Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Security for Cloud Services: IaaS Deep Dive

In this, the final post in my series on considerations for managing your security with cloud services, we will be looking at Infrastructure as a Service (IaaS). If you haven’t yet read the previous blog entries about SaaS and PaaS, it’s worth going back to read these first, as much of the thinking associated with these services is also true for IaaS.

Bulletproof goes to space

The nights are drawing in and the world outside has been painted with autumnal colours once again. The year is ending and, as such, it is a time for reflection before the inevitable glance towards the white light of the future breaking upon the horizon. Flowery prose aside, we've just had our latest Quarterly Business Update (QBU). We’ve had a pretty good year. We’ve grown, innovated, added to our services and taken on more clients than ever.

Ransomware Attack Cause of Wood Ranch Medical Permanent Closure

Wood Ranch Medical has announced it will be permanently closing its doors as a direct result of a ransomware attack. The devastating attack occurred at Wood Ranch Medical in Simi Valley, CA, which recently announced that the practice will permanently close on December 17, 2019. It is another example of how cyber attacks and specifically Ransomware can bring a business to its knees.

Michigan Practice Brookside ENT Closes Doors Following Ransomware Attack

The ransomware attack encrypted the computer systems at Brookside ENT and Hearing Center in Battle Creek which housed patient records, appointment schedules, and payment information rendering the data inaccessible. A ransomware attack can prove costly to resolve. That cost was not deemed worth it by one Michigan practice, which has now permanently closed its doors.

What is Ransomware?

So what is Ransomware? Ransomware is a type of malicious program/application that gains access to your files or systems and blocks user access to those files or systems. Then, all files, or even entire devices, are held hostage using encryption until the victim pays a ransom in exchange for a decryption key. The key allows the user to access the files or systems encrypted by the program.

What is the Principle of Least Privilege?

The principle of least privilege (POLP), an important concept of computer security, is the practice of limiting access rights for users, accounts and computing processes to only those needed to do the job at hand. Privilege refers to the authorization to bypass certain security restraints. When applied to people, minimal privilege, means enforcing the minimal level of user rights that still allow the user to perform their job function.

What is a Computer Worm?

A computer worm is a type of malicious software that self-replicates, infecting other computers while remaining active on infected systems. Worms can often go unnoticed until their uncontrolled replication process consumes system resources, halting or slowing the infected computer. Along with computing resources, networks can become congested by traffic associated with worm propagation.