Tag Archives: security

Uncategorized

Dyn’s DDoS Attack – What it Means for the Cloud?

Prominent websites like Twitter, Netflix, Airbnb, and Spotify were having sporadic problems since Friday, thanks to a Distributed Denial of Service (DDoS) attack on Dyn’s servers. Dyn is one of the largest ISPs in the world, so an attack on its servers meant a significant chunk of DNS (Internet’s address directory) went down.  DNS is something similar to a phone book, and it allows users to connect to different websites and applications. Thus, when the DNS servers were attacked, users could not connect to certain IP addresses.

In most DDoS attacks, the information is intact, but temporarily unavailable. But in this case, Dyn’s core Internet infrastructure was hacked, so any organization that is directly dependent on Dyn or a service provider that uses Dyn’s servers were affected.

Besides websites, a whole lot of Internet of Things (IoT) devices that are hooked to the Internet were also affected. Cameras, baby monitors, and home routers are some of the devices that were affected by the outage. Also, corporate applications that are used to perform critical business operations were affected, thereby raking up huge losses for different companies.

Out of these companies, the ones that were worst-affected are those that rely on SaaS for critical business operations. This attack, in many ways, exposes the vulnerability of cloud computing, and the consequences of depending on third-party servers for the most critical of operations. Had these companies used multiple DNS providers or if they had stored their critical business applications in local servers, the impact of such an attack would have been greatly negated.

Going forward, what does it mean for businesses that depend on the cloud?

First off, this is a complex attack that is believed to have been done by a large group of hackers. The nature and source of the attack is still under investigation, so at this point in time, it’s hard to tell who’s behind the attack. But such complex attacks can’t happen every day as it requires enormous amounts of planning and coordination. That said, Verisign came up with a report recently that showed a 75 percent increase in such attacks from April to June. How much of it translated to loss for companies? Only a miniscule when compared to the direct security attacks that companies face.

Secondly, we’ve come too far ahead with cloud, to imagine a world without it. SaaS, PaaS, and IaaS have become integral aspects of businesses, and the benefits that come from it are enormous as well. So, compromising on the huge benefits for a rare attack is not a sound decision.

From the above argument, we can say that this DDoS attack is not going to change the cloud market overnight. However, it will make users more aware of the vulnerabilities of the cloud, so they will be better prepared to handle such situations in the future. This is also a good learning experience for companies like Dyn, as it’ll look at ways to beef up its security arrangements.

In short, though the DDoS attack was dangerous and widespread, its impact on cloud may be minimal because the benefits from cloud are huge, and such attacks are seen as rare instances when compared to direct attacks on large companies.

The post Dyn’s DDoS Attack – What it Means for the Cloud? appeared first on Cloud News Daily.

Press Release

Microsoft Rolls Out Custom Versions of Azure for the US DoD

Microsoft is known to provide customized products for government agencies at the federal, state, and local levels, to ensure that its products meet the necessary requirements and certifications laid down for these agencies. To add a feather to its cap, Microsoft announced on Tuesday that it would create custom versions of its cloud platform, Azure and Office 365, to meet the Impact Level 5 requirements laid down by the US Department of Defense (DoD). This product is expected to be available by the end of 2016, according to a press release.

In this version, Azure and Office 365 will be physically isolated and kept in two new regions dedicated for it. According to the company, these two regions will be located one each in Arizona and Texas, though the exact cities were not made public. To connect to these two centers, other DoD servers can use Microsoft ExpressRoute – Microsoft’s private connection that offers higher levels of security and lower levels of latency. Such a setup is expected to give an extra layer of security for data transmission, especially to access information that are considered to be critical for national security.

With this setup, Microsoft can meet the next level of security requirements namely the Impact Level 5 controls, that are laid down by DoD. This new addition is significant for Microsoft, as it means that Azure cloud products will be an integral part of National Security System Data and other mission critical information. In fact, Microsoft will be the only cloud provider to offer a cloud that meets these stringent requirements, and in this sense, it gives Microsoft an edge over its competitors in a crowded cloud market. Currently, Amazon’s AWS is Level4 compliant, whereas there are no such known certifications for Google.

Earlier, Microsoft’s cloud had the certifications to handle up to DoD’s Impact Level 4, which includes controlled but unclassified data such as privacy information, and protected health information. Though Impact Level 5 is also unclassified data, it includes those that are critical for National Security.

