SYS-CON MEDIA Authors: Liz McMillan, Carmen Gonzalez, Zakia Bouachraoui, Roger Strukhoff, David Linthicum

Blog Feed Post

Evolve IP’s Scott Kinka Responds to the Latest USA Today Article


USA Today recently published research showing that 43% of companies have had a data breach.

My response?

It’s an interesting article. Unfortunately, the only actual “reason” mentioned in here is human capital. Front door attacks are designed to fool end users into giving away the keys to the kingdom. And even more unfortunate, is that there is little that we can do on the network security side to ensure that people aren’t fooled.

Many people try to migrate to the cloud rather than start fresh there, which perpetuates many of the hidden dangers of their previous architecture. That’s certainly one thing to leverage. But if you look at this article, it accounts for at most 20% of the breaches. The remainder are employee negligence… Could they have put IT department negligence in here? Possibly, but it doesn’t gel with the point of the rest of the article.

I think the second thing to think about is that resources used in the cloud are easily provisioned, easily torn down and don’t reside on local equipment, so, at the very least, it eliminates or reduces the human element of leaving a laptop behind, physical security of a data center, not locking a local desktop, etc. This is all also happening in an era where BYOD is becoming the norm. If someone doesn’t have a password on their iPad, they receive an email with customer information, and someone picks it up at Starbucks, is the company to blame? Or the employee? Or both? Which leads to Mobile Device Management…

MDM is going to start to drive the discussion in the next few years. Again, you can’t stop people from being purposefully negligent, but you can prevent them from being careless. No password on your iPad, no access to corporate data. Remove your password, wipe all corporate content or the whole device. You also have to consider what applications the business allows for use on these devices for IM, social media, etc., which are now increasingly becoming targets for phishing attacks.

Another topic that has been around forever is DLP (Data Leak Protection). People really haven’t understood what it is and how to use it, but with these numbers swinging so dramatically towards people as the cause of breaches, companies with compliance concerns will be forced to consider a stance on DLP. There are simple solutions that can be added to email servers and other data “exit” points that are not difficult, and can live in the cloud.

Most importantly, it’s education. Companies are just not taking the people element seriously enough. Companies with compliance risk will need to have cyber education programs for employees to identify and understand how hackers are trying to leverage them as a security breach. I fully expect that governance around corporate education may find its way into HIPAA and PCI regulations in the next few years.

How can we leverage all of this? We have to deal with these kinds of issues every day. And while we all may not have easy to buy services yet for all of these items (although several will be released this quarter), we’re watching and are ahead of where our customers can be.

Read the original blog entry...

More Stories By Scott Kinka

Scott Kinka is Chief Technology Officer for Evolve IP. He has spent almost his entire career devising new and simpler ways for companies to acquire and integrate technology. While all of the tech talk these days is about the cloud, he was doing this when it was called ASP (application service provider) or on-demand. Before Scott joined Evolve IP as Chief Technology Officer, he served as Vice President of Network Services for Broadview Networks and ATX Communications. He has been involved in application development, hosting, messaging, networking, unified communications, contact centers, and security. His mission (and specialty) is acting as a translator between technology and business needs.

Latest Stories
In his general session at 21st Cloud Expo, Greg Dumas, Calligo’s Vice President and G.M. of US operations, discussed the new Global Data Protection Regulation and how Calligo can help business stay compliant in digitally globalized world. Greg Dumas is Calligo's Vice President and G.M. of US operations. Calligo is an established service provider that provides an innovative platform for trusted cloud solutions. Calligo’s customers are typically most concerned about GDPR compliance, application p...
Modern software design has fundamentally changed how we manage applications, causing many to turn to containers as the new virtual machine for resource management. As container adoption grows beyond stateless applications to stateful workloads, the need for persistent storage is foundational - something customers routinely cite as a top pain point. In his session at @DevOpsSummit at 21st Cloud Expo, Bill Borsari, Head of Systems Engineering at Datera, explored how organizations can reap the bene...
"NetApp's vision is how we help organizations manage data - delivering the right data in the right place, in the right time, to the people who need it, and doing it agnostic to what the platform is," explained Josh Atwell, Developer Advocate for NetApp, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
When you're operating multiple services in production, building out forensics tools such as monitoring and observability becomes essential. Unfortunately, it is a real challenge balancing priorities between building new features and tools to help pinpoint root causes. Linkerd provides many of the tools you need to tame the chaos of operating microservices in a cloud native world. Because Linkerd is a transparent proxy that runs alongside your application, there are no code changes required. I...
Druva is the global leader in Cloud Data Protection and Management, delivering the industry's first data management-as-a-service solution that aggregates data from endpoints, servers and cloud applications and leverages the public cloud to offer a single pane of glass to enable data protection, governance and intelligence-dramatically increasing the availability and visibility of business critical information, while reducing the risk, cost and complexity of managing and protecting it. Druva's...
Kubernetes as a Container Platform is becoming a de facto for every enterprise. In my interactions with enterprises adopting container platform, I come across common questions: - How does application security work on this platform? What all do I need to secure? - How do I implement security in pipelines? - What about vulnerabilities discovered at a later point in time? - What are newer technologies like Istio Service Mesh bring to table?In this session, I will be addressing these commonly asked ...
BMC has unmatched experience in IT management, supporting 92 of the Forbes Global 100, and earning recognition as an ITSM Gartner Magic Quadrant Leader for five years running. Our solutions offer speed, agility, and efficiency to tackle business challenges in the areas of service management, automation, operations, and the mainframe.
Blockchain has shifted from hype to reality across many industries including Financial Services, Supply Chain, Retail, Healthcare and Government. While traditional tech and crypto organizations are generally male dominated, women have embraced blockchain technology from its inception. This is no more evident than at companies where women occupy many of the blockchain roles and leadership positions. Join this panel to hear three women in blockchain share their experience and their POV on the futu...
The Jevons Paradox suggests that when technological advances increase efficiency of a resource, it results in an overall increase in consumption. Writing on the increased use of coal as a result of technological improvements, 19th-century economist William Stanley Jevons found that these improvements led to the development of new ways to utilize coal. In his session at 19th Cloud Expo, Mark Thiele, Chief Strategy Officer for Apcera, compared the Jevons Paradox to modern-day enterprise IT, examin...
With 10 simultaneous tracks, keynotes, general sessions and targeted breakout classes, @CloudEXPO and DXWorldEXPO are two of the most important technology events of the year. Since its launch over eight years ago, @CloudEXPO and DXWorldEXPO have presented a rock star faculty as well as showcased hundreds of sponsors and exhibitors! In this blog post, we provide 7 tips on how, as part of our world-class faculty, you can deliver one of the most popular sessions at our events. But before reading...
Cloud-Native thinking and Serverless Computing are now the norm in financial services, manufacturing, telco, healthcare, transportation, energy, media, entertainment, retail and other consumer industries, as well as the public sector. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long development cycles that pro...
DSR is a supplier of project management, consultancy services and IT solutions that increase effectiveness of a company's operations in the production sector. The company combines in-depth knowledge of international companies with expert knowledge utilising IT tools that support manufacturing and distribution processes. DSR ensures optimization and integration of internal processes which is necessary for companies to grow rapidly. The rapid growth is possible thanks, to specialized services an...
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
Docker and Kubernetes are key elements of modern cloud native deployment automations. After building your microservices, common practice is to create docker images and create YAML files to automate the deployment with Docker and Kubernetes. Writing these YAMLs, Dockerfile descriptors are really painful and error prone.Ballerina is a new cloud-native programing language which understands the architecture around it - the compiler is environment aware of microservices directly deployable into infra...