Cloud Best Practices and Security Review

 

As organizations have moved more and more critical applications, workloads and services to the cloud, I am often asked by clients to help them review their overall cloud strategy and architecture from a best practices and security point of view.

As we're several years into this cloud migration for most organizations, a lot of things have changed regarding how they leverage the cloud, the type of applications and services they need to be able to provide and how they control and monitor access to resources. No two organizations are exactly the same, but more often than not, the underlying fundamentals are consistent across organizations.

Read More

Is Your SolarWinds Shelfware?

The definition of “shelfware” from TechTarget:

“Slang for software that a company buys because of a perceived need or demand but never uses; hence, it sits on the shelf.”

This definition should be expanded to include software that was purchased for a legitimate need, implemented to serve that need, and then allowed to stagnate until it’s no longer used or useful. There are many reasons why this stagnation happens:

Read More

Two Factor Authentication for Office 365 (Part 1)

Password complexity has been touted for some time to prevent identity theft. Especially in an Active Directory environment. Typical password complexity rules in Active Directory are:

  • Uppercase characters of European languages (A through Z, with diacritic marks, Greek and Cyrillic characters)
  • Lowercase characters of European languages (a through z, sharp-s, with diacritic marks, Greek and Cyrillic characters)
  • Base 10 digits (0 through 9)
  • Nonalphanumeric characters: ~!@#$%^&*_-+=`|\(){}[]:;"'<>,.?/
  • Any Unicode character that is categorized as an alphabetic character but is not uppercase or lowercase. This includes Unicode characters from Asian languages.
Read More

AWS Security Best Practices: Decoding the Shared Security Model

Navigating today’s threat landscape and ensuring security in the public cloud is more important than ever. When it comes to AWS security best practices, businesses must start with an understanding of the AWS Shared Responsibility Model. Unfortunately, many companies don’t fully understand that shared model and who is responsible for what,  despite the AWS clear statement:

Read More

5 AWS Cost Optimization Tips for Your Business

According to the Cisco Global Cloud Index Report, 68 percent (298 million) of cloud workloads will be in public cloud data centers by 2020. The leading player in this sphere is clearly AWS with its current 62 percent of market share. That steady stream of migrations comes with its own set of challenges for most businesses. Chief among them is figuring out how to minimize costs of running applications and workloads in the cloud. While there are numerous ways to accomplish this goal, here are five helpful tips for AWS cost optimization.

Read More

How Does Ransomware Work and What Technologies Best Prevent It?

Ransomware has quickly become one of the most troublesome issues that businesses deal with nowadays. Globally, ransomware is expected to have cost organizations over $5 billion in 2017 with no signs of slowing down.

Read More

Creating an IT Security Strategy

Editor’s note: This article is an excerpt from the Essential Guide to IT Security Strategy.

Businesses in the digital age can no longer rely on disconnected security tools, alongside robust protocols and policies, to avoid increasing IT security threats. The development of a proactive and multidimensional strategy for securing data and your organization’s IT infrastructure is built on well-developed security policies, and overall strategy. However, the first step toward developing that security strategy is to conduct a thorough and in-depth threat assessment.

Read More

The Hidden Costs of Moving Infrastructure to AWS Public Cloud

According to the Cisco Cloud Index, 68 percent of the cloud workloads will be in public cloud data centers by 2020, which is a 35 percent jump from 2015. While that growth is impressive, what it doesn’t say is that many businesses are still trying to figure out the process of moving to the cloud. AWS, which currently holds about 40 percent of the market, clearly has a lot to offer. What is not as clear are the hidden costs of moving infrastructure to the cloud.

Read More

Designing a Hybrid Cloud Strategy For Your IT Budget

Gartner recently stated that “organizations will continue to aggressively build and invest in ‘cloud-first’ strategies and architectures.” Much of this comes from the advancements and innovations in cloud services. Applications and solutions that were once a poor fit for the cloud are now finding their way into the “as a service” space. However, just because an application or solution is cloud capable doesn’t mean it is right for you.

Read More

Patch Management Best Practices for Critical Vulnerabilities

With the recent Spectre and Meltdown flaws sending a wave of disruption across IT and all business communities, the scope of the problem continues to unfold. Either one or both of the flaws are present in Intel chips from the last 15 years embedded in countless processors running PCs, servers, and phones.

Read More