According to a recent Forrester report, enterprise cloud computing adoption accelerated in 2016 and will do so again in 2017. Software-as-a-service (SaaS) remains the largest portion of the public cloud market, with global spending expected to reach $105 billion in 2017 and $155 billion by 2020. Infrastructure-as-a-service (IaaS) and platform-as-a-service (

Apple iCloud KeychainIn Mac OS 8.6, Apple introduced its Keychain password management system. Still integrated into every Mac OS release since then, Keychain provides a centralized storage for passwords, network shares, notes, certificates, credit card details and many other sensitive types of data. With the increasing popularity of both cloud applicat

Identity management is a complex topic that has been making its way into the cloud and enhancing the prospect for companies to federate and engage with previously unavailable identity services.By embracing security services in the cloud, or security as a service (SECaaS), enterprises are able to streamline and take advantage of more flexible services that th

This vulnerability gives an unauthenticated, remote attacker the ability to install Docker containers to the system, and could potentially allow him to attain escalated privileges, such as root. This was made possible by a misconfiguration that makes the Docker management port accessible to attackers, and allows them to submit Docker containers to the Cisco

Using public cloud storage services lets organizations offload management tasks and the costs associated with supporting physical hardware to an external provider. An organization's data is stored in the provider's data center and the provider manages and maintains all facets of the data center, including power, cooling and server maintenance. As a result, o

AWS Organizations was designed to allow cloud administrators working in Amazon Web Services (AWS) to manage accounts more securely and efficiently. Essentially, AWS Organizations creates custom policies that can be applied to users/groups to manage security, create better automation and simplify billing. There is some overlap with AWS IAM (Identity and Acces

Amazon, Microsoft and Google dominate the public cloud market when it comes to addressing an organization's budget, security requirements, and infrastructure and business needs.Other niche and large public cloud service providers -- including IBM, Virtustream, Rackspace and NTT Communications -- provide beneficial services as well, but they don't have the sa

Not one, not two, but six of the most recent analyst reports evaluating the major Identity and Access Management-as-a-Service (IDaaS) vendors positioned IBM Cloud Identity Service as an overall market leader in cloud-based identity and access management (IAM). The market is crowded with both startups and large IDaaS vendors, making this is a big win for IBM

Co-authored by Chris Craig. To match the ongoing shift to cloud as a means of increasing agility when delivering services, the architectures supporting these services are also evolving. The cloud IT space is full of terminology such as infrastructure-as-code, highly scalable architectures and microservices architecture — a methodology that is gathering sig

Thirty years ago, the Cold War threatened to spill over from high-level espionage into full-blown warfare between the world’s two great superpowers. But there could be a new conflict on the horizon. Nature recently highlighted “The Darkening Web,” a new book by Alexander Klimburg, program director at The Hague Centre for Strategic Studies

It's imperative for public and private sector organizations to recognize the essential truth that governance of data entrusted to them cannot be relinquished, regardless of where the data is maintained.The recent reports that Verizon and Dow Jones left their respective Amazon Web Services platforms exposed to unauthorized access should serve as a wakeup call

SEC Consult Vulnerability Lab Security Advisory < 20170804-1 >======================================================================= title: Authenticated Command Injection product: Ubiquiti Networks UniFi Cloud Key vulnerable version: Firmware v0.6.1 fixed version: Firmware v0.6.4 CVE number: impact: Hi

Security is the primary focus of any government agency. One of the most obvious pitfalls of these agencies moving highly sensitive data to the cloud is that they surrender control to a third party. Moreover, nothing on the internet is truly secure, and all data is vulnerable to attacks and threats. The exposure footprint to those threats is staggering unde

SEC Consult Vulnerability Lab Security Advisory < 20170727-0 >======================================================================= title: Authenticated Command Injection & Cloud User Weak Crypto & Privilege Escalation product: Ubiquiti Networks UniFi Cloud Key vulnerable version: Firmware v0.5.9/0.

When implementing cloud projects, security is one of the most important issues. It requires companies to identify and understand the risks inherent to digitization, public networks and outsourcing of infrastructure components. Companies still fear that their data is insecure with cloud systems. IT professionals want to apply the same level of security to t