Summit 7’s Post

Are you frustrated by how long it takes to get access to do cleared work? If so, Summit 7 has a solution. They offer an end-to-end service to quickly get access to DoD IL6/Secret Cloud Computing resources with their "Guardian Cleared Enclave" offering. Read more at the link below. #DoMoreFaster #IL6 #AzureSecret

I expect recent failings of security as-a-Service vendors to reset the balance of control between enterprises and their vendors. Let me ‘splain: The fundamental bet of SaaS/PaaS/IaaS offerings is that they can run it better than we in the enterprise can. In the security industry, this is being challenged by major vendor incidents making basic mistakes in AuthN (Okta), Key Management (Microsoft), and Change Control (Crowdstrike). I don’t expect this means everything will start coming back in house and on-prem. I do expect incidents like this will cause the pendalum to swing back to more enterprise control and less of the one-size-fits-all approaches we’ve been getting. We’re seeing this in the Crowdstrike findings. Put another way: Run it better than me, and give me controls to limit your mistakes. Please, don’t make us all run this stuff again. (Yes, I was stranded for 2 days by Crowdstrike/Delta. Yes, I caught COVID from it. Yes, I’m telling people I have the Crowdstrike variant of COVID).

With the growth of mobile and remote work, keeping your company's data secure can be a major challenge. Your data may be in diverse locations, from a public cloud or hosting provider to an employee's desktop or phone. Get insight into your data security strategy by reading this @Microsoft eBook on the top data security challenge and how to address them. 👇

The White House revamped the federal government cloud buying policy Friday, giving the Federal Risk and Authorization Management Program's first major update since its launch in 2011. The new guidance issued July 26 was required under legislation enshrining the FedRAMP program into law, and also purports to be "responsive to developments in federal cybersecurity and substantial changes to the commercial cloud marketplace that have occurred since the program was established." One of the key changes in the marketplace is the explosion of cloud-based software. When the program launched in 2011, agencies were looking to cloud to provide infrastructure on-demand. The program is looking to widen its aperture and extend capacity to meet the challenge of vetting software-as-a-service products for federal government use. An oversight report released earlier this year dinged the General Services Administration for the slow pace of process improvements to the program. https://buff.ly/46v9j20

I'm curious about how many machines and systems won't be able to reboot successfully after the CrowdStrike crash. Many servers haven't been rebooted in years, and their applications rely on in-memory states and configurations that can't be recovered. Some best practices: - Avoid installing privileged agents. - immutable infrastructure: don't allow application updates at runtime; always use CI/CD with change management and testing. - Maintain a comprehensive risk management process. If a risk is approved, understand its blast radius and impact (e.g. If you’re running an outdated database version, know that and what’s the impact) I'm relieved that the systems I've delivered in recent years were not affected by the CrowdStrike crash while some of their on-premise dependencies failed. However, I did have several meetings with cybersecurity to explain why we shouldn't run agents in cloud containers/servers.

Implementing edge-to-cloud security with #Aruba. Titanium Technologies recommends checking out this eBook, where you'll learn how Aruba's WAN edge technology paired with best-of-breed security delivers high performance without compromising security. 🎯

Struggling with secure and efficient file transfers? It might be time to upgrade your business processes. Whether it's compliance issues, data security concerns, or simply handling large and complex files, we’ve got you covered. At Pro2col, we specialize in Managed File Transfer (MFT) solutions that ensure your data is transferred securely and seamlessly, no matter the size or complexity. Access to our team of experts who can help you navigate and implement the best MFT solution has never been easier. 🔗 Explore how we can streamline your file transfers https://lnkd.in/eVqgbmxS Feel free to reach out to me or any of the Pro2col team to discuss how we can enhance your business efficiency! 💡 #FileTransfer #CyberSecurity #BusinessEfficiency #Pro2col #ManagedFileTransfer

Executive Order 14028 is as relevant today as it was when it was written in 2021. Our public sector customers can enhance their software supply chain security, secure their software development, and create a software bill of materials using the Prisma Cloud platform. Learn more about how #PrismaCloud can help meet critical objectives of the EO, such as #SBOM and #CNAPP at the link below. https://lnkd.in/eSkHG2Xd

South Africa business leaders! Explore the Depth of Power Pages Security! Dive into the layers of security that make Power Pages a go-to for creating robust external web applications. Learn how it addresses OWASP Top 10 risks, ensuring top-notch security for your digital ventures. Follow us for more updates!

Security is a rising concern and can often be a hurdle when a company is considering a shift to a cloud environment. Projetech ☁ employs a formal risk review and mitigation program as part of ISO 27001/27017 requirements to address these concerns. Learn more here: https://lnkd.in/gsGKnw_k