Beyond Checkboxes: 6 Cloud Security Measures All Healthcare Organizations Should Take

All Things Compliance, Security Research & Strategy
4 Min Read

Modern healthcare is a full participant in the digital economy, and personal health information (PHI) is at its center. But today’s digital landscape is a volatile threat environment where sensitive personal data is a coveted commodity. Minimizing exposure, liability, and risk to PHI is a necessity with visibility all the way up to the board-level in every healthcare organization.

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) includes the HIPAA Privacy Rule which establishes national standards to protect PHI. Every organization conducting health care transactions electronically is familiar with its rules, and being “HIPAA Compliant” is mandatory. But such standards can create a false sense of security; is simply checking the boxes and satisfying an annual audit really enough to keep attackers at bay? Do standards written over the course of decades adequately cover today’s rapidly evolving threat landscape? Are processes developed in the days of enterprise data-centers sufficient to protect containerized microservices running in the cloud?

The short answer is No: Merely being compliant is no longer enough. Digital leaders in proactive healthcare organizations — from providers to insurance companies — have realized that they must do much more to protect themselves from threats. Embracing DevSecOps and CI/CD gives healthcare organizations a strong foundation for security that goes beyond compliance with true full stack security observability. Read more “Beyond Checkboxes: 6 Cloud Security Measures All Healthcare Organizations Should Take”

AWS HIPAA Compliance Best Practices Checklist

All Things Compliance
4 Min Read

The Health Insurance Portability and Accountability Act, or HIPAA, is a United States law that seeks to protect the privacy of patients’ medical records and other health information provided to health plans, doctors, hospitals, and other health care providers. It seeks to make health insurance coverage available to everyone — even those who lose their jobs. It also aims to lower the cost of healthcare by setting up standards in the electronic transmission of financial and administrative transactions. As well, HIPAA is designed to help fight abuse, waste, and fraud in insurance and healthcare delivery. The act also gave rise to the HIPAA Privacy Rule, which is the first set of American standards that protect the health information of patients. All health-related clearinghouses, providers, and insurance plans are covered by the act, as well as all companies in the country that are handling or storing healthcare data.

The good news is that you can use AWS and be HIPAA compliant. One way to strengthen HIPAA compliance is by leveraging Threat Stack’s Cloud Security Platform®, which provides healthcare companies – as well as business associates – with the most advanced solutions they need to meet a broad range of HIPAA compliance requirements. This post outlines nine essential best practices you should know about AWS HIPAA compliance. Read more “AWS HIPAA Compliance Best Practices Checklist”

50 Best Kubernetes Architecture Tutorials

Containers, Orchestration & Security
17 Min Read

Kubernetes is a multi-functional, container-centric platform for managing workloads and services. Given the fact that containers and container orchestration can dramatically improve costs, flexibility, and resilience, it’s no mystery why Kubernetes has soared in popularity since Google open-sourced it in 2014.

On one hand, it’s a powerful orchestration tool; on the other, it’s not a silver bullet that will solve all your problems. In fact, at the same time that it helps to manage dynamic infrastructure, it also introduces new vulnerabilities that pose a threat to security. To understand the value of Kubernetes, how to integrate it in a way that improves operational efficiency, and how to guard against the new vulnerabilities that container orchestration introduces, it’s critical that you have more than a passing knowledge.

So if you’re ready to start diving into Kubernetes, you’ve come to the right place. Below, we’ve curated a list of 50 top quality tutorials to help you fully understand Kubernetes architecture and best practices. Read more “50 Best Kubernetes Architecture Tutorials”

Go Behind the Scenes of a Docker Cryptojacking Attack

Containers, Orchestration & Security
2 Min Read

When Threat Stack security analyst Ethan Hansen saw an alert in a customer’s environment that read /temp [RANDOM] cnrig, he knew his afternoon was about to get interesting. As part of his role in the Threat Stack Cloud SecOps Program℠, Ethan regularly monitors customer environments and proactively investigates alerts like this on the customer’s behalf. In this case, his suspicions were warranted, and Threat Stack had identified an active Docker cryptojacking attack.

Ethan and Threat Stack Security Solutions Engineer John Shoenberger recently sat down with “Your System Called: A Threat Stack Podcast” to recount this investigation into a Docker cryptojacking attack, his process of putting together a specific list of actionable recommendations, and how he worked with the customer within an hour of the alert to mitigate the threat.

Read more “Go Behind the Scenes of a Docker Cryptojacking Attack”

Your Guide to AWS re:Inforce 2019

AWS Security, Cloud Security Professional Development
12 Min Read

AWS re:Inforce 2019 | June 25–26, 2019 | Boston, MA

Attending cloud security conferences is critical for cloud security professionals, and AWS is stepping up to the plate with AWS re:Inforce — its first-ever conference focused exclusively on cloud security.

This event will benefit security professionals who need the latest technical know-how and is a must for anyone who works with security in the cloud, especially those who work with AWS. It’s going to be a worthwhile event for security professionals, developers, systems architects, engineers, decision-makers, and more.

(For more helpful resources to help you stay at the top of your profession, visit our guide to the best cloud security training resources and our favorite cloud security podcasts.) Read more “Your Guide to AWS re:Inforce 2019”

Operation Code and Sam Bisbee Talk About Getting Started in Security

Cloud Security Professional Development
7 Min Read

In February 2019, Threat Stack hosted a meetup with the Boston chapter of Operation Code. Operation Code is a 501(c)(3) non-profit intensely focused on helping veterans, active duty military, and their spouses successfully transition into technology careers and providing continued support as they become established in their new careers. Operation Code is largely veteran-run, but it places a heavy emphasis on bringing non-veterans from the technology industry into its community for the invaluable mentorship and experience they bring to the table.

