CLOUD ADOPTION & RISK IN EUROPE REPORT. Q Published Q3 2015
|
|
- Albert Bates
- 8 years ago
- Views:
Transcription
1 CLOUD ADOPTION & RISK IN EUROPE REPORT Q Published Q3 2015
2 TABLE OF CONTENTS INTRODUCTION OVERVIEW OF CLOUD ADOPTION INSIDER THREATS IN THE CLOUD COMPROMISED CREDENTIALS MULTI-FACTOR AUTHENTICATION THERE S NO TYPICAL USER HEAD IN THE CLOUDS SAFE STORAGE FOR EUROPEAN DATA THE CLOUD NEVER SLEEPS THE TOP CLOUD SERVICES
3 INTRODUCTION The biggest impact of the cloud is the ability to accelerate the rate of innovation for the business, says Frank Gens, senior vice president and chief analyst at IDC 1. This is as true in Europe as anywhere else in the world. Cloud computing continues to grow in Europe, with a recent survey 2 of UK-based IT decision-makers showing that 84% are using cloud services today and most expect cloud adoption to continue to grow. The German IT association BITKOM quoted growth in enterprise cloud of 46% to 6.4B Euros in the last year 3 and in Sweden currently 64% of enterprise data is hosted in the cloud with an expectation that this will grow to 93% within two years 4. This is not just a business phenomenon either, with the UK government G-Cloud platform showing sales of over 500M by March Given the focus on winning enterprises as customers, cloud service providers (CSPs) are increasing their investments to support industry security standards. At Skyhigh, we believe this is important for enterprises to securely embrace the cloud. However only 2.8% of the CSPs in our global cloud registry have achieved ISO compliance, and so far only two vendors (Microsoft and Dropbox) have announced that they have achieved the relatively new ISO code of practice for personal data protection in public clouds. With the daily arrival of new services that lackproper certifications, the overall percentage of CSPs with ISO certification is declining. European regulators are also taking ever-stronger attitudes to data loss and unfortunately, cloud is one of the possible conduits for data exfiltration. Our data shows that on initial review, IT is generally aware of less than 10% of the services in use inside their organisations and Gartner quotes that companies spend just 3.8% of their cloud budget on security
4 To better understand these trends and the risks in cloud adoption, Skyhigh publishes this Cloud Adoption & Risk in Europe report. What makes this report unique is that it s based on actual usage data for over 2.5 million employees in European organizations, rather than surveys that ask people to selfreport their behavior. In this quarter s report, we explore insider threats within these organizations and expose a worldwide black market of stolen login credentials that cyber criminals use to gain access to sensitive information in cloud services. We also detail the Top 20 enterprise and consumer cloud services in Europe, the top cloud services used to connect with partners, and how prolific one employee can be in terms of cloud usage and high-risk behavior. 02
5 OVERVIEW OF CLOUD ADOPTION The average European organization uses 987 cloud services, an impresive growth of 61% over the same quarter a year ago, casting aside doubt that cloud use is mainstream throughout Europe. Another way of looking at this is that the average company is adding more than one new cloud service per day, reminding us that this is a rapidly changing market and the IT department needs constant updates to be able to manage both shadow and sanctioned cloud adoption. The average European organization uploads 12.3 TB to the cloud each month, an amount equal to around 7.6 million copies of War and Peace in digital form (at 1.7 MB per copy). When employees bring cloud services into the work environment for increased productivity and efficiency without the knowledge or approval of IT, they may not realize the risk they re introducing to the organization. Just 7.0% of cloud services meet enterprise security and compliance requirements, as rated by Skyhigh s CloudTrust Program. Only 15.4% support multi-factor authentication, 2.8% have ISO certification, and 9.4% encrypt data stored at rest. Considering how much data European organizations upload to the cloud each month without proper controls, this data could be at risk for exfiltration Q Q Q Q Q Q2 AVERAGE NUMBER OF CLOUD SERVICES IN USE BY EUROPEAN ORGANIZATIONS 03
6 nization uses far fewer services, it is worth noting that the minimum number of services we have seen in Europe is 507, from a company with less than 200 employees; while the highest number of services we have seen in Europe is greater than 3,000. Of the 987 cloud services in use by the average European organization, the most popular category is collaboration with 226 cloud services. This category includes services such as Microsoft services per organization (e.g. SourceForge, GitHub, etc.), content sharing with 54 services (e.g. with 38 services (Dropbox, Google Drive, etc.). The average organization in Europe uses many cloud services in each category Business intelligence 21 Collaboration 226 Content sharing 54 Development 80 File sharing 38 Social media 49 Tracking
