Tips

Tips

• Five things you can learn from the NASA cloud computing audit report

  NASA recently released a cloud computing audit report with best practices enterprises can use to assess and improve their cloud governance practices.  Continue Reading

• Cloud stack security: Understanding cloud VM risk scenarios

  Expert Dave Shackleford explains how cloud stack security must withstand a variety of a current and emerging threats, particularly cloud VM risk.  Continue Reading

• How to assess cloud risk tolerance

  Assessing risk tolerance is a key part of a cloud risk management strategy. In this tip expert Ed Moyle explains how to assess cloud risk tolerance.  Continue Reading

• Gauging cloud forensics: Ten questions to ask cloud providers

  Drawing from recent CSA guidance, expert Dave Shackleford lists key questions to ask cloud providers to determine their cloud forensics capabilities.  Continue Reading

• Storing data in the cloud: Addressing data location security issues

  When storing data in the cloud, ignoring the physical location of cloud data is a major mistake. Learn how to prevent data location security issues.  Continue Reading

• An introduction to enterprise hybrid cloud security

  A custom cloud infrastructure requires a special set of security controls. Get advice on how to implement hybrid cloud security the right way.  Continue Reading

• SOC 2 reports: The de facto cloud provider security standard

  They're not perfect, but SOC 2 reports are becoming the baseline for cloud provider security assessments. Expert Dave Shackleford discusses.  Continue Reading

• Cloud endpoint security considerations: Deployment, alerts and reports

  Key functions are missing in many cloud-based endpoint security services. Kevin Tolly of The Tolly Group reviews deployment, alerting and reporting.  Continue Reading

• Cloud endpoint security considerations: Endpoint security management

  Kevin Tolly of The Tolly Group compares the management functionality of five cloud endpoint security services.  Continue Reading

• Rogue cloud computing: Reining in ad hoc cloud usage in the enterprise

  Rogue cloud usage increases enterprise information security risk. Paul Kirvan explains why and covers how to find and manage ad hoc cloud computing.  Continue Reading

• Three practices to prevent cloud vendor lock-in

  Expert Ed Moyle offers three tips for preventing cloud lock-in long after contract negotiations are complete.  Continue Reading

• Cloud data breach notification: Defining legal obligations

  Francoise Gilbert provides a cloud data breach notification overview for enterprises concerned about placing personal information in the cloud.  Continue Reading

• Amazon S3 encryption overview: How to secure data in the Amazon cloud

  Learn details for employing Amazon S3 encryption features. Expert Dave Shackleford compares S3 encryption to other cloud provider offerings.  Continue Reading

• Cloud computing insider threats: Exploring risk scenarios, mitigations

  Do cloud computing insider threats seem unlikely? Think again. Paul Kirvan offers scenarios and key questions for providers to reduce the risk.  Continue Reading

• Can self-managed cloud security controls ease enterprise concerns?

  Expert Dave Shackleford details how enterprises can increasingly manage their own cloud security controls with private virtual cloud offerings.  Continue Reading