Strong MFA: The First Stop on the Path to Passwordless
Blog Published: 07/31/2020
By Andrew Hickey, Director of Content at DuoStrong MFA: The First Stop on the Path to PasswordlessPasswords, the antiquated security mechanism in place since the 1960’s, have since their inception caused user and administrative frustration due to their complexity and frequent resets. As techno...
Upending Old Assumptions in Security
Blog Published: 08/03/2020
By Wendy Nather, Head of Advisory CISOs at DuoEvery time you think you’ve figured out this risk management thing, something else happens to torpedo your hidden assumptions. Remember when we assumed that an IP address was a pretty good indicator of someone’s physical location and origin, so a n...
A Better Than Remote Chance – More People Work from Home in Post COVID World
Blog Published: 08/05/2020
By Matt Hines, VP of Marketing at CipherCloud & Neeraj Nayak, Sr. Product Marketing Manager at CipherCloudSummary: New research underlines the fact that more people will likely prefer to work from home, even when the pandemic passes. Security models that better address cloud apps, mobility...
Cloud Security Alliance Study Finds While CASB Demand Is High, Additional Education Is Needed to Clarify Cloud Security Goals
Press Release Published: 08/11/2020
More training, clear goals are needed to ensure companies get full effectiveness of cloud security access broker productsSEATTLE – Aug. 11, 2020 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensu...
Compliance is the Equal and Opposite Force to Digital Transformation…that’s where DevOps comes in
Blog Published: 08/07/2020
By J. Travis Howerton, Co-Founder and CTO, C2 Labs.This blog is shortened version of the original blog published by C2. For the full length post go here. Digital transformation will reshape all businesses, large and small, over the next decade and beyond; driven by the convergence of major tec...
You’ve passed your SOX audit, but is your cloud environment really secure?
Blog Published: 08/10/2020
By Petrina Youhan, Director of Channel Partnerships and Services at HyperproofCloud environments have unique risks that are not fully addressed by SOX. Additionally, while SOX does support good IT control hygiene, the actual scope of a SOX audit leaves out key security principles that are impe...
What Schrems 2 Means for your Privacy Shield Program
Blog Published: 08/10/2020
By Francoise Gilbert, CEO, DataMinding, Inc.The publication of the EU Court of Justice decision in the Schrems 2 case has left many organizations, worldwide, facing a difficult dilemma. What to do next to ensure the continuity of personal data flows from the European Union or European Economic...
How to secure DevOps
Blog Published: 08/12/2020
By Andrey Pozhogin, Senior Product Marketing Manager, Hybrid Cloud Security at KaperskySupply-chain attacks through public repositories have become more frequent of late. Here’s how to deal with them.Last month, IT news websites reported that RubyGems, the official channel for distributing lib...
Cloud Security Alliance, ISACA Announce Strategic Partnership to Reinvent Cloud Auditing and Assurance
Press Release Published: 08/17/2020
Organizations to collaborate on joint venture to bring the Certificate of Cloud Auditing Knowledge (CCAK) to the marketSEATTLE – Aug. 17, 2020 – Global technology association ISACA and the Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certific...
Can Passwordless Authentication Be Trusted?
Blog Published: 08/17/2020
By J. Wolfgang Goerlich, Advisory CISO for Duo SecurityEvery new feature we introduce to our users is potentially a new tactic we provide our adversaries. When I was learning to drive, this happened with car steering wheel locks. Do you remember these? Big bars people would put on their steeri...
SaaS Security Series: Understanding Salesforce Administrative Permissions
Blog Published: 08/19/2020
Brian Soby, CTO & Co-founder of AppOmniToday, more than ever, SaaS applications drive the modern enterprise. They are relied upon for managing customer data, allowing internal collaboration, and keeping organizations connected across the world. As the amount of sensitive and business-criti...
Cloud Security Alliance Releases Perspective on Cloud Risk Management Report That Identifies Cloud Computing Rapid Adoption Gaps and Risks
Press Release Published: 08/20/2020
Document provides impartial look at risk by identifying, examining gaps introduced over the last decade by rapid adoption of cloud computingSEATTLE – Aug. 20, 2020 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best pra...
Enabling Data Protection and Compliance in the G Suite Environment
Blog Published: 08/21/2020
By Matt Hines, VP of Marketing at CipherCloud & Ishani Sircar, Product Marketing Manager at CipherCloudThe Rise of G Suite and Related Data Security ChallengesWith over 2 billion active users and a market share of 56.97 percent, G Suite is here to stay nd help enable today’s businesses to ...
Cloud Security Alliance’s CASB Survey Finds Nearly 70% House Their Most Sensitive Data in Microsoft SharePoint Online/OneDrive
Blog Published: 08/25/2020
By Tim Choi, Director of Product Marketing for ProofpointCOVID-19 changed everything overnight. The traditional perimeter is gone and the things that were planned years in the future—like cloud migration—had to be fast tracked. Immediately.This sudden shift is the latest evidence that organiza...
3 Ways to Overcome Challenges in Vendor Risk Management
Blog Published: 08/25/2020
Written by WhisticOne of the most significant catalysts for the shift from reactive to proactive vendor security was the change in the way organizations do business and handle data and information.The Changing SaaS LandscapeInfoSec is one of the latest industries to hop on the SaaS train, but ...
Shared Responsibility Model Explained
Blog Published: 08/26/2020
By CloudPassageCloud service providers adhere to a shared security responsibility model, which means your security team maintains some responsibilities for security as you move applications, data, containers, and workloads to the cloud, while the provider takes some responsibility, but not all...
SSO and the Road to Passwordless
Blog Published: 09/01/2020
By Dave Lewis, Advisory CISO — Global at DuoWe’ve all heard the phrase “every journey starts with a single step.” While this might seem obvious on the face of it, we can often feel pressure to immediately arrive at our destination.Discussions around passwordless often are too simplistic or too...
The Service Mesh Wars: Why Istio might not be favorite after all
Blog Published: 09/03/2020
By Gadi Naor, CTO and Co-Founder, AlcideThese days, more organizations are shifting to cloud-native applications, which are designed to run in the cloud and take advantage of the cloud’s dynamic, scalable and readily-available nature. Typically, cloud-native application architectures are made ...
Diving Deeper: 4 Best Practices for Securing Enterprise Data in Office 365 (O365)
Blog Published: 09/09/2020
By Matt Hines, VP of Marketing at CipherCloud & Ishani Sircar, Product Marketing Manager at CipherCloudSo, here we are, both as workers and employers. The COVID-19 environment hasn’t really changed much from a workforce perspective over the last six months, other than the fact that more of...
Understanding the Complexities of Securing a Remote Workforce
Blog Published: 09/09/2020
By Sean Gray, Sr. Director InfoSec at Paypal and Co-Chair of the CSA Financial Services Working GroupWe have all witnessed sudden and stunning changes in how companies – big and small – operate in response to the challenges necessitated by COVID-19. Many have pivoted successfully, however the...
