With more than 32 years of experience in information technology, and an extensive and successful entrepreneurial background, Kevin Nikkhoo is the CEO of the dynamic security-as-a-service startup Cloud Access. CloudAccess is at the forefront of the latest evolution of IT asset protection--the cloud.
Cobbling together point solutions provides tools, but doesn't promote the key collaborative intelligence integrated cloud-based unified security offers.
Of all the strategies and tactics available to prevent breaches, deter data leakage and theft, control access and secure beyond the ...Mar. 28, 2014 11:00 AM EDT Reads: 7,579
Expand on-premise identity management capabilities by utilizing the flexibility and agility of an IDaaS and SSO to augment permissions for cloud-based apps.
The modern enterprise is a fluid entity. As an IT construct it expands and contracts (sometimes simultaneously), and many of the...
Identity Management (IDaaS) & Access Mgmt (SSO) solve similar but separate issues, but both serve as a cornerstone of an integrated security initiative.
One of the biggest misconceptions in cloud security is the perception that identity management (IDaaS) and access management (SSO) a...
Security-as-a-service provides the necessary ingredient to transform continuous monitoring from compliance mandate to best practice: real time monitoring.
Every 4,000 miles or so I bring my car into have the oil changed, the brakes checked and tires rotated. Why? Because I know if I l...
A cloud security take on an old riddle: analyze risks, identify needs, develop priorities, deploy scalable model, and leave room for dessert.
Security is big. It encompasses a great many definitions, confronts a great many issues and is addressed through a great many solutions using a...
Despite accusations against the gov't of data harvesting and privacy invasion, IDaaS is a feasible and trustworthy option to maintain identity protection.
Conspiracy theorists and other concerned citizens will insist the government is watching every keystroke, keeping a record of ever...
Stats show risk grows in disproportion to IT security readiness. Security deployed, managed from the cloud provides strong results.
How cloud security overcomes the obstacle. It’s simple, really. More bang for the buck. Using the ability to apply operation expenses over capital ones ...
Asserting control of the IT environment through collaborative and integrated identity and user access strategies create the necessary visibility.
Security is not an all-or-nothing proposition. And that’s part of the problem. It creates blind spots; gaps in vulnerability. Partly becaus...
Strong InfoSec strategies must answer the key questions of who is logging in, what is accessed, when was it changed and how is the IT landscape affected.
Enterprise security can be a labyrinthine, complex beast with many moving parts, dozen upon dozen of requirements, needs, implicati...
The major retailer BCBG migrated to a cloud security platform and discovered the CloudAccess'SIEM and Log Management capabilities enhanced their abilities for enterprise security.
There was a time the only security issues retailers needed to be concerned with was theft. Put a guard in...
Restaurants, food service orgs feel the sting of security breaches via POS integration..ask Raleys, Schnucks, Subway, Zaxbys aned many others. Affordable real time monitoring must become a key priority.
I love sushi. I love big fat burritos. I love tikka masala. So now that my taste b...
More than fines and reparations, intrusion Security significantly impacts customer retention. Damage done to brands because users don't trust doing business with that company is staggering.
In terms of dollars and cents on a risk analysis spreadsheet, it is easier to put a value on a ...
Want the secret to user provisioning/de-provisioning in an enterprise setting, The one word answer,…Integration.The question is why, how & with what?
The need to credential authorized users to your network and other proprietary assets is clear. You only want those with the proper righ...
For many companies with whom I talk, there isn’t a lack of IT talent when it comes to security--just a lack of hours in the day, computing resources and necessary headcount with specific expertise to change the culture from reactive to proactive and strategic risk management. Executive...
Access policies must be a part of any company’s risk assessment and security policy because unsecured, unmonitored access by former employees can only lead to trouble.
Earlier this month I attended a local cloud developers group, and I met a gentleman who consults with companies to e...
Regulatory compliance remains a critical and strategic business need for most companies. And, the issues are clear. The layers of IT security necessary to address the myriad of audits, reports and processes are typically expensive. The expense is not limited to the technology applicat...
Precautions to safeguard client data & infrastructure is an MSPs responsibility-this extends beyond client's sphere of access to MSP employees & consultants. MSPs must employ some degree of security to cover their own access, not just that of their clients.
A man walks into the doctor...
The cloud will soon supplant on-premise security initiatives. IT is at a crossroads: the acceptance of cloud-based computing as the chief business driver.
Erasmus Wilson, the celebrated Oxford professor once proclaimed, "When the Paris Exhibition [of 1878] closes, electric light will ...
CloudAccess is hosting a free webinar titled: "One Click...From Directory to Cloud" on May 22 and May 28th at 11:00am to address best practices associated with user provisioning, password management, multi-factor authentication, application gateways and single sign on (sso).
