All or nothing is a really bad strategy for securing your Microsoft Azure workloads. Security in Azure is very much a shared responsibility. You need to know exactly what it is that you must secure, and what is covered by Microsoft.
Microsoft provides robust physical security, network infrastructure, and virtualization layer. Ideally, you will match their excellence with equally robust security for your workloads, including operating system, applications, and data.
But there’s a small catch. If you try to use traditional security to protect your applications and data in the cloud, you risk slowing your Azure project with needless complexity. There’s a simpler and more effective solution. Continue reading
Be aware of your security responsibility !
Albert Kramer, Technical Manager Continental Europe
An increasing number of companies has decided to host their office applications such as Microsoft Word, Excel and Powerpoint in the cloud. Also core services like mail, datastorage and sharepoint are hosted these days. No wonder really, because the underlying principle is very appealing: you no longer need to install software yourself, and the central storage in the cloud allows you to access your data anywhere and from any device. Highly convenient, isn’t it? But beware: switching from onsite applications to their hosted online equivalents also entails a certain degree of risk, particularly when it comes to data security. Continue reading
We are living in exciting times. The way we work is radically changing. We see businesses transforming into digital businesses, relying on social, mobile, analytics and cloud. Not only for collaboration purposes, but also for data storage, email, insights, etc. When it comes to the cloud industry, we see great names as Microsoft, Amazon and Google Apps. They have extensive experience and yes, they have taken security measures to protect the data you trust them with. This, however, does not mean you can put your feet up and leave the security aspect entirely in the third parties’ hands.
So not only the way we work has changed, the way we should handle security should change too… Take greater control, maintain higher levels of security. Continue reading
We all know that it’s getting harder and harder for IT security managers to defend corporate systems. A perfect storm of static or dwindling resources, complex IT environments, a growing attack surface, and the increasing volume and sophistication of threats has made it one of the most difficult jobs in IT. That’s why to the time-poor IT buyer, trusted third-party reports like Gartner’s Magic Quadrant have become regarded as valuable sources of information during purchasing cycles.
PoS (Point of Sale) fraud and malware used to be little more than keylogging and screenscraping: retrieving credit or debit card details by registering the information that the customer enters on the keyboard and/or that appears on the screen. Nowadays the cybercriminals targeting PoS systems have a more elaborate and more advanced set of weapons available.
Most organizations have already understood the importance of a decent IT security solution. And many of you do understand that ‘decent’ means more than just anti-virus. The current landscape of cyberthreats is far more complex than in the old days, when a decent scanning engine ‘at the network’s gates’ would stop virtually everything. These were the days when company software and hardware would never go outside of the company’s walls and the malware was created by spotty teenagers looking for their 5 minutes of fame.
Cybersecurity keeps climbing on the list of concerns that keep the IT manager awake at night. And yet this topic is hardly ever, if at all, discussed on the board of directors. How is this possible, and what can we do about it?