Cloud Security

A Global Technology Provider for 700+ financial services clients, Increases Efficiency of Personnel and SOC team by 37%

Article Written by Arun Gandhi, Director of Product Management at Seceon and Grigoriy Milis, Chief Technology Officer at RFA

As security breaches and attacks continue to lead global headlines, effective cybersecurity protections are the "new normal" for conducting business today. In addition to recently enacted regulations, with more coming in near future, it is imperative for managed service providers (MSPs) to provide best-in-class security solutions to customers while differentiating themselves from the competition. 

Traditional solutions are no longer sufficient; tools must evolve to combat the increasing sophistication of cybercriminal techniques and technologies. Customized malware exists now that can evade and bypass many of the traditional endpoint security solutions. Traditional signature- and manual calculation-based approaches are simply not sufficient for providing security with the increasing sophistication of cyber threats. Above all, the biggest challenge remains integration of these point solutions as they are from different manufacturers and not built to communicate with each other inherently. 

In business for nearly thirty years, Richard Fleischman & Associates, also known as RFA, is a trusted technology partner to more than 700 clients globally who retain more than $900 billion in total assets under management. Serving as an MSP for its financial sector clients, RFA used a number of traditional solutions and services from large market leaders successfully, but was always challenged to find a solution that could address threats (i.e., detect, contain and eliminate) between the perimeter and endpoints to their required level of sophistication. Multi-layered approaches recommended by industry experts were rendered ineffective as the solutions were note properly integrated and remained silo'ed. Moreover, the level of protection afforded resulted in dissatisfaction when compared to the overhead cost. 

Tripwire Expands Cloud Security Capabilities with Cloud Management Assessor

Grazed from Tripwire

Tripwire, Inc., a leading global provider of security and compliance solutions for enterprises and industrial organizations, today announced expanded support for cloud environments with Tripwire Cloud Management Assessor (CMA). The solution now features File Integrity Monitoring (FIM) capabilities for addressing publicly exposed data in the cloud, and its core secure configuration management functionality now supports all major cloud providers, including Google Cloud Platform.

"Tripwire is dedicated to helping organizations implement critical security controls in their environments, especially as these environments grow more complex with the adoption of hybrid and multicloud models," said Tim Erlin, vice president of product management and strategy at Tripwire. "We've expanded our capabilities to help organizations keep their cloud environments properly configured and prevent inadvertent exposure of their data."

New Kaspersky Lab Solution for Hybrid Cloud Security Management

Grazed from Kaspersky Lab

To support companies moving to a cloud architecture, today, Kaspersky Lab has launched its new Kaspersky Hybrid Cloud Security offering, expanding the company's virtualization and cloud security portfolio. The new solution is the next generation of hybrid cloud protection for businesses of all sizes, integrated with Amazon Web Services (AWS) and Microsoft Azure.

Organizations that struggle to deal with the speed of business process automation and growth of corporate data are turning to the hybrid cloud to expand their infrastructure. At the same time, more than half (59%) of businesses feel they cannot fully trust its data to cloud services because it could introduce new risks to their IT security. Their concerns are authentic with the lack of visibility in hybrid cloud ecosystems today - making them even more vulnerable to cyberattacks.

 

RedLock, Barracuda Join Forces to Help Organizations With a Cloud Threat Defense Strategy

Grazed from RedLock and Barracuda

RedLock, the Cloud Threat Defense company, and Barracuda Networks Inc., a provider of cloud-enabled security and data protection solutions, today announced their joint efforts to help organizations fulfill their responsibilities in securing public cloud environments. The joint-solution approach offers enterprises the ability to implement a broad Cloud Threat Defense strategy across Amazon Web Services, Microsoft Azure, and Google Cloud environments that aligns with the National Institute of Standards and Technology's Cybersecurity Framework (NIST CSF). The two companies plan several go-to-market initiatives, including joint sales efforts, joint product demonstrations and joint solution collateral development.

"RedLock and Barracuda products fit together to address the security challenges in public cloud computing environments," said Varun Badhwar, CEO and co-founder at RedLock. "The solutions assist enterprises with addressing the four functions of NIST CSF, which include identifying assets, protecting against threats, detecting security events, and responding to incidents. We're privileged to work with Barracuda in helping organizations obtain the benefits of public cloud computing."

McAfee Study Reveals 1-in-4 Organizations Using Public Cloud Has Had Data Stolen

Grazed from McAfee

McAfee, the device-to-cloud cybersecurity company, today announced its third annual cloud adoption and security report, Navigating a Cloudy Sky: Practical Guidance and the State of Cloud Security. The report outlines the current state of cloud adoption, the primary concerns with private and public cloud services, security implications and the evolving impact of unmanaged cloud use for the more than 1,400 information technology (IT) professionals surveyed.

Lack of adequate visibility and control is the greatest challenge to cloud adoption in an organization. However the business value of the cloud-Software-as-a-Service (SaaS), Platform-as-a-Service (PaaS) and Infrastructure-as-a-Service (SaaS)-is so compelling that some organizations are plowing ahead. Fortunately modern cloud security tools and practices don't require organizations to make that difficult choice between business velocity and data security.