7 INSIDER THREATS IN THE CLOUD A cloud service may be secure, but employees can still use it in risky ways. While Edward Snowden is the most well-known example of an insider threat, most insider threat incidents are quiet and may not be uncovered by the company at the time, if at all. Consider the example of a salesperson that leaves a company knowingly or unknowingly with customer contact information when he or she decides to change employers. In many cases, the organization has no easy way to detect this type of behavior. Have you had an INSIDER THREAT INCIDENT? perception reality Just 18% of European companies surveyed reported an insider threat incident in the last year NO 63% NOT SURE 19% YES 87% But 87% of European companies had behavior indicative of an insider threat in the last quarter alone YES 18% We surveyed organizations in partnership with the Cloud Security Alliance and found that just 18% of organizations knew of an insider threat incident in the last year. However, examining actual anomaly detection data collected across European users, we found that 87% of organizations had behavior indicative of an insider threat in the last quarter alone. While not all of these events turn out to be malicious activity, the incidence of potentially destructive behavior by employees is much higher than most European organizations realize
8 COMPROMISED CREDENTIALS There were more software vulnerabilities discovered and more data breaches in 2014 than any year on record. Following one of the largest breaches of the year, ebay prompted 145 million users to change their passwords after cyber criminals compromised their account credentials. University of Cambridge shows that 31% of passwords are re-used in multiple places. With the The darknet is home to millions of compromised passwords 72.1% 8.5% of European companies have at least one employee whose credentials are compromised of employees at European companies have at least one credential compromised We found that 72.1% of European organizations have exposure to compromised credentials. While this number is lower than the overall average of 91.7% across the globe, even more concerning is that 8.5% of employees at European companies have at least one compromised this capability, we recommend European organizations use strong, unique passwords for each cloud service and change them regularly to limit exposure to compromised credentials
9 MULTI-FACTOR AUTHENTICATION The Lastpass data breach, which occurred in June 2015, brought to light the importance and only have to KNOW something (a name and password), but also have to HAVE something (a token or more commonly pre-authenticated a mobile device) to gain access to an account. Any loss of just a name and password is less of a concern as multi-factor authentication requires that any criminal will also need to get hold of, or spoof, an additional device before accessing the compromised service. We strongly recommend that enterprises consider multi-factor authentication as a key component of safe cloud services. Currently only 15.4% of the 12,000+ cloud services support multi-factor authentication, we hope that this will increase in time. 15.4% Supported SUPPORT FOR MULTI-FACTOR AUTHENTICATION REMAINS LOW 84.6% Not Supported 06 07
10 THERE S NO TYPICAL USER cloud services used by 175 users to determine whether people had the same or similar patterns of usage. What we found is that not all users have the same patterns, and that there are 31 possible accessed it and 25 of the 31 possible combinations were regularly in use. Our results show of the services. This goes to show that you can t assume or predict how your users will use services your users need. Box 2 Office CLOUD USAGE IS NOT UNIFORM ACROSS USERS Salesforce 3 2 Google Drive 6 4 Dropbox 07 08
11 HEAD IN THE CLOUDS The average European employee uses 23 distinct cloud services including seven collaboration services, four file-sharing services, three social media services, and three content sharing services. What s troubling is that each employee is tracked by, on average, four marketing analytics and advertising services. These services are used to deliver targeted ads to users across the Internet, but they are also increasingly used by cyber criminals to determine the sites employees frequent most. Armed with this information, criminals attempt to compromise these sites in order to ultimately compromise the organization in what s known as a watering hole attack. However, there are employees whose cloud usage is even more prolific. The most prolific cloud user across all European employees in our study uses an impressive 594 cloud services, including 101 collaboration services, 38 development services, 38 IT management services, and 22 content sharing services. While their behavior may be done with good intensions, unchecked cloud usage can also expose European organizations to risk. THE MOST PROLIFIC CLOUD USER in Europe At work this employee uses 594 cloud services COLLABORATION % HIGH-RISK SERVICES 38 DEVELOPMENT IT MANAGEMENT CONTENT SHARING 5.6% INDUSTRY AVERAGE 08 09
12 Chances are, most of the services in use by this individual are not known by the IT department. Out of the 594 services, 106 are high-risk, compared to 5.6% across all cloud services globally. These services are often considered high-risk because they lack security controls, have onerous terms and conditions that claim ownership of uploaded data, or are hosted in high-risk countries without strong data protections. Among the high-risk services in use by this cloud collector are CodeHaus, a service that is used to store source code, DiffNow, a service used to highlight differences between 2 files, and DocumentCloud, a service used to share text documents like contracts