With this new addition, the total number of regions for Azure Government services will go up to six, and this includes Virginia, Iowa, and two unnamed data centers, apart from the new ones. Microsoft claims that its Azure services are being used by more than 70,000 customers in the government sector, and six million end users are accessing its various cloud products.

The post Microsoft Rolls Out Custom Versions of Azure for the US DoD appeared first on Cloud News Daily.

Microsoft, News

Rackspace and Microsoft Azure

Despite rumors of an impending acquisition, Rackspace has recently announced expansion of its Rackspace Managed Security services to Microsoft Azure and developments in its OpenStack technology.

 

Rackspace’s main focus is providing services that offer support for applications not only on its own cloud but third party clouds as well. The service launched in September of 2015 and has been exclusive to Amazon Web Service, Rackspace Dedicated Hosting, and Rackspace Managed VMware.

azure

Rackspace Managed Security for Microsoft Azure will allow those utilizing Azure services to benefit from added security services provided by Rackspace. Rackspace’s technology allows them to not only detect advanced cyber threats, but take action against said threats, setting them apart from their competition.

 

In addition to expanding to Microsoft, Rackspace also made some announcements pertaining to its Openstack private cloud services, which was created with NASA in 2010. OpenStack Clouds have now reached one billion server hours of operation.  

 

Comments:

Brannon Lacey, general manager of Rackspace Managed Security: “In today’s cybersecurity landscape, organizations are no longer asking if they should have a security solution in place, but rather whether they should do it themselves or partner with a trusted managed security service provider. We are proud to extend this security solution to Azure, as it represents the continued growth of our Managed Security capabilities and aligns with the overall Rackspace mission to provide the best expertise and service across the world’s leading clouds.”

The post Rackspace and Microsoft Azure appeared first on Cloud News Daily.

hyperconverged infrastructure, Networking & Security, ransomware, Simplivity

Guest Post: How to Minimize the Damage Done by Ransomware

Below is a guest post from Geoff Fancher, Vice President, Americas Channels at SimpliVity Corporation

Have you ever woken up in the middle of the night, sweating profusely, scared half to death, and terrified that your data center was infected with ransomware? If so, you’ve had an IT nightmare. Just be thankful it was all just a dream and your data isn’t lost.

Though IT nightmares come in all forms, one thing all IT pros fear nowadays is ransomware. That’s because ransomware is becoming increasingly commonplace and is evolving to become even more vicious and hard to stop once it has entered an IT environment. The cost to business productivity can be crippling, and the data loss that can occur can set a company back for days.

According to Ponemon Institute, the average cost of IT downtime is $7900 per minute. Per minute! The reason recovering from ransomware attacks can be so costly is that backing up from restores can take a long time, typically measured in hours or days depending on where and how backups were stored. Also, depending on when the most recent backup took place, a lot of data could be lost once the backup is recovered.

With the cost of downtime due to ransomware being so high because quick restores aren’t an option, many organizations are choosing to pay the ransom to get their data back. The most notable example comes from Hollywood Presbyterian Medical Center. The hackers infected the hospital’s computer systems, shutting down all communication between the systems, and demanded $17,000 to unlock them. The hospital, being in an a high-pressure situation without the correct resources to be able to quickly shut down its systems and restore from a recent backup, was forced to pay the ransom to receive the decryption key and get back online.

The fundamental piece, then, to avoiding paying the ransom demanded by cyber criminals is to have a disaster recovery plan in place. You should know what to do if a ransomware attack happens. As the old adage goes, “Hope for the best. Prepare for the worst.” That’s the attitude to take and the way to do it is to have a plan.

One company that instituted a solid disaster recovery plan just in the nick of time was an enterprise manufacturing company based in the Netherlands. The company was infected with ransomware while its IT partner was in the process of migrating VMs to a new hyperconverged infrastructure environment that had built-in data protection. Most of the infected folders were already on the new solution, which was lucky because they were able to use the solution’s backup to restore within fifteen minutes, when just a day before, on the previous infrastructure, it would have taken about three hours to restore to the most recent backup. The partner was also performing hourly backups on the new solution, so they lost less than an hour’s worth of data during the restore. Before deploying hyperconverged infrastructure, the partner was backing up to tape every 12 hours, so they saved the company about 11 hours of data loss on the new hyperconverged solution. What a difference a day makes.