"Despite the clear prevalence of security incidents occurring in the cloud, enterprise cloud adoption is pressing on," said Rajiv Gupta, senior vice president of the cloud security business unit, McAfee. "By implementing security measures that allow organizations to regain visibility and control of their data in the cloud, businesses can leverage the cloud to accelerate their business and improve the security of their data."

New Global Standards for Cloud Security

Article Written by Avery Phillips

As of May, the requirements of cloud security will be getting an overhaul. The General Data Protection Regulation (GDPR) will introduce tighter security protocols for many businesses not just in the EU, but around the world. You are mistaken if you think that the GDPR is only going to affect European companies and organizations. 

Appnovation, a global IT company, understands the GDPR's reach when they state "Put simply, this is something which will [affect] every organization that processes EU citizens' data, whether processed within or outside Europe." This bombshell that's about to drop on the digital security and data world is going to change the cloud and hold companies accountable for how they process sensitive data on it.  

Failure to adhere to these policy changes will result in hefty fines to your business. So, if you hold extensive data on the cloud, you'll want to know how it's going to change in accommodation for the GDPR. Read below to understand how and why it will change cloud security.

Netwrix Survey: 69% of Healthcare Providers Plan to Move More Data to the Cloud, Disregarding Insider Threat

Grazed from Netwrix Corporation

Netwrix Corporation, provider of a visibility platform for data security and risk mitigation in hybrid environments, today released the 2018 Netwrix Cloud Security: In-Depth Report for Healthcare infographics. The infographics provide an industry perspective into the healthcare sector's use of cloud technology and assessment of the risks associated with cloud migration. 

The report reveals that most healthcare providers store sensitive data, such as electronic protected health information (ePHI), personally identifiable information (PII) and financial data, in the cloud, yet only a few of them have pervasive visibility into who is accessing that data.

The key findings include:

Saviynt and Identity Methods Provide Increased Access to Cloud Identity Governance and Security Solutions

Grazed from Saviynt

Saviynt, a leading Global provider of Cloud Security and Identity Governance solutions, has announced today a strategic partnership with Identity Methods. This partnership will enable Identity Methods to develop their cloud offering, by integrating Saviynt’s cloud products seamlessly with Identity Methods’ existing product set. This will help ensure organisations are able to manage their applications, data and infrastructure, along with their identity lifecycle, profiles and access rights, in a secure manner from experts within the industry.

 With Saviynt’s growing foothold across Europe and Identity Methods’ presence within the UK, this latest partnership will provide greater scope to extend the footprint, both across and outside of the UK. This partnership provides Identity Methods’ customers and prospects with access to the most complete set of Identity Management and Cloud Security solutions, across multiple platforms and enterprises.
 

Megazone, an AWS Premier Consulting Partner, Signs Strategic Alliance with CloudPassage for Cloud Security Partnership

Grazed from Megazone and CloudPassage

Megazone, an AWS premier consulting partner and cloud-specialized company today announced a strategic alliance with CloudPassage for cloud-based security automation.

CloudPassage offers a SaaS-based workload security automation platform that on-demand delivery of security controls across data centers, private/public clouds, virtual machines and containers - at speed and scale. Unlike traditional security systems, Halo and its robust APIs integrate with popular CI/CD toolchains and processes, providing just-in-time feedback for fixing vulnerabilities early in the development cycle. This lets DevOps teams operate efficiently while providing security teams the validation they require without slowing the DevSecOps workflow. Halo easily integrates with popular infrastructure automation and orchestration platforms, allowing Halo to be easily deployed. CloudPassage works with many Fortune 500 customers and leading MSSPs to continuously monitor the security and compliance posture of their business critical workloads.

Qualys Acquires 1Mobility

Grazed from Qualys

Qualys, Inc., a pioneer and leading provider of cloud-based security and compliance solutions, today announced that it has acquired the software assets of 1Mobility, Singapore. 

The acquisition now allows Qualys to provide enterprises of all sizes with the ability to create and continuously update an inventory of mobile devices on all versions of Android, iOS and Windows Mobile in their environment; and to continuously assess their security and compliance posture, while quarantining devices that are compromised or out-of-compliance. It also allows Qualys to extend its PCI certification to mobile devices and to deliver a highly scalable Enterprise Mobility Management (EMM) solution that permits the distribution of apps and security policies over the air (OTA) to corporate or employee-owned devices (BYOD).

"With the acquisition of 1Mobility, Qualys is uniquely positioned to provide visibility across on-premises, endpoints, cloud(s) and now mobile and IoT environments," said Philippe Courtot, chairman and CEO, Qualys, Inc. "This is critical as companies are accelerating their digital transformation and looking at ways to consolidate their current security and compliance stack while expanding their mobile workforce. 1Mobility has built a comprehensive and well-architected technology that allows organizations to manage and secure mobile and IoT devices at scale, and we welcome them to the Qualys family."