(c)iStock.com/Alija

Gartner predicts that cloud office systems will account for 33% of the overall office market by 2017. This is a big step considering a few years ago collaboration in businesses typically involved emails, phone calls, and perhaps a few instant messages exchanged within the company.

However, nowadays the arrival of cloud computing and all the remunerations that come with it have shaped the path for collaborative cloud-based services, which is reforming how businesses work over the internet. Many collaborative services offer a specific business need, such as social networking, productivity apps, storage, or good old fashioned email.

Yet whilst collaborative cloud-based services offer a whole range of benefits to businesses of all sizes, they also can pose a number of risks if not appropriately integrated into the corporate sphere. When using the messaging and conference call applications within the cloud, users need to be aware that the same rules associated with data privacy should also apply to this. Companies need to ensure that the “data” transferred over these systems cannot be captured by someone trying to maliciously record the call or video, and that there is an audit trail on how this messaging is done within these interactive sessions, so it cannot be detained by unwanted users.

Even if employees are exchanging corporate messages privately, organisations need to make sure that there is a higher degree of security around the confidentiality of that data. This is simply because it could be severely compromising in a situation where cybercriminals hack into a corporate collaboration system and start to make private company details public.

This has been seen already in the infamous phone hackings of company voicemails, so it is imperative that organisations ensure there are appropriate security measures in place which are resilient, as well as a service level agreement (SLA) which will provide a high degree of compensation if the systems are breached and the company is compromised.

The big question companies need to ask themselves is: will the in-house IT department do a superior job at protecting the corporate collaboration system, or is this a responsibility which you place offsite with a cloud provider? Nowadays, SMEs in particular are taking the view that this task is best managed off premise with a provider which they trust and pay to manage their cloud collaboration systems for them.

This approach has many benefits – providing the company forms a relationship with a trustworthy vendor. It is imperative that before handing over the responsibility of managing and storing company data, organisations check the track record of their cloud provider and ensure that there have been no former breaches of confidentially.

It is also wise for companies to try and understand the technology the provider utilises in its own data centres, and the tools they use to make the service more secure. One of the key examples of this is to check if the sessions that run between the organisations and the service provider are encrypted. This means that the data, such as voice messages, are encrypted within a VPN, and the resulting file that is used to record the call is also encrypted and can only be played back by authorised users.

Another risk which has emerged into the ever-connected world of business is bring your own device (BYOD). By enabling a BYOD program, enterprises permit employees access to corporate resources from anywhere in the world, however, securing these devices and supporting different mobile platforms can create complex issues for IT departments. Companies need to lay down careful policies on the security required, how this data should be handled and how employees are expected to behave – including security awareness of the dangers of insecure networks and over-sharing in social networks.

One of the specific areas of concern to be addressed is the mobility of data and how to capitalise on the benefits while securing the company.  Firstly, security policies must be revised to reflect the changes in working practices.  It’s no longer possible for IT departments to defend the traditional network perimeter. Instead, they must apply a security ‘wrapper’ around every employee – so that they are protected wherever they work and whatever device they use. 

As well as a focus on technology, organisations need to better educate their employees. It’s essential that employers understand the risks involved with using mobile devices and communicate this effectively with employees. They also need to put in place robust security processes to reduce the risk of any data breaches or leaks occurring. This means deploying anti-malware apps, controlling the applications that employees have access to, and also being able to block access to, and where necessary, erase sensitive data stored on a lost device.

The relatively recent purchase of AirWatch by VMWare shows how enterprise software vendors are adding additional functionality to compliment the services already offered by the mobile device operating systems, and in this way providing additional levels of control and security into mobile devices.

SYS-CON Events announced today that Spirent Communications, the leader in testing navigation and positioning systems, will exhibit at SYS-CON’s @DevOpsSummit Silicon Valley, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA.
Spirent Communications enables innovations in communications technologies that help connect people. Whether it is service provider, data centers, enterprise IT networks, mobile communications, connected vehicles or the Internet of Things, Spirent solutions are working behind the scenes to help the world communicate and collaborate faster, better and more securely. The world’s innovators rely on Spirent expertize to help them design, develop and deliver best-in-class solutions to their customers.

read more

The traditional, on-premise computing model has established processes, accreditations, certifications, governance and compliance rules – FISMA, NERC CIP, HIPAA, PCI-DSS, IRS 1075. While the security industry is aggressively addressing the technical security gaps in cloud-driven services, many organizations using cloud services are struggling to implement and adapt strategic processes, procedures, and controls for cloud governance and due diligence.

read more

SYS-CON Events announced today that Cavirin will exhibit at the 17th International CloudExpo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA.
Cavirin engineers security and compliance solutions to protect the elastic enterprise against destructive cyber threats. Headquartered in Santa Clara, CA, Cavirin technology provides comprehensive protection in both the datacenter and across multiple cloud instances and accounts. Global enterprise and Software-as-a-Service (SaaS) leaders depend on Cavirin to mitigate dangerous breaches that damage brand integrity and shareholder value.

read more

We’ve all had that moment where a friend comments (or complains) on social media about the new layout of a particular site. But you still see it the way it has been for months, and you have no idea what they are talking about. This is because the company that runs the site is likely using a Canary Release.

read more

The potential of big data is only limited by the creative thinking of your business stakeholders, and that may be the most important concept in the “thinking like a data scientist” process. The “thinking like a data scientist” process guides the business stakeholders into envisioning how big data can optimize their key business processes, create a more compelling customer engagement and uncover new monetization opportunities. But neither the business stakeholders, nor the data scientists, can likely do that envisioning entirely by themselves.

read more

Had Mark Twain lived today, we might hear him utter the oath lies, damn lies, and analytics. Statistics to be sure may still be used to distort the truth – but now with the sudden explosion of big data, analytics threaten the same fate.
I’m not talking about intentional distortion here – that’s another story entirely. Rather, the risk of unintentional distortion via data analytics is becoming increasingly prevalent, as the sheer quantity of data increases, as well as the availability and usability of the analytics tools on the market.
The data scientists themselves aren’t the problem. In fact, the more qualified data scientists we have, the better. But there aren’t enough of these rare professionals to go around.

read more

Our guest on the podcast this week is Helen Beal, Head of DevOps at Ranger4 Limited. We discuss how successful DevOps transitions depend on culture, so to start companies must identify their current problem areas. Helen describes the most successful DevOps culture as a place where each individual has autonomy as part of the larger team and where experimentation is encouraged.

read more