Trend Cloud Security Blog – Cloud Computing Experts

Security is not the only barrier to cloud adoption

Posted by Jonathan Gershater in Cloud Nov 30th, 2012 | No Comments
In his 90 minute keynote address at the AWS re:Invent conference, Andy Jassy quite unabashedly gave these reasons for using AWS versus a private cloud, (at the 32 minute mark) :   So public cloud adoption should be a no-brainer, right? Oh wait, but Andy omitted security in the public cloud – how can I trust that my customers’ sensitive data is secure in the public cloud? Been there, heard that before. I agree, the message wears thin that enterprise businesses are apprehensive to store sensitive customer data in the public cloud, and thus hesitant to adopt the cloud at all. (By... read more

Security in the cloud is a shared responsibility

Posted by Jonathan Gershater in Cloud, Deep Security Nov 28th, 2012 | 2 Comments
When you host applications in the public cloud, you assume partial responsibility for securing the application. The cloud provider, for example Amazon Web Services (AWS), secures the physical data center (with locked badge entry doors, fences, guards, etc.) in addition to securing the physical network with perimeter firewalls. This is no significant change from how you secure your corporate datacenter. Just like you enhance the security of physical and virtual servers in your datacenter with host-based firewalls (ip tables, Windows firewall), anti-virus and intrusion detection, so you must protect... read more

Spear Phishing and Advanced Targeted Attacks

Posted by Erica Benton in Cyber crime, Security Nov 28th, 2012 | 2 Comments
As the saying goes, everything old is new again. Spear phishing may be a timeworn technique, but it continues to be effective even in today’s Web 2.0 landscape. In modern hacking, the practice is finding resurgence as an infiltration method for advanced targeted attacks. Recent research shows that spear phishing is now the #1 method of introducing APTs to corporate and government environments. A whopping 91% of advanced targeted attacks reviewed arrive via spear phished emails. In Spear Phishing Email: Most Favored APT Attack Bait, this new report digs into the use of spear phishing to introduce... read more

The Pirate Bay: First Ever Working Redundant Array of Inexpensive Clouds?

Posted by Dave Asprey in Ambient Cloud, DataCenter, public cloud Nov 27th, 2012 | No Comments
It’s really interesting to see that the Pirate Bay just found a new reason to get rid of its physical servers in exchange for moving to the cloud. Sure, lots of companies have made the move from physical servers to virtual servers to cloud, but it’s ironic that The Pirate Bay is inadvertently leading the charge towards more resilient cloud computing. The new architecture of The Pirate Bay is a highly variable cloud environment that looks more like an ambient cloud, or at least a distributed cloud, than a centralized cloud. The history of the cloud has taught us that things on the fringe... read more

The Top Eight Most Annoying Cloud Marketing Mistakes

Posted by Dave Asprey in Cloud Nov 22nd, 2012 | 1 Comment
Here is a carefully assembled list of the most common – and annoying – marketing mistakes made by cloud (or non-cloud) companies. 1) Cloudwashing – treat all cloud stuff the same. Do you mean PaaS, SaaS, IaaS, or private cloud…. or just virtualization? Or maybe your kid’s aquarium service that has a web page with online ordering is actually “cloud aquarium management.” I think not. 2) Forget that enterprises own clouds too. Repeat after me: Public cloud is not the only kind of cloud. Private cloud is real. 3) Say the cloud isn’t secure. Uh, which cloud? The private one... read more

How much can inefficient patching really cost you? Just ask the Aberdeen Group

Posted by Erica Benton in Cloud, Virtualization Nov 13th, 2012 | No Comments
Patching costs a ton, regardless of whether you measure the costs in terms of time, lost productivity, or hard costs. Even worse is the cost of bad patching (or god forbid) not patching at all. But all of this money that you spend or even risk more or less represents budget that you could be using for more strategic projects. In a recent report, the Aberdeen Group outlines the real costs of not paying enough attention to patching. But the good news is that they go on to recommend strategies for taking control of patching to avoid all kinds of negative impact. Saving money is good, right? Or, according... read more

5 Cloud Computing Myths (and Truths!) for Small Businesses

Posted by Amy Luby in Cloud, Cloud-based Security, Consumerization of IT Nov 13th, 2012 | 3 Comments
The benefits of the cloud have been proven for businesses of all sizes – every small business owner can save time and money while increasing their employees’ productivity by leveraging cloud technologies. Cloud technologies are faster to deploy, require minimal technical know how to manage, and cost less than on-premise technologies.  These benefits let the small business owner focus on what’s most important: growing their business. But data breaches, social security card theft, credit card number theft, and identity theft: we hear about these things every day.  What does the small business... read more

Securing Your Virtual Infrastructure [Infographic]

Posted by Erica Benton in Cloud, Cloud-based Security Nov 12th, 2012 | 1 Comment
Virtualization and transitioning to the cloud create new challenges for organizations in order to secure the data centers unique to these environments. A recent survey, conducted by IDG Research Services, showed that IT professionals are concerned about deploying traditional security products in virtualized data centers for a variety of reasons: Want detail on the full results? Read the whitepaper here. What are your biggest concerns about transitioning to the cloud? Let us know in the comments below. Share/Bookmark read more

The Knight Fork: Defining Cyber Defense in 2013

Posted by Erica Benton in Cloud, Cyber crime Nov 5th, 2012 | No Comments
“A knight’s fork: an attack by one chess piece (as a knight) on two pieces simultaneously.” - Merriam-Webster Dictionary When was the last time you played chess? If you are responsible for Cybersecurity you are unwittingly playing it every day. Tom Kellerman uses this ancient sport to look at the strategies and tactics of modern hackers in his latest paper ”The Knight Fork: Defining Defense in 2013.” In it, he reviews the innovation and evolution of Advanced Persistent Threats, and recommends tactics for developing a custom defense against targeted attacks — a “cyber... read more

Cloudy Times: #Sandy and Social Media Security Caveats

Posted by JD Sherry in Cloud Nov 1st, 2012 | No Comments
It was almost surreal watching the events of Hurricane (and then Superstorm) #Sandy unfold as it steamrolled its way through the Caribbean and up the eastern seaboard. Even with all of our capabilities and advancements in technology, we still can’t impede Mother Nature when she decides to humble us with her power. We can and do leverage our technology to help us better prepare for disasters and ultimately deal with them after they strike. We did not have this capability for 9/11 or Hurricane Katrina. Social media significantly increases our situational awareness regarding horrific natural disasters... read more

« Previous Entries