Cloud security tools

How to use Google's workload identity federation with AWS

Cloud admins struggle to share data between cloud providers. Here are the steps to create a federated identity in Google Cloud, connecting it to AWS in a secure way. Continue Reading

How to overcome 3 multi-tenancy security issues

Explore three major multi-tenancy security challenges and how to fix them, including lack of visibility, privilege overallocation and poor data security management. Continue Reading

Best practices for endpoint security in the cloud

As the proliferation of cloud services continues, IT teams should revisit -- and potentially revamp -- their endpoint protection strategies. Continue Reading

All about cloud-native application protection platforms

The cloud-native application protection platform, or CNAPP, is the latest in a slew of cloud security acronyms. Learn what it is and why the concept should stick around. Continue Reading

Step-by-step guide on how to create an IAM user in AWS

Learn how to make an AWS IAM user and assign an access policy to the user with a few commands. This detailed tutorial includes screenshots to guide you through the steps. Continue Reading

Fine-tune Exchange Online security for your organization

After a move to Microsoft's hosted email service, Exchange admins must learn how to tailor the integrated and supplemental security features to cover several threat scenarios. Continue Reading

Cloud-native security benefits and use cases

'Cloud native' has described applications and services for years, but its place in security is less clear. Get insight into cloud-native security from expert Dave Shackleford. Continue Reading

How to create Amazon EC2 security groups

Before setting up security groups for AWS resources, review rules, requirements and potential missteps. Follow these steps to properly configure security groups for EC2 instances. Continue Reading

How cloud adoption is shaping digital identity trends in 2021

Expert Carla Roncato explains what organizations need to know about emerging digital identity and security trends for the cloud, including CASB, CIEM and zero trust. Continue Reading

An introduction to AWS IAM best practices

Follow this AWS IAM overview to better understand Amazon's core access management service. Implement these tips to get the most out of this foundational security service. Continue Reading

When should you use AWS IAM roles vs. users?

Access management is critical to securing the cloud. Understand the differences between AWS IAM roles and users to properly restrict access to AWS resources. Continue Reading

What are 3 encryption for cloud storage best practices?

There are several different methods to cloud storage encryption. These best practices for encryption can help improve security of important cloud data. Continue Reading

How cloud monitoring dashboards improve security operations

Cloud monitoring dashboards can help security teams achieve visibility in complex, sprawling environments. Learn about cloud-native, third-party and open source deployment options. Continue Reading

Get to know cloud-based identity governance capabilities

As enterprise cloud adoption increases, the market for cloud identity governance is expected to expand. Learn more about the use cases, benefits and available product options. Continue Reading

A breakdown of core AWS identity services

Given the wide range of organizations that use AWS to power their applications, it's important to understand the options AWS offers to manage access to application components. Continue Reading

Compare Azure Firewall vs. NSGs for network security

Traffic to and from resources needs proper security to protect data, but the wrong tool could leave you vulnerable. Explore these two services to find the right level of protection. Continue Reading

How cloud-based SIEM tools benefit SOC teams

It's time for SIEM to enter the cloud age. Learn about the cloud-based SIEM features that can help SOC teams gain a holistic view of their organization's cloud infrastructure. Continue Reading

Cognito user pools vs. identity pools -- what AWS users should know

Familiarize yourself with user pools and identity pools in Amazon Cognito and learn how to better protect your workloads in a cloud environment. Continue Reading

Choosing between proxy vs. API CASB deployment modes

Curious how to choose the right CASB deployment mode for your organization? Before you buy, compare how proxy vs. API CASB architectures work to secure SaaS applications. Continue Reading

How enterprise cloud VPN protects complex IT environments

Do you know how enterprise cloud VPN differs from a traditional VPN? Explore how cloud VPN works and whether it's the right option for your hybrid IT environment. Continue Reading

CASB, CSPM, CWPP emerge as future of cloud security

Complexity has introduced new needs and challenges when securing cloud environments. Find out how CASB, CSPM and CWPP tools have evolved to meet the changing cloud landscape. Continue Reading

