Welcome to Collaborative Strategy Guild Where insights are transformed into actions at the intersection of collaboration, information management, security, and business strategy.
|
I take on a few budget-minded steps for cloud security this month over on TechNewsWorld:
The big-money savings that cloud implementations promise when they’re still on the drawing board can dry up quickly as they become real-life projects. Unfortunately, security is something that too often gets caught in the cost-cutting crossfire. It behooves security professionals to try to squeeze every bit of value they can from resources they already have.
Check out the rest of the article here.
A Real-World Approach to Improving Security in the Cloud
Two interesting pieces of survey data this morning:
- Everybody’s virtualizing, but nobody’s protecting. While 68% of organizations are already virtualized and 24% have plans to do it in the next year, it appears there isn’t a corresponding uptick in security controls to address security issues specific to that environment
- Cloud services are following the same trajectory: adoption is on the rise, but security measures are stagnant.
So everyone’s getting on the bus but nobody’s buckling up? Seems like a recipe for disaster to me.
Changing risk means changing investment
My opinion is that anytime you change the risk dynamics, there should be a corresponding adjustment in strategy, spending,… Continue reading: Probability masks incompetence: why idiot CIO’s go unnoticed
The editors of TechTarget SearchSecurity have a new site – SearchCloudSecurity and Ed’s a regular contributor.
His latest piece looks at legacy apps and what companies can do to secure them when moving to cloud computing.
Scratch the surface in any organization and you’ll find the legacy environment is one of the most challenging issues facing IT in that organization. No matter how well planned the IT strategy, how efficient the operations, or how disciplined IT processes, there will always be technology that can’t be replaced and that doesn’t meet current standards. Because of the way many legacy applications were built, their criticality, and the expense to modify them, many… Continue reading: Moving Legacy Apps to the Cloud Securely
I came across an article this morning about cloud that got me thinking… I’ll refrain from linking to it because I don’t suggest you read it, but it did get me thinking – in particular about the intersection of institutional healthcare, security, and cloud.
Think about the challenges facing a typical hospital or health system nowadays:
- Large legacy application footprint – potentially hundreds of specialized clinical applications, supply-chain applications, scheduling applications, financial applications
- Lean IT – relatively small IT staff population and (generally) reduced budget for specialized resources like security. Food for thought here: the one place where I have never encountered a dedicated application security resource is at a health system… Continue reading: Healthcare in the cloud – slow to start, but a good fit
In his monthly column for ECT, Ed takes a look at how cloud changes the game for HIPAA’s addressable security requirements:
Cloud computing changes the dynamics of certain parts of HIPAA’s Security requirements. In a cloud computing scenario, most security activities occur in partnership between vendor and client — in other words, while ultimate responsibility for compliance always resides at the covered entity, the actual implementation of certain operational aspects of security occur at the business associate cloud provider.
For the rest of the article, please continue reading here.
Continue reading: Why Cloud Computing Changes the Game for HIPAA Security
|
|
