Cyber attack? Five basics to adopt

Cyber attack? Five basics to adopt

Last week the Australian government announced that government services had been under a sustained cyber attack. They said it had been happening for a while and had the footprint of a nation state level attack. No breaches were revealed. Don’t cyber attacks happen all the time? Well, yes, but this one was different. The key was the scale of the attack. It was across industries, including critical infrastructure such as […]

Read More →
Microsoft 365 monitoring

Microsoft 365 monitoring

The COVID-19 pandemic has resulted in significant changes to working patterns for most organisations, with a more geographically dispersed workforce than ever before. Many organisations are making more and more user of Microsoft 365 (formally known as Microsoft Office 365) for collaboration. Security of a Microsoft 365 tenant starts with visibility of operations, yet many organisations remain unaware of the day to day activities and usage of the platform. In […]

Read More →
Remote working. Safely!

Remote working. Safely!

The COVID-19 pandemic is resulting in significant concern and uncertainty in our communities and globally. Many organisations are moving to adopt a remote working approach so as to avoid the chance for transmission between teams and reduce the spread of the disease. The challenge for organisations is how to stay digitally safe from the kitchen table? What are the common pitfalls to avoid? Uncontrolled networks Most people will be remote […]

Read More →
Least privileged access with AWS

Least privileged access with AWS

The principle of least privileged is king when it comes to managing access. It’s a simple approach. You give your users access to the services and the actions on those services that they need and nothing more. Importantly, this approach is critical for regulated environments, such as PCI DSS. However, when we adopt an everything as code approach it can get more complicated. Similarly with automation, you end up with […]

Read More →
re:Inforce 2019 – wrap up

re:Inforce 2019 – wrap up

The debut running of the AWS security conference re:Inforce 2019 has wrapped up in Boston today. RedBear were on the ground to soak up the event. Here is our wrap-up from the 2 day event. Key themes There were a number of reoccurring themes from the conference. Securing automation. Being able to adapt and respond is no longer the domain of a floor full of analysts. With more and more […]

Read More →
AWS PrivateLink

AWS PrivateLink

Is connecting over the internet a concern? Enter, PrivateLink For organisations that are ultra concerned about keeping their services private, especially Financial Services, one of the bug bears of using the AWS public Cloud environment is can be that all the AWS services need to be accessed over the Internet using public addressing. Not any more. Terry Wise of AWS has just announced PrivateLink at re:Invent (see the what’s new article) . It’s a new service […]

Read More →
Cloud Security – it’s up to you!

Cloud Security – it’s up to you!

There’s a hole in my bucket, dear Liza… Recently, there have been a number of high profile leakages of data as a result of customer configuration of AWS S3 buckets. Let’s be clear here, this is not a problem with the AWS S3 platform. Potentially sensitive data is being stored in S3 buckets that have been set up as publicly available. It’s the kind of headline you don’t want, especially if […]

Read More →
Multi-cloud – is it what we thought?

Multi-cloud – is it what we thought?

Early ideals in multi-cloud In the early days of Cloud, there was much talk of a multi-cloud approach. As the number of public Cloud providers grew, and then subsequently shrunk, solutions emerged to enable multi-cloud. “You can move workloads between Cloud providers” they promised. “Avoid vendor lock in”. Did they deliver what they promised, and, more importantly was it a problem for which we needed a solution? Adoption of a […]

Read More →
Scale – supporting massive workloads in the Cloud securely

Scale – supporting massive workloads in the Cloud securely

A very common problem for businesses across all sectors is dealing with scale. In a traditional on-premises world, the infrastructure would be sized to deal with peak load. That may be only a few days a year. The “normal” load may be only 10% of that. Think about that for a moment. You purchase and manage 10 times the amount of physical infrastructure just to deal with a once or […]

Read More →