How public cloud vendors tackle confidential computing

Confidential computing is an emerging cloud technology, and the major cloud platforms have all addressed it with different strategies around usability and scale. Continue Reading

When -- and when not -- to use cloud native security tools

Security tools from cloud vendors are convenient, but that doesn't mean they are always the right choice. Learn how to decide when you should opt to use third-party security tools. Continue Reading

Cloud computing security technology quiz

As companies migrate to the cloud to improve accessibility and scalability, there are many aspects of security to consider. Test your cloud security knowledge with this quiz. Continue Reading

Use this Amazon Cognito review to assess authentication tools

Amazon Cognito isn't as user-friendly as some competitors, but it does offer some unique advantages. Explore the pros, cons and alternatives for Cognito. Continue Reading

Cloud workload protection platform security benefits, features

VMs and cloud environments make the task of protecting workloads more difficult than ever. Can a cloud workload protection platform help your organization solve the problem? Continue Reading

Third-party cloud services for images, search and authentication

Don't limit your cloud services to just what your provider offers. Consider these third-party alternatives to handle images, search and authentication. Continue Reading

Confront cloud security challenges with these 5 tips

Security gets complicated when the cloud overlaps with other technologies, such as AI and serverless. Review these common risks, and learn how to prevent attacks. Continue Reading

10 open source cloud security tools to know

While cloud providers offer native security tools, there also are plenty of useful open source options. Here's a sample of open source tools for cloud security. Continue Reading

Top 6 cloud security analytics use cases

Security analytics use cases vary from fraud detection to threat intelligence analysis. Learn how deploying this technology in the cloud can improve enterprise infosec programs. Continue Reading

12 AWS security tools to protect your environment and accounts

AWS manages the security of the cloud, but it's your job to secure your data in the cloud. Continue Reading

Comparing SASE vs. traditional network security architectures

Today's dispersed environments need stronger networking and security architectures. Enter cloud-based Secure Access Service Edge -- a new model for secure network access. Continue Reading

Get to know the elements of Secure Access Service Edge

Cloud services use cases continue to expand, but implementation challenges remain. Discover Secure Access Service Edge, or SASE, offerings and how they can simplify connectivity. Continue Reading

Compare web and mobile testing tools from AWS, Microsoft and Google

Compare and contrast the mobile testing tools from the big three cloud vendors -- AWS Device Farm, Google Firebase Test Lab and Microsoft Visual Studio App Center Test. Continue Reading

HPE buys Scytale to hone cloud-native security chops

HPE has scooped up Scytale, a startup that has developed a cloud-native security framework for highly distributed applications. While most enterprises don't need such capabilities today, HPE has taken a step that could serve them down the road. Continue Reading

Confidential computing promises secure cloud apps

Adopt confidential computing to protect sensitive data in the cloud. Learn the basics about these technologies and evaluate offerings from AWS, Google, Microsoft and others. Continue Reading

5 steps to a secure cloud control plane

A locked-down cloud control plane is integral to maintaining cloud security, especially in multi-cloud environments. Here are five steps to a secure cloud control plane. Continue Reading

Learn some key cloud workload protection best practices

Learn key practices to protect cloud workloads whether using VMs, endpoints or containers. And don't forget to consider the best means for building a fruitful feedback loop. Continue Reading

What cloud workload security tools and controls work best?

Read on to learn how to build a cloud security model that allows your team to embed controls and monitor deployment without getting in the way of business processes. Continue Reading

AWS security groups vs. network ACLs and other AWS firewalls

Protect your AWS cloud environment with these Amazon firewall services. Learn how security groups and network ACLs work, along with other key AWS firewall options. Continue Reading

How to evaluate CASB tools for multi-cloud deployments

When it comes to evaluating CASB tools, it's essential to be an informed customer. Identify your organization's usage and security goals to get the context you need before you buy. Continue Reading

Google to unveil post-Chronicle cloud cybersecurity plans

Google plans to discuss its cloud cybersecurity portfolio at a conference next week, with the capabilities developed by Chronicle figuring heavily into the mix. Continue Reading

