Today I delivered a keynote about trust in the cloud at the Cybersecurity Expo 2014 event in London. I’ve been thinking about how to tackle a topic like ‘trust’ and how it applies to cloud computing. I don’t know about you, but when someone you don’t know very well says ‘you can trust me,’ I kind of feel the opposite. I believe that actions speak louder than words. With that … Read more »
It is not uncommon to hear organizations of all sizes – small startups to large enterprises cite benefits such as scalability and cost savings as reasons to move to the cloud. The cloud can also free up resources enabling organizations to focus more on their core business. However, when it comes to choosing a cloud provider, how do you decide who to trust with your most sensitive information? For many … Read more »
This article in our compliance series looks at the importance of secure software development to the financial services industry. Software – whether running on PCs, laptops, or in new cloud-based services plays a critical role for financial services institutions in helping to protect their business and customers. It can help protect against malicious attacks, theft of customer data and even corporate assets. However, designing large, complex programs and services that … Read more »
The exploitation of vulnerabilities specific to country-code top-level domain (ccTLD) registries has become an increasingly common problem, especially in relatively small markets around the world. A ccTLD is an internet domain registry generally used or reserved for a country, a sovereign state, or a dependent territory, such as .co.uk (for United Kingdom) or .fr (for France). This allows web sites to be associated with their specific country, territory or geographic … Read more »
This article in our compliance series looks at how the Microsoft Security Development Lifecycle (SDL) helps organizations meet compliance requirements under the financial sector’s Payment Card Industry Data Security Standard (PCI DSS) and Payment Application Data Security Standard (PA-DSS). PCI DSS is an industry-accepted information security standard authored and approved by the PCI Security Standards Council (PCI SSC). It applies to organizations operating within the United States that handle cardholder … Read more »
This article in our compliance series looks at how the Microsoft Security Development Lifecycle (SDL) helps organizations meet compliance requirements under the Health Insurance Portability and Accountability Act (HIPAA) Security Rule. HIPAA is legislation which affects organizations operating in the United States who provide health insurance coverage for workers and their families. The Act also defines policies, procedures and guidelines for protecting the privacy and security of individually identifiable health … Read more »