Effective...
One of the established best practices in InfoSec is monitoring. People, products and companies get paid a great deal of money and expend a great deal of resources to watch pots. Monitoring simply is the central component to any security initiative. But with all best practices, there ar...
Security-as-a-service leader is first to the cloud-based market with a security solution that combines the key capabilities of user credentialing and authentication with single-sign-on for both SaaS and legacy applications.
CloudAccess, a provider of unified security solutions from th...
Network perimeters are all but erased and traditional security strategies such as stacking don't adequately address the current needs of a modern enterprise. Many companies are still using strategies rooted in 2002 technologies and approaches. The new intelligence-based security model ...
Implement the predictive analytic process that is designed to assess/score risk attributes during authentication so that Access Management can determine whether to require the user to complete further authentication steps.
Does this sound familiar? Ann, sitting at her desk eating lun...
The Who asked ultimate Access Management question..."Who Are You?" So do we listen to Paul McCartney said and "Open the door and let 'em in" or kick them to curb as the Stones suggest..."Hey You, Get off of my Cloud" The answer is different for each organization because, not every empl...
Securing your IT environment is not free, but there are new (cloud) options designed to mitigate costs while still providing a strong, manageable and proactive defense. While many companies still would rather spend capital on commodity assets, many CIOs recognize that information secur...
Before you add another decimal place to security budgets, maybe it’s time you consider the how cloud-deployed security options can not only address the complexities of enterprise security ably, but do so at considerable savings.
With all the talk of fiscal cliffs sequestrations, finan...
You've got SIEM, you employ log management. You even have access and or identity management. Each performs a specific security function for your enterprise, but unless they are working across all your information silos and collaborating their collective capabilities, you still might ha...
Risk is not unique to the cloud. The "how" (aka the technology) changes, but not the mission. True professionals know the argument is not about technology or how security is delivered, but rather one of governance and policy enforcement.
Do a Google search on “cloud security” and the ...
The lack of a proactive security strategy is much like an ostrich putting its head in the sand. It is a matter of when, not if attacks will happen. As enterprise systems are exposed to substantial risk from data loss, theft, or manipulation, a proactive unified approach deployed and ma...
Having all the security solutions--even if they're cloud-based--doesn't necessarily ensure holistic protection. In the modern enterprise, there are simply too many parallel silos of data. The key is to get the solutions not only to talk to each other, but to leverage one another's capa...
Using the Holiday season as a way to educate about the cloud.
Happy holidays to all of you and may the season keep your perimeters protected, your assets secure and your networks free of nasty little elves!
Twas the night before Christmas
and all through the net
No access was stirr...
Introducing a new security paradigm that leverages the cooperative functionality of various security tools. However, the key is still monitoring the results in real time; and the best case scenario (most efficient/effective means) for most companies to achieve this is via the cloud.
T...
Most attacks, like the recent DDoS attacks on banks, show most hackers do not use brute force to gain entry to sensitive data. And as organizations expand the perimeter of their networks,, there are so many more opportunities for data leakage and theft. To control it, a more nimble, fl...
Too often overlooked, SIEM (security information event management) needs to be a integral part of any enterprises security best practices. It facilitates a holistic view of an IT landscape and allows a company to be more proactive with its security initiatives.
First and foremost, SIE...
Did you know 72% of data breaches worldwide the previous year occurred at companies with 100 or fewer employees — a 63 percent increase. However, with unified security solutions, small businesses can gain enterprise-class safeguards at an affordable price.
I just got off the phone wit...
PCI (Payment Card Industry) enforces Data Security Standards that looks to ensure that ALL companies that process, store or transmit credit card information maintain a secure environment. This can be a burdensome task unless retailer can leverage the cloud. This article takes a look at...
IT spends untold millions of dollars, thousands of man hours for technology designed to solve solutions, but because of complexity, budget shortfalls, lack of expertise or a myriad of other gremlins, too many initiatives never realize their potential. That was before cloud computing an...
Too many IT departments take the stance of "I'll worry about it when I have to worry about it." Problem with security issues is, by then it's too late. Often times maintaining the status quo is as dangerous as doing nothing at all.
In my experience there are two types of enterprise IT...
There is truly a difference in terms of scope, application and business need between security "in" the cloud and security "from" the cloud.
No, this isn't 7th grade English...I promise.
With all the important decisions IT departments make, what’s the big deal whether cloud security m...
The issue of Big Data seems very prevalent these days. How to store it. How to manage it. And, how to best secure it. But Big Data is much more complex than a voluminous amount of information. It requires a new paradigm in application, process, and security...all from the cloud.
There...
