Tips

Tips

• Cloud incident response: What enterprises need to include in a plan

  A cloud incident response plan can be difficult to assemble. Expert Rob Shapland discusses the basics of what to include in a response plan when the incident involves the cloud.  Continue Reading

• A look at the shared responsibility model of cloud providers

  Many cloud providers now offer a shared responsibility model for their customers. Expert Dave Shackleford looks at the major providers' models and what they might be missing.  Continue Reading

• How bring your own encryption in the cloud works for enterprises

  Bring your own encryption offerings for the cloud are more common now. Expert Ed Moyle discusses the benefits and drawback of BYOE and what to know before implementation.  Continue Reading

• Cloud DDoS protection: What enterprises need to know

  DDoS attacks are a continuing problem, and enterprises should consider using cloud DDoS protection services. Expert Frank Siemons discusses the cloud options.  Continue Reading

• What to know about SIEM as a service before deployment

  There's been increased interest in SIEM as a service and enterprises need to get to know the model before using it. Expert Frank Siemons explains what's different about it.  Continue Reading

• Lessons learned from the Microsoft Office 365 SAML 2.0 flaw

  The Microsoft Office 365 SAML flaw that allowed attackers to bypass authentication was resolved quickly, but offers enterprises some important lessons. Expert Ed Moyle discusses.  Continue Reading

• PaaS security: Four rules for lowering enterprise risks

  Securing a platform as a service can sometimes get overlooked within enterprises. Expert Char Sample offers four simple rules for improving PaaS security and lowering cloud risks.  Continue Reading

• How to handle cloud-based big data strategies according to the CSA

  Assembling big data strategies is a nuanced process, but the Cloud Security Alliance offers guidance on some best practices. Expert Dave Shackleford looks at the highlights.  Continue Reading

• Data breach compensation: What enterprises need to know

  Data breach compensation amounts often fall short of covering the actual damages, especially in a cloud breach. Expert Frank Siemons discusses data breach settlement options.  Continue Reading

• Multi-tenant cloud security requires enterprise awareness

  Moving to a multi-tenant cloud environment can be daunting, but many of the usual risks are legacy issues. Expert Rob Shapland discusses what to know before moving.  Continue Reading

• How a cloud-based HSM can boost enterprise security with enough effort

  There are both security benefits and risks to using a cloud-based HSM in an enterprise. Expert Dave Shackelford discusses the arguments for and against cloud HSMs.  Continue Reading

• Why the DROWN vulnerability requires constant vigilance

  The DROWN vulnerability affected hundreds of SaaS applications, and they're not all completely fixed yet. Expert Ed Moyle discusses the SSLv2 vulnerability and how to manage it.  Continue Reading

• Why enterprise cloud IAM policies need to be stronger

  A cloud IAM policy is crucial to protecting an organization from external and internal threats. Expert Rob Shapland discusses how to bolster cloud IAM.  Continue Reading

• Cloud data classification services: How they benefit organizations

  Data classification services from CSPs are important for organizations strengthening their cloud security posture. Expert Dave Shackleford explains the perks of these services.  Continue Reading

• How the cloud can help organizations with security log data

  Organizations often have to deal with copious amounts of security log data and that can be challenging. Expert Frank Siemons explains how the cloud can help manage log data.  Continue Reading

• DDoS mitigation services: What to consider before implementation

  Before implementing DDoS mitigation services, there are a few things enterprises should consider. Expert Ed Moyle discusses the steps to take to improve security.  Continue Reading

• Cloud incident response and forensics: What enterprises need to know

  Performing cloud incident response and forensics requires a different approach. Expert Matt Pascucci outlines the steps enterprises should take with cloud service providers.  Continue Reading

• How to mitigate shadow cloud services security risks

  Shadow cloud services are an unavoidable part of the modern enterprise, but they present fresh security challenges. Expert Rob Shapland discusses some mitigation methods.  Continue Reading

• A look at the cloud migration challenges enterprises could face

  One of the most common problems facing organizations is dealing with many cloud migration challenges. Expert Dave Shackleford discusses the challenges and how to deal with them.  Continue Reading

