One of the key drivers to IT security investment is compliance. Several
industries are bound by various mandates that require certain transparencies
and security features. They are designed to mitigate aspects of risk
including maintaining the sacrosanctity of customer information, financial
data and other proprietary information.
One such affected vertical is retail. No matter if you’re Wal-Mart or
Nana’s Knitted Kittens, if you store customer information; if you process
payments using customer’s credit cards, you are required by law to comply
with a variety of security standards. Although there are several auditing
agencies and mandating bodies, today we will concentrate on the one
compliance agency that is typically applicable to every retailer-PCI.
PCI (Payment Card Industry) enforces Data Security Standards that looks to
ensure that ALL companies that process, ... (more)
Happy holidays to all of you and may the season keep your perimeters
protected, your assets secure and your networks free of nasty little elves!
Twas the night before Christmas
and all through the net
No access was stirring;
No hackers as yet.
Murphy in sales was showing his app
Tweeting and downloading with only a tap
I grumble and moan ‘cause I know it to be.
That his iPhone and iPad was BYOD
Then out on the site there arose such a clatter,
I sprang from the help desk to see what was the matter.
Without my UniSec dashboard, I would not know
If the network alert meant friend or meant fo... (more)
One of the biggest misconceptions in cloud security is the perception that
identity management (IDaaS) and access management (SSO) are the same thing.
And it took a viewing of the famous Star Trek episode called Mirror Mirror
for me to best illustrate and articulate the difference between the creation
and management of a user account and credentialed rights and the funneled
applications that entity is allowed to see. For those unfamiliar with the
episode, it’s the one where Kirk is transported into an alternate universe
and meets evil Spock (the one with the beard)..... (more)
There are a lot of experts and process gurus who are more qualified than I to
tell you how to manage change. They will offer a great deal of high level
advice such as “define the vision,” “create a change proposition,”
“promote staff input to shape the solution.” And these are very wise
nuggets of advice. And we (in IT) are at a crossroads for change. The
landscape of the role, the challenges of the responsibilities, the tools of
the trade are all evolving.
Much of the change revolves around the migration to cloud-based solutions.
For going on a dozen years, SaaS applications ... (more)
In the software universe we’ve all heard the saying “We are One Inch into
a Mile of Functionality but we are paying for the entire mile.”
That pretty much sums up every technology initiative ever embarked upon.
Whether we are talking, ERP, CRM, SIEM or a variety of other alphabet soup
programs, it always looks so simple in the demo, but when rubber meets the
road, there’s always some gremlin preventing or delaying full realization
of the benefits or expected ROI.
Now I am not looking down my nose at any particular implementation of any
particular product, but I read a Forrester s... (more)