Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Managing application resources at scale can be tricky business. As such, many DevOps and AppSec teams turn to using a declarative framework rather than writing individual scripts to deploy, manage, and maintain access controls for their resources. For Azure environments, Azure Resource Manager (ARM) is this management layer that allows teams to manage their infrastructure as code (IaC) through declarative ARM templates.

Business productivity and collaboration suites preferred by enterprise customers, such as Google Workspace, are central to an organization’s operation. In addition to storing sensitive org info, Google Workspace includes settings (e.g. Google Groups) which control access to sensitive data across a customer's entire Google Cloud org (Workspace & GCP).

The SaaS-based Rubrik platform is built to protect and recover a wide variety of cloud-native workloads. For Microsoft Azure, this commonly equates to protecting Azure Virtual Machines and Managed Disks, where recovery options can range from entire resource replacement, in-region or cross-region exports (clones), and now file/folder recovery.

The shift to the cloud has greatly accelerated during the past year, and with that shift most cybersecurity incidents now involve cloud infrastructure. According to the 2021 Verizon Data Breach Investigations Report, 73% of cybersecurity incidents involved cloud assets — a 27% increase from last year. The 2021 IBM Security X-Force Cloud Threat Landscape Report also found there are 30,000 cloud accounts potentially for sale on dark web marketplaces.

Operating in hybrid environments can get really tricky at times. As more and more organizations are moving their sensitive data to the public cloud, the need to keep this data secure and private has increased significantly over time. While handling their valuable datasets within their respective environments, companies need to ensure utmost data security and compliance to meet the regulations set by various governments.

Many Gmail users were recently greeted with a message that alerted them that 2-step verification will be required to log into their accounts starting on November 9th (today). While many in the security community have been advising people to turn on 2-factor, 2-step, or any other secondary security method on every account as a way to protect the login process, the Twitterverse showed that many people were unhappy with Google’s implementation of this mandatory change.

In this hyperconnected world, where 70% of users continue to work remotely, sharing data in real-time with partners and customers leveraging the flexibility of the cloud is a fundamental aspect for the daily operations of businesses worldwide. In this scenario, the risk of misconfigurations exposing sensitive data continues to be a serious (and frequent) concern.