Cloud migration


  • Regaining control of cloud compliance

    As assets are moved to the cloud, organizations must take steps to ensure that cloud compliance requirements are upheld by third-party vendors. This is a major undertaking that requires knowledge of federal, state and international law; changing regulations; cloud security; and non-traditional information security controls and best practices. In this issue of Information Security magazine, we look at the shared responsibility model between organizations and service providers to protect data in the cloud.

    Many companies have elevated the visibility of the CISO function in response to a series of high-profile breaches. Some organizations are hiring fulltime CISOs for the first time. Others are shoring up their ranks. At mature organizations, it is not unusual to have board-level discussions about cyber-risk oversight, with concerns ranging from assets at risk, to information security responsibility and reporting structures. As the CISO position continues to be defined, we look at the role beyond IT.

    Investments in cybersecurity startups are taking off. Driven by CEO and board-level demand for promising technology aimed at protecting corporate networks and sensitive data, investors are pouring money into cybersecurity companies. While most investments are aimed at turning a profit for venture-capital firms, some companies are investing to reap the benefits of working with new technology and influence product development. We look at strategic partnerships and how funding startups can pay off.Continue Reading

  • The ups and downs of cloud compliance

    You can't outsource security responsibility. Knowing where your data is and how it's protected, is the challenge.Continue Reading

  • Rethinking network monitoring software for the user experience

    Just because the dashboard in your network monitoring software shows that everything is functional doesn't guarantee it's functioning well for users.Continue Reading

  • VMware NSX in AWS could fix hybrid cloud networking troubles

    VMware recently previewed NSX integration with AWS, in a move that could have big implications for vCloud Air users deploying hybrid cloud.Continue Reading

  • Hybrid cloud infrastructure provides low-cost backup

    Analyst Mike Matchett explains how a hybrid cloud infrastructure can provide a lower-cost option for backup over public or private clouds.Continue Reading

  • Getting the most out of VMware ROBO

    VMware's latest offering for companies that want to run virtualized workloads in multiple remote offices offers flexibility and resilience at a cheaper price.Continue Reading

  • How to introduce data security management into the cloud

    Enterprises are adopting mobile and cloud computing rapidly -- raising concerns about data security management. George Lawton explores how IT can address those challenges.Continue Reading

  • Tighten cloud app security with a rugged DevOps approach

    To make sure their cloud applications are secure, IT teams should prioritize security early on in the DevOps process -- a model known as rugged DevOps.Continue Reading

  • Embrace these cloud service-level agreement best practices

    SLAs help users know what to expect from their cloud provider. But they also present a number of headaches for the enterprise, according to legal experts.Continue Reading

  • How to optimize dynamic hybrid cloud management

    When it comes to dynamic hybrid cloud management, full automation should be your goal. Cloud expert Tom Nolle offers advice to help you reach that objective.Continue Reading

  • Using PaaS can lead to better cloud app security

    You may not be aware that PaaS provides strong cloud app security. Tom Nolle explains how to get the most from PaaS security.Continue Reading

  • Three steps to secure cloud database services in the enterprise

    Database as a service may be easy to deploy and easy to manage, but it is not without its security challenges. Expert Ed Moyle outlines three major steps enterprises should take to secure cloud database services in the enterprise.Continue Reading

  • External penetration testing still critical in cloud

    By moving to the cloud, a business can offload some responsibility for lost or stolen data, but external penetration testing in the data center remains critical.Continue Reading

  • Manage AWS resources for an efficient cloud

    Whether a startup or an established enterprise, cloud costs must be closely monitored and managed in the cloud. This includes scaling unused computing power.Continue Reading

  • Is third-party vendor management the next IAM frontier?

    Identity and access management deployments are notoriously complex. And things are getting worse as legacy technology meets next-generation applications. As the traditional network perimeter continues to disappear, robust IAM becomes more important as a layer of defense to protect sensitive corporate data from the threats posed by third-party vendors. In this issue of Information Security magazine, we evaluate the controls that can help protect data as it becomes more widely accessible. Today's IAM programs manage a far wider range of user types and access points. Bring your own device, cloud computing, and the rapid spread of distributed applications and data have all added to the security challenges.

    In this issue, we also look at enterprise mobility strategies. As more companies embrace a mobile-first strategy, security programs increasingly provide some level of support for personally owned devices and apps. But enterprise mobility is a double-edged sword: Providing broad data access and communication capabilities for much of the workforce can introduce challenging security issues. More CIOs and CISOs are recognizing that coherent policies are the key to harnessing the benefits of bring your own device.

    Finally, cybersecurity skills shortages are widespread. The skills to combat advanced threats have outpaced those needed for conventional IT security. We look at strategies that may ease the pain as enterprises compete for a highly sought-after global workforce.Continue Reading