Welcome!

@CloudExpo Authors: Liz McMillan, Yeshim Deniz, Elizabeth White, Pat Romanski, Aruna Ravichandran

Related Topics: @CloudExpo, Cloud Security, @BigDataExpo

@CloudExpo: Blog Post

What Anthem and Sony Could Have Done Differently By @IanKhanLive [#Cloud]

Let’s look at how to tackle security vulnerabilities from an organizational point of view rather than putting in more firewalls

What Anthem, Sony and Others Could Have Done Differently

They say that you are only as secure as your weakest firewall. But then is it just firewalls that protect our network and the information therein, or is it the framework, the policies and the processes that have cracks that let the vulnerabilities seep through?

Hackers will be hackers and you really can't blame anything on them. They are doing what they are meant to do, i.e., hack. Now that’s a completely different topic as to why unethical hacking is bad and so on. That’s next time. Right now, let’s talk about what we can do on our side. In addition to getting the best IT security systems, firewalls, more firewalls, anti-hacking everything and so on, it’s also essential that with moving times, or let’s say more intelligent hackers, we address the foundations of the problem. Here are three best practices to consider.

Take Sensitive Data Seriously
Really the first step is to take all kinds of sensitive information, be it social insurance numbers, credit cards numbers or any other kind of information you classify as highly important, sensitive, classified, not to be Sshared, I think we got the point. Customers have trusted your organization and have given you the responsibility of keeping their information safe. Let’s make sure we do everything in our power to make that happen. This is going beyond your first response planning, disaster recovery and other means to ensure the safety of this data. I'm not trying to blame anyone for not doing what they could have done, but definitely there are areas where we may underestimate the severity of the situation and as we can see, it's sometimes better to be safe than sorry. Violating customer data and privacy is breaking one of the biggest tenants in any business - Trust. They may or may not forgive you the first time, but mind you, there aren’t many chances you will have before they start moving away.

Invest in Your Processes
Making security a norm within the organization is not only at the network level. Creating the processes that pave the way for secure enterprise systems, secure collaboration, file sharing, document management, code management and more not only help enable a secure environment, but also help create a complex redundant system that works. In a large complex organization with hundreds or thousands of employees, create a hive of activity that needs to be managed and made safe. This includes simple tasks such as sharing a file with a vendor or downloading content or files from an external source as secure as possible. Of course the biggest challeng is to do this without overburdening the users and creating systems that are friendly yet rock solid secure.

Invest in the Right Solution from the Start
When looking at solutions that your teams may need, don’t fall for the quick and easy option that offers the best of everything. Instead focus on each operational element of the solution and evaluate its strengths and weaknesses individually. As an example, if you are looking at implementing an enterprise-wide solution for content management or collaboration, make sure that in addition to being a true enterprise solution, it also stands for itself when it comes to being secure, offering features that users need, being available on the deployment model you need and so on. Falling prey to solutions that seem an easy win for different segments, such as consumer-level solutions being used in the enterprise, are a vulnerability. Take inventory of all your solutions or your enterprise software footprint and take stock of all the vulnerabilities that exist within each solution. This may become a mammoth task, but may be worth your while.

Enterprise security poses a number of challenges. How are you addressing the ones in your organization? Feel free to comment.

More Stories By Ian Khan

Ian Khan leads Innovation & Marketing initiatives at Solgenia, a global Cloud services provider with more than 3500 enterprise customers globally that includes Top Fortune 100 and Fortune 500 companies. An advocate of Cloud computing and a thought leader driving change within the industry, Ian is a catalyst for collaboration and Cloud solutions.

He has written for multiple industry publications, presented at various industry events worldwide, and brings more than 15 years of in depth technology experience across various industries.

Ian is a PMP Certified Project Manager, MCSE, and an Instrumentation Technology engineer.

