Sailing the 7 C’s of security monitoring

7 seas cloudOne of the established best practices in InfoSec is monitoring. People, products and companies get paid a great deal of money and expend a great deal of resources to watch pots. Monitoring simply is the central component to any security initiative. But with all best practices, there are variables. How much to monitor? What priorities matter? Where are my greatest vulnerabilities? To this end, I have boiled down monitoring to 7 best practices…The 7 C’s of security monitoring:

READ THE ENTIRE ARTICLE ART THE NEW CLOUD ACCESS BLOG SITE: HERE

Advertisements

The New Standard: Intelligence-Driven Security

braincloudNetwork perimeters are all but erased and traditional security strategies such as stacking don’t adequately address the current needs of a modern enterprise. Many companies are still using strategies rooted in 2002 technologies and approaches. As Exec Chair at RSA Art Coviello wisely noted, “IT organizations have continued to construct security infrastructures around a disintegrating perimeter of increasingly ineffective controls.” A new intelligence-based security model is one that integrates several alerting, analytical and preventative tools into a central monitor and management best practice.

READ THE ENTIRE ARTICLE AT THE NEW CLOUD ACCESS BLOG SITE: HERE

Adaptive Risk: Making sure you are who you say you are

mirrorImplement the predictive analytic process that is designed to assess/score risk attributes during authentication so that Access Management can determine whether to require the user to complete further authentication steps. Adaptive risk is the key engine in the unified Identity Management/Access Management (IAM) deployment.  It provides the smarts (or the means to collect the “fingerprints”) of possible identity breaches while closely controlling who gets to access what portions of your network.

READ THE ENTIRE ARTICLE AT THE NEW CLOUD ACCESS BLOG SITE: HERE

 

My Security Playlist: now playing Access Management

nowplayingThe Who asked ultimate Access Management question…”Who Are You?” So do we listen to Paul McCartney said and “Open the door and let ’em in” or kick them to curb as the Stones suggest…”Hey You, Get off of my Cloud” The answer is different for each organization because, not every employee, partner or customer is equal.

READ THE ENTIRE ARTICLE AT THE NEW CLOUD ACCESS BLOG SITE: HERE

How cloud security balances risk versus reward

riskrewardSecuring your IT environment is not free, but there are new (cloud) options designed to mitigate costs while still providing a strong, manageable and proactive defense. While many companies still would rather spend capital on commodity assets, many CIOs recognize that information security is an important business driver…but the ultimate question is where is the balance between how much exposure can a company afford against the dollars needed protect it. The answer is different for every company, but there are best practices and alternate deployment technologies that can readjust the scales of risk versus reward.

READ THE ENTIRE ARTICLE AT THE NEW CLOUD ACCESS BLOG SITE: HERE