• Adding a cloud security policy to your overall IT defense strategy

  Enterprises should consider a cloud security policy in the wake of more services moving to the cloud. Expert Mike Chapple examines how IT security standards can be reworked.  Continue Reading

• Top AWS security features organizations need to know about

  As cloud security becomes more essential, Amazon security features become more important. Expert Matthew Pascucci takes a look at specific AWS security products available today.  Continue Reading

• How to make sanitizing data in the cloud easier for organizations

  Data sanitization is often required for compliance, but many organizations struggle with it in the cloud. Expert Frank Siemons discusses why and how to make it easier.  Continue Reading

• How cloud synchronization can facilitate the spread of malware

  Malware can spread from one user to many through cloud synchronization. Expert Rob Shapland explains what enterprise users should know about their synchronization folders.  Continue Reading

• How to segment cloud workloads for better security

  Enterprise cloud workloads can be better secured by using microsegmentation. Ed Moyle explains the best ways to plan and execute a segmentation strategy.  Continue Reading

• The security risks of URL-shortening services for enterprises

  URL-shortening services have become a security threat to organizations. Expert Dave Shackleford explains why and how to mitigate the risks of shortened URLs.  Continue Reading

• How cloud WAF implementations can improve application security

  Having to secure applications that are not locally hosted is possible with a cloud WAF. Expert Matt Pascucci explains how they work, and what enterprises need to understand.  Continue Reading

• Cloud pen testing: What testers need to consider

  Before starting cloud penetration testing, there a few things to keep in mind. Expert Frank Siemons discusses limitations and techniques for pen testing cloud platforms.  Continue Reading

• How to address redundant cloud security controls

  Overlapping security controls for cloud apps and services can be detrimental to enterprises. Expert Rob Shapland explains why that is, and what organizations can do about it.  Continue Reading

• How to secure a cloud workload as it travels between CSPs

  Typically a cloud workload doesn't stay in one spot. Expert Dave Shackleford discusses the best ways to secure traveling cloud workloads as they move across environments.  Continue Reading

• Why cloud onboarding requires an enterprise security plan

  Cloud onboarding shouldn't require sacrificing security. Expert Ed Moyle explains how enterprises can implement a plan to keep their organizations safe.  Continue Reading

• How to combat cloud-based gaming security risks

  There are many security risks for cloud-based gaming platforms. Expert Frank Siemons explains what's happened to gaming providers like Sony and Steam.  Continue Reading

• How machine learning in the cloud can help enterprise security

  There's a growing trend of machine learning in the cloud and security should take advantage of it. Expert Dave Shackleford discusses machine learning and its benefits to security.  Continue Reading

• DDoS prevention for attacks that bypass DNS rerouting

  DNS rerouting by cloud security service providers may not be enough for DDoS mitigation when attackers can uncover targets through alternate means. Expert Ed Moyle explains.  Continue Reading

• Cloud identity management: Deciding on the right approach

  Cloud identity management can offer a lot of security benefits, but enterprises need to answer some questions before deployment. Expert Ed Moyle offers advice on what to ask.  Continue Reading

• 'Federated' identity and access management tools

  Federated identity management has clear security advantages. Learn ways to use Microsoft's AD FS and AWS AD Connector as identity and access management tools in the cloud.  Continue Reading

• Distinguishing types of cloud services and their security risks

  The different type of cloud services -- public, private and hybrid -- all provide different security for enterprises. Here's an explanation of each kind and their security pros and cons.  Continue Reading

• How to test data analysis in virtual environments

  Security teams need to practice and test data analysis, but it can be challenging to do in small environments. Expert Frank Siemons explains some ways to make it work anyway.  Continue Reading

• Cloud malware: A growing problem for public CSPs

  High-profile cloud malware attacks are increasing and enterprises need to understand the threat. Expert Dave Shackleford explains these malware campaigns.  Continue Reading

• How to protect an origin IP address from attackers

  Cloud security providers protect enterprises from DDoS attacks, but attackers can still find the origin IP addresses. Expert Rob Shapland explains why that's a significant threat.  Continue Reading

• How the Lucky 13 attack affects Amazon s2n security

  Amazon's s2n was targeted by the Lucky 13 attack and the discovery unnerved the security community. Expert Dave Shackleford discusses open source SSL/TLS risks like the s2n flaw.  Continue Reading

