April 26, 2024
Organizations across industries rely on public cloud computing for a significant portion of their workloads. The flexibility, cost efficiency, redundancy and security of cloud infrastructure providers makes it attractive to organizations of all kinds. From banks and healthcare providers to technology companies and retailers, firms depend on cloud computing to carry out core business functions.
However, as these organizations perform risk assessments, they often worry that using a single cloud provider might create a single point of failure (SPOF) in their environments. Multi-cloud security architectures aim to eliminate this SPOF by enabling the rapid shifting of workloads between cloud providers, but is this approach in fact a benefit from a security perspective?
Published May 2020 in SearchSecurity
Read the full article: Comparing single cloud vs. multi-cloud security challenges
Last summer, I had the opportunity to teach an undergraduate course in my university’s online summer program. I took a course that I had delivered in person many times and worked with my school’s digital learning team to transform it into a hybrid digital format that combined a series of short five- to 10-minute videos with weekly live online sessions over Zoom. Little did I know that my experiment was setting the stage for the most disruptive change to hit higher education in my career.
I feel quite fortunate to have that remote class under my belt as I take part in the rush to move online this semester. Here’s some practical advice from that experience that might help you as you adapt to online learning.
Published April 2020 in EdTech Magazine.
Read the full article: Tech Tips for Colleges Using Zoom for Remote Learning
Last year, the Department of Homeland Security issued a vulnerability notice that disturbed many in the cybersecurity community: Several popular virtual private network solutions insecurely stored authentication cookies in their memory or log files.
An attacker gaining access to that information could steal a legitimate user’s session and gain access to services protected by the VPN without going through the normal authentication process.
Published March 2020 in FedTech Magazine.
Read the full article: 3 Tips for Protecting a VPN in the Face of Major Vulnerabilities
The California Consumer Privacy Act is here. Businesses around the nation must now take action to protect new legal privacy rights granted to California residents. As with any new compliance regime, dotting the i’s and crossing the t’s for CCPA requires a careful review of business practices. Now that the dust is settling on initial compliance efforts, many organizations find themselves at the perfect point to assess the effectiveness of their CCPA controls.
While it technically applies only to California residents, CCPA is likely to spark a wave of similar legislation in other states. California was the first state to introduce a data breach notification law in 2002. Today, nearly two decades later, there are similar laws on the books in every state. With this trend in mind, businesses should expect to scale these responses to their operations nationwide.
Published March 2020 in SearchSecurity
Read the full article: Use this CCPA compliance checklist to get up to speed
Just about every organization today offers some sort of wireless connectivity in the workplace; it is far too powerful a productivity tool to limit it outright. However, wireless networks must be properly configured in order to ensure they are secure.
With a wired network, connected computers are only accessible via a physical cable connection. As such, physical security is a major wired network security concern. Note, however, that, while wired networks are often considered more secure than wireless networks, they are not inherently safer from threats such as denial-of-service attacks, malware or data loss. Security measures — including but not limited to firewalls, SIEM and data loss prevention — should always be considered whether your network is wired or wireless.
Published February 2020 in SearchSecurity
Read the full article: Wired vs. wireless network security: Best practices
Cloud solutions offer virtually limitless potential to educators. From interactive learning management systems to parent communication portals, cloud-based technologies provide state-of-the-art educational tools without the large investments required to build and maintain technical infrastructure. It’s no surprise that schools and districts around the nation are quickly embracing these tools as the future of educational technology.
These benefits do come with risks, however. Faculty and administrators often embrace the educational advantages offered by the cloud but remain wary of the security and privacy implications of using cloud-based platforms. To ensure their use of technology doesn’t create security or privacy headaches, here are five best practices that educators should follow.
Published February 2020 in EdTech Magazine.
Read the full article: Best Practices for Ensuring Data Security in the Cloud
The importance of securing sensitive information cannot be denied. Fortunately, most organizations today have solid cybersecurity programs that use a diverse set of controls to achieve defense-in-depth security.
Through these programs, corporate servers have been hardened, enterprise endpoints have been secured and monitoring tools have been implemented. Organizations have also been able to eradicate highly sensitive information from endpoint devices and consolidate the most crucial corporate data in enterprise systems and the databases that support them.
But just how strong are the controls around those central stores?
Published February 2020 in SearchSecurity
Read the full article: 4 enterprise database security best practices
Walking the exhibition hall at a modern cybersecurity trade show can be a dizzying experience. Vendors from every angle tout products bearing seemingly urgent new capabilities (and new acronyms to match). The unspoken implication is that failure to purchase the latest solution will result in certain cybersecurity doom.
It’s hard to separate the signal from the noise to determine which security solutions will really move the needle for a business.
Here’s the thing, though: Robust cybersecurity programs revolve around a core set of solutions that provide the foundation for a strong cybersecurity operations team. Let’s take a look at a few of the technologies that should be in almost every business environment today.
Published December 2019 in BizTech Magazine.
Read the full article: The 5 Cybersecurity Must-Haves for Every Business
When Microsoft launched Windows 10 in 2015, the company set a goal of hitting 1 billion installed devices within three years.
Two years later, 500 million devices were running Windows 10. That’s a little behind Microsoft’s aggressive target, but half a billion installed devices is a tremendous footprint. Now that we’re approaching the January 2020 end-of-life deadline for Windows 7, Windows 10 will continue to gain steam in higher education and beyond.
As it does, IT professionals can take a few simple steps to tweak performance and improve the user experience. Windows 10 includes new features that provide better power management and troubleshooting. Those tools, combined with some traditional Windows techniques, can dramatically improve the end-user experience and stretch limited IT budget dollars by extending the usable life of endpoint hardware.
Published November 2019 in EdTech Magazine.
Read the full article: Adapt These Settings for a Faster Windows 10
Early on, cloud computing promised to simplify enterprise computing, transferring mundane work to service providers. But agencies that have not completed cloud migration — or for whom total migration is impractical — wind up operating multiple computing environments.
Hybrid IT environments, whether they involve multiple cloud providers or a mix of off- and on-premises facilities, bring flexibility to agency technology operations, yet also add complexity that can be a management challenge. This is especially problematic in an environment of shrinking financial and human resources.
Let’s take a look at ways that agency technology leaders can get their arms around hybrid cloud operations and put their limited resources to the best possible use.
Published November 2019 in FedTech Magazine.
Read the full article: Plan Well for a Hybrid Cloud Environment and See Efficiencies