Welcome!

@CloudExpo Authors: Pat Romanski, Elizabeth White, Yeshim Deniz, Rishi Bhargava, Automic Blog

Related Topics: @CloudExpo, Cloud Security, @BigDataExpo

@CloudExpo: Blog Post

What Anthem and Sony Could Have Done Differently By @IanKhanLive [#Cloud]

Let’s look at how to tackle security vulnerabilities from an organizational point of view rather than putting in more firewalls

What Anthem, Sony and Others Could Have Done Differently

They say that you are only as secure as your weakest firewall. But then is it just firewalls that protect our network and the information therein, or is it the framework, the policies and the processes that have cracks that let the vulnerabilities seep through?

Hackers will be hackers and you really can't blame anything on them. They are doing what they are meant to do, i.e., hack. Now that’s a completely different topic as to why unethical hacking is bad and so on. That’s next time. Right now, let’s talk about what we can do on our side. In addition to getting the best IT security systems, firewalls, more firewalls, anti-hacking everything and so on, it’s also essential that with moving times, or let’s say more intelligent hackers, we address the foundations of the problem. Here are three best practices to consider.

Take Sensitive Data Seriously
Really the first step is to take all kinds of sensitive information, be it social insurance numbers, credit cards numbers or any other kind of information you classify as highly important, sensitive, classified, not to be Sshared, I think we got the point. Customers have trusted your organization and have given you the responsibility of keeping their information safe. Let’s make sure we do everything in our power to make that happen. This is going beyond your first response planning, disaster recovery and other means to ensure the safety of this data. I'm not trying to blame anyone for not doing what they could have done, but definitely there are areas where we may underestimate the severity of the situation and as we can see, it's sometimes better to be safe than sorry. Violating customer data and privacy is breaking one of the biggest tenants in any business - Trust. They may or may not forgive you the first time, but mind you, there aren’t many chances you will have before they start moving away.

Invest in Your Processes
Making security a norm within the organization is not only at the network level. Creating the processes that pave the way for secure enterprise systems, secure collaboration, file sharing, document management, code management and more not only help enable a secure environment, but also help create a complex redundant system that works. In a large complex organization with hundreds or thousands of employees, create a hive of activity that needs to be managed and made safe. This includes simple tasks such as sharing a file with a vendor or downloading content or files from an external source as secure as possible. Of course the biggest challeng is to do this without overburdening the users and creating systems that are friendly yet rock solid secure.

Invest in the Right Solution from the Start
When looking at solutions that your teams may need, don’t fall for the quick and easy option that offers the best of everything. Instead focus on each operational element of the solution and evaluate its strengths and weaknesses individually. As an example, if you are looking at implementing an enterprise-wide solution for content management or collaboration, make sure that in addition to being a true enterprise solution, it also stands for itself when it comes to being secure, offering features that users need, being available on the deployment model you need and so on. Falling prey to solutions that seem an easy win for different segments, such as consumer-level solutions being used in the enterprise, are a vulnerability. Take inventory of all your solutions or your enterprise software footprint and take stock of all the vulnerabilities that exist within each solution. This may become a mammoth task, but may be worth your while.

Enterprise security poses a number of challenges. How are you addressing the ones in your organization? Feel free to comment.

More Stories By Ian Khan

Ian Khan leads Innovation & Marketing initiatives at Solgenia, a global Cloud services provider with more than 3500 enterprise customers globally that includes Top Fortune 100 and Fortune 500 companies. An advocate of Cloud computing and a thought leader driving change within the industry, Ian is a catalyst for collaboration and Cloud solutions.

He has written for multiple industry publications, presented at various industry events worldwide, and brings more than 15 years of in depth technology experience across various industries.

Ian is a PMP Certified Project Manager, MCSE, and an Instrumentation Technology engineer.