For a disaster recovery plan to be successful, the IT team needs to define recovery time objectives (RTOs) – how long it takes to restore the backup – and recovery point objectives (RPOs) – the nearest backup they can restore from. Basically, businesses have to ask themselves two questions: How long can the business shut down while waiting for the restore to take place? And, how many hours of business-critical data can the company afford to lose? There are data protection plans for every size of company and for every budget. The first step to a data protection plan is defining the organization’s requirements.

Hyperconverged infrastructure, for example, can dramatically cut down the hours it takes for businesses to recover from IT downtime. By making data efficient from the start of its lifecycle, businesses are able to quickly recover from a previous backup.

With SimpliVity hyperconverged infrastructure, companies are able to backup quickly and efficiently with minimal data loss because SimpliVity’s solution is designed to meet even the most stringent RTOs and RPOs to ensure businesses functions aren’t interrupted for long in case of a disaster or ransomware attack. If you’re heading to GreenPages’ Summit Event next week, definitely swing by the SimpliVity booth to chat!

 

 

 

News, Services

Lance Crosby’s StackPath

Lance Crosby has recently announced his new venture StackPath, a Security-as-a-Service company, at HostingCon Global. Initially, StackPath will include content delivery, DDoS protection, and Virtual Private Network (VPN) services. Eventually, the company will grow to include other services such as secure compute and storage. These services will be offered as both individual products and a suite of services, operating on private and public clouds. StackPath’s global threat intelligence engine will be available across 35 points-of-presence.

 

Crosby was inspired to found StackPath in 2013 after he left IBM. He witnessed a plethora of flaws within the cloud security industry and became cognizant of the need for better security, with more than 400 million identified malware attacks in the past year alone.

 

Though relatively young, the company shows much promise. StackPath has raised $150 million in Series A funding alone from private equity firm ARBY Partners, one of the largest single financing rounds for a private security firm. In addition, StackPath has also acquired many companies: Cloak, a VPN firm that provides secure WiFI connections for iOS devices; MaxCDN, a content delivery network company; and Fireblade, a firewall company.

 

About Lance Crosby:

crosby

A 20 year industry veteran, Crosby founded SoftLayer Technologies, which was acquired by IBM for $2 billion in 2013. He also spent a short while at IBM. He later left to found StackPath with his own money.

 

Comments:

Lance Crosby, Stackpath CEO and chairman: “That’s where the concept came from. I saw companies like Netflix, big banks, and firms that were spinning up literally tens of thousands of virtual machines a day and there were no real security products that would follow that level of automation and scale.

“The Internet is where the world does business. It may be the single most important utility supporting businesses today, yet we continue to overtax the aging infrastructure and struggle to make it secure.”

 

The post Lance Crosby’s StackPath appeared first on Cloud News Daily.

cloud security, cyber security, Dell, News & Analysis

Security still viewed as a barrier to progress – Dell

Security CCTV camera in office buildingA recent survey from Dell demonstrates security is still seen as a hindrance to innovation as companies aim to develop a more digitally orientated proposition for the market, reports Telecoms.com.

While a substantial 89% of the respondents highlighted their organization was in the middle of a digital transformation project, 76% agree security is brought into the equation too late in the development process, with 85% saying they actively avoid bringing security experts in due to the belief they will slow or even scupper the project.

“This survey produced some eye-opening results and reinforces what we’ve been hearing directly from our customers,” said John Milburn, GM of One Identity Products at Dell. “Organisations face challenges securing their digital transformations and recognise that their current security measures are exposing the business to risk.

Security has been one of the biggest talking points within the telecommunications and technology industry, generally due to a lack of understanding. Until recently, security challenges would appear to have been pushed to the side as there have not been any clear routes to success. It would seem companies are not willing to allow security concerns to stop progress, instead aiming to secure products retrospectively.

The survey demonstrates attitudes towards are still relatively negligent. While numerous CEO’s and board members have highlighted security would be considered at the top of the agenda, surveys such as this tell a different story, much to the disappointment of security professionals and vendors alike. One conclusion which could be drawn from the survey is security is still considered a barrier to success when driving towards innovation. In fact 37% of respondents agreed with the statement “it is likely that the security team will delay or block a new initiative presented to us today”, and 49% agreed with “our security team does have a reputation for blocking projects based on the past, but now we do a better job of enabling the business”.

“Our goal is to provide our customers with solutions that address these needs. When done right, security can enable organisations to aggressively adopt new technologies and practices that can have a direct, positive impact on revenue, profits, employee productivity and the customer experience. Done right, security also helps CISOs open their own ‘Department of Yes,’ empowering them to deliver the strategic projects and innovative initiatives that drive businesses forward.”

