Welcome!

The Sky is No Longer the Limit: Thoughts from the Cloud

Kevin Nikkhoo

Subscribe to Kevin Nikkhoo: eMailAlertsEmail Alerts
Get Kevin Nikkhoo via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Kevin Nikkhoo

Does this sound familiar? Ann, sitting at her desk eating lunch, is surfing the Net. She checks her personal Yahoo email account and sees a message from a purported survey company asking her about her music preferences. She opens the email and takes the survey. Seems harmless enough, but what Ann doesn’t know is that this survey company doesn’t exist and embedded in some of the survey prompts hides an undetected botnet that downloaded onto her desktop. This nasty bugger can record her keystrokes and take screen shots as she navigates through your network. Now some unauthorized entity has her login credentials, passwords…essentially her online/employee  identity and access to your enterprise’s proprietary assets and other sensitive data. You tell them, you educate them, but sometimes it’s not enough. You need to implement another layer of security. These threats aren’... (more)

The Secret Sauce of User Provisioning

If you want the secret to user provisioning and de-provisioning in an enterprise setting, I’ll give you the one word answer, and then you can get on with the rest of your day… Integration. However, if you need to know why, how and with what...read on. The need to credential authorized users to your network and other proprietary assets is clear. You only want those with the proper rights in…and all others out. Complicating matters is that there are so many users these days…employees, channel partners, contract employees, suppliers, vendors, customers, prospects--all needing some ... (more)

Attacks from Within

So much is written about the events outside your perimeter; those nefarious and shadowy individuals and offshore syndicates who are looking to steal technology or personal data or piggyback on your servers to peddle everything from pirated products to pornography, implant botnets or viruses, or simply to create corporate chaos. With all that weighing on our collective IT asset protection strategies, it is easy to miss what a new Carnegie Mellon report is pointing to as one of the fastest growing threats…insider breaches. Even KPMG says this threat has tripled since 2007. They co... (more)

A Preposition Makes All the Difference in / of / for / from the Cloud

No, this isn't 7th grade English...I promise. With all the important decisions IT departments make, what’s the big deal whether cloud security means from the cloud, in the cloud, of the cloud or for the cloud. Well, a lot. Among the various media, blogs, professional chatter, webinars, conferences and the like, the concept of cloud security is getting a significant amount of airplay. However, the difference in the application of a simple preposition completely alters the scope and meaning of these conversations to that of a problem or a solution. Security IN the cloud frames the... (more)

A Job for Man or Machine

A Chief Technology Officer for a Midwest banking holding company made a very interesting observation. In commenting about the needed increase in fraud fighting resources, he warned about the perils of overemphasizing technology while ignoring training staff in using manual fraud-detection processes. Most of what he says is spot on in terms of ensuring the proper prioritization, risk analysis and the blind reliance on technology to identify and neutralize threats and breaches. In fact, as an officer in a technology company, I happen to agree with him on almost everything he said. ... (more)