ViaWest Director of Channel Strategy and Marketing Tamara Prazak has penned a blog post for Cloud Girls highlighting the importance of cloud audits and governance. In the post, Tamara outlines the drivers, approaches and supporting deliverables for cloud audits and ongoing governance.
Nearly every organization is on journey of transforming their IT infrastructure and cloud solutions are part of the mix for nearly all of them. The ever-increasing flood of data that users are generating, evolving security risks and new technologies are just a few of the pressures keeping CIOs up at night.
Most companies opt to move a portion of their workloads to the cloud while also maintaining other workloads on-premise. In fact, approximately one-third of IT budgets on average is being spent on the cloud according to a study of 1,050 IT decision makers produced by Fujitsu, Brocade, Intel and NetApp. This mixing and matching of solutions brings added complexity in terms of people, processes and technology overall.
For this reason, having a documented cloud strategy helps pave the way for smoother transitions and fewer roadblocks as improvements are made to existing infrastructure and processes. Conducting a cloud audit and establishing a governance plan are integral components to a solid cloud strategy.
The recent massive global cyberattacks have made “ransomware” a household term. The unique nature of this type of breach is that your most critical asset – your data – can be put in a hostage situation. The fact that a hacker can lock down your data and demand payment in return for it is a scary proposition. You have no guarantee that they will keep their word.
Here are three key things you need to have in order to avoid this terrible situation. (If you need a quick primer first on what ransomware is, click here.)
1. Security Architecture – Your security architecture is more important than ever. It is not good enough these days to rely on a firewall and some antivirus applications on a few servers. Every firm should have a central logging server at the base level. Ideally, you should have a Security Incident and Management, or SIEM, system as well. Additionally, patching of your systems is arguably the most crucial thing you can do on a regular basis. If that is not something you do today, then start making it a mandatory habit. There are plenty of service providers that will do it for you if your people don’t have time. It is not something you can ignore.
2. Disaster Recovery – Disasters are not just smoking craters or meteors hitting data centers. A breach is a disaster in and of itself. There are products and services today that can help you restore your systems back to the point you were at immediately before you identified the breach. Click here for a quick summary of essential components of DR planning. It may be that you do not know when that piece of code ran, but you will at least be able to get back to the point in time prior to that, once you know. There are people who can help you figure that out. Read on for more on that topic.
3. Breach Services – In the same way that we all carry insurance plans, it’s important to have an incident response and forensics firm on retainer well ahead of any trouble you might run into. They will be able to help you within minutes of an attack and can give you the proper advice of what to do immediately. A quality provider will also analyze your logs and environment to pinpoint when the breach happened, what gaps there were and what you need to do next. I can’t stress to you enough how important this is and that you need to be ready to work with someone you trust as soon as you have an issue. Trying to get help after a breach is difficult and expensive if you don’t have an established relationship in advance. Also, an incident response and forensics firm is a key relationship to leverage for proactive planning so you can have a proper security architecture and disaster recovery plan for the future. If you’re interested in getting more information about incident response and forensics.
Hello, Citrix Community! The following is a list of hand-picked NetScaler and NetScaler Gateway articles to assist you in managing your environment.