How to Log Events and Maintain Compliance with journald, the New Linux System Event Log– Part 1: Configuring the Daemon
Cybersecurity laws and other regulations clearly exist for good reasons, and there are serious penalties involved if you fail to meet them. The new version of PCI DSS, the Payment Card Industry Data Security Standard, requires going beyond showing that data can be secure, you must show that it will be secure through established procedures […]
How Has The Past Year Of NSA Surveillance Revelations Changed The Cloud Market?
The whole point of Learning Tree’s Cloud Security Essentials course is to discuss the questions you must ask a potential cloud provider to see if you could move some of your operation into the public cloud. Moving to the cloud means losing some control and visibility. You lose physical control with IaaS, much more control […]
Certification and Compliance Don’t Make You Secure
Security > Certification + Compliance Certification and compliance can play a role in security. They might be part of security, but there is no guarantee that they can provide it. Put another way, they might be necessary, at least for regulatory reasons, but they are not adequate on their own. Passing a certification exam proves […]
Security, Privacy and Compliance in the Cloud
I have been teaching Learning Tree’s Introduction to Cloud Computing Technologies course for almost two years now. I also teach the Cloud Security Essentials course. Each time I have taught these courses spirited discussions have arisen concerning the separate but related topics of Security, Privacy and Compliance. For example students that come from a healthcare […]