by Jason Ritzke, Senior Technical Consultant at Taos When architecting secure infrastructure a natural place to begin is a common standard set, such as those provided in a DISA STIG or CIS guideline. However, while industry standard compliance documents can often be a provocative starting point for thinking about your infrastructure requirements, they are no […]
Over the past decade most companies have come to accept ongoing security evaluations as a cost of doing business. Companies take pride in the careful evaluation of vendor products and processes done to limit risk. However, the last two months of revelations have shown us that this straightforward approach is no longer enough.
Revelations in 2012 that Google, Microsoft, and other cloud business vendors were providing customer data to the U.S. government’s PRISM program without a warrant1 woke many up to the risks inherent in cloud storage. However, the last few months haven’t been easy reading for companies who avoid cloud storage either.