April 5, 2013

Can your company afford to lose $400 million?

In terms of dollars and cents on a risk analysis spreadsheet, it is easier to put a value on a particular asset than the potential recurring value of a client, customer or even partner. Beyond lawsuits and capital and operational expenses to repair a mea culpa, weak cryptography, hack defenses or shoring an previously-undiagnosed vulnerability gap, the damage done to a brand because the user no longer trusts doing business with that company is staggering. Intrusion Security has a significant impact on customer retention.

READ THE ENTIRE ARTICLE AT THE NEW CLOUD ACCESS BLOG SITE: HERE

Posted in Best Practices, Cloud Security, General Cloud Computing, Uncategorized
Tagged breach, cloud computing, cloud security, cybersecurity, fraud, trust
Leave a comment

February 14, 2013

Supporting CIO strategies and priorities from the cloud-Part 1

Most CIOs recognize that the future of enterprise IT lay not with sitting and writing code and patching servers, but rather one of strategic development and as an integrator of business goals: riding the sea change from a person plugging in cables to an analyst; from a compiler of stacks to a broker of business needs. Part 1 of 2

READ THE ENTIRE ARTICLE AT THE NEW CLOUD ACCESS BLOG SITE: HERE

Posted in Best Practices, Cloud Security, General Cloud Computing, Identity and Access Management, REACT, SaaS and Web Single Sign On, SIEM and Log Management
Tagged Access Management, best practice, Big Data, BYOD, chief technology officer, CIO, Cloud, cloud computing, cloud security, CloudAccess, compliance, enterprise-it, Gartner, Identity Management, intrusion detection, IT security, password management, REACT, Saas SSO, security-as-a-service, SIEM, single sign on, strategy
Leave a comment

January 31, 2013

Sailing the 7 C’s of security monitoring

One of the established best practices in InfoSec is monitoring. People, products and companies get paid a great deal of money and expend a great deal of resources to watch pots. Monitoring simply is the central component to any security initiative. But with all best practices, there are variables. How much to monitor? What priorities matter? Where are my greatest vulnerabilities? To this end, I have boiled down monitoring to 7 best practices…The 7 C’s of security monitoring:

READ THE ENTIRE ARTICLE ART THE NEW CLOUD ACCESS BLOG SITE: HERE

Posted in Best Practices, Cloud Security, Compliance, Identity and Access Management, REACT, SaaS and Web Single Sign On, SIEM and Log Management
Tagged Access Management, best practice, CIO, Cloud, cloud computing, cloud security, CloudAccess, compliance, continuous monitoring, enterprise-it, hacker, HIPAA, Identity Management, IDM, intrusion detection, Log Management, malware, risk, Security, security monitoring, security-as-a-service, SIEM, SSO
1 Comment

January 24, 2013

The New Standard: Intelligence-Driven Security

Network perimeters are all but erased and traditional security strategies such as stacking don’t adequately address the current needs of a modern enterprise. Many companies are still using strategies rooted in 2002 technologies and approaches. As Exec Chair at RSA Art Coviello wisely noted, “IT organizations have continued to construct security infrastructures around a disintegrating perimeter of increasingly ineffective controls.” A new intelligence-based security model is one that integrates several alerting, analytical and preventative tools into a central monitor and management best practice.

READ THE ENTIRE ARTICLE AT THE NEW CLOUD ACCESS BLOG SITE: HERE

Posted in Best Practices, Cloud Security, REACT
Tagged best practice, Big Data, BYOD, chief technology officer, Cloud, cloud computing, cloud security, CloudAccess, enterprise-it, Identity Management, intelligence-driven, intrusion detection, IT security, network perimeter, RSA, Security, security-as-a-service, SIEM, technology
Leave a comment

January 16, 2013

Adaptive Risk: Making sure you are who you say you are

Implement the predictive analytic process that is designed to assess/score risk attributes during authentication so that Access Management can determine whether to require the user to complete further authentication steps. Adaptive risk is the key engine in the unified Identity Management/Access Management (IAM) deployment. It provides the smarts (or the means to collect the “fingerprints”) of possible identity breaches while closely controlling who gets to access what portions of your network.

READ THE ENTIRE ARTICLE AT THE NEW CLOUD ACCESS BLOG SITE: HERE

Posted in Best Practices, Cloud Security, Identity and Access Management, SaaS and Web Single Sign On
Tagged Access Management, adaptive risk, best practice, BYOD, Cloud, cloud computing, cloud security, enterprise-it, FFIEC, hacker, HIPAA, Identity Management, intrusion detection, IT security, malware, network perimeter, risk, risk assessment, risk management, Security, security-as-a-service, single sign on, SSO
2 Comments

January 9, 2013

My Security Playlist: now playing Access Management

The Who asked ultimate Access Management question…”Who Are You?” So do we listen to Paul McCartney said and “Open the door and let ‘em in” or kick them to curb as the Stones suggest…”Hey You, Get off of my Cloud” The answer is different for each organization because, not every employee, partner or customer is equal.

READ THE ENTIRE ARTICLE AT THE NEW CLOUD ACCESS BLOG SITE: HERE

Posted in Best Practices, Cloud Security, Compliance, Identity and Access Management, SaaS and Web Single Sign On, SIEM and Log Management
Tagged Access Management, best practice, BYOD, CIO, Cloud, cloud computing, cloud security, CloudAccess, compliance, hacker, Identity Management, IDM, intrusion detection, IT security, Log Management, Security, security-as-a-service, SIEM, single sign on, SSO
Leave a comment

January 3, 2013

How cloud security balances risk versus reward

Securing your IT environment is not free, but there are new (cloud) options designed to mitigate costs while still providing a strong, manageable and proactive defense. While many companies still would rather spend capital on commodity assets, many CIOs recognize that information security is an important business driver…but the ultimate question is where is the balance between how much exposure can a company afford against the dollars needed protect it. The answer is different for every company, but there are best practices and alternate deployment technologies that can readjust the scales of risk versus reward.

READ THE ENTIRE ARTICLE AT THE NEW CLOUD ACCESS BLOG SITE: HERE

Posted in Best Practices, Cloud Security, Compliance, General Cloud Computing, REACT
Tagged Access Management, Big Data, chief technology officer, CIO, cloud computing, cloud security, CloudAccess, compliance, enterprise-it, HIPAA, Identity Management, IT security, Log Management, network perimeter, risk, Security, security-as-a-service, SIEM, technology
Leave a comment

December 20, 2012

It’s a Wonderful Cloud-a Security Carol

Twas the night before Christmas
and all through the net
No access was stirring;
No hackers as yet.

READ THE ENTIRE POETIC TRIBUTE TO SECURITY AT THE NEW CLOUD ACCESS BLOG SITE: HERE

Posted in Best Practices, Cloud Security, General Cloud Computing, REACT, SIEM and Log Management
Tagged Access Management, BYOD, chief technology officer, christmas, Cloud, cloud computing, cloud security, CloudAccess, compliance, enterprise-it, Identity Management, security-as-a-service, SIEM, SSO, XMAS
Leave a comment

December 13, 2012

It’s money that matters in the cloud…well, at least ROI

Before you add another decimal place to security budgets, maybe it’s time you consider the how cloud-deployed security options can not only address the complexities of enterprise security ably, but do so at considerable savings. With all the talk of fiscal cliffs, financial binds and “next year’s budget,” I started thinking about cloud security in more tangible ways. Specifically returns on investment, economic impact and total costs of ownership.