11:11 Systems Director of Cloud Market Intelligence Brian Knudtson is joined by guests Nathan Bennett, Andrew Green, and Jason Collier for a conversation about cloud based applications and their new needs for security. While observability is always key, we need to take further consideration into things like Zero Trust Network Access (ZTNA) and other authorization matters. And no application conversation can end without talking about the special considerations for APIs.
[03:42] How should a customer go about auditing the security of their on-premises and cloud based applications?
[10:42] Are there any best practices around the authorization and access that should be secured with cloud-based applications specifically?
[19:30] What should customers be looking for when it comes to securing APIs, and what they should do in order to protect themselves on any security that they need for a public API that they use?
[08:23] “They tell you as you’re writing the code whether it’s the adequate or proper way of doing it, or the code that you’ve written is actually vulnerable through known threats.” — Andrew Green
[08:57] “Having the ability to put your application into a registry and then put against known vulnerabilities, that’s extremely important.” — Nathan Bennett
[12:25] “The one thing you definitely need to focus on, and you need to invest resources, is in application and authorization.” — Andrew Green
[13:41] “Zero trust network access says that every time when a user requests access to a resource they need to re-authenticate.” — Andrew Green
[13:57] “Poor, non-existent authentication/authorization is like a major issue with a lot of publicly available APIs out there.” — Jason Collier
[19:47] “API security, you know, it shouldn’t be an afterthought.” — Jason Collier
[19:59] “Whether you’ve got dozens or hundreds of publicly available APIs, you really need to basically kind of inventory and manage what those are. Keep track of them and then keep track of those security vectors.” — Jason Collier
[26:20] “Whoever is running it needs to be able to write it in a way that is secure and has to have the toolsets to write the code in a secure way.” — Nathan Bennett
[27:48] “ It’s kind of like, again, an onion, there’s so many different facets around this that just lead to a lot of different security teams, security products and solutions that are out there that can really make your job to secure things easier.” — Nathan Bennett
[29:21] “That’s an important thing to keep in mind, is the user experience, because it’s pretty easy to ruin the user experience, while it’s tough to make it exceptional.” — Brian Knudtson
Protect your data wherever it lives.
Internal and external threats to data are on the rise. This is why smart organizations are deploying “defense in depth” strategies to ensure quick recovery of data. 11:11 Cloud Backup provides integrated, secure, and cost-effective protection for your on-premises and cloud data — including Microsoft 365 data — to ensure you are back online following a data loss event.
With multiple layers of defense including security, cloud backup, and air-gapped Insider Protection, 11:11 Cloud Backup can help customers remove single points of failure to minimize the time and business impact of data loss.