13 SAFE STORAGE FOR EUROPEAN DATA The European Union (EU) has taken a lead in data privacy since 1995 and every EU member country country has a regime that defines data protection legislation for the country. The EU is also strengthening the existing laws with expectations of a new Data Protection Regulation being agreed upon by the end of One of the areas covered by the existing directive and new regulation is where data on European individuals can be transferred. Except in exceptional circumstances, data on individuals should stay in Europe, the European Economic Area, within countries with equivalent data privacy regulations or within U.S. services that have signed up for the U.S. government s Safe Harbor agreement. A Safe Place for EU Personal Data 14.3% Hosted in the EU Hosted in country with 3.6% equivalent privacy 17.2% US hosted with Safe Harbor 64.9% Cloud Services that should not hold EU Data European companies are using many cloud services that do not meet data residency requirements Skyhigh s global cloud registry tracks over 12,000 cloud services. We found that 14.3% of cloud providers store data inside the EU, 3.6% are in countries with equivalent data protection and 17.1% are U.S.-hosted and have signed up for the Safe Harbor regulations this means that 64.9% are not safe for EU data. While the gap between European data privacy requirements and the reality of cloud services in use today is substantial, it is shrinking. In Q4 of 2014, 74.3% of services were not suitable to host EU data. 11
14 THE CLOUD NEVER SLEEPS Flexible working has probably been one of the significant changes in the last decade, balancing home life and work life to the benefit of both the employee and employer. One aspect of this is the amount of work being conducted during what would normally be considered weekends. We analyzed usage by day of the week and found European employees are most prolific in cloud usage on Fridays, while cloud usage for their American counterparts peaks on Tuesdays and declines the remainder of the week. However, weekend usage did not fully drop to zero, reminding IT departments that there may be risks happening around the clock; as risk to the organization doesn t stop for the weekend. Cloud Usage by Day of Week 14.6% 18.4% 15.0% 18.0% 19.5% 6.8% 7.8% Mon. Tues. Wed. Thurs. Fri. Sat. Sun. Percentage of cloud usage for each day of the week 12
15 THE TOP CLOUD SERVICES From the perspective of a software company, developing a cloud service is very different from software installed by the customer. The cloud has freed developers to reimagine enterprise software with delightful user experiences, innovative new features, and access from mobile devices. With faster release cycles and updates that occur immediately across all customers, cloud applications are not only more cost effective to manage, they re often first to market with innovative features. That s why an increasing number of European organizations are deploying the top enterprise cloud services not because they re the best cloud version available but because they are the best software available, period. That s also why we wanted to look at the top services based on user count. 1. Microsoft Office Workday 2. Salesforce 12. ADP 3. Oracle RightNow 13. SAP Human Capital Management TOP 20 ENTERPRISE CLOUD SERVICES in Europe 4. Cisco Webex 5. ServiceNow 6. Oracle Taleo 7. Box 8. Jive 9. Concur 14. SAS OnDemand 15. SuccessFactors 16. Yammer 17. GoToMeeting 18. Blue Jeans 19. NetSuite 10. Zendesk 20t. OpenText BPM 13
16 Consumer-grade cloud services today are so good that they can easily rival enterprise software. It s no wonder then, that employees bring cloud services to work in order to do their jobs better. However, these services can also increase organizational risk. In order to exfiltrate sensitive data undetected, cyber criminals deploy an array of sophisticated kill chains that leverage consumer cloud services. Skyhigh has detected attacks using Twitter to exfiltrate data 140 characters at a time and another that encoded stolen data into videos that were uploaded to YouTube. 1. Facebook 11. Tumblr 2. Linkedin 12. Instagram 3. Flickr 13. Google Drive 4. YouTube 5. Twitter 6. Dropbox 7. Pinterest 8. Gmail 9. Vimeo 10. StumbleUpon 14. Yahoo! Mail 15. VK 16. SlideShare 17. Spotify 18. Evernote 19. Skype 20. Xing TOP 20 CONSUMER CLOUD SERVICES at work in Europe 14
17 ABOUT SKYHIGH NETWORKS Skyhigh Networks, the cloud security and enablement company, helps enterprises safely adopt cloud services while meeting their security, compliance, and governance requirements. Over 400 enterprises including Aetna, Cisco, DIRECTV, HP, and Western Union use Skyhigh to gain visibility into all cloud services in use and their associated risk; analyze cloud usage to identify security breaches, compromised accounts, and insider threats; and seamlessly enforce security policies with encryption, data loss prevention, contextual access control, and activity monitoring. Headquartered in Campbell, Calif., Skyhigh Networks is backed by Greylock Partners, Sequoia Capital, and Salesforce.com. For more information, visit us at and follow us on 15
18 UNCOVER SHADOW IT If you d like to learn the scope of Shadow IT at your company, including detailed statistics profiled in this report, sign up for a complimentary cloud audit REQUEST COMPLIMENTARY CLOUD AUDIT With Skyhigh we discovered a wide range of services, allowing us to understand their associated risks and put in place policies to protect corporate data. bit.ly/complimentarycloudaudit Steve Martino VP Information Security
CLOUD ADOPTION & RISK IN HEALTHCARE REPORT
CLOUD ADOPTION & RISK IN HEALTHCARE REPORT Q2 2015 Published Q3 2015 Cloud Adoption and Risk in Healthcare Report - Q2 2015 03 TABLE OF CONTENTS INTRODUCTION OVERVIEW OF CLOUD ADOPTION INSIDER THREATS
More informationCLOUD ADOPTION & RISK IN FINANCIAL SERVICES REPORT
TITLE CLOUD ADOPTION & RISK IN FINANCIAL SERVICES REPORT Q2 2015 Published Q3 2015 Cloud Adoption & Risk in Financial Services Report - Q2 2015 00 TABLE OF CONTENTS 01 02 04 05 07 10 INTRODUCTION OVERVIEW
More informationCLOUD ADOPTION & RISK IN GOVERMENT REPORT
