Raimund Genes in
Cloud-based Security, Securing the Cloud, Threats from the Cloud
Nov 30th, 2009 |
Recently I have been asked by many CISO’s, CSO’s and IT administrators–who have become very tired of the constant system patch battle and constant security software updates–whether new operating systems like Google Chrome could loosen Microsoft’s stronghold on the desktop OS and just maybe whether we could be safer 5 years from now.
Actually this is a difficult question. We in the IT industry will likely see more disruptive technologies 5 years from now. So the safest way to answer questions like the one above is to reflect on what’s going on at the moment.
Andy Dancer in
Cloud-based Security, Securing the Cloud, Virtualization
Nov 16th, 2009 |
At Trend Micro we are leading the way in security FROM the cloud with our Smart Protection Network by providing threat correlation in the cloud. That strategy, rubbished by some at the time, has since been proved out by the number of competitors now trying to imitate it and the recent real world test results from NSS labs.
We were also lucky enough to acquire Third Brigade, a Canada-based security firm, earlier this year and get our hands on their superb “Deep Security” threat protection for Virtual servers. More than just protection ahead of the patching cycle it offers excellent resource...
Raimund Genes in
Securing the Cloud, Threats from the Cloud
Nov 10th, 2009 |
The public cloud holds tremendous possibilities for goodness in lowering computing costs and increasing flexibility, but the dark side of the world is always ready to take advantage of cloud delivery models like Platform-as-a-Service (PaaS). Arbor Networks recently spotted a Google AppEngine Platform-as-a-Service application being used for Command and Control (CnC) for a botnet (here is a news article). Google promptly took down the application, but the event raises some interesting issues.
In the malware realm, this is nothing new and has been referred to previously as “Malware as a Service”. ...
Privacy, Compliance and Identity, Securing the Cloud, Virtualization
Nov 9th, 2009 |
Are you still a skeptic about cloud computing?
Do you remember when you refused to bank online because it couldn’t be safe? I do. In fact, I even remember working with one of the leading banks in Canada when the CIO declared that no employees should have access to the Internet—for any business reason, ever. He did not last long in his job.
Over the past 15 years our reliance on the Internet has steadily increased, encouraged by advancements in technology (including security), a culture of instant gratification and an obsession with efficiency. After a year of media frenzy, some of us are still...
Jon Oliver in
Securing the Cloud
Nov 2nd, 2009 |
Recently, there have been some high profile failures of cloud computing, including the Sidekick outage, the DDos attack on Amazon’s EC2 and disruption to Google’s hosted email. Following these debacles, some people have expressed scepticism about the cloud computing model. For example, a response to a CNET article was: “Putting all your beans in a single point of failure for users (in an enterprise or corporation) is suicide.”
Here I will consider a range of activities as “Cloud Computing” including SaaS, PaaS and IaaS. All three raise some concerns for companies. Companies that...