Benefits of using Azure Security Center for security assessments

Author Yuri Diogenes discusses how Azure Security Center helps admins achieve full cloud visibility, conduct security assessments and prevent potential breaches. Continue Reading

Use Azure Security Center to conduct a security posture assessment

In this excerpt from Chapter 4 of Microsoft Azure Security Center, the authors outline how to use the software to determine and improve your enterprise's cloud security posture. Continue Reading

How to beef up S3 bucket security to prevent a breach

Security teams have plenty of tools at their disposal to help their organizations achieve and maintain S3 bucket security. Learn about the threats and best practices to stay safe. Continue Reading

Enterprises want more cloud transparency

Cloud providers have improved the visibility into their platforms, but enterprises still need more information about what goes on behind the scenes. Continue Reading

A comprehensive guide for application migration to the cloud

Nothing worthwhile is easy -- a mantra you'll want to remember when challenges arise during a move to the cloud. Make it easier and follow this guide to cloud migration success. Continue Reading

Set AWS security automation in motion with these practices

Enterprises need to continuously improve their cloud security posture. Catch up on the latest expert advice on AWS security tools and practices. Continue Reading

Use modern cloud security best practices

Enterprises still worry about the security of cloud and if migrating will put data at risk. Explore modern methods, technologies and tools that help strengthen cloud environments. Continue Reading

CASB tools evolve to meet broader set of cloud security needs

When choosing a CASB, enterprises face two primary options: a stand-alone service from a third party or a bundled tool set from some of the large cloud providers. It's important to pick your flavor wisely. Continue Reading

Azure Anomaly Detector service spots business data deviations

Microsoft's Anomaly Detector service for Azure applies AI to customers' time-series data sets to find deviations or patterns that suggest problems. But humans still have the final say. Continue Reading

Oracle layoffs underpin its IaaS ambitions

Oracle plans further investments in Oracle Cloud Infrastructure, but to do so it has cut jobs and made plans to hire fresh talent to support its cloud business. Continue Reading

Understand AI and machine learning security impacts on cloud apps

Cloud-based machine learning can alleviate and aggravate security concerns. Review analysis and advice from our experts to stay on top of this emerging aspect of IT. Continue Reading

Google tool signals move to greater cloud transparency

Access Transparency users can review the work Google admins did on their cloud accounts. It's a step toward greater accountability, but large organizations will want even more. Continue Reading

Azure Sentinel adds AI-driven SIEM for cloud security

Azure Sentinel, Microsoft's take on a security information and event management platform, relies on AI for threat detection and competes with the likes of Splunk. Continue Reading

Overcome IoT challenges for cloud-based workloads

Organizations often build IoT apps on public clouds for their scalability, but these platforms introduce their own obstacles. Factor in these network, storage and security impacts. Continue Reading

Words to go: Google cloud security services

Digging through all of Google's cloud security tools can seem overwhelming. Get a snapshot of key services, and when to use them, with this quick list. Continue Reading

Eclypsium: Bare-metal cloud servers vulnerable to firmware attacks

Eclypsium found IBM SoftLayer cloud services are vulnerable to what it calls Cloudborne, which allows threat actors to make small, but potentially deadly firmware changes. Continue Reading

Data leak exposes list of Rubrik backup customers

A security snafu left a server containing Rubrik customer information -- including names and contact information -- exposed. Rubrik claims no customer-owned data was leaked. Continue Reading

Follow these 6 serverless security best practices

Optimal security for serverless architectures requires developers and ops teams to embrace best practices around dependencies, testing, access and more. Continue Reading

5 ways to smooth the road to hybrid cloud deployment

In the move to hybrid cloud, security, app requirements and monitoring are just a few of the many factors to consider. Follow these guidelines for a smooth deployment process. Continue Reading

What's the best multi-cloud storage strategy for minimizing risks?

