Security Breaches

A Global Technology Provider for 700+ financial services clients, Increases Efficiency of Personnel and SOC team by 37%

Article Written by Arun Gandhi, Director of Product Management at Seceon and Grigoriy Milis, Chief Technology Officer at RFA

As security breaches and attacks continue to lead global headlines, effective cybersecurity protections are the "new normal" for conducting business today. In addition to recently enacted regulations, with more coming in near future, it is imperative for managed service providers (MSPs) to provide best-in-class security solutions to customers while differentiating themselves from the competition. 

Traditional solutions are no longer sufficient; tools must evolve to combat the increasing sophistication of cybercriminal techniques and technologies. Customized malware exists now that can evade and bypass many of the traditional endpoint security solutions. Traditional signature- and manual calculation-based approaches are simply not sufficient for providing security with the increasing sophistication of cyber threats. Above all, the biggest challenge remains integration of these point solutions as they are from different manufacturers and not built to communicate with each other inherently. 

In business for nearly thirty years, Richard Fleischman & Associates, also known as RFA, is a trusted technology partner to more than 700 clients globally who retain more than $900 billion in total assets under management. Serving as an MSP for its financial sector clients, RFA used a number of traditional solutions and services from large market leaders successfully, but was always challenged to find a solution that could address threats (i.e., detect, contain and eliminate) between the perimeter and endpoints to their required level of sophistication. Multi-layered approaches recommended by industry experts were rendered ineffective as the solutions were note properly integrated and remained silo'ed. Moreover, the level of protection afforded resulted in dissatisfaction when compared to the overhead cost. 

Security Breaches, Data Loss, Outages: The Bad Side of Cloud

Grazed from DataCenterKnowledge. Author: Bill Kleyman.

As a big supporter of cloud computing, this is never an easy topic to discuss. However, security concerns will always be present as threats continue to rise. Let me give you an example. As soon as the whole Heartbleed topic arose, our organization began fielding calls from various IT shops asking for remediation, fixes, and patches.

The crazy part was that not all OpenSSL systems were impacted. Many pre-version 1 OpenSSL systems were safe. Many others were facing the challenge up correcting and fixing this serious vulnerability. Cisco, Juniper, F5, and many others were actively deploying fixes to ensure that their systems stay safe...

Data Breaches in the Cloud: Who's Responsible?

Grazed from GovTech. Author: Jessica Hughes.

The risk of a data breach in the cloud is multiplying and is now costlier and happens more frequently, according to a recent study by the Ponemon Institute. But this phenomenon, which is dubbed the cloud multiplier effect, can be mitigated by a strengthened security posture, according to Larry Ponemon, chairman of the Ponemon Institute.

"It's funny, I'm a big believer in the cloud," Ponemon said. "I like cloud and I think cloud [has] improved quite a bit from a security perspective." Cloud computing is not necessarily less secure, Ponemon said, but that is the perception among many of the study's respondents who view on-premises data breach as easier to control and less costly as a result...

Cloud Privacy and Security in the Age of Data Breaches and Surveillance

Grazed from Sys Con Media.  Author: Cloud Ventures.

It’s hard to read or listen to the news without hearing concerns about protecting sensitive data. Whether it is providing security for payment card/banking information or maintaining privacy from cyber surveillance – governmental and otherwise.

Edward Snowden was back in the news last week when The Guardian revealed that the GCHQ and NSA targeted charities, Germany, the Israeli PM and EU chief on their surveillance list. These ongoing revelations have many organizations concerned about the privacy of customer data and other sensitive business information being put in the cloud...

Cloud Computing: Who is Liable for a Data Breach?

Grazed from CFO.  Author: Alissa Ponchione.

Seeing an opportunity to make workflow more efficient, residents and physicians-in-training at Oregon Health & Science University started using cloud-computing service Google Drive to keep everyone up to date on patient information. After a faculty member discovered the staff was using the cloud service, the university launched an investigation, and it found that Drive documents held health data from 3,044 of its patients.

Although Google Drive is password protected and has security measures in place, the university did not have a contract agreement with the cloud provider to use or store OHSU patient health information. By disclosing patient information in the cloud, the university violated the Health Insurance Portability and Accountability Act, which requires doctors to keep patient information private and secure...

Adobe's breach casts doubt on its SaaS business model

Grazed from NetworkWorld. Author: Alan Shimel.

By now, you have likely heard about the latest massive breach over at Adobe. Besides the source code for Acrobat and Cold Fusion, something like 3 million accounts were breached as well. The good news is that credit card numbers for many of the account holders was encrypted. The bad news is that the credit card numbers for many of the accounts was encrypted. It is probably just a matter of time on that front.

But forget credit card numbers for a second. The fact is that Adobe has suffered yet another breach. Millions of accounts were compromised. If you use the same password on other sites that you use for Adobe, they are now in danger. Once again, the source code to their products is available. The Flash and Acrobat products are already two of the leading causes of breaches and sources of vulnerabilities...

Gartner's state of cloud security: Outages are bigger risk than breaches

Grazed from NetworkWorld. Author: Brandon Butler.

Security remains a chief inhibitor to enterprise adoption of cloud computing resources and one Gartner analyst says the biggest concern should not be that data could be compromised in the cloud, but rather that there may be a cloud outage that could lead to data loss.

There's a perception, says Gartner cloud security analyst Jay Heiser, that the most significant risk in using the cloud is that sensitive data can be leaked. But there's been little evidence of that, he says. Sony suffered a compromise of potentially tens of millions of customers in 2011 related to its cloud, and there have been a handful of other breaches of personally identifiable information being leaked from the cloud...