Security is, and will continue to be, a paramount facet of any organization, though the implications which can be drawn from this survey suggest there is still some way before organizations would consider themselves secure. One encourage factor from the survey is 91% of respondents agreed if the security team was given more resources they could do a better job. What is unclear is whether CEOs and other board members will follow up on the promise security will receive more investment.

data protection, European Commission, News & Analysis, Policy and Regulation, Privacy Shield

Privacy Shield rubber stamped amid dissent

dataThe European Commission has formally adopted the controversial ‘Privacy Shield’ framework intended to replace the previous Safe Harbour agreement, reports Telecoms.com.

Both schemes covered the transfer of data between the EU and the US, with the balance between free movement of data and the protection of individuals a tricky one to strike. Privacy Shield has many critics who fear it does little to address the issues faced by Safe Harbour. In spite of that the EC has decided to plough forward as anticipated.

“We have approved the new EU-US Privacy Shield today,” said Andrus Ansip, Commission VP for the Digital Single Market. “It will protect the personal data of our people and provide clarity for businesses. We have worked hard with all our partners in Europe and in the US to get this deal right and to have it done as soon as possible. Data flows between our two continents are essential to our society and economy – we now have a robust framework ensuring these transfers take place in the best and safest conditions.”

“The EU-U.S. Privacy Shield is a robust new system to protect the personal data of Europeans and ensure legal certainty for businesses,” said Věra Jourová, Commissioner for Justice, Consumers and Gender Equality. “It brings stronger data protection standards that are better enforced, safeguards on government access, and easier redress for individuals in case of complaints. The new framework will restore the trust of consumers when their data is transferred across the Atlantic. We have worked together with the European data protection authorities, the European Parliament, the Member States and our U.S. counterparts to put in place an arrangement with the highest standards to protect Europeans’ personal data”.

Not everyone in Brussels was convinced, however. “The Commission has today signed a blank cheque for the transfer of personal data of EU citizens to the US, without delivering equivalent data protection rights,” said the Green Party MEP Jan Philipp Albrecht. “The ‘Privacy Shield’ framework does not seem to address the concerns outlined by the European Court of Justice in ruling the Safe Harbour decision illegal. In particular the individual rights of consumers are still too weak and blanket surveillance measures are still in place. In this context, the Commission should not be simply accepting reassurances from the US authorities but should be insisting on improvements in the data protection guaranteed to European consumers.

“The European Parliament already underlined concerns about the lack of general data protection provisions in the US when the initial Safe Harbour decision was concluded in 2000. Independent data protection authorities are still lacking in the US. EU justice commissioner Jourova must now make clear that, once the EU’s new General Data Protection Regulation enter into force in 2018, there will also be a need to revise the Privacy Shield decision.”

Elodie Dowling, VP, EMEA General Counsel at BMC Software reckons there’s still plenty of work to do. “Following negotiations between EU and US officials, the formal adoption of Privacy Shield has officially started today in the EU’s 28 member states,” said Dowling. “Starting August 1, it will then be for businesses across the US and the EU to innovate and comply around this in order to create a culture of trust amongst their customers.

 

“However, with the ongoing discussions generated throughout the negotiation period, it’s unlikely that the official adoption of the Privacy Shield closes the loophole completely. For example, it remains unclear the type of ‘assurances’ the US has provided to the EU to ensure mass surveillance does not apply or, if it does, that it happens in a transparent and framed manner for EU citizens. Surely this particular item is going to be carefully considered by data privacy activists.”

AI, Artificial Intelliegence, cyber security, data protection, EMC, IoT, News & Analysis

What did we learn from EMC’s data protection report?

a safe place to workEMC has recently released its Global Data Protection Index 2016 where it claims only 2% of the world would be considered ‘leaders’ in protecting their own assets, reports Telecoms.com.

Data has dominated the headlines in recent months as breaches have made customers question how well enterprise organizations can manage and protect data. Combined with transatlantic disagreements in the form of Safe Habour and law agencies access to personal data, the ability to remain secure and credible is now more of a priority for decision makers.

“Our customers are facing a rapidly evolving data protection landscape on a number of fronts, whether it’s to protect modern cloud computing environments or to shield against devastating cyber-attacks,” said David Goulden, CEO of EMC Information Infrastructure. “Our research shows that many businesses are unaware of the potential impact and are failing to plan for them, which is a threat in itself.”

