Cloud security is a top concern for chief security officers. In almost any
enterprise, cloud migration is a given fact and recent attacks have proven,
yet again, that data security is a critical component in any cloud migration
Below are four tips, specific to Infrastructure as a Service (IaaS) cloud
Migrate your data - own your security
When moving to the cloud, companies have the natural tendency to look for
security solutions from their cloud provider of choice. IaaS providers are
very good at managing storage, computation resources, and virtual machines,
but in most cases they can't provide data security solutions that are as
secure as if you were to manage them yourself.
Keep in mind the shared responsibility model when planning a secure cloud
migration, and verify carefully which tools are provided by your cloud
provider, and which tools sh... (more)
As a cloud security vendor, we often get questioned about public cloud
security and how secure is the public cloud. To answer this question I’d
like to start by defining what “public cloud” means before we’ll focus
on the cloud security question: (public) cloud computing is the delivery of
computing as a service rather than a product, and is usually
categorized into three service models: software as a service (SaaS),
infrastructure as a services (IaaS) and platform as a Service (PaaS). When it
comes to public cloud security, all leading cloud providers are investing
Today, with enterprises migrating to the cloud, the security challenge around
protecting data is greater than ever before. Keeping data private and secure
has always been a business imperative. But for many companies and
organizations, it has also become a compliance requirement and a necessity to
stay in business. Standards including HIPAA, Sarbanes-Oxley, PCI DSS and the
Gramm-Leach-Bliley Act all require that organizations protect their data at
rest and provide defenses against data loss and threats.
Public cloud computing is the delivery of computing as a service rather than ... (more)
Case Study | Orbograph: Cloud Healthcare with HIPAA Compliance and Safe
Orbograph is an innovative healthcare ISV that provides Healthcare Revenue
Cycle Management (HRCM) solutions, online medical scheduling, PHR, and other
services to hospitals and clinics.
The Leader: Ran Rothschild, Director of Operations The Project: The company's
next generation of products launched as a cloud service.
Orbograph was seeking to benefit from the advantages of cloud computing
(elasticity, flexibility, cost-effectiveness) without compromising full
compliance with HIPAA, Saf... (more)
2014 was a year of cloud security and compliance accomplishments and 2015
will certainly bring new challenges and new successes.
In 2014, we worked closely with many customers who needed to adhere to HIPAA
and PCI DSS compliance requirements. We made sure all bases were covered,
data was protected, and compliance was achieved.
Though PCI DSS 3.0 was officially released on November 7, 2013 and became
effective on January 1, 2014, its compliance deadline took effect a year
later, on January 1, 2015. This infographic explains what you need to know
about PCI DSS 3.0.
The changes fr... (more)