Data Breach

Fugue Risk Manager Now Available to Protect Against Data Breaches with Self-Healing Cloud Infrastructure

Fugue, the company automating enterprise cloud security and compliance enforcement to prevent data breaches and policy violations due to misconfiguration, today announced the availability of Fugue Risk Manager. A Software-as-a-Service (SaaS) offering, Fugue Risk Manager can identify compliance violations in cloud environments and automatically remediate unauthorized infrastructure changes.

Enterprise cloud teams can use Fugue Risk Manager to scan cloud infrastructure to identify policy violations for a number of compliance regimes, including Amazon Web Services (AWS) Center for Internet Security (CIS) Benchmarks, National Institute of Standards and Technology (NIST) 800-53 Rev. 4, General Data Protection Regulation (GDPR), Health Insurance Portability and Accountability Act (HIPAA), and custom, customer-specified controls. Fugue Risk Manager can then enforce known-good infrastructure baselines provisioned by the cloud team in order to identify configuration drift and automatically remediate it as soon as it occurs.

"Enterprises operating at scale in the cloud face a governance challenge-how to ensure everything that's running in their cloud adheres to compliance and security policy and is free of misconfiguration that can lead to critical security incidents," said Phillip Merrick, CEO of Fugue. "Fugue Risk Manager provides enterprises with autonomic governance over their cloud infrastructure while supporting the speed and agility needed in today's competitive environment."

Announcing Fugue Risk Manager to Help Identify Cloud Compliance Violations and Protect Against Data Breaches

Fugue announced the release of Fugue Risk Manager. A new Software-as-a-Service (SaaS) solution, Fugue Risk Manager is designed to make it easier for enterprises to identify compliance issues in their cloud environments and prevent them from reoccurring.

Fugue Risk Manager inspects cloud infrastructure environments and identifies resource configuration issues for common compliance regimes, including AWS CIS Benchmarks, NIST 800-53 Rev. 4, GDPR, HIPAA, and custom controls specified by the customer. Once violations are corrected and a known-good baseline is established, Fugue Risk Manager can automatically identify configuration drift and revert it back to the established baseline as soon as it occurs.

"Enterprises that adopt the cloud are quickly confronted with the challenge of guarding against infrastructure misconfiguration that leads to critical data breaches and costly compliance fines," said Phillip Merrick, CEO of Fugue. "We developed Fugue Risk Manager to simplify the task of finding these problems and ensuring they never happen again, and to do so efficiently to support the speed and agility today's business demands."

New Fugue Compliance Suite Helps Enterprises Enforce Cloud Security and Policy to Prevent Breaches

Grazed from Fugue

Fugue, the company automating security and compliance enforcement in the cloud, today announced the availability of the Fugue Compliance Suite to make it easier for enterprises to validate cloud infrastructure against security and compliance policy to prevent data breaches. Included in the Fugue 1.8 product release, the Compliance Suite contains pre-built validations expressed in policy-as-code libraries that are mapped to AWS CIS Benchmarks, NIST 800-53 Rev. 4, GDPR, and HIPAA.

"As enterprise cloud adoption increases, so have data breaches and other security and compliance incidents due to cloud misconfiguration exposure," said Phillip Merrick, CEO of Fugue. "Because of this, cloud security and compliance are now top enterprise priorities, but it's important that solutions don't slow the pace of innovation. The Fugue Compliance Suite is designed to help cloud teams move fast and at scale to ensure that compliance policy is continuously enforced at every stage."

Why Data Breach Transparency Protects Business

Article Written by Avery Phillips

In a perfect world, data breaches wouldn't happen. Unfortunately, the reality is that criminals are looking for any way to exploit the cybersecurity flaws of your company. Companies using data storage methods relying on big data, the cloud, and the IoT are finding all too often that they are not bulletproof and that a data breach can bring a business to a standstill or worse. However, there is one way to lessen the blow of a data breach. 

Disclosing to your customers that a data breach has happened and exhibiting total transparency afterward isn't just ethical, it's mandated. Transparency is also the only way to get your business back on track. Being open and honest when answering customer questions about a data breach will help you to regain their trust and protect your business operations. 

Below are some ways that transparency protects your business and some tips on how to be transparent in the event of a data breach.

How to Keep Customer Data Safe in the Cloud

Article Written by Avery Phillips

Your customers are important to you and your business. Being of significance to you, it would be fitting for you to keep the customer data you obtain out of harm's way. At the same time, you are considering cloud services to accommodate the large capacity of not only customer data but company data as well. So, how do you enjoy the benefits of off-site cloud computing, while keeping your data safe?

Below are some of the biggest threats to data loss, cyber attacks, and otherwise questionable methods of obtaining sensitive data, and what you should watch out for to keep your customer data safe on the cloud.   

Data Breaches

In 2017, we saw very large companies fall victim to massive data breaches, unwittingly releasing sensitive customer data. Equifax, a major credit reporting agency and the hardest hit, revealed information of 143 million US customers. Your business holds very sensitive customer data such as credit card information, social security numbers, and birthdates - all which can be used to turn your customer's loss into a cyber attacker's gain.

Security Breaches, Data Loss, Outages: The Bad Side of Cloud

Grazed from DataCenterKnowledge. Author: Bill Kleyman.

As a big supporter of cloud computing, this is never an easy topic to discuss. However, security concerns will always be present as threats continue to rise. Let me give you an example. As soon as the whole Heartbleed topic arose, our organization began fielding calls from various IT shops asking for remediation, fixes, and patches.

The crazy part was that not all OpenSSL systems were impacted. Many pre-version 1 OpenSSL systems were safe. Many others were facing the challenge up correcting and fixing this serious vulnerability. Cisco, Juniper, F5, and many others were actively deploying fixes to ensure that their systems stay safe...

What the cloud can learn from the data-breach epidemic

Grazed from InfoWorld. Author: David Linthicum.

Last week, the second-largest U.S. health insurer, Anthem, announced that as many as 80 million customers had their account information stolen. Not much is known about which systems were hijacked, but Anthem said all of its businesses were affected, so it's easy to figure that the attack was far-reaching.

"'The names, addresses, birth dates, and Social Security numbers stolen from the Indianapolis-based insurance giant are gold for criminals,' said James P. Nehf, a professor of law at the Indiana University Robert H. McKinney School of Law in Indianapolis," USA Today reported. Once again, there is a major data breach on internal servers...