risk management | CCSK Guide


New Cloud Computing Security Requirements Guide – Part II

The DoD’s new Cloud Computing Security Requirements Guide (SRG), released by the Defense Information Systems Agency (DISA), replaces their previous Cloud Security Model. The guide outlines an overall “security posture” that directs cloud service providers (CSPs) seeking to work with the DoD. This article is a continuation of a previous one, which introduced the four…

Read More

Problems with Data Protection Technologies

As mentioned in an earlier article, data protection is enforced b network devices, operating systems, or applications. Experts have argued that this approach is fundamentally flawed, especially given the trend towards de-perimeterization. Common issues The main goal of network devices, operating systems, applications, etc. is not security. Their inclusion as part of the enforcement mechanism…

Read More

Data Protection Basics

Developments in technology, particularly computers and the internet, have accelerated the generation and amassing of huge amounts of data. Data comes from two main sources: 1) The conversion of physical matter into electronic representations and 2) The creation of new data that was either not useful or not possible in the pre-digital world. The large…

Read More

Cloud Security Doubts: Firewall Risk Management

While more and more enterprises these days are using cloud infrastructures, the majority of executives are doubtful of their ability to secure their IT systems. This article takes a look at a special report published by the Ponemon Research Institute in November 2011, entitled “Managing Firewall Risks in the Cloud.” Background The study was conducted…

Read More

Cloud Service Providers & Questionable Contracts

Cloud service contracts are often rushed through, which leads to costly blunders and serious risks. According to a recent Techaisle estimate, small and medium businesses are reviewing and signing about $11 billion worth of cloud service contracts, in 2011 alone. Four Risks Whenever an enterprise is planning to enter into a cloud computing contract, it…

Read More


  • Sponsored Links

  • Categories

  • Tags

  • Archives