Data Security

Data Security Guidance for Small Businesses

With high profile cyber attacks occurring on a regular basis, people who run small businesses are becoming increasingly concerned about their data security processes. For regulated businesses, there is a requirement to provide evidence that the company complies with the minimum requirements. For small businesses that don't have the same level of scrutiny as the larger, highly regulated businesses it can be harder to find support and guidance on responsibilities. 

However, businesses of all sizes must start paying more attention to the threat of cyber attacks, given that the type of businesses that criminals are targeting varies from a small start-up business to a global company that is a household name. Recently we have seen numerous cyber attacks hitting the news headlines, such as payday loan company Wonga who was subjected to an attack, leaving 245,000 customers affected. 

Datrium Introduces Industry-First Blanket Encryption for Private Clouds

Grazed from Datrium

Datrium, the leading provider of Open Convergence for cloud builders, today announced Datrium Blanket Encryption, an industry-first software product that combines always-on efficient deduplication and compression technology with high-speed, end-to-end encryption: in use at the host, in flight across the network and at rest on persistent storage.

The number of breaches within the US have quadrupled from 2005 to 2015, and the year 2016 accounted for seven of the ten biggest data breaches ever. With threats rising, the requirement to encrypt data everywhere - from host-to-storage, between hosts, and between sites - is becoming standard. However, leading storage arrays and hyper-converged systems only protect data at rest and do not protect against host or network intrusions. Guest operating systems and hypervisors offer encryption at the source, but at the expense of data reduction required by the economics of modern flash storage.

Security and Economics Without Compromise
Datrium offers a fundamentally new and comprehensive approach.  By deduplicating and compressing data, then encrypting while it is still in the application host's memory (RAM), Datrium Blanket Encryption can then move data across hosts, networks and storage that is always encrypted and efficient. 

mLab Announces Encryption-at-Rest for Hosted MongoDB Databases

Grazed from mLab

mLab, the fully managed cloud Database-as-a-Service (DBaaS) for MongoDB, today announced that the platform’s most popular plans now include encryption-at-rest. This additional, opt-in data security measure will be available for customers at no additional cost.

mLab is making encryption-at-rest available to its Database-as-a-Service customers on Dedicated Standard and High Storage plans, covering deployments across both Amazon Web Services and Google Cloud Platform. Already offering customers in-flight encryption via SSL to secure data transmission over networks, encryption-at-rest furthers mLab’s commitment to enterprise security by encrypting data on disks and wherever backups are stored. The feature is designed so that there will be minimal performance impact on the database.
 

SaberLogic Releases New SaaS Product to Provide Secure Mobile Access to Enterprise Data

Grazed from SaberLogic

SaberLogic has released Bezlio, a new SaaS product that makes it easy for companies to provide data from sources like ERP and accounting systems to any PC or device, including mobile devices like smartphones (iPhone and Android) and tablets. The software uses a unique process of transferring data securely without opening any holes in the firewall or storing any information in the cloud. 

How It Works

Bezlio uses a secure, token-based system through an encrypted cloud-based communication network to connect the data that sits behind your firewall, inside of your private network, with any trusted mobile device across the Internet.  Administrators can control which users are permitted to connect and the data they can read and edit. 

HyTrust Cloud Survey Finds Enterprises Are Rapidly Embracing Multi-Cloud Strategies, Slacking on Data Encryption and Security

Grazed from HyTrust

Today, HyTrust Inc., a leading workload security provider, announced findings from its latest cloud survey conducted at VMworld 2016, in Las Vegas. The survey of over 400 respondents assesses the current use of public cloud vendors, the industry shift to utilizing a multi-cloud model, and how enterprises are protecting data in these cloud environments.

The results, which highlight enterprise preferences for key public cloud providers including Amazon Web Services (AWS), Microsoft Azure, IBM Cloud, and VMware's vCloud Air, also found that more than a quarter of organizations deploying data, applications, and workloads to public cloud ecosystems are not using any form of encryption, leaving sensitive data vulnerable to breaches. As we see more and more enterprises move critical data to multiple clouds, the lack of data security and encryption is not only counter to security being named the leading concern, but it may become even more of an issue with broader negative consequences.