CLOUD ADOPTION & RISK IN GOVERMENT REPORT Q1 2015 Published Q2 2015 1 TABLE OF CONTENTS 01 02 04 06 08 09 10 11 INTRODUCTION OVERVIEW OF CLOUD ADOPTION AND RISK CALCULATED RISK COMPROMISED IDENTITIES PERCEPTION
More informationCLOUD ADOPTION & RISK REPORT
CLOUD ADOPTION & RISK REPORT Q4 2014 Published Q1 2015 1 TABLE OF CONTENTS 01 02 04 05 06 08 10 11 12 15 INTRODUCTION OVERVIEW OF CLOUD ADOPTION AND RISK CALCULATED RISK THE OVER SHARING EFFECT SENSITIVE
More informationCloud Adoption Practices & Priorities Survey Report
Cloud Adoption Practices & Priorities Survey Report January 2015 2015 Cloud Security Alliance All Rights Reserved All rights reserved. You may download, store, display on your computer, view, print, and
More informationQ2 2015 Published Q3 2015
TITLE OFFICE 365 ADOPTION & RISK REPORT Q2 2015 Published Q3 2015 Office 365 Adoption & Risk Report 00 TABLE OF CONTENTS 01 02 04 06 INTRODUCTION STATE OF OFFICE 365 ADOPTION HOME TO BUSINESS-CRITICAL
More informationCloud Adoption & Risk Report Q3 2013
Cloud Adoption & Risk Report Q 201 Based on data from,000,000+ users Representing the following industries: Financial Services Healthcare High Tech Media Manufacturing Services Table of Contents The Cloud
More informationTable of Contents CLOUD ADOPTION RISK REPORT INTRODUCTION...2 SENSITIVE DATA IN THE CLOUD...3
CLOUD ADOPTION RISK REPORT Table of Contents INTRODUCTION...2 SENSITIVE DATA IN THE CLOUD...3 Types of Sensitive Data...4 What s in a Name?...5 Worst Employee of the Month...7 SHARING AND COLLABORATION...7
More informationHow To Read Cloud Adoption And Risk Report From Cloudtrust
Cloud Adoption & Risk Report Q1 2014 Published in Q2 Based on data from 8,300,000+ users Representing the following industries: Education Financial Services Healthcare High Tech Media Oil & Gas Manufacturing
More informationThe Cloud Balancing Act for IT: Between Promise and Peril
The Cloud Balancing Act for IT: Between Promise and Peril Table of Contents EXECUTIVE SUMMARY...2 ONBOARDING CLOUD SERVICES...3 SYSTEMS OF RECORD: THE NEXT WAVE OF CLOUD ADOPTION...6 A CULTURE OF COMPLIANCE
More informationAuthored by: Brought to you by. Jim Reavis, President - Reavis Consulting Group Brandon Cook, Director, Product Marketing Skyhigh Networks
Authored by: Brought to you by Jim Reavis, President - Reavis Consulting Group Brandon Cook, Director, Product Marketing Skyhigh Networks ABSTRACT Shadow IT is a real and growing concern for enterprises
More informationJANUARY CLOUD REPORT 2015
JANUARY CLOUD REPORT 2015 Report Highlights 15 percent of users have had their credentials stolen, and an estimated 13.5 percent of organizations cloud apps are at risk Organizations have 613 cloud apps
More information2H 2015 SHADOW DATA REPORT
2H 20 SHADOW DATA REPORT Shadow Data Defined: All potentially risky data exposures lurking in cloud apps, due to lack of knowledge of the type of data being uploaded and how it is being shared. Shadow
More informationTHE NEW FRONTIER FOR PROTECTING CORPORATE DATA IN THE CLOUD
Security Intelligence: THE NEW FRONTIER FOR PROTECTING CORPORATE DATA IN THE CLOUD Brought to you by Introduction 3 Data Theft from Cloud Systems of Record 5 6-Step Process to Protect Data from Insider
More informationNetskope Cloud Report
cloud report JUL 2014 Netskope Cloud Report In this quarterly Netskope Cloud Report, we ve compiled the most interesting trends on cloud app adoption and usage based on aggregated, anonymized data from
More informationMoving Beyond User Names & Passwords
OKTA WHITE PAPER Moving Beyond User Names & Passwords An Overview of Okta s Multifactor Authentication Capability Okta Inc. 301 Brannan Street, Suite 300 San Francisco CA, 94107 info@okta.com 1-888-722-7871
More informationActive Directory Integration WHITEPAPER
Active Directory Integration WHITEPAPER Even as enterprises continue to adopt more cloud applications, Active Directory (AD) and Lightweight Directory Access Protocol (LDAP) still play a critical role
More informationPREVENTIA. Skyhigh Best Practices and Use cases. Table of Contents
PREVENTIA Forward Thinking Security Solutions Skyhigh Best Practices and Use cases. Table of Contents Discover Your Cloud 1. Identify all cloud services in use & evaluate risk 2. Encourage use of low-risk
More informationMoving Beyond User Names & Passwords Okta Inc. info@okta.com 1-888-722-7871
Moving Beyond User Names & Passwords An Overview of Okta s Multifactor Authentication Capability Okta Inc. 301 Brannan Street San Francisco, CA 94107 info@okta.com 1-888-722-7871 Contents 1 Moving Beyond
More informationQuick guide: Using the Cloud to support your business
Quick guide: Using the Cloud to support your business This Quick Guide is one of a series of information products targeted at small to medium sized enterprises (SMEs). It is designed to help businesses
More informationRepave the Cloud-Data Breach Collision Course
Repave the Cloud-Data Breach Collision Course Using Netskope to enable the cloud while mitigating the risk of a data breach BACKGROUND Two important IT trends are on a collision course: Cloud adoption
More informationThe Top 3 Identity Management Considerations When Implementing Google Apps for the Enterprise
The Top 3 Identity Management Considerations When Implementing Google Apps for the Enterprise Google Apps for Work (formerly known as Google Apps) is quickly becoming one of the most popular cloud-based
More informationAPRIL CLOUD REPORT. Netskope Cloud Report for Europe, Middle East, and Africa
APRIL 2015 CLOUD REPORT Netskope Cloud Report for Europe, Middle East, and Africa REPORT HIGHLIGHTS Organisations have 511 cloud apps in use on average, 87.0 percent of which aren t enterprise-ready More
