Cloud Computing Design Patterns

After months of diligent effort, ‘Cloud Computing Design Patterns’, a Prentice Hall/Pearson publication is available for purchase. Homeland Security Consultants CEO, Robert Cope co-authored the book along with Thomas Erl and Amin Naserpour. Robert Cope wrote the cloud security chapters, which provides the reader with foundational knowledge and advanced concepts of cybersecurity for cloud environments. Sean Cope assisted Robert’s efforts through contributions from experiences conducting security assessments against cloud service providers.

Cybersecurity is an ever increasing focus in today’s IT landscape, and as technology is now cloud centric, the need to adequately secure this environment is paramount. Expertise in this highly specialized arena is limited, and Homeland Security Consultants was sought after to provide information on the subject for the Cloud Computing Design Patterns publication.

Thomas Earl is the creator of “The Prentice Hall Service Technology Series”, which provides unbiased, vendor neutral guidance and instruction in the areas of service technology application and innovation.

Prentice Hall/Pearson is the world’s leading education publisher.

Health and Human Services Program Support Center

Homeland Security Consultants, LLC signed a teaming agreement today with Social and Scientific Systems (S3) for the upcoming Department of Health and Human Services (DHHS) Program Support Center (PSC) Indefinite Delivery Indefinite Quantity (IDIQ) solicitation. Homeland Security Consultants will provide cybersecurity support on task orders issued for PSC.

The Program Support Center “…provides the essential functions needed to keep government agencies operating. We do everything from managing Federal employee health clinics to delivering mail; from digital archiving to negotiating contracts; and from financial reporting to storing and distributing medical supplies.”

Social and Scientific Systems mission “…is to improve public health worldwide by providing technical, research, and program management services to government and other clients. This support enables policymakers, medical professionals, communities, and citizens to improve public health knowledge and to mitigate the effects of devastating diseases, such as HIV/AIDS.”

We are excited to be on the S3 team and look forward to assisting with cybersecurity expertise within the Health Care Industry.

FedRAMP can help cyber security challenged Clouds

Not all cloud providers are created equal as recent news of the Adobe Cloud’s poor implementation of password protection resulted in 150 Million Adobe documents being published online. Paul Ducklin of Naked Security provides an excellent break down into the investigation of exactly what went wrong within the user authentication mechanisms for the Adobe Cloud. Adobe would have benefited greatly from undergoing the FedRAMP Security Authorization process as these security holes would be uncovered ahead of a public compromise.

For a time I was optimistic that large, medium, and small firms would come to an universal understanding that they had no choice but to take action to implement effective security measures within their source code, infrastructure, and identity management solutions. It appears that large companies that have the financial resources still choose not to tackle even basic security to protect their customers.

The obvious needs to be said, hacking groups that exist in the wild are continuously evolving into a sophisticated attack force. Let’s think about it for a moment, cyber theft results in at least a $300 Billion loss to the global economy according to this McAfee report. With money to fund operations, entry level hackers have a career path into the depths of sophisticated brand destruction and pilfering from the global financial coffers. The money available to these groups and individuals provides them means to devote more time into their craft, forging even stronger more efficient hackers. As new technologies creep into the business world, the skilled will continue to adapt an exploit the next best thing. And it’s not going to stop; the genie has been let out of the bottle.

The time for warnings is over. If the company that you own, work for, have stock in does not care about its cyber security then expect it to get pawned one way or another by sophisticated attackers. Losses are going to affect you one way or another. Everyone as a collective has to get smart, and fast, but that is not going to happen. Let’s be realistic.

I would suggest to anyone operating a cloud environment to take a look at the security requirements that FedRAMP requires. Even if you are not intending to go through a FedRAMP Security Authorization, valuable insight will be uncovered to how to protect your cloud service through required security control implementations. It will help those who are challenged in the ways of cyber security to check themselves before ending up as a breach headline.

HSC Consulting

HSC Consulting

HSC consultants consistently beat our customer expectations for quality of work delivered. Strategic planning and streamlined execution bring desired results that keep our customers up to date with current trends.