using third-party authentication and a CASB tool to ensure the migration is fast and secure.

Read More »


January 4, 2018 | Cloud Network and Host Controls
By Dave Shackleford, IANS Faculty

 IANS Cloud Security Update: Q4 2017

As organizations continue to move services and computing assets into cloud service provider environments, the need for adequate security controls grows as well. In this quarterly research report, IANS Faculty Dave Shackleford updates IANS’ clients on the new developments occurring in the cloud security arena.

Read More »


December 11, 2017 | Security Policies and Strategy
By Dave Shackleford, IANS Faculty

 Create a Practical, Scalable Cloud Policy

As organizations start moving quickly to the cloud, getting the right cloud governance structure in place becomes paramount. In this Ask-an-Expert written response, IANS Faculty Dave Shackleford provides key considerations, sample language and optimal processes for ensuring your cloud policies will be workable both today and over the long term.

Read More »


October 25, 2017 | Cloud Network and Host Controls
By Dave Shackleford, IANS Faculty

 Hybrid Cloud Security: Know the Fundamentals

While hybrid clouds offer more visibility and control than cloud-only environments, they also require smart architecture and security designs to keep data safe and the business as a whole up and running. In this report, IANS Faculty Dave Shackleford details the key fundamentals of hybrid cloud security, including automation, continuous monitoring and shift-left strategies designed to ensure your hybrid cloud workloads remain secure today - and over time. 

Read More »


October 17, 2017 | Cloud Application and Data Controls
By George Gerchow, IANS Faculty

 Take 3 Steps to Prevent Amazon S3 Data Leaks

High-profile Amazon S3 data leaks from the likes of Dow Jones and Verizon are highlighting the need for customers to get smart about their S3 security controls. In this Ask-an-Expert written response, IANS Faculty George Gerchow details three key steps to ensure your S3 buckets stay secure.

Read More »


October 11, 2017 | Cloud Application and Data Controls

 Accenture Data Left Unsecured on Public AWS S3 Cloud Storage Bucket

On September 17, 2017, cybersecurity firm UpGuard privately alerted Accenture to the fact that some of its sensitive information (including client-specific information, passwords and credentials, and encryption keys) was stored on a publicly accessible, unsecured Amazon Simple Storage Service (S3) storage unit -- called a “bucket.” The data could be downloaded by anyone who knew the web address -- no password was required.

Read More »