More informationSELECTING AN ENTERPRISE-READY CLOUD SERVICE
21 Point Checklist for SELECTING AN ENTERPRISE-READY CLOUD SERVICE Brought to you by Introduction The journey to the cloud is well underway, and it s easy to see why when 84% of CIOs report cutting application
More informationManaging Cloud Data Security in Regulated Industries for 2016
Managing Cloud Data Security in Regulated Industries for 2016 November, 2015 Table of Contents I. Introduction: Security challenges in regulated industries...1 II. Cloud adoption rates by industries...1
More informationTHEODORA TITONIS VERACODE Vice President Mobile
THEODORA TITONIS VERACODE Vice President Mobile MOBILE SECURITY Increasing Threat MOBILE RISK 64% 34% 47% Companies with no BYOD policy. 3 Companies with no app security program. 4 614% Nearly half of
More informationCLOUD REPORT OCTOBER 2014
CLOUD REPORT OCTOBER 2014 Report Highlights Organizations have 579 cloud apps in use on average, 88.7% of which aren t enterprise-ready More than one-third of all cloud data leakage policy violations occur
More informationOffice 365 Adoption & Risk Report
Office 365 Adoption & Risk Report 2016 Q2 Table of Contents INTRODUCTION...2 MICROSOFT S LAND AND EXPAND STRATEGY...3 A DEEPER LOOK AT CONSUMPTION BY APPLICATION AND INDUSTRY...7 INSIDER THREATS AND COMPROMISED
More informationSAFELY ENABLING MICROSOFT OFFICE 365: THREE MUST-DO BEST PRACTICES
SAFELY ENABLING MICROSOFT OFFICE 365: THREE MUST-DO BEST PRACTICES Netskope 2015 Enterprises are rapidly adopting Microsoft Office 365. According to the Netskope Cloud Report, the suite is among the top
More informationWHITEPAPER. Identity Access Management: Beyond Convenience
WHITEPAPER Identity Access Management: Beyond Convenience INTRODUCTION Identity and Access Management (IAM) is the official description of the space in which OneLogin operates in but most people who are
More informationAssessment & Monitoring
Cloud Services Shadow IT Risk Assessment Report Assessment & Monitoring Shadow IT Analytics & Business Readiness Ratings with Elastica CloudSOC & Audit November, 204 Based on all data sources from October,
More information9 REALITIES OF PORTABLE AND PERSISTENT DATA PROTECTION IN THE 21 ST CENTURY
9 REALITIES OF PORTABLE AND PERSISTENT DATA PROTECTION IN THE 21 ST CENTURY INTRODUCTION Over the past decade, major data breaches have made headlines, resulting in significant brand damage, costly fines,
More informationAPRIL CLOUD REPORT. Netskope Cloud Report Worldwide
APRIL 2015 CLOUD REPORT Netskope Cloud Report Worldwide REPORT HIGHLIGHTS 13.6 percent of enterprise users have had their accounts credentials compromised 23.6 percent of access to cloud CRM apps is by
More information16 CLOUD APPS YOU NEED TO KNOW IF EMPLOYEES ARE USING
16 CLOUD APPS YOU NEED TO KNOW IF EMPLOYEES ARE USING One of the biggest risks that companies face today is the growing popularity and availability of cloud-based applications shadow IT. These applications
More informationSUMMER 2015 WORLDWIDE EDITION CLOUD REPORT. sensitive data in the cloud
CLOUD REPORT SUMMER 2015 WORLDWIDE EDITION sensitive data in the cloud Report Highlights 17.9 percent of all files in enterprise-sanctioned cloud apps constitute a data policy violation. 22.2 percent of
More informationDevelop your Legal Practice using Cloud applications, but
Develop your Legal Practice using Cloud applications, but Make sure your data is safe! Tuesday 17 November 2015 The Law Society, London Allan Carton, Inpractice UK www.inpractice.co.uk Management Solutions
More informationPROTECTED CLOUDS: Symantec solutions for consuming, building, or extending into the cloud
PROTECTED CLOUDS: Symantec solutions for consuming, building, or extending into the cloud Blue skies ahead? Yes if you are protected when you move to the cloud. Lately, it seems as if every enterprise
More informationWHAT ARE THE BENEFITS OF OUTSOURCING NETWORK SECURITY?
WHAT ARE THE BENEFITS OF OUTSOURCING NETWORK SECURITY? Contents Introduction.... 3 What Types of Network Security Services are Available?... 4 Penetration Testing and Vulnerability Assessment... 4 Cyber
More informationThe Top 7 Ways to Protect Your Data in the New World of
The Top 7 Ways to Protect Your Data in the New World of Shadow IT and Shadow Data Brought to you by Elastica and Centrify Introduction According to research conducted by Elastica, most companies use over
More informationINFORMATION SECURITY GUIDE. Cloud Computing Outsourcing. Information Security Unit. Information Technology Services (ITS) July 2013
INFORMATION SECURITY GUIDE Cloud Computing Outsourcing Information Security Unit Information Technology Services (ITS) July 2013 CONTENTS 1. Background...2 2. Legislative and Policy Requirements...3 3.
More informationState of App Security
State of App Security Recent attacks targeting mobile apps and operating systems have put an unprecedented amount of mobile business data at risk. Many enterprises are unprepared to combat the latest mobile
More informationThe Cloud App Visibility Blind Spot
WHITE PAPER The Cloud App Visibility Blind Spot Understanding the Risks of Sanctioned and Unsanctioned Cloud Apps and How to Take Back Control Line-of-business leaders everywhere are bypassing IT departments
More informationWestcon Presentation on Security Innovation, Opportunity, and Compromise
Westcon Presentation on Security Innovation, Opportunity, and Compromise Christian A. Christiansen Program Vice President IDC Security Products & Services What s Happening with Threats? 1.5B 80% 33% $1.3M
More informationCompliance Guide ISO 27002. Compliance Guide. September 2015. Contents. Introduction 1. Detailed Controls Mapping 2.
