Cisco Cloud Web Security or CWS as its known is a cloud based security offering from Cisco. CWS provides comprehensive defense, advanced threat protection and superior flexibility for organizations small and large. To enforce security, Internet traffic is redirected from the branch office location using either an existing Cisco infrastructure, such as the venerable Cisco ASA or multifunctional ISR series router. Alternatively, a host side proxy or agent software can also be deployed. CWS can even be bundled with the widely popular Cisco AnyConnect VPN software, making the “cloud attach” security deployment simple and flexible.

These are the Top 10 questions you should ask your IT department or IT Managed Services provider when you are considering Office 365 and the cloud for your business.

As a customer of Office 365, you own and control your own data. Microsoft does not use your data for anything other than providing you with the service that you have subscribed for. Microsoft does not scan your email or documents for advertising purposes. 

The following table explains how Microsoft uses your Office 365 Data:

BY UDEMY.COM

The nationally publicized security disaster of April 2014 known as the "Heartbleed" bug has certainly drawn attention to the developing need to prioritize security when dealing with information systems. A single, flawed line of code written into an extension of the widely used web encryption software called OpenSSL granted access to stored private and personal data to those who sought to illegally obtain it. While the software was built to maintain periodic open connections between servers in order to regulate operation, the mentioned line of code inadvertently allowed 64 kilobytes of information to be accessed by a web attacker when an open connection was established. Furthermore, given that the process was periodic, an individual extracting information illegally could accumulate valuable data over time by continuously exploiting each open connection. As a consequence, hackers were able to acquire usernames, passwords, credit card information, and each server’s private digital key, which made classified internal documents available to unauthorized parties. Although this vulnerability was ultimately patched, the event made an example of the problems that arise when software is not monitored for exploitable weaknesses.