Our blog has moved!

movingJoin us at our new address under the CloudAccess domain!

http://www.cloudaccess.com/blog/

All that’s changing is our address…I will still be posting new Thoughts from the Cloud articles once per week. In fact, our latest blog post: When the security bill comes due is already waiting for you! You can update your RSS feeds at the new site. As always we appreciate your support.

All the past blog entries have been moved to the new site. I will keep this site up for a time, but I am redirecting all new activity to the new site. All new entries will be on the new site only…hope to “see” you there.

Can your company afford to lose $400 million?

MonitoringIn terms of dollars and cents on a risk analysis spreadsheet, it is easier to put a value on a particular asset than the potential recurring value of a client, customer or even partner. Beyond lawsuits and capital and operational expenses to repair a mea culpa, weak cryptography, hack defenses or shoring an previously-undiagnosed vulnerability gap, the damage done to a brand because the user no longer trusts doing business with that company is staggering. Intrusion Security has a significant impact on customer retention.

READ THE ENTIRE ARTICLE AT THE NEW CLOUD ACCESS BLOG SITE: HERE

Cloud-based SIEM frees that one hand tied behind your back

onearmHave you ever been asked to fight the state boxing champion with one hand tied behind your back? Many security professionals face this scenario every day. For many companies with whom I talk, there isn’t a lack of IT talent when it comes to security–just a lack of hours in the day, computing resources and necessary headcount with specific expertise to change the culture from reactive to proactive and strategic risk management.

READ THE ENTIRE CLOUD BASED SIEM ARTICLE AT THE NEW CLOUD ACCESS BLOG SITE: HERE

A de-provisioning proverb: When a door closes, just make sure you don’t leave a window open

disgruntledA forensic analyst confirmed something that I long believed to be true. One of the greatest threats to an organization comes from within. Not everyone who exits a company leaves with a handshake and a gold watch. Often times there are hard feelings; that the employer wronged the former employee and that employee will exact a matter of revenge or feel justified to extract some sort of perceived compensation. Now this isn’t meant for you to look sideways at the person sitting in the next cubicle. However, access policies  needs to be a part of any company’s  internal risk assessment and security policy.

READ THE ENTIRE ARTICLE AT THE NEW CLOUD ACCESS BLOG SITE: HERE

MSPs must practice what they preach-especially with security

msp_practiceMSPs have a lot of responsibility for the IT assets of their clients. It is expected that MSPs will take certain precautions to safeguard client data and infrastructure. In this case, it’s not just the client and their sphere of access that touch the data, but oftentimes the employees/consultants/techs of the MSP themselves – and if their back door is open, the risk can be transferred to the client.

READ THE ENTIRE ARTICLE AT THE NEW CLOUD ACCESS BLOG SITE: HERE

Avoiding the fate of Erasmus Wilson and others who ignore progress (cloud)

erasmus

OR WHY THE CLOUD WILL SUPPLANT ON-PREMISE FOR SECURITY INITIATIVES

There are many of us who have been around IT long enough can even remember how storing 1MB on a 3.5” hard case floppy disk was cutting edge IT.  Yes, I remember punch cards too, but the point is that IT grows up. It advances, evolves.  Thirty years on from those halcyon days, IT is facing its latest crossroads: the movement away from on-premise solutions and the acceptance of cloud-based computing as the chief business driver.

READ THE ENTIRE ARTICLE AT THE NEW CLOUD ACCESS BLOG SITE: HERE