SearchCloudSecurity.com contributor Joseph Granneman has more than 20 years of technology experience, primarily focused in health care information technology.
He is an active independent author and presenter in the health care information technology and information security fields. He is frequently consulted by the media and interviewed on various health care information technology and security topics. He has been focused on compliance and information security in cloud environments for the past decade with many different implementations in the medical and financial services industries.
Granneman has been active in many standards groups, including the developing the early frameworks for Health Information Exchange as part of the Health Information Security and Privacy Security Working Group for Illinois. He was also a volunteer for Certification Commission for Health Information Technology (CCHIT) Security Working Group, which developed the information security standards for ARRA certification of electronic medical records. He is currently a member of the Metropolitan Chicago Healthcare Council HIE Planning & Technology committee. He also continues to be involved in InfaGard and the Chicago Electronic Crimes Task Force. Granneman has a BS in Music Business from Millikin University and an MBA from Northern Illinois University.
Do you have a question for our experts?
Contributions from Joseph Granneman
- Are FedRAMP security controls enough?
- How to spot rogue cloud services with existing tools
- Best practices for email Security as a Service
- Exploiting weaknesses in cloud password hashes
- A look at recent virtualization vulnerabilities
- Quiz: Understanding cloud-specific security technology
- Exploring cloud Security as a Service options
- Windows 8 and cloud-based authentication
- NIST cloud security guidelines: A complex process
- NIST guidance cites cloud security gaps
- Testing IaaS security
- Security SaaS pros and cons
- Cloud risk assessment and ISO 27000 standards
- Amazon S3 security: Exploiting misconfigurations
- Data center security and resiliency
- A framework for evaluating cloud computing risk
- Are dedicated EC2 instances enough for compliance?
- Evaluating IaaS providers: security risks
- The SAS 70 report and cloud service providers
- Ensuring data security with cloud encryption