@CloudExpo Stories
In his Opening Keynote at 21st Cloud Expo, John Considine, General Manager of IBM Cloud Infrastructure, will lead you through the exciting evolution of the cloud. He'll look at this major disruption from the perspective of technology, business models, and what this means for enterprises of all sizes. John Considine is General Manager of Cloud Infrastructure Services at IBM. In that role he is responsible for leading IBM’s public cloud infrastructure including strategy, development, and offering ...
SYS-CON Events announced today that IBM has been named “Diamond Sponsor” of SYS-CON's 21st Cloud Expo, which will take place on October 31 through November 2nd 2017 at the Santa Clara Convention Center in Santa Clara, California.
SYS-CON Events announced today that N3N will exhibit at SYS-CON's @ThingsExpo, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. N3N’s solutions increase the effectiveness of operations and control centers, increase the value of IoT investments, and facilitate real-time operational decision making. N3N enables operations teams with a four dimensional digital “big board” that consolidates real-time live video feeds alongside IoT sensor data a...
Gemini is Yahoo’s native and search advertising platform. To ensure the quality of a complex distributed system that spans multiple products and components and across various desktop websites and mobile app and web experiences – both Yahoo owned and operated and third-party syndication (supply), with complex interaction with more than a billion users and numerous advertisers globally (demand) – it becomes imperative to automate a set of end-to-end tests 24x7 to detect bugs and regression. In th...
In a recent survey, Sumo Logic surveyed 1,500 customers who employ cloud services such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). According to the survey, a quarter of the respondents have already deployed Docker containers and nearly as many (23 percent) are employing the AWS Lambda serverless computing framework. It’s clear: serverless is here to stay. The adoption does come with some needed changes, within both application development and operations. Tha...
SYS-CON Events announced today that Avere Systems, a leading provider of enterprise storage for the hybrid cloud, will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Avere delivers a more modern architectural approach to storage that doesn't require the overprovisioning of storage capacity to achieve performance, overspending on expensive storage media for inactive data or the overbui...
With major technology companies and startups seriously embracing Cloud strategies, now is the perfect time to attend 21st Cloud Expo October 31 - November 2, 2017, at the Santa Clara Convention Center, CA, and June 12-14, 2018, at the Javits Center in New York City, NY, and learn what is going on, contribute to the discussions, and ensure that your enterprise is on the right path to Digital Transformation.
Companies are harnessing data in ways we once associated with science fiction. Analysts have access to a plethora of visualization and reporting tools, but considering the vast amount of data businesses collect and limitations of CPUs, end users are forced to design their structures and systems with limitations. Until now. As the cloud toolkit to analyze data has evolved, GPUs have stepped in to massively parallel SQL, visualization and machine learning.
We all know that end users experience the Internet primarily with mobile devices. From an app development perspective, we know that successfully responding to the needs of mobile customers depends on rapid DevOps – failing fast, in short, until the right solution evolves in your customers' relationship to your business. Whether you’re decomposing an SOA monolith, or developing a new application cloud natively, it’s not a question of using microservices – not doing so will be a path to eventual b...
Digital transformation is changing the face of business. The IDC predicts that enterprises will commit to a massive new scale of digital transformation, to stake out leadership positions in the "digital transformation economy." Accordingly, attendees at the upcoming Cloud Expo | @ThingsExpo at the Santa Clara Convention Center in Santa Clara, CA, Oct 31-Nov 2, will find fresh new content in a new track called Enterprise Cloud & Digital Transformation.
Most technology leaders, contemporary and from the hardware era, are reshaping their businesses to do software. They hope to capture value from emerging technologies such as IoT, SDN, and AI. Ultimately, irrespective of the vertical, it is about deriving value from independent software applications participating in an ecosystem as one comprehensive solution. In his session at @ThingsExpo, Kausik Sridhar, founder and CTO of Pulzze Systems, will discuss how given the magnitude of today's applicati...
Smart cities have the potential to change our lives at so many levels for citizens: less pollution, reduced parking obstacles, better health, education and more energy savings. Real-time data streaming and the Internet of Things (IoT) possess the power to turn this vision into a reality. However, most organizations today are building their data infrastructure to focus solely on addressing immediate business needs vs. a platform capable of quickly adapting emerging technologies to address future ...
The dynamic nature of the cloud means that change is a constant when it comes to modern cloud-based infrastructure. Delivering modern applications to end users, therefore, is a constantly shifting challenge. Delivery automation helps IT Ops teams ensure that apps are providing an optimal end user experience over hybrid-cloud and multi-cloud environments, no matter what the current state of the infrastructure is. To employ a delivery automation strategy that reflects your business rules, making r...
SYS-CON Events announced today that NetApp has been named “Bronze Sponsor” of SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. NetApp is the data authority for hybrid cloud. NetApp provides a full range of hybrid cloud data services that simplify management of applications and data across cloud and on-premises environments to accelerate digital transformation. Together with their partners, NetApp emp...
Enterprises are adopting Kubernetes to accelerate the development and the delivery of cloud-native applications. However, sharing a Kubernetes cluster between members of the same team can be challenging. And, sharing clusters across multiple teams is even harder. Kubernetes offers several constructs to help implement segmentation and isolation. However, these primitives can be complex to understand and apply. As a result, it’s becoming common for enterprises to end up with several clusters. Thi...
As popularity of the smart home is growing and continues to go mainstream, technological factors play a greater role. The IoT protocol houses the interoperability battery consumption, security, and configuration of a smart home device, and it can be difficult for companies to choose the right kind for their product. For both DIY and professionally installed smart homes, developers need to consider each of these elements for their product to be successful in the market and current smart homes.
Widespread fragmentation is stalling the growth of the IIoT and making it difficult for partners to work together. The number of software platforms, apps, hardware and connectivity standards is creating paralysis among businesses that are afraid of being locked into a solution. EdgeX Foundry is unifying the community around a common IoT edge framework and an ecosystem of interoperable components.
Join IBM November 1 at 21st Cloud Expo at the Santa Clara Convention Center in Santa Clara, CA, and learn how IBM Watson can bring cognitive services and AI to intelligent, unmanned systems. Cognitive analysis impacts today’s systems with unparalleled ability that were previously available only to manned, back-end operations. Thanks to cloud processing, IBM Watson can bring cognitive services and AI to intelligent, unmanned systems. Imagine a robot vacuum that becomes your personal assistant th...
Containers are rapidly finding their way into enterprise data centers, but change is difficult. How do enterprises transform their architecture with technologies like containers without losing the reliable components of their current solutions? In his session at @DevOpsSummit at 21st Cloud Expo, Tony Campbell, Director, Educational Services at CoreOS, will explore the challenges organizations are facing today as they move to containers and go over how Kubernetes applications can deploy with lega...
Though cloud is the future of enterprise computing, a smooth transition of legacy applications and systems is critical for seamless business operations. IT professionals are eager to start leveraging the cost, scale and other benefits of cloud, but with massive investments already in place in existing infrastructure and a number of compliance and resource hurdles, it can be challenging to move to a cloud-based infrastructure.