Blog

Modern assets require extra diligence, especially around interconnected devices. Even with careful control over data access, there is still a need for regular, or continuous, vulnerability management, which is a weakness in many organizations. “We need to ensure that...

As IT systems have become decentralized, there has been a shift in security strategies that focus more on information asset classification and securing the data. Once the app goes live, it becomes subject to continuous scanning, and there are a lot of tools that will...

By building security into the DevOps process, it’s easier to ensure that apps have the security controls required for the environments in which they run. The security and risk management team has an essential role to play in balancing security requirements and...

There is no central team controlling changes to security settings. In effect, the number of people who can make those kinds of changes has increased. The shift to application layer security actually improves the overall security of IT assets. “Good visibility is...

Developers must have a clear understanding of how to put together, and leverage, cloud service components to deliver a level of security required by a business or an application. DevOps methodology is essential, and it needs to have automation and testing throughout...

While security begins at the basic level of creating trusted secure images, you also must have a secure process for developing applications that run on those images. Because end users are often targeted, work with them to help them understand risk factors associated...

It’s not enough just to rely on security certifications of cloud services providers, because that doesn’t protect you against the things people do. Vulnerabilities are driven by discrepancies. The gap between the designed intent and the actual state is your...

Conduct a ‘third-party homologation’’ process that all providers and vendors must pass. They must specify the security measures they will implement to protect your information. Consider implementing an awareness program that teaches digital natives how to better...

Micro-segmentation simplifies the use of modular access controls and auto-provisioning to more easily manage security needs of many different customers, partners and assets. With micro-segmentation, you can overlay specific controls for vulnerability scanning and...

While the cloud offers many benefits, businesses face challenges in securely managing and obtaining visibility into their assets. Organizations that adopt a hybrid approach to keep their most valuable assets on premises will need to seamlessly protect assets across...