Threat Stack Blog and Cloud Security News

Continuous security monitoring for your cloud.

How to Stay Secure on Slack

by Pete Cheslock , posted in Cloud Security, Shared Responsibility Model, Slack

How to Stay Secure on Slack Blog Banner.png

If you’re already on the Slack bandwagon, then you probably have experienced first-hand how it can make communications between teams far simpler and more streamlined. With 1.7 million daily active users, it’s clear Slack has come to dominate the team chat world, especially in tech and tech-savvy industries.

From a security perspective, Slack has done a solid job of keeping its assets on lock. In 2016, they scored Geoff Belknap from Palantir to become chief security officer. And they have been pretty transparent about their approach to security. They have dedicated a whole section of their website to it and published interviews with Belknap and others that delve into Slack’s precautions and philosophy around security. Belknap says, “My job is to worry. Professionally. So that our customers don’t have to.” We love that attitude!

The company has also gone to the trouble of certifying many of its products to meet stringent compliance regulations like FINRA, HIPAA, and SOC 2 and 3, which makes it a no-brainer for small teams and enterprises alike.

So, we feel that it’s perfectly possible for companies of all shapes and sizes to lean on Slack for team chat and ops without worrying too much about security. But, we also believe in the shared responsibility model when it comes to any form of online security. No one’s perfect, and Slack’s ubiquity and popularity mean that it will always be a target for cybercriminals looking to steal information.

There’s no need to run scared, but you do need to be smart about how you use this valuable tool. Here are our tips for running Slack securely at your organization.

Read More [fa icon=long-arrow-right"]

Feb 27, 2017 2:27:41 PM

[fa icon="comment"] 0 Comments

The Impact of the Cloud's Shared Responsibility Model on Compliance

by Anthony Alves , posted in HIPAA, Compliance, AWS, Shared Responsibility Model, Compliance in the Cloud, PCI DSS

TS16031_ThreatStack_ComplianceSeries_Part6_BlogImg.jpg

Amazon Web Services (AWS) has pioneered the Shared Responsibility Model in the cloud. Basically, this model outlines how cloud service providers and consumers of these cloud-based services should share responsibilities when it comes to ensuring security in the cloud. AWS and other cloud service providers (CSPs) are responsible for ensuring that cloud infrastructure is secure. Meanwhile, companies (those using the cloud services) are responsible for their data, networks, applications, and operating systems — anything they own that lives in the cloud.

Read More [fa icon=long-arrow-right"]

Sep 1, 2016 12:48:59 PM

[fa icon="comment"] 0 Comments

Dec 24, 2015 8:00:00 AM

[fa icon="comment"] 0 Comments

Trust the cloud, they said. It’ll be safe, they said.

by Brian Ahern , posted in Shared Responsibility Model, Cloud, CIA, Arlette Hart, Government, CSP, Government Security, FBI,


fe7511e153a6ded59caed7f6b08c6a2a.jpg

Speaking recently in a Google webcast, U.S. CIO Tony Scott declared major cloud providers like Google, Amazon or Microsoft just as secure as the world’s largest financial institutions. He even implied that there’s no safer place to store data than in the cloud.

Read More [fa icon=long-arrow-right"]

Nov 25, 2015 10:52:15 AM

[fa icon="comment"] 0 Comments

What All DevOps Teams Should Know About The AWS Shared Responsibility Model

by Sam Bisbee , posted in AWS Security, Security in the cloud, Shared Responsibility Model

 

Keeping your cloud workloads secure, compliant, and protected while moving at the speed of DevOps is no easy task. Our team at Threat Stack knows this truth very well. There are many different viewpoints on the best approach to take to keep your customer data and systems protected in the cloud, and it all starts with understanding where your cloud provider’s responsibility for security ends and where yours begins. Let’s use AWS as an example throughout this post as they have a Shared Responsibility Model that demonstrates this well.

Read More [fa icon=long-arrow-right"]

Jun 10, 2015 2:06:51 PM

[fa icon="comment"] 0 Comments

Subscribe via email:

Posts by Topic

see all