Find out the steps to take to construct a unified multi-cloud security strategy where components work together to provide a single, comprehensive approach. Continue Reading

Review Google cloud IAM fundamentals and best practices

To learn the ins and outs of Google’s identity and access management service, start with the basic concepts of roles, permissions and policies. Continue Reading

Secure data in the cloud with encryption and access controls

Enterprises can't rely on their IaaS provider to protect sensitive information in the cloud. Implement these data security techniques to mitigate potential risks. Continue Reading

Properly configure resources to reduce cloud security threats

Misconfigured cloud resources can quickly open the door to IT risks. Be mindful of access controls, and don't brush off your cloud provider's recommended security practices. Continue Reading

Three events that spooked cloud admins in 2018

So far this year, outages, security breaches and GDPR compliance have haunted cloud admins in the enterprise. Take a closer peek at each of these three big scares. Continue Reading

AI and machine learning take on cloud security woes

AI-infused technologies continue to target almost all aspects of cloud monitoring and management, including security. But don't assume they're a silver bullet. Continue Reading

AI and machine learning take on cloud security woes

 Continue Reading

Cloud in healthcare rises above privacy, compliance pressures

The cloud hovers over just about everything these days, including hospitals and health systems. Healthcare CIOs fully understand that migration is inevitable, but security of sensitive patient records and maintaining compliance with federal health and privacy regulations can create huge stumbling blocks. That also partly explains why the flight path to the cloud in healthcare has lagged behind many other industries.

In September's Pulse, our editor's letter explores the pain of healthcare organizations and their IT decision-makers who have to balance the need to modernize with the concerns for patient privacy. Along those lines, our cover story examines the brave new world of the cloud in healthcare and focuses on one CIO who maneuvered through the legal gauntlet of HIPAA-mandated vendor-provider business associate agreements. In another feature, learn how establishing healthy working relationships with vendors can help hospitals get past the anxiety of securely storing documents in a cloud architecture.

Also in this issue, exhaustive research reveals acquisitions taking place in healthcare and finds that artificial intelligence applied to medical imaging is attracting a significant amount of investment dollars. In addition, CIOs can lower the pressure to implement cloud in healthcare programs in their hospitals by following five diagnostic and testing steps that can lead to innovative software applications and successful deployments. And in another feature, we look at the widespread opioid epidemic and the role health IT can play in battling the crisis using weapons like analytics and integrating electronic health records with prescription databases.

 Continue Reading

5 steps for creating a healthcare technology innovation plan

Before investing in and implementing a new technology initiative, healthcare CIOs should first diagnose the condition they want to solve. Then they can research possible cures. Continue Reading

In the medical imaging market, AI drives investment dollars

Investors in medical imaging technology leaned toward software that improves AI-related radiology and associated workflows, as evidenced by detailed research. Continue Reading

Opioid crisis solutions include analytics, EHR integration

Health IT stands ready to help battle opioid deaths through greater use of data analytics and improved integration of EHRs and prescription drug databases. Continue Reading

Cloud for healthcare presses on but is slowed by HIPAA anxiety

Facing mounting pressure to take steps toward the healthcare cloud, hospital systems find themselves balancing modern infrastructure trends with HIPAA safeguards. Continue Reading

Why the healthcare BAA makes the cloud journey much tougher

Applying public cloud to healthcare can create a brave new world for hospitals. The CTO of Providence Health & Services strongly advises reading the healthcare BAA very carefully. Continue Reading

Take responsibility for SaaS application security

Can't keep up with cloud app security hardening? Experts say it's time to implement DevSecOps initiatives and look to third-party security tools and services. Continue Reading

Establish a data classification model for cloud encryption

Not all data requires the same level of encryption. Use data classification to gauge your security needs, including for workloads that span on-premises and cloud environments. Continue Reading

Four signs you need a third-party cloud management platform

In a multi-cloud deployment, IaaS providers' native tools for admins often fall short. These four signs indicate it's time to invest in a third-party cloud management tool. Continue Reading

Bolster multi-cloud security with these data privacy tips

Data privacy is always a top priority for enterprise IT teams. And those with a multi-cloud model should adopt a mix of security techniques -- from erasure coding to encryption. Continue Reading

Five critical tests for cloud application performance, security

To keep end users happy, dev teams should regularly test the performance and security of cloud-hosted applications. Tools from cloud providers and third-party vendors can help. Continue Reading