For the Boston chapter, working with companies like Threat Stack to host events is a crucial element of that mission at the local level. Numerous leaders from Threat Stack across technical disciplines and departments, including Threat Stack CSO Sam Bisbee, spoke at the February event, joined by a common interest to establish lasting mentor relationships with the veteran attendees.

Following the event, Operation Code’s Boston chapter leader, Jack Robertson, reached out to Sam with a number of questions based on feedback from the attendees. While the following Q&A was designed specifically for veterans, it’s worth a read for anyone thinking about a career in technology. Read more “Operation Code and Sam Bisbee Talk About Getting Started in Security”

If You’re Not First, You’re Last: Risks of Delaying CCPA Compliance

All Things Compliance
7 Min Read

Introduction

— by Lindsey Ullian, Threat Stack Compliance Manager

After GDPR went into effect in May 2018, many companies reassessed their privacy program — implementing more transparency and giving more control of personal information to the consumer. Now, with the CCPA (California Consumer Privacy Act) coming into effect in January 2020, even more companies are buttoning up their data privacy programs. The CCPA is not a guideline — it’s an act, and all companies that fall within its scope must comply. If companies don’t abide by this regulation, they could be looking at fines of up to $7,500 for each intentional violation.

Since both acts are related to data privacy and aim to provide more control and transparency to the consumer, most companies’ first question is, “If I’m GDPR compliant, am I covered for the CCPA?” The following article by Kevin Kish, Privacy Technical Lead at Schellman & Company, will give you a clear picture as to what you may have covered and what you’re lacking within your privacy program — outlining the similarities and differences between the two regulations. And what about companies that haven’t implemented proper GDPR data procedures? Short answer — they’ve got a bigger road ahead. Fortunately, this article details clear steps you can take to comply with the CCPA.

It’s clear by the enactment of the CCPA, shortly after the GDPR, that data privacy regulations are not going to go away anytime soon, so as a top level best practice, companies should aim to be proactive and build a privacy program that aligns with these regulations and allows them to maintain strict CCPA compliance monitoring.

Read more “If You’re Not First, You’re Last: Risks of Delaying CCPA Compliance”

7 Cloud Service Evaluation Criteria to Help You Choose the Right Cloud Service Provider

AWS Security, Security Research & Strategy
5 Min Read

The lack of a common framework for assessing Cloud Service Providers (CSPs) combined with the fact that no two CSPs are the same can complicate the process of selecting one that’s right for your organization. Selecting CSPs becomes even more complex when you consider the fact that more and more companies are adopting a multi-cloud approach for a variety of reasons, including cost savings, reduced risk of vendor lock-in, and data portability. (Gartner estimates that 75% of organizations will be using a multi-cloud strategy by 2022.) Add in the adoption of abstraction technologies such as containers, and workloads become for more portable between CSPs. To help you work through this, we’re using this post to discuss seven basic criteria you can use to identify providers that best match your business, technical, and operational needs.

How do you choose a public cloud provider — or if you’re planning to go multi-cloud — cloud providers? Let’s start with the major players. Read more “7 Cloud Service Evaluation Criteria to Help You Choose the Right Cloud Service Provider”

Container Security Tips and Best Practices

Containers, Orchestration & Security
3 Min Read

Containers provide very important functionality: They package various software applications in “containers” to ensure that they are able to run correctly when moved from one computing environment to another.

The container model has all its dependencies packaged into virtual containers. A container not only contains an application but all supporting packages that are needed to run the application effectively. Thus, they provide flexibility, ease of use, and the ability to share resources. However, security is a primary concern when any new technology is pushed into production. Therefore, it is vital to focus on container security because poor security can put various applications and processes at risk for the entire enterprise. Threat Stack’s container security solutions monitor your containerized environments for risky and anomalous behavior and provide the visibility you need, no matter where your container strategy stands. You can deploy the Threat Stack agent on your host or even as a containerized agent to gain visibility into your containers. If you see risky behavior in a container, you’ll be able to follow the path of your attacker across your infrastructure.

Whether you’re using Docker or Docker with Kubernetes, security considerations must be paramount. Below, we discuss security tips and best practices that need to be incorporated for secure and safe utilization of containers. Read more “Container Security Tips and Best Practices”

How to Achieve Full Stack, Multi-Cloud Security Observability

Security Research & Strategy
6 Min Read

You probably know AWS as the leading cloud platform provider. These days, however, many companies are using additional cloud providers as well. According to Gartner’s October 2018 report “Market Insight: Multicloud Becomes Essential for Cloud IaaS Offerings,” 49% of organizations were approaching their cloud computing IaaS strategy through multi-cloud adoption in 2017, and that is expected to increase to 75% by 2022. Most often they’re not trading one for another, but are choosing multiple providers for a variety of reasons: Different business requirements (such as managing risk and costs) may be better suited to different cloud vendors. Many vendors are likewise pricing their offerings competitively and continually adding new features.

If you’ve decided to run a multi-cloud environment as part of your organization’s security strategy, you need to make sure you’re taking appropriate security precautions. This may be a challenge, so in this post, we’ll cover five principles to follow when you make the move to multi-cloud. Read more “How to Achieve Full Stack, Multi-Cloud Security Observability”