Public Company Accounting Reform and Investor Protection Act

Compliance Journal

Subscribe to Compliance Journal: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get Compliance Journal: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories

SYS-CON Events announced today that DivvyCloud will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. DivvyCloud software enables organizations to achieve their cloud computing goals by simplifying and automating security, compliance and cost optimization of public and private cloud infrastructure. Using DivvyCloud, customers can leverage programmatic Bots to identify and remediate common cloud problems in real time. DivvyCloud was founded by seasoned technologists who understand first-hand what is necessary to succeed in today's fast-changing, multi-cloud world. For more information, visit https://divvycloud.com/. The World's Largest "Cloud Digital Transformation" Event @CloudExpo / @ThingsExpo 2017 New York (June 6-8, 2017, Javits Center, Manhattan) @CloudExpo / @ThingsExpo 20... (more)

Don’t Get Lost in the Cloud | @CloudExpo @RackWare #Compliance #AI #DX #HybridCloud

For most organizations, the move to hybrid cloud is now a question of when, not if. Fully 82% of enterprises plan to have a hybrid cloud strategy this year, according to Infoholic Research. The worldwide hybrid cloud computing market is expected to grow about 34% annually over the next five years, reaching $241.13 billion by 2022. Companies are embracing hybrid cloud because of the many advantages it offers compared to relying on a single provider for all of their cloud needs. Hybrid offers balance and flexibility. It helps companies achieve a wide array of business goals, including availability, reliability, security and cost-efficiency. Still, there are a number of challenges associated with hybrid cloud. Here are four management issues that companies need to address to enjoy a successful hybrid cloud implementation. Managing complexity. More clouds can sometime... (more)

CI/CD Pipelines | @DevOpsSummit #AI #ML #CI #CD #DevOps #Monitoring

For a while already we have been working with a large enterprise client, helping them to migrate their on-premise workloads to the cloud. Of course, as added value to the process, they are also migrating their legacy development processes to the modern, better, agile DevOps approach. And of course, they have built a modern Continuous Integration/Continuous Delivery (CI/CD) pipeline consisting of Bitbucket, Jenkins, Artifactory, Puppet and some relevant testing frameworks. “It is all great!”, you would say “what is the problem?”. Because I am on all kinds of mailing lists for this client, I noticed recently that my dedicated email inbox started getting more and more emails related to the CI/CD pipeline. Things like unexpected Jenkins build failures, artifacts cannot be downloaded, server outages and so on and so on. You already guessed it – emails that report proble... (more)

Multi-Cloud Movement | @CloudExpo @VMware #DataCenter #Compliance #DigitalTransformation

Keeping Pace with the Multi-Cloud Movement A common misconception about the cloud is that one size fits all. Companies expecting to run all of their operations using one cloud solution or service must realize that doing so is akin to forcing the totality of their business functionality into a straightjacket. Unlocking the full potential of the cloud means embracing the multi-cloud future where businesses use their own cloud, and/or clouds from different vendors, to support separate functions or product groups. There is no single cloud solution ideal for all applications, and some applications might not fit the cloud at all. For example, certain applications have more stringent security or compliance requirements that require a private cloud or traditional on-premises deployment. For the foreseeable future, the majority of companies will maintain a hybrid cloud env... (more)

Choosing Your Mobile Device Management Solution | @CloudExpo #Cloud #Compliance

10 Things to Consider As You Choose Your Mobile Device Management Solution By Nikhil Nayak, Product Analyst, ManageEngine The past decade has seen an increasing trend in employees using mobile devices like smartphones and tablets to aid in their work. This trend has fostered organizations to adopt practices like bring-your-own-device (BYOD) with hopes of improving employee productivity and efficiency. There is, however, a downside to this because such practices pose major risks concerning corporate data security and data management. In order to ward off these risks, enterprises seek out reliable mobile device management (MDM) solutions. There are many solutions out there, but selecting the right solution for your enterprise may seem challenging - especially if you're not aware of what to look out for. Here is a list of 10 things to consider as you choose your MDM so... (more)

Automating Security #Compliance on #AWS | @CloudExpo @CloudRaxak #AI

Download ▸ Here Automating Security Compliance on Amazon Web Services The unique combination of Amazon Web Services and Cloud Raxak, a Gartner Cool Vendor in IT Automation, provides a seamless and cost-effective way of securely moving on-premise IT workloads to Amazon Web Services. Any enterprise can now leverage the cloud, manage risk, and maintain continuous security compliance. Forrester's analysis shows that enterprises need automated security to lower security risk and decrease IT operational costs. Through the seamless integration into Amazon Web Services, Raxak Protect automates security for any workload running on traditional IT, private clouds, and public clouds. A line of business user with no security experience can now provision a VM on Amazon Web Services with a CISO (Chief Information Security Officer) defined security profile (e.g., PCI-DSS, HIPAA, ... (more)