EMC’s report outlined a number of challenges and statistics which claimed the majority of the industry are not in a place they should be with regard to data protection. While only 2% of the industry would be considered leaders in the data protection category, 52% are still evaluating the options available to them. Overall, 13% more businesses suffered data loss in the last twelve months, compared to the same period prior to that.

But what are the over-arching lessons we learned from the report?

Vendors: Less is more

A fair assumption for most people would be the more protection you take on, the more protected you are. This just seems logical. However, the study shows the more vendors you count in your stable, the more data you will leak.

The average data loss instance costs a company 2.36TB of data, which would be considered substantial, however it could be worse. The study showed organizations who used one vendor lost on average 0.83TB per incident, two vendors 2.04TB and three vendors 2.58TB. For those who used four or more vendors, an average of 5.47TB of data was lost per incident.

Common sense would dictate the more layers of security you have, the more secure you will be, however this is only the case if the systems are compatible with each other. It should be highlighted those who lost the larger data sets are likely to be the larger companies, with more data to lose, though the study does seem to suggest there needs to be a more co-ordinated approach to data protection.

And they are expensive…

Using same concept as before, the average cost of lost data was $900,000. For those who have one vendor, the cost was $636,361, for those with two, 789,193 and for those with three vendors the cost was just above the average at 911,030. When companies bring in four or more vendors, the average cost of data loss rises to 1.767 million.

China and Mexico are the best

While it may be surprising, considering many of the latest breakthroughs in the data world have come from Silicon Valley or Israel, China and Mexico are the two countries which would be considered furthest ahead of the trend for data protection.

EMC graded each country on how effective they are were implementing the right technologies and culture to prevent data loss within the organizations themselves. 17 countries featured ahead of the curve including usual suspects of the UK (13.5% ahead of the curve), US (8%), Japan (1%) and South Korea (9%), however China and Mexico led the charge being 20% and 17% respectively ahead.

While it may not be considered that unusual for China to have a strong handle on data within its own boarders, Mexico is a little more surprising (at least to us at Telecoms.com). The country itself has gone through somewhat of a technology revolution in recent years, growing in the last 20 years from a country where only 10% of people had mobile through to 68% this year, 70% of which are smartphones. Mexico is now the 11th largest economy in terms of purchasing power, with the millennials being the largest demographic. With the population becoming more affluent, and no longer constrained by the faults of pre-internet world, the trend should continue. Keep up the good work Mexico.

Human error is still a talking point

When looking at the causes of data loss, the results were widespread, though the causes which cannot be controlled were at the top of the list. Hardware failure, power loss and software failure accounted for 45%, 35% and 34% respectively.

That said the industry does now appear to be taking responsibility for the data itself. The study showed only 10% of the incidents of data loss was blamed on the vendor. A couple of weeks ago we spoke to Intel CTO Raj Samani who highlighted to us the attitude towards security (not just data protection) needs to shift, as there are no means to outsource risk. Minimizing risk is achievable, but irrelevant of what agreements are undertaken with vendors, the risk still remains with you. As fewer people are blaming the vendors, it would appear this responsibility is being realized.

Human error is another area which still remains high on the agenda, as the study showed it accounts for 20% of all instances of data loss. While some of these instances can be blamed on leaving a laptop in the pub or losing a phone on the train, there are examples where simple mistakes in the workplace are to blame. These will not be removed, as numerous day-to-day decisions are based off the back of intuition and gut-feel, and a necessity for certain aspects of the business.

An area which could be seen as a potential danger would be that of artificial intelligence. As AI advances as a concept, the more like humans they will become, and thus more capable of making decisions based in intuition. If this is to be taken as the ambition, surely an intuitive decision making machine would offer a security defect in the same way a human would. Admittedly the risk would be substantially smaller, but on the contrary, the machine would be making X times many more decision than the human.

All-in-all the report raises more questions than provides answers. While security has been pushed to the top of the agenda for numerous organizations, receiving additional investment and attention, it does not appear the same organizations are getting any better at protecting themselves. The fact 13% more organizations have been attacked in the last 12 month suggests it could be getting worse.

To finish, the study asked whether an individual felt their organization was well enough protected. Only 18% believe they are.

acquisition, Cisco, cyber security, News & Analysis

Cisco cracks open wallet for $293m CloudLock acquisition

Cisco corporateCisco has announced its intent to acquire cloud security company CloudLock in a $293 million deal which is expected to close in Q1 2017, writes Telecoms.com.

