Get on-the-go access to the latest insights featured on our Trustworthy Computing blogs.
Posted by: Tim Rains, Director, Trustworthy Computing
Most of the conversations I have about cloud computing focus on the role of cloud providers to manage the security of the services they provide to their customers. It seems like implementing security controls, providing visibility into those controls, and ensuring services meet or exceed standards and compliance requirements are themes that are top of mind for most of the customers I talk to.
I think the reason for this is that some cloud computing architectures, like software as a service, offer customers the opportunity to offload many of the aforementioned security responsibilities to their cloud providers. But I rarely hear anyone talk about the residual risk in this arrangement. The obvious place to look for residual risk is the management of the clients used to access cloud services. I have written about the consumerization of IT and Bring Your Own Devices (BYOD) in the past, and how many Chief Information Security Officers (CISOs) are being challenged to evolve their strategies for protecting their organizations’ assets.
One great source of data to help CISOs, CSOs, security and IT professionals understand this risk is the Microsoft Security Intelligence Report (SIR). This report is released twice per year and contains hundreds of pages of threat intelligence that help risk managers understand the strategies and tactics that attackers are using to try to compromise systems and steal confidential information. Many organizations that I talk to around the world use the data and analysis in the report to inform their security efforts.
Today we released the latest volume of the SIR, volume 12, containing data and analysis on:
Whether you have moved all of your IT operations to the cloud, manage everything on premise, or are somewhere between these two scenarios, don’t forget about the security of all the parts of your IT operations. I encourage you to download the new SIR and take full advantage of the new research it contains as well as the hundreds of pages of threat intelligence. Please feel free to download the report and watch related videos at www.microsoft.com/sir.