ISO 27002 Compliance Guide September 2015 Contents Compliance Guide 01 02 03 Introduction 1 Detailed Controls Mapping 2 About Rapid7 7 01 INTRODUCTION If you re looking for a comprehensive, global framework
More informationThe Cloud App Visibility Blindspot
The Cloud App Visibility Blindspot Understanding the Risks of Sanctioned and Unsanctioned Cloud Apps and How to Take Back Control Introduction Today, enterprise assets are more at risk than ever before
More informationClose the security gap with a unified approach. Detect, block and remediate risks faster with end-to-end visibility of the security cycle
Close the security gap with a unified approach Detect, block and remediate risks faster with end-to-end visibility of the security cycle Events are not correlated. Tools are not integrated. Teams are not
More informationAssuring Application Security: Deploying Code that Keeps Data Safe
Assuring Application Security: Deploying Code that Keeps Data Safe Assuring Application Security: Deploying Code that Keeps Data Safe 2 Introduction There s an app for that has become the mantra of users,
More informationOCTOBER 2014 CLOUD REPORT
OCTOBER 2014 CLOUD REPORT Report Highlights Organizations have 579 cloud apps in use on average, 88.7% which aren t enterprise-ready More than one-third cloud data leakage policy violations occur on mobile
More informationISO/IEC 27018 Safeguarding Personal Information in the Cloud. Whitepaper
ISO/IEC 27018 Safeguarding Personal Information in the Cloud Whitepaper Summary The protection of private information has never been a higher priority. Many national and international bodies, including
More informationSecuring the Cloud: Making Cloud an Opportunity to Enhance Security
Securing the Cloud: Making Cloud an Opportunity to Enhance Security February 2016 Greg Coughlin Director, IBM Security @JGCoughlin 1 The rise of Shadow IT? 2 Security reality we have all been compromised
More informationSecuring Your Enterprise in the Cloud. IT executives must be ready to move to the cloud safely
Securing Your Enterprise in the Cloud IT executives must be ready to move to the cloud safely The technology pendulum is always swinging. And chief information security officers must be prepared to swing
More informationHow cloud computing can transform your business landscape
How cloud computing can transform your business landscape Introduction It seems like everyone is talking about the cloud. Cloud computing and cloud services are the new buzz words for what s really a not
More informationTop Five Security Must-Haves for Office 365. Frank Cabri, Vice President, Marketing Shan Zhou, Senior Director, Security Engineering
Top Five Security Must-Haves for Office 365 Frank Cabri, Vice President, Marketing Shan Zhou, Senior Director, Security Engineering Today s Agenda Introductions & Company Overview Cloud App Trends, Risks
More informationHow to Overcome Challenges in Deploying Cloud Apps to Get the Most from your IAM Investment
WHITEPAPER How to Overcome Challenges in Deploying Cloud Apps to Get the Most from your IAM Investment www.onelogin.com 150 Spear Street, Suite 1400, San Francisco, CA 94105 855.426.7272 EXECUTIVE SUMMARY
More information2014 Authentication Survey Executive Summary. How Organizations Are Responding to Mobile and Cloud Threats
2014 Authentication Survey Executive Summary How Organizations Are Responding to Mobile and Cloud Threats Overview As IT teams seek to keep sensitive assets safe, while supporting the evolving adoption
More informationBeyond passwords: Protect the mobile enterprise with smarter security solutions
IBM Software Thought Leadership White Paper September 2013 Beyond passwords: Protect the mobile enterprise with smarter security solutions Prevent fraud and improve the user experience with an adaptive
More informationWHITEPAPER. NAPPS: A Game-Changer for Mobile Single Sign-On (SSO)
WHITEPAPER NAPPS: A Game-Changer for Mobile Single Sign-On (SSO) INTRODUCTION The proliferation of mobile applications, including mobile apps custom to an organization, makes the need for an SSO solution
More informationWHITE PAPER AUGUST 2014
THE DEFINITIVE GUIDE TO CLOUD ACCESS SECURITY BROKERS WHITE PAPER AUGUST 2014 For many enterprises, security and compliance concerns hamper adoption of cloud applications. Furthermore, cloud applications
More informationTOP 3. Reasons to Give Insiders a Unified Identity
TOP 3 Reasons to Give Insiders a Unified Identity Although much publicity around computer security points to hackers and other outside attacks, insider threats can be particularly insidious and dangerous,
More informationSeven Things To Consider When Evaluating Privileged Account Security Solutions
Seven Things To Consider When Evaluating Privileged Account Security Solutions Contents Introduction 1 Seven questions to ask every privileged account security provider 4 1. Is the solution really secure?
More informationWhat You Should Know About Cloud Storage
A DIGITAL LIFE E-GUIDE Files in Flight: What You Should Know About Cloud Storage What Is the Cloud? Back then, all your files were stored on hardware. Party photos, spreadsheets, and school projects were
More informationThe Bring Your Own Device Era:
The Bring Your Own Device Era: Benefits Clearly Justify BYOD, but Businesses Must Mitigate Security, Compliance and Application Performance Risks Executive Overview The Bring-Your-Own-Device (BYOD) era
More informationCyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft
Cyber Security and Privacy Services Working in partnership with you to protect your organisation from cyber security threats and data theft 2 Cyber Security and Privacy Services What drives your security
More informationWelcome! What We Do At IntelliSystems, our goal is to get Information Technology and telecommunications management out of your way so that you can focus on your business. Historical PC Business Network
More informationSocial media importance in Businesses
Social media importance in Businesses Social media networks were a novelty 5 years ago, but today their importance is no longer debated. Yes, businesses have definitely realized the power of social media
More informationWhat Do You Mean My Cloud Data Isn t Secure?
