I have been fortunate to work for some very complex and mature IT departments throughout my career, and one of the more important practices I saw within these IT shops was a solid disaster recovery and business continuity strategy. As an IT business person that has participated on all sides of the disaster recovery and…
With all of the recent excitement about the “Shellshock” code execution vulnerability in the UNIX bash shell, and the somewhat older news about SSL vulnerabilities, I am reminded once again about the need for organizations to formally manage information security as part of an ongoing process.
In a previous blog post, I mentioned that the measure of success with a cloud provider comes down to your ability to get the “real story” during the sales cycle. While I touched on the physical security of the provider’s data center – what about the logical, remote and application data security in the cloud…
