In his play Julius Caesar, Shakespeare famously portrays a soothsayer as warning Caesar to beware the Ides of March, forever giving the otherwise innocuous middle of the month a sinister cast.
Maybe you’re ahead of the game, but in today’s day and age, more and more organizations are recognizing the inherent advantages to fostering a multigenerational workforce.
As a Third Party Assessment Organization (3PAO), Schellman has been performing FedRAMP security assessments for Cloud Service Providers (CSPs) since 2014. During this time, we have seen our CSP clients pioneer technologies that provide federal agencies an opportunity to leverage new and innovative cloud services, all while modernizing their approach to building, deploying, and managing applications through containerization. Though this gradual shift to containerizing system components has increased CSPs’ operational efficiency and scale, it has also introduced new security risks to FedRAMP systems.
Originally published in the ISACA newsletter
On 21 October 2016, something happened that could have been straight out of a science fiction movie. Many parts of the Internet, which we take for granted, stopped working. Twitter went down; Airbnb and Spotify were inaccessible. Even security expert Brian Krebs’s blog was shut down. It was as if the Internet had stopped working. What had occurred was a massive distributed denial-of-service attack (DDoS). The difference between this attack and most others is that instead of focusing the attack on an individual website, the focus was on a centralized service provided by the vendor, Dyn. Dyn offers services, including routing of incoming traffic, so that heavily used sites, such as Twitter, can offer better service to their visitors. The DDoS hackers took a hit-the-mothership approach to deliver a much more widespread impact, bringing down multiple websites.
We all have our own ways of creating our perfect working environment. Some of us like to have photos of family on our desks, some of us like the minimal look, and then there are those of us who must delve through several layers of old Post It notes and play coffee cup chess before we can find anything on our desk. Now, it is pertinent to mention at this juncture, that there is a school of thought that says that a ‘messy desk means a clear mind’. However, when it comes to the world of security and privacy, this sentiment goes out of the window. We may have our web access firewalls configured, our database security perfect, and our desktop security policies in place, but if an employee leaves a Post It note with their password on, lying around, it may all be for nothing.