Welcome to the fourth blog in our special series, Mitigating Gartner’s Network Security Worst Practices (a complimentary copy of Gartner’s research, Avoid these “Dirty Dozen” Network Security Worst Practices is available for viewing from AlgoSec’s website.)
In the first article in our series on security for IaaS, PaaS and SaaS we discussed the IaaS model, and provided tips on what to ask your IaaS vendor in order to ensure that your applications are secure. In this second post we’ll review the Platform as a Service (Paas) model.
Welcome to the third blog in our special series, Mitigating Gartner’s Network Security Worst Practices. In this post we’ll discuss Gartner’s “Defense with inadequate depth”  worse best practice.
We know that for several years now, security teams have looked at defense in depth network security strategy as akin to building castle walls, with each wall providing an additional layer of protection. In theory multiple protective layers should make a network more secure—if they’re done right. But somewhere along the line, confusion has developed over what a “layer” really means, with many companies thinking that using multiple vendors for the same type of task provides an additional layer of security. Not only do redundant layers that provide the same kind of protection from different vendors not increase your security, they may actually impair it.
Enterprise-sanctioned application deployments on Infrastructure as a Service (IaaS) cloud platforms are fast becoming a reality. But while IaaS’s flexibility and cost-savings benefits are important, its success as a business solution hinges on its security.
Welcome to the second blog in our special series, Mitigating Gartner’s Network Security Worst Practices (a complimentary copy of Gartner’s research, Avoid these “Dirty Dozen” Network Security Worst Practices is available for viewing from AlgoSec’s website.)
Many companies who completed our recent survey on security practices in hybrid cloud environments have already migrated at least some of their business applications to the cloud or planned to do so in the near future. While a third of those companies stated that they rely on commercial firewalls to manage and secure network access in the cloud, an equal number of companies who are planning to deploy business applications in the cloud within the next 12-24 months had not yet determined which network security controls they would use for their cloud deployments.