Privacy, Compliance and Identity, Secure Data Centers, Securing the Cloud, Virtualization
Jan 28th, 2010 |
Frank Gens of IDC says 2010 will be a transformational year for IT, driven in part by cloud computing. Although cloud computing is a hot topic, a lot of IT folks remain confused and unsure about a host of issues from vendor selection and control to security and compliance. We’ve tried to help by compiling a list of great resources to help you navigate these issues. If you find others that are worth sharing, please let us know.
There are several industry organizations and groups which help facilitate understanding of the cloud, provide best practices and enable standards:
The Cloud Security...
Securing the Cloud
Jan 21st, 2010 |
When news of the “Google hack” (also referred to as Aurora, Google Attacks, and Hydraq) break-in of gmail accounts first occurred, some observers thought the news could hurt cloud computing. As the story has evolved, it turns out that the attack was a straightforward endpoint exploit. I don’t want to diminish the significance of the attack, but want to clarify that this does not highlight any particular cloud security issue and is a standard endpoint security issue.
Trend Micro has published some nice, actionable information along with details of the Google attack. My colleagues at...
Justin Foster in
Securing the Cloud
Jan 5th, 2010 |
As new applications are developed based on the cloud model, developers are turning to Platform-as-a-Service (PaaS) to simplify application development and deployment. After all, babysitting the operating systems, data stores, messaging queues and application containers running below the application is complicated and costly. The promise of PaaS is the delivery of an application infrastructure, where the provider handles the care and feeding of the underlying stack.
Sounds great, until you consider how much control you are really giving up from a security perspective:
Visibility – In a PaaS...