Trend Cloud Security Blog – Cloud Computing Experts
Currently Browsing: Cloud
Why It’s Time to Manage Your Networking and Security from the Cloud
Posted by Dave Asprey in Cloud Apr 30th, 2013 | No Comments If you still believe that your systems management consoles should be running on servers in your data center, you’re definitely from the pre-cloud era. Even if you believe your systems management and security consoles should be running on infrastructure as a service instances you control, you’re also out of date. The evidence is in, and your control systems should absolutely reside in the cloud, even if the systems they control are not in the cloud. Cisco’s recent acquisitions are a reminder, and so is this week’s launch of Trend Micro’s new Deep Security as a Service that secures AWS... 5 Questions to Ask Your Security Vendor about AWS
Posted by Justin Foster in Cloud Apr 30th, 2013 | No Comments Over the past weeks we have been reviewing the top 10 tips for securing instances running on Amazon Web Services. We walked through the critical controls as part of the AWS shared security model. As noted in these tips, host-based security capabilities such as intrusion detection and prevention, anti-malware, and integrity monitoring are critical for protecting your applications and data. While some of these recommended tips involve configuring and tuning AWS itself, some require the use of third-party tools. So when looking for candidates for securing your cloud projects, here are five questions... AWS OpsWorks: Targeting PaaS with Chef?
Posted by Dave Asprey in Cloud Apr 29th, 2013 | No Comments Amazon Web Services did it again. Its new service, OpsWorks, is an application management service with the ability to manage applications of any scale or complexity in the AWS cloud. This integrated system manages resource provisioning, configuration management, application deployment, software updates, and monitoring and access control. The service is another offering from the leader in cloud computing poised to disrupt a market, in this case, Platform as a Service (PaaS). OpsWorks will compete directly with PaaS mainstays Heroku, Engine Yard and AppFog. Given the speculation that AWS is working... Top 10 AWS Security Tips: #10 Penetration Testing
Posted by Mark Nunnikhoven in Cloud Apr 17th, 2013 | No Comments In last week’s post, we gave a high level overview of vulnerability assessments. This type of assessment results in a prioritized list of vulnerabilities in your deployment. It’s an excellent first step in knowing the state of your deployment. The next step you should take is to conduct a penetration test. The Test A penetration test (or simply, pentest) is an active test of your defenses. You’re hiring a trusted 3rd party to attack your deployment in order to find exploitable vulnerabilities. The theory is that it’s better to have someone working with you do this before... Why are you scared of the cloud?
Posted by Ryan Delany in Cloud Apr 15th, 2013 | 1 Comment As a Product Marketing Manager for Trend Micro™ Worry-Free™ Business Security Services, I hear a lot of objections about the product, and in particular, a lot of cloud-related fears. Some examples of things I hear from customers and partners are: “I wouldn’t be secure if my Internet connection went down.” “I don’t want to put all my data in the cloud.” “I don’t want to waste all my bandwidth, uploading everything to the cloud to be scanned.” The cloud is becoming better understood by the average person these days, thanks to companies like Google, Apple, Netflix, and other... Top 10 AWS Security Tips: #9 Conduct Vulnerability Assessments
Posted by Justin Foster in Cloud Apr 10th, 2013 | No Comments In this series, Mark and I have talked about hardening your AWS resources (both inside and outside of your instances) and preforming ongoing monitoring. The last two tips are around measuring your overall security so that you can understand your risks and measure your progress. It may be an old adage but it still rings true… You can’t manage what you can’t measure. You may have layer upon layer of defense, but unless you conduct a vulnerability assessment you don’t really know where you stand. Assess Your IaaS Conducting a vulnerability assessment includes identifying and prioritizing vulnerabilities... 5 More Questions to Ask Your RMM Vendor about Integrated Security Solutions
Posted by Ryan Delany in Cloud Apr 8th, 2013 | No Comments Remote management module (RMM) vendors frequently offer an integrated security solution with their core product. But how does the security featured in these integrated products compare? In a previous blog, I wrote about the five questions to ask your RMM vendor about integrated security offerings. Now, here are five more questions to make sure you know what’s covered and what isn’t in these solutions. What is the process for acquiring licenses for an integrated security solution? Sometimes you are required to make significant up-front purchases of security solution licenses in order to get... Software Defined Software: The History of “Software Defined”
Posted by Dave Asprey in Cloud Apr 4th, 2013 | No Comments “Software defined” is the latest buzzword in IT and cloud. Some people hate it because marketers are jumping on ”software defined” almost as fast as they jumped on the word “cloud” years before they had real cloud products. Cloudwashing was a real phenomenon, and it was easy to say. “Software Defined Washing” just doesn’t roll off the tongue the same way, and it implies IP-enabled virtual laundry. Here is an explanation of why you should embrace the term (I like it even more than cloud) and a view what we called it before “software defined” became in vogue. In vogue it is.... Top 10 AWS Security Tips: #8 Encrypt Sensitive Data
Posted by Mark Nunnikhoven in Cloud Apr 3rd, 2013 | No Comments Last week, we tackled the basics of monitoring your AWS deployment. This week we’re going to shift gears and take a look at encryption. Data Drives Your Business Your business runs on data and information. One of the biggest concerns about moving to the public cloud is the safety of that data. With a little due diligence, you can put those concerns to bed. There are three key steps to protections your data in the cloud: Identify and classify your data Protect your data at rest Protect your data in motion Identify & Classify You can’t take steps to protect your data until you... 5 Questions to Ask Your RMM Vendor about Integrated Security Solutions
Posted by Ryan Delany in Cloud Mar 29th, 2013 | No Comments Remote management and monitoring (RMM) vendors often offer an integrated security solution with their core product. But how does the security offered by these integrated options compare? Below are the questions to ask your RMM vendor to make sure you get the full picture of the security being offered. 1. Is the security solution included with the RMM platform really free? RMM vendors and security solution vendors are for-profit businesses and are not going to make money by giving something away for free. While the security solution may be advertised as free, the most likely scenario is that the... 
Subscribe
