Menu

Blogs

Showing Blog Posts: 1–10 of 39 by Christopher Burgess

Christopher Burgess

  • Today's Challenge: Database Security in the Cloud

    by Christopher Burgess on December 19, 2014

    There is more to loud data security than just data security in the cloud. The core product offerings for cloud data storage services (or Cloud Sync and Share as they my be called) include storage, sync, share, view, collaborate, Web and mobile support, and APIs, said Rich Mogull of Securosis. "Without a solid security baseline it really doesn't matter what else the service officers," Mogull wrote. …

  • Three Reasons Why Employees Chafe at Security Policies

    by Christopher Burgess on December 12, 2014

    How often have you heard someone say, "We can't do it that way, because our security policies prohibit . . . " Perhaps they were discussing customer data security and the means to achieve frictionless engagement. Variants of this conversation occur every day, and if you are the chief information security officer (CISO), you need to maintain these policies. Here are three reasons why employees…

  • What's in Your Privacy Policy?

    by Christopher Burgess on December 4, 2014

    The days of asking "Why do I need an entire policy about privacy?" are long gone. Users regularly evaluate the trade-off between how their information is being used and the cost to personal privacy. Every company needs to be upfront about how user data is being used, shared, and stored. What Does a Privacy Policy Look Like? A quick survey of well-known companies and their respective privacy…

  • Public or Private Cloud: How Secure Is Your Cloud?

    by Christopher Burgess on November 27, 2014

    Public and private cloud service providers have many providers to choose from. The cloud offers low-cost data storage solutions and infrastructure to host web applications and processes. The company can remove applications from client-side devices and they don’t need skilled IT professionals to manage the infrastructure. In a September Forbes article, "How to Avoid a Cloud Strategy Fail,"…

  • Which Is It: Privacy vs. Security, or Privacy and Security?

    by Christopher Burgess on November 21, 2014

    The age-old question: is it "privacy vs. security" or "privacy and security"? This year, we’ve seen data breach after data breach affecting companies of all sizes and across all industries. We’ve also seen victims grapple with privacy headaches in the aftermath. It would seem, then, that security and privacy are intertwined. But when considering the users and how they interact with company data, …

  • The Human Element in the Data Breach

    by Christopher Burgess on November 17, 2014

    We are all familiar with the adage, "to err is human; to really foul things up requires a computer," which implies that the computer may be to blame for many data breach calamities. Alas, it appears the erring human is also culpable. Take, for example, the recent kerfuffle surrounding Apple's iCloud and the compromise of celebrity accounts containing salacious photos. After much slinging of…

  • Critical Infrastructure Security Is Key to Homeland Security

    by Christopher Burgess on November 10, 2014

    The US Department of Homeland Security (DHS) is the model that most often comes to mind when broaching the subject of national security. The DHS takes critical role in the protection of its infrastructure—electric, water, gas, transport, etc. The DHS, via the US-CERT (Cyber Emergency Response Team), produces alerts, advisories, and reports that not only keep government clientele well informed, but…

  • Security in the Cloud? Your Questions and Cloud Resources

    by Christopher Burgess on October 16, 2014

    The "cloud" is a nebulous concept. The "private cloud" is not as clearly defined as the "public cloud," but it is still confusing. Of course, we have a long list of questions regarding the cloud, but it's important to ask questions specifically about how cloud data is stored and kept secure. Resources to secure the cloud are plentiful. Here are some of the most important questions organizations…

  • Threats and Risk Management: Protect Your IP From Computer Hacking

    by Christopher Burgess on October 10, 2014

    There isn't a company in existence that doesn't have trade secrets and intellectual property worth protecting. The threats may come from computer hacking or from careless end users not paying attention to processes and procedures. One does not exclude the other. Poor cyber-hygiene makes the likelihood of systems and device compromises a real possibility. Tim Mather of Cadence Design Systems…

  • Security Risks: Mitigating the Human Element

    by Christopher Burgess on September 30, 2014

    Logs, logs, and more logs: They bury our sys admins charged with protecting our networks. The larger the company, the more data there is to process. Sorting out the false positives from those requiring immediate attention is key. We can do this by focusing on what our users are doing. We are all thankful for the plethora of tools that allows us to consume the myriad of logs and help us, the mere…

This document was retrieved from http://www.rsaconference.com/blogs/by/100/burgess on Sat, 20 Dec 2014 15:09:12 -0500.
© 2014 EMC Corporation. All rights reserved.