Businesses today are built around information technologies that drive strategy and operations. Consequently, IT has had to evolve from reactive to proactive by leveraging operational information via real-time data monitoring and management systems.
Businesses today are built around information technologies that drive strategy and operations. Consequently, IT has had to evolve from reactive to proactive by leveraging operational information via real-time data monitoring and management systems.
As data with enterprises and in the cloud grows exponentially, organizations continue to look for ways to harness it and glean diverse insights to help meet business goals. While there are numerous tools for managing and monitoring data, few can provide a universal approach across all data sources, both on-premise and in the cloud.
As organizations have moved more and more critical applications, workloads and services to the cloud, I am often asked by clients to help them review their overall cloud strategy and architecture from a best practices and security point of view.
As we're several years into this cloud migration for most organizations, a lot of things have changed regarding how they leverage the cloud, the type of applications and services they need to be able to provide and how they control and monitor access to resources. No two organizations are exactly the same, but more often than not, the underlying fundamentals are consistent across organizations.
The definition of “shelfware” from TechTarget:
“Slang for software that a company buys because of a perceived need or demand but never uses; hence, it sits on the shelf.”
This definition should be expanded to include software that was purchased for a legitimate need, implemented to serve that need, and then allowed to stagnate until it’s no longer used or useful. There are many reasons why this stagnation happens:
Password complexity has been touted for some time to prevent identity theft. Especially in an Active Directory environment. Typical password complexity rules in Active Directory are:
Navigating today’s threat landscape and ensuring security in the public cloud is more important than ever. When it comes to AWS security best practices, businesses must start with an understanding of the AWS Shared Responsibility Model. Unfortunately, many companies don’t fully understand that shared model and who is responsible for what, despite the AWS clear statement:
Editor’s note: This article is an excerpt from the Essential Guide to IT Security Strategy.
Businesses in the digital age can no longer rely on disconnected security tools, alongside robust protocols and policies, to avoid increasing IT security threats. The development of a proactive and multidimensional strategy for securing data and your organization’s IT infrastructure is built on well-developed security policies, and overall strategy. However, the first step toward developing that security strategy is to conduct a thorough and in-depth threat assessment.
According to the Cisco Cloud Index, 68 percent of the cloud workloads will be in public cloud data centers by 2020, which is a 35 percent jump from 2015. While that growth is impressive, what it doesn’t say is that many businesses are still trying to figure out the process of moving to the cloud. AWS, which currently holds about 40 percent of the market, clearly has a lot to offer. What is not as clear are the hidden costs of moving infrastructure to the cloud.
With the recent Spectre and Meltdown flaws sending a wave of disruption across IT and all business communities, the scope of the problem continues to unfold. Either one or both of the flaws are present in Intel chips from the last 15 years embedded in countless processors running PCs, servers, and phones.