Don't Rush Into Containers Without a Security Strategy - Join this Beta Program

Written by Fei Huang, Founder & CEO of NeuVector

NeuVector's Container Security Solution - Join Beta Program

There are many benefits of containers which are driving the popularity of container platforms like Docker.

It is easy to forget that container deployments are fairly new and the threats unknown. Like virtualization did, containers will bring a new set of risks, threats, and vulnerabilities to be assessed and mitigated. Lock

At NeuVector we're developing a run-time container security solution which protects running containers where and when they are most at risk - at run-time. In a nutshell, without giving away too many secrets, NeuVector will:

Subpar Data Security Continues in Healthcare Industry

Grazed from VMblog.com. Author: Kayla Matthews

2015 has a notorious characterization as a terrible year for data breaches in the healthcare industry. Unfortunately, even though 2016 is well underway, companies haven't made the substantial preventative measures needed to prevent the same thing from happening again. That's the conclusion reached by the Ponemon Institute after compiling data from its sixth annual survey.

Let's take a look at some of the glaring problems related to data security in healthcare, and explore why they're still so prevalent.

 
 

Microsoft-Centric Innovators Gridstore and 5nine Software Showcase Advanced Security With HyperConverged Infrastructure

Grazed from Gridstore and 5nine Software

Gridstore, the leader in hyper-converged all flash infrastructure for the Microsoft Cloud-Inspired Datacenter and 5nine Software, the leading global Hyper-V virtualization security and management provider, today announced they will be presenting their recently launched integrated solution that delivers advanced security for hyperconverged infrastructure at the upcoming Microsoft Cloud and Hosting Summit, May 10-12 at the Hyatt Regency in Bellevue, Washington. Delegates at this exclusive invitation-only event are invited to visit Gridstore and 5nine at booth #27.

The 2016 Microsoft Cloud and Hosting Summit provides a unique opportunity for dialogue with industry leaders including Microsoft executives, technologists and the Microsoft hosting team. Participants will gain in-depth knowledge of Microsoft's vision for the hosting industry and its strategy for growth with hosting providers. Attendees can collaborate with fellow innovators on meeting the challenges of the hosting industry. Ultimately, professionals will leave the Summit empowered with a better understanding of how to create, optimize, and grow their business.

Server General to Offer Data Encryption Service to CenturyLink Customers Through Its Cloud Marketplace

Grazed from Server General

Server General​ , the leading provider of data-­at­-rest encryption service, announced that it has joined the CenturyLink Cloud Provider Program. Customers who store their sensitive information in a database or file server hosted within CenturyLink's cloud will now be able to encrypt it quickly from within their management console. The service helps to address compliance and data breach challenges.

"We are taking the pain out of encrypting data," said Raj Sharma, Founder of Server General. "30 minutes --­ that's all it takes for a customer to go from placing an order to getting their data encrypted." Customers have the option of storing their encryption keys within a global and fully managed cloud key locker or in a secure appliance deployed within their own network.

CloudLock Unveils Breakthrough Method for Isolating True Security Threats From Among Billions of Suspicious User Activities

Grazed from CloudLock

When is a security alert not a real security alert? With hacks and breaches a daily reality for businesses, security teams deal with a barrage of suspicious and anomalous user behaviors and have little time to isolate and focus on the true threats. Today, CloudLock's security intelligence arm, The CloudLock CyberLab announced its breakthrough discovery that solves this challenge -- the "Cloud Threat Funnel." Following its extensive research of the daily behavior of 10 million users, 1 billion files and 140,000 cloud apps, CloudLock CyberLab detected distinct patterns of user behaviors and developed a new process for isolating truly malicious threats from the noise of other potentially suspicious or unusual behaviors. CloudLock's findings and methodology are presented in its Q1-16 cloud cybersecurity report published today, "The Cloud Threat Funnel: Suspicious User Behavior That Matters."

The report reveals that 99.6 percent of users accessed cloud platforms from just one or two countries per week. Establishing this as the norm, the team was then able to isolate the long tail revealing anomalies: 1 in 20,000 users, for example, logged in from six or more countries and, within this group, the CyberLab found some users logging in from as many as 68 different countries in a given week -- real needles in the haystack. By applying the Cloud Threat Funnel methodology, the CyberLab was able to correlate these anomalous behaviors with other high-risk suspicious user activities and pinpoint compromised accounts.