The best multi-cloud strategy is to just ignore the hype

Vague vendor and analyst definitions for multi-cloud only confuse business leaders and put IT professionals in a precarious position. Continue Reading

GDPR compliance requirements don't come cheap

GDPR has more teeth than any previous data privacy directive, but that looming threat hasn't motivated many companies to get their audit trail in order. Continue Reading

Microsoft takes holistic approach to IoT security concerns

Azure Sphere extends security from the cloud to the device. It's the most holistic approach on the market and provides another example of Microsoft abandoning its insular past. Continue Reading

GDPR requirements loom over cloud providers, users

Even if your cloud provider already complies with GDPR, you can't just take a backseat. Know what the requirements are and whether they apply to you -- or risk hefty fines. Continue Reading

Hybrid cloud deployment demands a change in security mindset

To fully protect data in a hybrid cloud model, enterprises need to scrutinize integration points, network access controls and the policies they have in place. Continue Reading

New cloud threats as attackers embrace the power of cloud

Safeguarding your critical data is getting harder as threat actors embrace the advantages -- and missteps -- of cloud. Here's what to watch out for in 2018. Continue Reading

With more providers, security issues in cloud computing rise

We hear a lot about the pros and cons of a multi-cloud strategy, but a surprising number of organizations don't think they need to worry about it. They do. Continue Reading

Google Cloud Platform security updates buoy enterprise appeal

Google Cloud Platform upgrades provide deeper protection and visibility for enterprise assets in the cloud, as organizations increasingly mull multi-cloud options. Continue Reading

Human error still poses a significant cloud security risk

Even with the most sophisticated cloud security tools in play, human error -- both from end users and IT teams -- can open up your enterprise to numerous kinds of attacks. Continue Reading

Reprimand on healthcare and cloud computing spurs HIMSS debate

The benefits of the cloud are well-known, as is the healthcare industry's wariness about moving patient data to the cloud. At the HIMSS conference, the deliberations expanded. Continue Reading

Cloud security challenges spark startup acquisitions

Cloud security startups are popular acquisition targets, as cloud providers and third parties seek to address corporate IT concerns across multiple platforms. Continue Reading

Prepare and manage enterprise apps for an IaaS model

A growing number of businesses see the value in infrastructure as a service. But without careful app migration and management practices, the benefits of cloud can be lost. Continue Reading

VMware acquisition continues move toward cloud security

VMware cloud security tools will get a boost from the company's acquisition of CloudCoreo, a security and management startup focused on cloud deployments. Continue Reading

Prepare for these cloud computing technologies in 2018

Not sure what to expect, exactly, in the cloud computing market in 2018? Three of our Advisory Board members share their top predictions. Continue Reading

CASBs address wide range of cloud security concerns

Cloud and distributed apps create complex security challenges. CASBs aim to resolve these issues with features for threat protection, data loss prevention and more. Continue Reading

Five cloud computing skills to propel your career in 2018

The cloud market moves at the speed of light, so some IT pros struggle to pinpoint which new technologies and skills to learn. Here are five to prioritize in 2018. Continue Reading

Meltdown-Spectre bugs hit cloud usage less than first feared

IT shops expected their cloud usage to flag due to recent chip bugs, but most environments survived the patches unscathed. Continue Reading

Meltdown and Spectre target cloud computing environments

Hackers could target cloud computing environments to exploit the Meltdown and Spectre vulnerabilities, but AWS, Microsoft and Google say their fixes are enough to bar the doors. Continue Reading

Cloud security tips to consider when mulling external data centers

The old security rules don't apply when moving workloads to the cloud. These cloud security tips will help you make the right decision. Continue Reading

Security issues in cloud computing

While the cloud may be flexible and cost-efficient, a lack of data safeguards and compliance standards makes security the largest hurdle to leap. Continue Reading

Prepare for your next cloud security manager interview

When interviewing for a cloud security manager position, candidates should be ready to talk about everything, from encryption technology to DevOps. Continue Reading