@CloudExpo Stories
MongoDB Atlas leverages VPC peering for AWS, a service that allows multiple VPC networks to interact. This includes VPCs that belong to other AWS account holders. By performing cross account VPC peering, users ensure networks that host and communicate their data are secure. In his session at 20th Cloud Expo, Jay Gordon, a Developer Advocate at MongoDB, will explain how to properly architect your VPC using existing AWS tools and then peer with your MongoDB Atlas cluster. He'll discuss the secur...
Deep learning has been very successful in social sciences and specially areas where there is a lot of data. Trading is another field that can be viewed as social science with a lot of data. With the advent of Deep Learning and Big Data technologies for efficient computation, we are finally able to use the same methods in investment management as we would in face recognition or in making chat-bots. In his session at 20th Cloud Expo, Gaurav Chakravorty, co-founder and Head of Strategy Development ...
SYS-CON Events announced today that Linux Academy, the foremost online Linux and cloud training platform and community, will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Linux Academy was founded on the belief that providing high-quality, in-depth training should be available at an affordable price. Industry leaders in quality training, provided services, and student certification passes, its goal is to c...
DevOps is often described as a combination of technology and culture. Without both, DevOps isn't complete. However, applying the culture to outdated technology is a recipe for disaster; as response times grow and connections between teams are delayed by technology, the culture will die. A Nutanix Enterprise Cloud has many benefits that provide the needed base for a true DevOps paradigm. In his Day 3 Keynote at 20th Cloud Expo, Chris Brown, a Solutions Marketing Manager at Nutanix, will explore t...
In his session at Cloud Expo, Alan Winters, an entertainment executive/TV producer turned serial entrepreneur, will present a success story of an entrepreneur who has both suffered through and benefited from offshore development across multiple businesses: The smart choice, or how to select the right offshore development partner Warning signs, or how to minimize chances of making the wrong choice Collaboration, or how to establish the most effective work processes Budget control, or how to m...
"delaPlex is a software development company. We do team-based outsourcing development," explained Mark Rivers, COO and Co-founder of delaPlex Software, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
SYS-CON Events announced today that SoftLayer, an IBM Company, has been named “Gold Sponsor” of SYS-CON's 18th Cloud Expo, which will take place on June 7-9, 2016, at the Javits Center in New York, New York. SoftLayer, an IBM Company, provides cloud infrastructure as a service from a growing number of data centers and network points of presence around the world. SoftLayer’s customers range from Web startups to global enterprises.
SYS-CON Events announced today that CA Technologies has been named “Platinum Sponsor” of SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY, and the 21st International Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. CA Technologies helps customers succeed in a future where every business – from apparel to energy – is being rewritten by software. From ...
SYS-CON Events announced today that Technologic Systems Inc., an embedded systems solutions company, will exhibit at SYS-CON's @ThingsExpo, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Technologic Systems is an embedded systems company with headquarters in Fountain Hills, Arizona. They have been in business for 32 years, helping more than 8,000 OEM customers and building over a hundred COTS products that have never been discontinued. Technologic Systems’ pr...
In his keynote at @ThingsExpo, Chris Matthieu, Director of IoT Engineering at Citrix and co-founder and CTO of Octoblu, focused on building an IoT platform and company. He provided a behind-the-scenes look at Octoblu’s platform, business, and pivots along the way (including the Citrix acquisition of Octoblu).
SYS-CON Events announced today that Auditwerx will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Auditwerx specializes in SOC 1, SOC 2, and SOC 3 attestation services throughout the U.S. and Canada. As a division of Carr, Riggs & Ingram (CRI), one of the top 20 largest CPA firms nationally, you can expect the resources, skills, and experience of a much larger firm combined with the accessibility and atten...
SYS-CON Events announced today that Loom Systems will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Founded in 2015, Loom Systems delivers an advanced AI solution to predict and prevent problems in the digital business. Loom stands alone in the industry as an AI analysis platform requiring no prior math knowledge from operators, leveraging the existing staff to succeed in the digital era. With offices in S...
What if you could build a web application that could support true web-scale traffic without having to ever provision or manage a single server? Sounds magical, and it is! In his session at 20th Cloud Expo, Chris Munns, Senior Developer Advocate for Serverless Applications at Amazon Web Services, will show how to build a serverless website that scales automatically using services like AWS Lambda, Amazon API Gateway, and Amazon S3. We will review several frameworks that can help you build serverle...
SYS-CON Events announced today that HTBase will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. HTBase (Gartner 2016 Cool Vendor) delivers a Composable IT infrastructure solution architected for agility and increased efficiency. It turns compute, storage, and fabric into fluid pools of resources that are easily composed and re-composed to meet each application’s needs. With HTBase, companies can quickly prov...
SYS-CON Events announced today that Cloud Academy will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Cloud Academy is the industry’s most innovative, vendor-neutral cloud technology training platform. Cloud Academy provides continuous learning solutions for individuals and enterprise teams for Amazon Web Services, Microsoft Azure, Google Cloud Platform, and the most popular cloud computing technologies. Ge...
SYS-CON Events announced today that T-Mobile will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. As America's Un-carrier, T-Mobile US, Inc., is redefining the way consumers and businesses buy wireless services through leading product and service innovation. The Company's advanced nationwide 4G LTE network delivers outstanding wireless experiences to 67.4 million customers who are unwilling to compromise on ...
SYS-CON Events announced today that CrowdReviews.com has been named “Media Sponsor” of SYS-CON's 20th International Cloud Expo, which will take place on June 6–8, 2017, at the Javits Center in New York City, NY. CrowdReviews.com is a transparent online platform for determining which products and services are the best based on the opinion of the crowd. The crowd consists of Internet users that have experienced products and services first-hand and have an interest in letting other potential buyers...
Imagine having the ability to leverage all of your current technology and to be able to compose it into one resource pool. Now imagine, as your business grows, not having to deploy a complete new appliance to scale your infrastructure. Also imagine a true multi-cloud capability that allows live migration without any modification between cloud environments regardless of whether that cloud is your private cloud or your public AWS, Azure or Google instance. Now think of a world that is not locked i...
SYS-CON Events announced today that Infranics will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Since 2000, Infranics has developed SysMaster Suite, which is required for the stable and efficient management of ICT infrastructure. The ICT management solution developed and provided by Infranics continues to add intelligence to the ICT infrastructure through the IMC (Infra Management Cycle) based on mathemat...
SYS-CON Events announced today that Juniper Networks (NYSE: JNPR), an industry leader in automated, scalable and secure networks, will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Juniper Networks challenges the status quo with products, solutions and services that transform the economics of networking. The company co-innovates with customers and partners to deliver automated, scalable and secure network...