What is Data Residency

June 17, 2019 By Nicole Chesterman

Data Residency (or Data Sovereignty) pertains to where data is being stored from a geographical standpoint. With cloud services, this can mean a location outside the country of origin. The concept of data residency infers that data storage is subject to the laws in the country within which it is held.

GDPR and Encryption

January 24, 2017 By Nicole Chesterman

With GDPR now formally passed into law, StratoKey has released a comprehensive GDPR compliance guide. This guide focuses on how organisations can utlise StratoKey to meet GDPR requirements when using cloud and SaaS applications.

CASB Guide

August 9, 2016 By Nicole Chesterman

StratoKey has published a guide on Cloud Access Security Broker (CASB) features, functions and architectures. This guide is designed to dispel some of the myths about CASB vendors and covers the advantages and disadvantages of differing CASB offerings.

What is a CASB?

May 4, 2016 By Anthony Scotney

A CASB (Cloud Access Security Broker) is a gateway that sits between users and an end cloud application such as Salesforce, Office365 or any other cloud deployed application. The purpose of a CASB is to control the security of both users and data stored in the cloud. This is achieved by encrypting content before it reaches the cloud, monitoring user access and in some instances automated firewall-like rules to thwart attacks.

Corporate Australia to 'rethink' Cyber Security Policies with Serious Data Breaches Bill

February 12, 2016 By Nicole Chesterman

According to the Australian Attorney-General's Department website, a proposed Bill will require Government agencies and businesses subject to the Privacy Act 1988 (Privacy Act) to notify the national privacy regulator and affected individuals following a serious data breach.

HIPAA compliance in the cloud

October 27, 2015 By Andrew Roberts

The Health Insurance Portability and Accountability Act - or HIPAA for short - regulates the storage and processing of protected health information (PHI) which is designed to ensure the security of any personally identifiable information that healthcare organizations store on patients - both in hard copy and electronically (e-PHI).

Cloud Access Security Broker Checklist

October 1, 2015 By Andrew Roberts

Gartner coined the term Cloud Access Security Brokers (or CASB) a few years ago now, and placed it atop of their security technology trends of 2014. As defined by Gartner, CASB solutions are on-premises, or cloud-based security policy enforcement points, placed between consumers and cloud service providers that offer monitoring and control across multiple cloud services.

Salesforce Encryption - part 2

August 24, 2015 By Anthony Scotney

In the first section of this two part post on implementing cloud data protection, we looked at identifying an appropriate cloud data protection solution, encrypting application data and how to lock end applications to the cloud data protection gateway. In this second part, we are looking at moving to the next level of cloud protection, threat identification, countermeasures and mitigation.

Legal Ramifications of Data Breaches

August 17, 2015 By Andrew Roberts

With federal data breach notification laws now in effect across the US, and similar laws in place in most European countries, organizations who suffer a cyber-attack are legally required to report the breach, opening the door to negative publicity and a whole raft of associated costs.

Salesforce Encryption - part 1

June 30, 2015 By Anthony Scotney

It was disheartening to read that a Financial Services Regulator's guidelines around data sovereignty lead to the termination of a Salesforce deployment by a large bank. This mandate at least in part resulted in the bank abandoning their $10 million Salesforce investment. The reason this is a disheartening result is because there are cloud data protection solutions that can alleviate much of the security concern that exists with cloud applications.