[session] Enabling #FinTech | @CloudExpo @CloudRaxak #AI #ML #Blockchain

Enabling FinTechs for Success through Business-Driven Cloud Security FinTechs use the cloud to operate at the speed and scale of digital financial activity, but are often hindered by the complexity of managing security and compliance in the cloud. In his session at 20th Cloud Expo, Sesh Murthy, co-founder and CTO of Cloud Raxak, will show FinTechs how proactive and automated cloud security enables FinTechs to leverage the cloud to achieve their business goals. Through business-driven cloud security, FinTechs can speed time-to-market, diminish risk and costs, maintain continuous compliance, and set themselves up for success. Speaker Bio Sesh Murthy is the Co-Founder and CTO of Cloud Raxak. Before Cloud Raxak, he was the Vice President of Cloud Innovation at IBM Global Services. He has 29 years of experience in creating value for customers in cloud and technology se... (more)

[slides] Compliance in the Cloud | @CloudExpo @IBMcloud #InfoSec #FedRAMP

Download Slide Deck: ▸ Here Download Slide Deck: ▸ Here Regulatory Compliance in the Cloud Regulatory requirements exist to promote the controlled sharing of information, while protecting the privacy and/or security of the information. Regulations for each type of information have their own set of rules, policies, and guidelines. Cloud Service Providers (CSP) are faced with increasing demand for services at decreasing prices. Demonstrating and maintaining compliance with regulations is a nontrivial task and doing so against numerous sets of regulatory requirements can be daunting task. CSPs need a foundation that provides a uniform, non-repetitive view across all the requirements. Download Slide Deck: ▸ Here In his session at 19th Cloud Expo, David Jenkins, an Executive Architect at IBM working in the Office of the US Federal CTO, discussed an approach that can... (more)

[slides] Secure Cloud | @CloudExpo @SearchYourCloud #Security #Compliance

Download Slide Deck: ▸ Here Download Slide Deck: ▸ Here Staying Secure and Organized in the Cloud As companies adopt the cloud-to-streamline workflow, deployment hasn't been very seamless because of IT concerns surrounding security risks. The cloud offers many benefits, but protecting and securing information can be tricky across multiple cloud providers and remains IT's overall responsibility. Download Slide Deck: ▸ Here In his session at 19th Cloud Expo, Simon Bain, CEO of SearchYourCloud, addressed security compliance issues associated with cloud applications and how document-level encryption is critical for supplementing existing enterprise security solutions. He drew from case studies, outlined best practices for businesses and demoed how data can be transported and stored to and from the cloud already encrypted and securely accessed no matter where it’s sto... (more)

Compliance in the Cloud at Cloud Expo Silicon Valley

Cloud Expo Silicon Valley $800 Savings here! More and more enterprises consider Infrastructure as a Service (IaaS) part of their overall IT strategy, leading to questions around compliance and security. In his session at the 7th International Cloud Expo, Davi Ottenheimer will answer these questions including where does data reside and how is it being protected? Has the service provider gone through specific compliance audit controls for their data center and infrastructure? What control over access is given to my environment? How is role-based access managed? And how are security and firewall policies managed? Explore Cloud Expo Sponsorship & Exhibit Opportunities ! Speaker Bio: Davi Ottenheimer has more than 16 years ofexperience managing global security operations and assessments, including a decade of leading incident response and digital forensics. He is an exp... (more)

Switching the Locks: Who Has Copies of Your SSH Keys?

Despite the recent flood of high profile network breaches, hacking attempts are hardly new. In 1995, I was attending school in Helsinki when I discovered a password "sniffer" attack in our university network. In response, I wrote a program called the "secure shell" to safeguard information as it traveled from point to point within the network. This new program shielded all of our data and ensured that these kinds of attacks didn't jeopardize our logins. This program, SSH, works by developing an encryption key pair - one key for the server and the other key for the user's computer - and encrypting the data that is transferred between those two keys. Currently, almost every major network environment - including those in large enterprises, financial institutions and governments - uses a version of SSH to preserve data in transit and let administrators operate systems re... (more)