• The rise of cloud-based application security vulnerabilities

  Enterprises can't avoid dealing with cloud-based application security any longer. Expert Dejan Lukan discusses the challenges and why they're not as bad as they seem.  Continue Reading

• Breaking down the risks of VM escapes

  The Xen hypervisor flaw highlighted the risks of VM escapes, but expert Ed Moyle explains why the flaw should serve as a warning for virtual containers as well.  Continue Reading

• Inside the new Microsoft Azure security features

  There are two new Microsoft Azure security features. Expert Rob Shapland breaks down how they aim to boost cloud security for enterprises.  Continue Reading

• How Azure Security Center boosts Microsoft cloud security

  Azure Security Center looks to enhance Microsoft's cloud platform by improving visibility and control. Expert Dave Shackleford outlines the features intended to do that.  Continue Reading

• How to perform cloud-based application analysis

  Before using cloud-based applications, it's important for enterprises to know their implications. Here are some static and dynamic application analysis techniques that can help.  Continue Reading

• How APT groups are conducting public cloud attacks

  Advanced persistent threat groups are using public cloud services to their advantage. Expert Ed Moyle explains how enterprises can protect themselves.  Continue Reading

• Breaking down the Amazon EC2 key recovery attack

  A research paper demonstrating a key recovery attack on Amazon Web Services' EC2 illustrates the risks of colocation and multi-tenancy in the cloud. Expert Rob Shapland explains.  Continue Reading

• Why BYOK is so attractive despite its risks

  BYOK encryption services are a new trend among enterprises, despite all the challenges and risks that accompany them. Expert Dave Shackleford explains the appeal of BYOK.  Continue Reading

• How enterprises can ensure a secure cloud migration

  Managing a secure cloud migration is an involved process for enterprises, but it can be made easier by carefully choosing what goes to the cloud and what stays on premises.  Continue Reading

• Cloud data residency: Addressing legal and regulatory risks

  Determining where cloud data is stored and what the legal, enterprise and regulatory requirements are can be a challenge. Expert Ed Moyle explains how to understand cloud data residency.  Continue Reading

• Stopping distributed denial-of-service attacks in the cloud

  Distributed denial-of-service attacks are a top threat to cloud security. And while they're impossible to prevent completely, there are steps enterprises can take to increase safety.  Continue Reading

• How the cloud access security broker space is evolving

  The cloud access security broker space is accelerating at a fast clip, but expert Rob Shapland explains some obstacles for enterprises to consider before selecting a CASB platform.  Continue Reading

• How to manage system logs using the ELK stack tool

  Centrally managing system logs is an important practice for enterprise security. Expert Dejan Lukan explains how to set up cloud servers, such as ELK stack, for this purpose.  Continue Reading

• How to craft an enterprise cloud change management policy

  Though few enterprises have one, a cloud change management policy can be a lifesaver when confronted with transitions and security risks.  Continue Reading

• A look at Microsoft Azure security features for enterprises

  Boosted Microsoft Azure security could give it a competitive edge in the cloud market. Here are the security features enterprises can take advantage of.  Continue Reading

• Protect cloud file sharing from a man-in-the-cloud attack

  Man-in-the-cloud attacks on file sharing services can lead to confidential data leakage. Expert Rob Shapland explains how to mitigate the threat.  Continue Reading

• Create a cloud exit strategy to prepare for the unknown

  What happens if your service provider unexpectedly shuts down? Or drops mission-critical services? Expert Ed Moyle explains the benefits of cloud exit strategies and how to build one for your enterprise.  Continue Reading

• How to use the ELK stack log monitoring tool

  Open source log monitoring tools are a budget-friendly way for organizations to increase network visibility and improve incident response times.  Continue Reading

• How to perform a forensic acquisition of a virtual machine disk

  Virtualization expert Paul Henry provides a step-by-step guide to imaging a virtual machine disk (*flat.vmdk) in a forensically sound manner.  Continue Reading

• Who does what? Uncover the key to cloud security compliance

  SaaS vendors bear more of a compliance burden for cloud security. Enterprise responsibilities for services hosted in IaaS are little changed, however.  Continue Reading

