Governments and others using cloud-based services should keep 10 security tips in mind, including making sure they can maintain control of their data if a service provider goes bankrupt, says Dimitra Liveri, co-author of a new report.
Attempts to shame China haven't been effective in stopping that country from pilfering intellectual property from the computers of American companies, according to a new report to Congress from a special commission.
FS-ISAC has issued a white paper with tips on streamlining third-party software risk assessments. One member of a new working group explains why the adoption of standard security controls is so critical.
Operating in a cloud environment opens up organizations to a new dimension of insider threat problems, says Alex Nicoll of Carnegie Mellon University's CERT Insider Threat Center.
NIST's Ron Ross sees the cloud as helping to reduce the complexity of keeping data secure. But security expert Eugene Spafford of Purdue University offers a different viewpoint in the first part of a two-part joint interview.
New focus for anti-fraud pros: Cloud computing providers whose employees may steal or harm customer data they host. Experts from Carnegie Mellon University's CERT Insider Threat Center offer prevention tips.
Insider threat case study: Dawn Cappelli tells how three individuals quit their jobs at a law firm, then used a free cloud service to sabotage files containing proprietary client information from their ex-employer.
NIST's Ron Ross sees complexity as the biggest risk enterprises face. To ease risk, Ross favors moving data to the cloud. Purdue's Eugene Spafford doesn't fully subscribe to Ross' plan. The two square off in this interview.
Most cloud security discussions have focused on what cloud providers can do, what they can't do and what they might do if you pay them enough. These discussions focus on topics such as virtualization, hosting and data storage. However, just as the software industry has learned that putting fancy boxes on the
network...
Organizations looking at implementing encryption should consider taking a unified approach, says Karen Scarfone, who coauthored NIST's encryption guidance. Learn about her other recommendations.
Because data stored in a cloud-based "sandbox" environment for testing purposes is vulnerable, it should be masked to protect sensitive information, says Karen Hsu of Informatica.
The growth in cloud computing and mobility is creating a need for a streamlined, centralized process for managing user authentication, says Sarah Fender of PhoneFactor.
Next-generation threats require a next-generation firewall. Steve Pao of Barracuda Networks discusses his company's new firewall solution and the new levels of protections it offers.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.eu, you agree to our use of cookies.