Kaseya White Paper What Do You Mean My Cloud Data Isn t Secure? Understanding Your Level of Data Protection www.kaseya.com As today s businesses transition more critical applications to the cloud, there
More information2015 Cloud Security Alliance All Rights Reserved
How Cloud Being How Cloud is is Being Used Used in in the Financial Sector: the Financial Sector: Survey Report Survey Report March 2015 February 2015 2015 Cloud Security Alliance All Rights Reserved All
More informationTHE MOBlLE APP. REVOLUTlON. 8 STEPS TO BUlLDING MOBlLE APPS FAST ln THE CLOUD
THE MOBlLE APP REVOLUTlON 8 STEPS TO BUlLDING MOBlLE APPS FAST ln THE CLOUD People use hand-held devices for everything from communicating and playing games to shopping and surfing the Internet. In fact,
More informationInsight Zone. Data Security 2015. Executive Interview
Insight Zone Data Security 2015 Executive Interview THE CLOUD = SAFE Every App, User, & Device Secured Eliminate Passwords Increase Security Ensure Compliance Identity Access Management Enterprise Single
More informationAvoid the Hidden Costs of AD FS with Okta
Okta White paper Avoid the Hidden Costs of AD FS with Okta Okta Inc. 301 Brannan Street, Suite 300 San Francisco CA, 94107 info@okta.com 1-888-722-7871 wp-adfs-031413 Table of Contents 1 Challenges of
More informationDefense Media Activity Guide To Keeping Your Social Media Accounts Secure
Guide To Keeping Your Social Media Accounts Secure Social media is an integral part of the strategic communications and public affairs missions of the Department of Defense. Like any asset, it is something
More informationCASE STUDY. Global Airline Empowers Mobile Workforce for SaaS Apps while Reducing Risk
Global Airline Empowers Mobile Workforce for SaaS Apps while Reducing Risk 1 About the Airline Since its founding, this worldwide airline has led the industry in flight technology innovation and flyer
More informationSecuring and Monitoring Access to Office 365
WHITE PAPER Securing and Monitoring Access to Office 365 Introduction Enterprises of all sizes are considering moving some or all of their business-critical applications, such as email, CRM, or collaboration,
More informationWhat You Need to Know About CLOUD INFORMATION PROTECTION SOLUTIONS
What You Need to Know About CLOUD INFORMATION PROTECTION SOLUTIONS Table of Contents Cloud Adoption Drivers Key Capabilities and Technologies Usability and User Experience Security Technology Architecture
More informationSecurity for the Cloud of Clouds
Security for the Cloud of Clouds Ramy Houssaini. Vice President, BT Security Europe. RamyHoussaini strategicleadership About BT Security BT s end to end Security portfolio integrates classic perimeter
More informationCan Cloud Providers Guarantee Data Privacy & Sovereignty?
Can Cloud Providers Guarantee Data Privacy & Sovereignty? Andrew Bartlam, VP EMEA Business Development Cloud Exo Europe 11 th Marcg 2015 2014 CipherCloud All rights reserved. 2014 CipherCloud All rights
More informationCloud Apps and the Modern Professional: The New Business Landscape
Cloud Apps and the Modern Professional: The New Business Landscape White Paper by Crucial Research September, 2015 Whitepaper by http://www.crucial.com.au/ Cloud Apps and the Modern Professional: The New
More informationSocial Networks. Do you need to. Was it. Is there a. What did they say? affected? change your password? patch?
Social Networks Facebook Unclear Yes Yes "We added protections for Facebook s implementation of OpenSSL before this issue was publicly disclosed. We haven t detected any signs of suspicious account activity,
More informationVoiceTrust Whitepaper. Employee Password Reset for the Enterprise IT Helpdesk
VoiceTrust Whitepaper Employee Password Reset for the Enterprise IT Helpdesk Table of Contents Introduction: The State of the IT Helpdesk...3 Challenge #1: Password-Related Helpdesk Costs are Out of Control...