• An introduction to cloud container security

  While the benefits of cloud containers are readily apparent, there aren't clear guidelines on how to secure the technology. Expert Rob Shapland offers pointers on how to stay safe.  Continue Reading

• Why the security industry needs a standardized framework for CASBs

  The growth of CASBs has prompted the CSA and CipherCloud to team up to form the Cloud Security Open API Working Group. Expert Dave Shackleford explains the purpose and benefits of the group.  Continue Reading

• How to securely manage public/private keys for cloud authentication

  Managing public/private keys is crucial for enterprises to ensure secure cloud authentication. Here are four tips to harden security of cloud keys.  Continue Reading

• How hard is it to implement SSO with Microsoft Azure AD?

  David Strom tells you how to use Azure Active Directory and Azure Multifactor Authentication for hybrid cloud management.  Continue Reading

• Three steps to secure cloud database services in the enterprise

  Database as a service may be easy to deploy and easy to manage, but it is not without its security challenges. Expert Ed Moyle outlines three major steps enterprises should take to secure cloud database services in the enterprise.  Continue Reading

• Authentication in the cloud: Are more open standards the answer?

  Using passwords to authenticate users has a long and troubled past. Expert Rob Shapland explains how open standards such as FIDO, SAML and OpenID can help solve the woes surrounding user authentication in the cloud.  Continue Reading

• Why financial organizations need a strong cloud security strategy

  A cloud security strategy is critical for financial organizations, but many in the industry are dragging their feet. Expert Dave Shackleford explains why.  Continue Reading

• How enterprises can protect against weak cloud passwords

  Weak passwords are a common threat to enterprises relying on cloud services. Expert Dejan Lukan reviews some password best practices.  Continue Reading

• Three steps to finding the ideal cloud data archiving services

  While cloud data archiving services can be highly beneficial, careful consideration must be taken to find the service that best suits an enterprise's needs. Expert Ed Moyle outlines three steps to find your ideal cloud data archiving service.  Continue Reading

• Lack of secure APIs can create IaaS risks

  IaaS data security risks are a persistent problem for enterprises moving to the cloud, but there are specific issues to keep an eye on.  Continue Reading

• Keep credentials safe despite insecure mobile cloud backup services

  A recent study revealed app developers that use mobile cloud backup services put user credentials at risk. Expert Rob Shapland explains how to defend against the threat.  Continue Reading

• The benefits of remote debugging techniques in the cloud

  Sharpening debugging techniques can help IT professionals who need to remotely debug a system and can be useful across many different areas of technology.  Continue Reading

• How does Google Cloud Platform affect merchant PCI compliance?

  Google announced its Google Cloud Platform is PCI-compliant -- but what does this mean for merchants? Expert Ed Moyle explains.  Continue Reading

• Addressing the VENOM cloud vulnerability with cloud patch management

  The VENOM cloud vulnerability was called the next Heartbleed, but how bad is it? Expert Rob Shapland explains the affect it should have on your enterprise.  Continue Reading

• Why enterprises need data encryption in the cloud

  There are many risks associated with data sharing across devices and services, which is why using data encryption in the cloud is so important.  Continue Reading

• Security considerations for putting e-commerce in the cloud

  As enterprises shift and put e-commerce in the cloud, security becomes an even more important consideration. Here's what you need to know before making the move.  Continue Reading

• Using a VMware firewall as part of a defense-in-depth strategy

  While it is not the Holy Grail of network security, VMware firewall technologies are critical components of protecting a virtual data center. Expert Paul Henry explains why.  Continue Reading

• Which cloud malware analysis tools suit you best?

