This July, the Zoom bug quickly got us all thinking about videoconferencing security again. Although the bug was quickly squashed, the idea that someone could send you a link that would arbitrarily add you to a conference call – thus allowing attackers to spy on you through your webcam – was unsettling beyond belief. Although Apple patched the Zoom bug out of existence before anyone could take advantage of it, the implications are worth considering.
Most business solutions are migrating to the cloud due to the flexibility, scalability, and cost-saving features. However, while moving to the cloud, data, systems, and services can be exposed to serious security and compliance challenges.
When moving data to the cloud, it is necessary to ensure that your information and data remain compliant with the laws and regulations of your industry.
Technology and businesses are increasingly moving to the cloud. However, certain conditions (such as security concerns, regulatory issues, or abnormal workflows of data) prevent complete public cloud adoption for some businesses. For these businesses, the solution can be the hybrid cloud model, which provides the rapid provisioning of resources on a billing/usage basis (public cloud), while maintaining the speed, reliability, and agility of an on-premises solution (private cloud).
Securing Applications and DataFor both traditional on-prem solutions and cloud-based solutions, how should organizations act to secure their data and applications?
When talking with IT service providers working in the healthcare space, we’ve found a few concerns repeated:
- My organization has become heavily security conscious after the malware attacks, but we’re not sure where to focus.
- Our leadership wants us to adopt cloud infrastructure and platform services, but our security team is preventing that as they are not sure of the security.
- As our development teams are building products, such as SaaS offerings for clients or other solutions, we are not sure what modern tools work for managing the infrastructure and apps involved.
Collectively, these concerns all engage in the shared idea of security and operations.