Subscribe to Email Updates

Subscribe

All about Virtualization and Cloud Security | Recent Articles:

Home Depot, Target, and the business of being owned

Sep 10 by Shaun Donaldson

There has recently been some interesting news. It seems that The Home Depot, both in the US and Canada, has experienced a breach. Recall that Target also suffered a breach not long ago

This begs the question; from a security perspective, does being compliant matter?

There are reports that the malware discovered on Home Depot systems is similar to that discovered on systems at Target. What is striking is that, according to Krebs on Security (who broke the Home Depot story), “On Tuesday, KrebsOnSecurity broke the news that Home Depot was working with law enforcement to investigate “unusual activity” after multiple banks said they’d traced a pattern of card fraud back to debit and credit cards that had all been used at Home Depot locations since May of this year.”

Read More

Retail Industry Ramps Up Efforts to Boost Security - and How the Channel Can Play a Role

Sep 10 by Shaun Donaldson

As we mentioned in the last post, over the coming months we’ll be looking at the unique security and compliance challenges for a variety of industries. For the first entry in this series we’re examining the retail sector.

It’s no secret that the retail industry has endured some high-profile information security breaches in recent months. In December 2013, Target was hit with a data breach that resulted in the theft of millions of customers’ credit card data, including payment information, names, phone numbers and email addresses. The incident has had a huge financial impact on the retailer, with Target announcing in August 2014 that its second quarter financial results were expected to include gross expenses of $148 million, partially offset by a $38 million insurance receivable, related to the data breach.

Read More

When Moving to DevOps, Security Can Enhance the Ride

Sep 08 by George V. Hulme

DevOps and continuous integration and deployment efforts boost productivity and agility, but it’s crucial that security moves along with the journey.

DevOps and continuous integration and continuous deployment methodologies are taking hold in enterprises everywhere – and those that do so are clearly more effective and efficient. If you’re not convinced of that, have a look at Puppet Labs’ State of DevOps survey for this year, and last, which found that DevOps organizations are deploying code 30 times faster and with half as many failures as non-DevOps enterprises.

Those DevOps outcomes, because of their focus on steady improvement through continuous collaboration and rapid iterations, are exactly what organizations are hoping to achieve. And from that, they reap a more agile and competitive enterprise.

Read More

When it comes to information security, not all industries are alike

Aug 28 by Robert Krauss

Saying all types of companies have the same information security concerns because they face common threats and vulnerabilities is like saying all cars are alike because they have four tires.

The security - as well as regulatory compliance - issues enterprises grapple with differ dramatically based on their industry. As we’ve seen in recent years, the types of attacks companies face and the sources of those attacks can vary depending on their line of business.

Sure, there are basic security commonalities among all types of businesses. Virtually all companies are vulnerable to computer viruses and other malware. Many verticals are seeing a rapid growth in the use of mobile devices and in the security threats they represent. And internal security breaches can happen at any organization, whether it sells shoes or builds rocket ships.

Read More

The advantages of “Baking in” antivirus in your model on Amazon Web Services (AWS)

Jul 30 by Kathryn Schwab

As an AWS customer, chances are you made a great business decision to move to that model for some or all the following reasons:

  •      Flexibility
  •      Capacity
  •      Agility
  •      Speed
  •      Accessibility
  •      Ease of use
  •      Scalability
  •      Continuous Delivery

Whether you’re a startup or a DevOp in a large enterprise, some of the most compelling reasons to move a business model or develop a business process on AWS is that incredible and versatile infrastructure.

The power and productivity is second to none (well except in the case of the odd outage here and there – but that’s another story). When all is running smoothly, so is your business or your project. The ability to scale and spend according to your delivery model, timelines and needs, while delivering world-class applications and business processes is like no other time in history.

Read More

Compliance: a big Challenge that Channel Partners can Help Address

Jun 18 by Robert Krauss

Regulatory compliance has become a way of life for many companies, especially in industries such as healthcare and financial services. The number and variety of regulations has increased in recent years - and for many organizations the process of ensuring compliance is both costly and time consuming.

Consider what the U.S. Health Insurance Portability and Accountability Act (HIPAA) has meant for IT and security departments within healthcare organizations. A portion of HIPAA defines the policies, procedures and guidelines for maintaining the security and privacy of individually identifiable health information, and creates standards for the use and dissemination of healthcare information. 

Read More

The Costs of a Cost, and the Opportunities Lost – Why US Retailers Need to Give Their PoS a Shake

May 23 by Shaun Donaldson

Credit cards are very convenient; swipe, sign, pay later. That is going to change in the US (More Info) and it’s about time. The change does introduce a cost for retailers, but it is also an opportunity.

The Point-of-Sale (PoS) devices at many retailers are a tool that is part of what is generally a low-margin business. The only time PoS devices are refreshed en-masse is when there is an external pressure that initiates the change. The change to credit cards with a chip (whether chip-and-sign or chip-and-PIN) is now creating an external pressure (Read More).

It begs a question from both security and operations perspectives; can retailers do better than meeting only the new immediate demand?

Simplicity rules

When boiled-down, PoS systems have hardware peripherals (magnetic stripe readers, chip readers, signature screens, printers, and so on) attached to a computer. The computer runs software, often within a Windows embedded operating system, that facilitates transactions. They are, in essence, fancy digital cash registers.

Read More

Stop the Delusion: Security Compliance isn’t Synonymous with Bullet-Proof Security

May 06 by Shaun Donaldson

The ongoing history of credit card breaches at major card processing organizations continuously begs a simple question; do organizations treat compliance as their security high-water mark?

The analogy may not be perfect, but if you have a smoke detector in your basement but the fire starts in the kitchen and you’re asleep on the second floor, what are your chances of survival? Do organizations truly believe that being ‘compliant’ is synonymous with covering all security bases? Certainly, no organization wants to be breached, but are they doing enough?

Read More

Cloud Security




Subscribe to Blog Updates

Latest Tweets