Operations | Monitoring | ITSM | DevOps | Cloud

In a world full of threats targeting data as well as stringent compliance mandates, it’s never been more important to create a strong unified cloud security strategy. But as cloud environments become more complex and diverse, it’s also never been more difficult. Even if you’re partnering with a notably secure provider, it’s still important to understand your security responsibility and to be proactive about protecting your data in the cloud.

Many people are working from home (WFH) now and will be for at least the next few weeks. The VPN and TLS connections that remote workers rely on allow for secure access, and although these are not new connection types to monitor, the current WFH situation has created a significant increase in the number of these connections you must monitor. This new WFH scenario has made one thing easier: mobile users are no longer mobile.

As the responsibilities of the Security Operation Center (SOC) continue to increase, SOC teams are experiencing increased demand on their time and resources. Scaling a security team with little resources and funds can prove extremely difficult, especially when the incident response team spends most of their time chasing alerts.

The COVID-19 virus epidemic has seen a 23% rise in visitors to UK independent ecommerce sites. On a global scale, many companies have transitioned to fully ecommerce-based business practice and are seeing an increase in online shoppers. This paradigm shift in business continuity means websites are increasingly vulnerable to being attacked.

SSL (Secure Socket Layers) certificates tell your site’s visitors that you are whom you say you are and creates an encrypted connection between your domain (anexampledomain.com) and the visitor. If your domain doesn’t supply a valid certificate, the browser throws up a wall that warns the user that the site isn’t trusted. Many things may happen that tell the browser to issue the warning, but the most common reason is due to an expired SSL certificate.

Vulnerability Manager Plus is ManageEngine’s enterprise security program that empowers system administrators with an essential set of tools for managing and mitigating threats and vulnerabilities across systems in IT infrastructure. This security solution features specialized tools that help enterprises improve their overall security posture. Some of its unique tools include its integrated patch management module, security configuration management, and prioritization of vulnerabilities.

Chances are, if you’re not already moving applications to containers and Kubernetes, you’re considering it. However, it’s likely that security and compliance implications are something you haven’t fully thought through. Addressing container security risks later in the development life cycle negatively impacts the pace of cloud adoption while simultaneously raising security and compliance risks. The use of containers and Kubernetes changes your security calculus.