More informationTop 5 Reasons to Choose User-Friendly Strong Authentication
SOLUTION BRIEF: USER-FRIENDLY STRONG AUTHENTICATION........................................ Top 5 Reasons to Choose User-Friendly Strong Authentication Who should read this paper This executive brief asserts
More informationData- centric Security: A New Information Security Perimeter Date: March 2015 Author: Jon Oltsik, Senior Principal Analyst
ESG Solution Showcase Data- centric Security: A New Information Security Perimeter Date: March 2015 Author: Jon Oltsik, Senior Principal Analyst Abstract: Information security practices are in the midst
More informationSRG Security Services Technology Report Cloud Computing and Drop Box April 2013
SRG Security Services Technology Report Cloud Computing and Drop Box April 2013 1 Cloud Computing In the Industry Introduction to Cloud Computing The term cloud computing is simply the use of computing
More information2014 NETWORK SECURITY & CYBER RISK MANAGEMENT: THE THIRD ANNUAL SURVEY OF ENTERPRISE-WIDE CYBER RISK MANAGEMENT PRACTICES IN EUROPE
2014 NETWORK SECURITY & CYBER RISK MANAGEMENT: THE THIRD ANNUAL SURVEY OF ENTERPRISE-WIDE CYBER RISK MANAGEMENT PRACTICES IN EUROPE February 2014 Sponsored by: 2014 Network Security & Cyber Risk Management:
More informationBUILDING THE CASE FOR CLOUD: HOW BUSINESS FUNCTIONS IN UK MANUFACTURERS ARE DRIVING PUBLIC CLOUD ADOPTION
BUILDING THE CASE FOR CLOUD: HOW BUSINESS FUNCTIONS IN UK MANUFACTURERS ARE DRIVING PUBLIC CLOUD ADOPTION Industry Report Contents 2 4 6 Executive Summary Context for the Sector Key Findings 3 5 9 About
More informationHow To Manage Security On A Networked Computer System
Unified Security Reduce the Cost of Compliance Introduction In an effort to achieve a consistent and reliable security program, many organizations have adopted the standard as a key compliance strategy
More informationPrivilege Gone Wild: The State of Privileged Account Management in 2015
Privilege Gone Wild: The State of Privileged Account Management in 2015 March 2015 1 Table of Contents... 4 Survey Results... 5 1. Risk is Recognized, and Control is Viewed as a Cross-Functional Need...
More informationFormulate A Database Security Strategy To Ensure Investments Will Actually Prevent Data Breaches And Satisfy Regulatory Requirements
A Forrester Consulting Thought Leadership Paper Commissioned By Oracle Formulate A Database Security Strategy To Ensure Investments Will Actually Prevent Data Breaches And Satisfy Regulatory Requirements
More informationCloud Computing: A Question of Trust Maintaining Control and Compliance with Data-centric Information Security
Russ Dietz Vice President & Chief Technology Officer Cloud Computing: A Question of Trust Maintaining Control and Compliance with Data-centric Information Security By Russ Dietz Vice President & Chief
More informationWhite Paper. Three Steps To Mitigate Mobile Security Risks
White Paper Three Steps To Mitigate Mobile Security Risks Bring Your Own Device Growth The Bring Your Own Device (BYOD) trend caught on with users faster than IT expected, especially as ios and Android
More information10 Hidden IT Risks That Threaten Your Financial Services Firm
Your firm depends on intelligence. But can you count on your technology? You may not be in the intelligence technology business, but it s probably impossible to imagine your business without IT. Today,
More informationProtecting Your Network Against Risky SSL Traffic ABSTRACT
Protecting Your Network Against Risky SSL Traffic ABSTRACT Every day more and more Web traffic traverses the Internet in a form that is illegible to eavesdroppers. This traffic is encrypted with Secure
More informationEnabling Business Beyond the Corporate Network. Secure solutions for mobility, cloud and social media
Enabling Business Beyond the Corporate Network Secure solutions for mobility, cloud and social media 3 Trends Transforming Networks and Security Are you dealing with these challenges? Enterprise networks
More informationSecurity and Privacy
Security and Privacy Matthew McCormack, CISSP, CSSLP CTO, Global Public Sector, RSA The Security Division of EMC 1 BILLIONS OF USERS MILLIONS/BILLIONS OF APPS 2010 Cloud Big Data Social Mobile Devices
More information2014 NETWORK SECURITY & CYBER RISK MANAGEMENT: A SURVEY OF ENTERPRISE-WIDE CYBER RISK MANAGEMENT PRACTICES IN THE ASIA-PACIFIC REGION
2014 NETWORK SECURITY & CYBER RISK MANAGEMENT: A SURVEY OF ENTERPRISE-WIDE CYBER RISK MANAGEMENT PRACTICES IN THE ASIA-PACIFIC REGION April 2014 Sponsored by: 2014 Network Security & Cyber Risk Management:
More informationInformation Security and Continuity Management Information Sharing Portal. Category: Risk Management Initiatives
Information Security and Continuity Management Information Sharing Portal Category: Risk Management Initiatives Contact: Chip Moore, CISO State of North Carolina Office of Information Technology Services
More informationWRITTEN TESTIMONY OF
WRITTEN TESTIMONY OF KEVIN MANDIA CHIEF EXECUTIVE OFFICER MANDIANT CORPORATION BEFORE THE SUBCOMMITTEE ON CRIME AND TERRORISM JUDICIARY COMMITTEE UNITED STATES SENATE May 8, 2013 Introduction Thank you
More informationFROM TACTIC TO STRATEGY:
FROM TACTIC TO STRATEGY: The CDW 2011 Cloud Computing Tracking Poll 2011 CDW LLC TABLE OF CONTENTS Introduction 3 Key findings 4 Planning for the cloud 16 Methodology and demographics 19 Appendix 20 Industries
More information2015 VORMETRIC INSIDER THREAT REPORT
Research Conducted by 2015 VORMETRIC INSIDER THREAT REPORT Trends and Future Directions in Data Security HEALTHCARE EDITION #2015InsiderThreat RESEARCH BRIEF U.S. HEALTHCARE SPOTLIGHT ABOUT THIS RESEARCH
More informationA BUSINESS CASE FOR BEHAVIORAL ANALYTICS. White Paper
A BUSINESS CASE FOR BEHAVIORAL ANALYTICS White Paper Introduction What is Behavioral 1 In a world in which web applications and websites are becoming ever more diverse and complicated, running them effectively
More information