  Deciding on cloud malware analysis tools can be a confusing process for organizations. Here's how to know which one is right for your business.  Continue Reading

• Secure data in the cloud with AWS identity and access management

  The right security policies and technology can make or break an enterprise's identity and access management process. Learn why AWS IAM is crucial when protecting corporate data.  Continue Reading

• Comparing third-party vs. cloud providers' Web security scanners

  Google Cloud Platform has its own Web application security scanner, but are in-house scanners better than third-party scanners? Expert Dave Shackleford examines.  Continue Reading

• The benefits of cloud-based automated malware analysis tools

  Cloud-based automated malware analysis tools are growing in importance to enterprises. Here is a look at the different types of tools and their benefits.  Continue Reading

• Key steps to reducing the shadow cloud threat

  Though shadow cloud threatens enterprise security, there are ways to lessen the risks and protect organizations' systems and applications.  Continue Reading

• AWS penetration testing secrets for success

  AWS penetration testing must be done in both cloud and on-premises infrastructures. Cloud security expert Rob Shapland offers pointers for conducting a successful AWS pen test.  Continue Reading

• Private cloud sprawl: How cloud consolidation can improve security

  Vast private cloud infrastructure can be detrimental to an organization. Expert Ed Moyle looks at how and when to consider cloud consolidation to reduce cloud creep.  Continue Reading

• Neglected cloud app security is among major SaaS security issues

  A report from Adallom highlights the lack of SaaS security in enterprises, but expert Dave Shackleford has ways to take back the cloud and lessen the risks, such as enhanced cloud app security.  Continue Reading

• How to mitigate VPN security issues in the cloud

  VPN security issues in the cloud aren't uncommon, but they can be easily avoided with a few simple measures. Expert Dejan Lukan explains how.  Continue Reading

• Using NIST 800-125-A to understand hypervisor security threats

  Expert Paul Henry discusses how the draft NIST Special Publication 800-125-A can help enterprises better understand the threat landscape in a virtual realm.  Continue Reading

• Negotiating SLA requirements to ensure cloud regulatory compliance

  Outlining your enterprise regulatory compliance reporting needs and establishing these needs with cloud providers during SLA negotiations is critical. Ed Moyle outlines steps to help organizations get started.  Continue Reading

• How AWS Key Management Service bolsters cloud security

  The AWS Key Management Service is a good tool for cloud encryption key management. Expert Dave Shackleford examines AWS KMS and its benefits to enterprises.  Continue Reading

• How to use AWS to meet compliance standards' requirements

  Looking to make compliance an easier task? Expert Steven Weil explains how to use AWS to help meet compliance standards' requirements.  Continue Reading

• Using a software-defined perimeter to create an air-gapped network

  The Cloud Security Alliance's software-defined perimeter protocol can help enterprises achieve dynamic air-gapped networks. Expert Ed Moyle discusses how SDP works and the benefits it can provide.  Continue Reading

• How to strengthen SSH security in the cloud

  SSH security can be threatened by many kinds of attacks, but there are also several steps enterprises can take to protect against them. Expert Dejan Lukan explains.  Continue Reading

• How AWS PCI compliance affects enterprise PCI compliance

  Before deploying an AWS infrastructure, it is critical to understand how it will affect enterprise PCI compliance. Expert Rob Shapland discusses key factors to consider.  Continue Reading

• How to achieve better cloud security for your enterprise

  Better security in the cloud is possible. Learn what national standards and the CSA can do, what they cannot and how to plug the security gap.  Continue Reading

• Cloud security certifications: How important are they?

  More and more certifications are being created around cloud security. Expert Sean Martin looks at some of the more prominent certifications and examines their value.  Continue Reading

• Cloud discovery: Finding shadow cloud use in the enterprise

  Securing approved cloud applications is hard enough, but what about the apps it can't see? Expert Ed Moyle discusses three strategies for finding enterprise shadow cloud usage.  Continue Reading

• The importance of public cloud encryption for enterprise data storage

  Cloud storage providers have beefed up their encryption offerings, but are they enough? Expert Dave Shackleford explains the importance of public cloud encryption.  Continue Reading

• Secure cloud data storage services considerations for SMBs

  Secure cloud data storage services can help small businesses cost-effectively safeguard data. But before choosing a provider, read expert Joe Malec's five top considerations to keep in mind.  Continue Reading

• Implementing VMware border router ingress and egress filtering

  Implementing ingress and egress filtering at the border router can help greatly improve security in a VMware-based virtual data center. Expert Paul Henry explains how.  Continue Reading

• How to run a secure WordPress installation in an IaaS VM

  In the cloud, a secure WordPress installation is important to the safety of enterprises. Expert Dejan Lukan provides detailed advice on this process.  Continue Reading