LAS VEGAS \u2014 The importance of creating a defensible information security strategy and why it might make sense to migrate graphics workloads to the public cloud were highlighted by Kroll and Teradici representatives at the Content Delivery and Security Association (CDSA) Cybersecurity and Content Protection Pavilion April 25, during the NAB Show.<\/p>\n
When Kroll security experts meet with clients to help them set up\u00a0 security strategies \u201cwe just try to focus on the critical issues because you can get bogged down in a lot of unnecessary details\u201d otherwise,<\/p>\n
Erik Rasmussen, Kroll managing director, North America Cyber Practice leader, said, during a session called \u201cCreating Defensible Information Security Strategies.\u201d And he stressed the importance of being \u201cproactive\u201d by setting up that strategy \u201cbefore a breach, rather than after the breach\u201d has happened.<\/p>\n
Companies must have a security system in place that is \u201cresilient,\u201d he said, adding: \u201cYou don\u2019t have to spend a quarter of a billion dollars, but you can\u2019t have nothing\u201d in place to handle a security breach \u201cbecause an incident will occur.\u201d If \u201creasonable measures\u201d are implemented for that security system, a hacker would have to use \u201cextraordinary\u201d methods to enter a network and do significant damage to a company\u2019s system, he said.<\/p>\n
It\u2019s important to have a security \u201cframework\u201d in place, as well as trained employees and executives on hand to deal with breaches at a company, he said, pointing out: \u201cAn entity is going to be compromised\u201d and you must figure out how to deal with it. He compared it to the proactive steps that people take to maintain their bodies to guard against health problems.<\/p>\n
Every business has intellectual property it must protect and each industry has its own set of \u201ccrown jewels\u201d it needs to protect above all else, he went on to say.<\/p>\n
When setting up the security system, \u201c360 degrees of protection\u201d are needed to combat suspicious activity seven days a week, around the clock, he said. It\u2019s also helpful for companies to know where any devices that may be used and compromised are located, as well as who those devices are assigned to and exactly what\u2019s on those devices, he said.<\/p>\n
\u201cTiered frameworks are also very important\u201d to have in place for a company\u2019s security system, and it\u2019s important to test the maturity of systems that have been set up, he said.<\/p>\n
One thing for companies to be careful about is placing too much trust in technology in and of itself, he went on to say, telling attendees: \u201cPeople think that by buying widgets and by putting things on their network, that\u2019s going to solve your security problem, and nothing could be further from the truth.\u201d Such security technologies that companies can purchase may help \u201csupplement\u201d one\u2019s security system, but alone can\u2019t be the complete solution, he said, adding: \u201cPeople and processes also need to be air-tight in order for technology to work properly.\u201d He noted that he\u2019s seen breaches where a $5 million security tool has been \u201cimproperly built,\u201d and may not have caused a breach, but also didn\u2019t help and may have even got in the way of identifying a breach that occurred in a timely manner.<\/p>\n
Teradici\u2019s PC-over-IP (PCoIP) technology, meanwhile, can be used by companies to securely migrate their graphics-intensive workloads and applications to the public cloud, Mirela Cunjalo, senior product manager at that company, said in another session, called \u201cSecurity and Other Key Considerations for Migrating Graphics Workloads to the Cloud.\u201d<\/p>\n
PCoIP \u201cenables unprecedented security because no data, applications \u2013 anything like that — leaves the cloud,\u201d she told attendees, adding: \u201cOnly encrypted pixels leave the cloud.\u201d\u201d<\/p>\n
Media and entertainment companies are among the many growing number of organizations that are moving to the public cloud, she noted. Factors that companies should consider when deciding whether to move to the cloud include whether their work forces are expanding, including contractors, she said, adding: \u201cPublic cloud is really good for that,\u201d and can help people at those organizations to quickly start working on projects. Companies should also consider moving to the cloud if they have large data sets and need a lot of people from multiple locations who need to access that data, she said.<\/p>\n
Other factors that must be considered are the networking infrastructure that a company has, whether it has enough bandwidth, and whether it has in-house IT expertise to build its own data center, she said. If it doesn\u2019t have the latter, then the public cloud becomes an \u201cideal\u201d solution because it\u2019s \u201cmuch easier to manage your environment\u201d there and it can take a shorter amount of time to get started, she said. Financial considerations, including whether it makes more sense to rent or buy equipment, must also be taken into account, she said.<\/p>\n","protected":false},"excerpt":{"rendered":"
LAS VEGAS \u2014 The importance of creating a defensible information security strategy and why it might make sense to migrate graphics workloads to the public cloud were highlighted by Kroll … Continue reading NAB 2017: Kroll, Teradici Offer Tips on Creating Security Strategy, Migrating to the Cloud<\/span>