CloudLock specializes in cloud access security broker (CASB) technology which provides insight and analytics focused on user behaviour and sensitive data in the cloud. The move builds on Cisco’s ‘Security Everywhere’ strategy, its initiative designed to provide protection from the cloud to the network to the endpoint.

“As companies are migrating to the cloud, they need a technology partner that can accelerate that transition and deliver critical security capabilities for all their users, apps and data in a seamless way,” said Rob Salvagno, VP of Cisco Corporate Development. “CloudLock brings a unique cloud-native, platform and API-based approach to cloud security which allows them to build powerful security solutions that are easy to deploy and simple to manage.”

CASB technology is an aspect of cloud security which has caught the attention of a number of decision makers in recent months. When we spoke to Intel Security CTO Raj Samani earlier this month, he told us CASB solutions were set to be one of the largest talking points for the cloud security market segment in the next couple of years.

“Companies will find controls and measures to give them a level of trust in a vendor to ensure they can operate effectively,” said Samani at the time. “CASBs will be one of the biggest trends we’ll see in the next couple of years.”

“CASB is the ultimate business case, because you can do things faster and more efficiently – you can actually but an ROI and a TCO next to it.”

The purpose of CASB solutions is to sit between the cloud provider and cloud consumer to consolidate multiple types of security policies including authentication, single sign-on, encryption, tokenization and malware detection. The CASB solution offers a level of assurance for those customers who have concerns over the security provided by cloud providers themselves, as the concept of secure and risk with vary dependent on the company.

By integrating CASB solutions, a cloud consumer can dictate how many additional layers of security are placed on top of a cloud provider’s offering, to allow the cloud consumer to define their own risk profile. The concept of CASB on the whole could go some way to mitigate the security concerns for those companies who have not currently adopted the cloud for more sensitive workloads.

Aside from this acquisition, Citrix has been bolstering its security capabilities through additional purchases, including Lancope for $452.5 million last December. Lancope helps customers monitor, detect, analyse and respond to modern threats on enterprise networks through continuous network visibility and threat analysis.

Citrix is one of a number of tech giants who have been forced to reconsider their primary focus, as cloud computing continued to increase its grip on IT decision making. During the company’s most recent earnings call, IoT was outlined as a target growth segment, though the security business unit was prominent during the financials, growing 17% year-on-year.

News

Cisco to Buy CloudLock

Cloud giant Cisco has recently acquired cloud security startup CloudLock for $293 million. This $293 million includes cash as well as equity awards. CloudLock will be integrated into Cisco’s Networking and Security Business group under David Goeckeler. The deal is expected to close by November, 2016.

 

Cisco has utilized acquisition to build its security software and service sector; it paid $2.7 billion for Sourcefire, security hardware and software maker, in 2013 and $635 million for OpenDNS, which helps stop cyber attacks, in 2015. These acquisitions are similar to those of Microsoft, who purchased Adallom for $250 million, and Blue Coat, who purchased Perspecsys Inc.

 

About CloudLock:

Founded in 2007, Massachusetts based CloudLock currently has about 130 employees. It provides cloud access security broker (CASB) technology that allows enterprises to protect data within their cloud. This platform acts as a control point for users that are attempting to access cloud based applications such as Microsoft 365. This technology allows policies pertaining to data access to be established and enforced. It also allows security administrators to monitor third party applications that enterprise employees may be utilizing without expressed permission of the enterprise.

 

Essentially, CASB gives administrators a control point for cloud security and visibility. Because of these unique capabilities, the demand for CASB technology is expected to increase sharply in the coming years. This increase is driven by growing utilization of Software as a Service (SaaS) applications such as Office 365.

 

Comments:

Rob Salvagno, head of Cisco’s M&A and venture investment team: “‘Buy’ has been a key part of our innovation strategy, alongside significant internal product development, to drive towards a fully integrated security portfolio.”

Rob Salvagno, vice president of Cisco Corporate Development: “CloudLock brings a unique cloud-native platform and API-based approach to cloud security, which allows them to build powerful security solutions that are easy to deploy and simple to manage.”

Luke Burns, general partner at Ascent Venture Partners:”CloudLock rose to leadership in the cloud security sector with a pure-play approach of being cloud-native while leveraging other cloud platform APIs in a collaborative fashion. They were a trailblazer of this approach while the competition often focused their efforts on extending legacy methods.”

The post Cisco to Buy CloudLock appeared first on Cloud News Daily.