A de-provisioning proverb: When a door closes, just make sure you don’t leave a window open

disgruntledA forensic analyst confirmed something that I long believed to be true. One of the greatest threats to an organization comes from within. Not everyone who exits a company leaves with a handshake and a gold watch. Often times there are hard feelings; that the employer wronged the former employee and that employee will exact a matter of revenge or feel justified to extract some sort of perceived compensation. Now this isn’t meant for you to look sideways at the person sitting in the next cubicle. However, access policies  needs to be a part of any company’s  internal risk assessment and security policy.

READ THE ENTIRE ARTICLE AT THE NEW CLOUD ACCESS BLOG SITE: HERE

Sailing the 7 C’s of security monitoring

7 seas cloudOne of the established best practices in InfoSec is monitoring. People, products and companies get paid a great deal of money and expend a great deal of resources to watch pots. Monitoring simply is the central component to any security initiative. But with all best practices, there are variables. How much to monitor? What priorities matter? Where are my greatest vulnerabilities? To this end, I have boiled down monitoring to 7 best practices…The 7 C’s of security monitoring:

READ THE ENTIRE ARTICLE ART THE NEW CLOUD ACCESS BLOG SITE: HERE

My Security Playlist: now playing Access Management

nowplayingThe Who asked ultimate Access Management question…”Who Are You?” So do we listen to Paul McCartney said and “Open the door and let ’em in” or kick them to curb as the Stones suggest…”Hey You, Get off of my Cloud” The answer is different for each organization because, not every employee, partner or customer is equal.

READ THE ENTIRE ARTICLE AT THE NEW CLOUD ACCESS BLOG SITE: HERE

The Cloud Guide to PCI Compliance for Retailers

PCI (Payment Card Industry) enforces Data Security Standards that looks to ensure that ALL companies that process, store or transmit credit card information maintain a secure environment. This can be a burdensome task unless retailer can leverage the cloud. This article takes a look at some of the requirements and how they translate into compliance best practices when managed from the cloud.

READ THE ENTIRE ARTICLE AT THE NEW CLOUD ACCESS BLOG SITE: HERE

 

Do you leave your keys in the car too?

I heard the sky was falling. Well, at least the cloud was plummeting groundward. And all it took was one tech journalist to get his iCLoud account (and essentially his entire digital footprint) hacked. Several well-known tech-heads have added their voice to chorus of cloud-bashers. There are a couple reasons why this latest round of Chicken Little prognostications are baseless. Bottom-line, security is only as good as its process. Whether it is cloud-based, or is created to protect assets in the cloud, if you are not minding the store, candy will get stolen.

READ THE ENTIRE ARTICLE FROM THE NEW CLOUD ACCESS BLOG SITE: HERE

Casting Light on Shadow IT and ID

Watching vulnerability cracks in your network widen via unauthorized application usage. It happens every day. It’s not a new term or concept. You probably recognize that it’s happening within your own organization. Someone in sales or research or HR or some other department finds an application they think might help with their goals–and they download it without any approval from IT. Seems harmless enough, but the creation of this Shadow IT actually creates more problems and its up to the IT pro to wrangle them all in.

READ THE ENTIRE ARTICLE AT CLOUD ACCESS’ NEW BLOG SITE: HERE

Identity Management in the Cloud: A Matter of Function, Control, Cost

User identities are at the core of your business. Organizations need to manage access to corporate resources and systems to an ever changing flux of employees, consultants, partners, vendors, suppliers, and customers. And each has their own agenda in terms of the information they wish to access. Without an identity management framework, all any of these people need to do is knock on the door and the doorman will let them in. This issue is what is the best way to deploy and manage such and initiative. In that respect there are three points of comparison of whether the cloud or a more traditional deployment is best suited for an enterprise: functionality, control, and cost.

READ THE ENTIRE ARTICLE AT THE NEW CLOUD ACCESS BLOG SITE: HERE