Posted by
Dave Asprey in
Cloud
Apr 30th, 2013 |
No Comments
If you still believe that your systems management consoles should be running on servers in your data center, you’re definitely from the pre-cloud era. Even if you believe your systems management and security consoles should be running on infrastructure as a service instances you control, you’re also out of date.
The evidence is in, and your control systems should absolutely reside in the cloud, even if the systems they control are not in the cloud. Cisco’s recent acquisitions are a reminder, and so is this week’s launch of Trend Micro’s new Deep Security as a Service that secures AWS...
Posted by
Ryan Delany in
Cloud
Apr 15th, 2013 |
1 Comment
As a Product Marketing Manager for Trend Micro™ Worry-Free™ Business Security Services, I hear a lot of objections about the product, and in particular, a lot of cloud-related fears. Some examples of things I hear from customers and partners are:
“I wouldn’t be secure if my Internet connection went down.”
“I don’t want to put all my data in the cloud.”
“I don’t want to waste all my bandwidth, uploading everything to the cloud to be scanned.”
The cloud is becoming better understood by the average person these days, thanks to companies like Google, Apple, Netflix, and other...
Posted by
Mark Nunnikhoven in
Cloud
Mar 20th, 2013 |
No Comments
So far in this series, Justin and I have provided tips for securing the foundations of your AWS deployment. Taken together, these tips work to reduce the overall attack surface—the area exposed to the outside world—of your application. Now it’s time to add the next layer of controls to you application, starting with a host-based intrusion prevention system or IPS.
Why IPS?
At this point we’ve already disabled unused services on our instances and have blocked any unnecessary inbound ports using our firewalls. This is a fantastic start but it really only reduces the area we present...
Posted by
Dave Asprey in
Cloud
Mar 14th, 2013 |
No Comments
Recently I was honored to give a keynote about the future of cloud security at the Cloud Security Alliance Summit at RSA 2013 .
This video is worth your time to watch. It covers a brief history of cloud security, where it is headed, and who it will impact. The bottom line is that no matter where your data sits, you are ultimately responsible for its security. That has important implications for where your security console should sit, and it will drive the behavior of the security software industry and cloud service providers. The truth of the matter is that the security industry relies on clog...
Posted by
Mark Nunnikhoven in
Cloud
Mar 6th, 2013 |
No Comments
Last week, Justin covered some of the high level issues around AMI development. This week, we’re going to take a look at how to protect the guest operating system running on your EC2 and VPC instances.
AWS Recommendations
AWS had published quite a few papers around their services. AWS Security Best Practices [PDF] and AWS Risk and Compliance [PDF] stand out as excellent security resources. In the best practices paper, under the section “Secure your Application” (pg. 4), they make a few recommendations which boil down to:
patch ASAP
use recommended secure settings for operating...
Posted by
Jonathan Gershater in
Cloud
Feb 21st, 2013 |
No Comments
People who drive recklessly to the airport, at a high rate of speed while clutching a cellphone to their ear, only to then board the plane and pray it does not crash, often bewilder me. Don’t they realize they bear some responsibility for arriving safely at their destination?
Trend Micro’s webinar on the new PCI DSS Cloud Computing guidelines is a reminder that while the cloud represents an enormous opportunity for offloading the data center burden; your security responsibility doesn’t necessarily follow. (Miss this popular webinar with Amazon and Accuvant? Click here to watch the replay).
When...
Posted by
Erica Benton in
Cloud
Dec 3rd, 2012 |
3 Comments
Ready to join the conversation? We’re hosting a LIVE TweetChat on December 4, 2012, at 9am PST, to discuss new approaches to the cloud for businesses and how companies can prepare for the next generation of secure cloud computing.
Participants:
Dave Asprey, Vice President, Cloud Security at Trend Micro (@daveasprey)
Stephen Spector, Dell cloud evangelist (@SpectorAtDell)
Erica Benton (moderating as @TrendMicro)
and YOU!
How you can participate – and WIN!
Please use the hashtag #TrendChat on Twitter to send your questions to Dave and Stephen. We’ll be accepting questions...
Posted by
Jonathan Gershater in
Cloud, Deep Security
Nov 28th, 2012 |
2 Comments
When you host applications in the public cloud, you assume partial responsibility for securing the application. The cloud provider, for example Amazon Web Services (AWS), secures the physical data center (with locked badge entry doors, fences, guards, etc.) in addition to securing the physical network with perimeter firewalls. This is no significant change from how you secure your corporate datacenter.
Just like you enhance the security of physical and virtual servers in your datacenter with host-based firewalls (ip tables, Windows firewall), anti-virus and intrusion detection, so you must protect...
Posted by
Dave Asprey in
Cloud
Nov 22nd, 2012 |
1 Comment
Here is a carefully assembled list of the most common – and annoying – marketing mistakes made by cloud (or non-cloud) companies.
1) Cloudwashing – treat all cloud stuff the same.
Do you mean PaaS, SaaS, IaaS, or private cloud…. or just virtualization? Or maybe your kid’s aquarium service that has a web page with online ordering is actually “cloud aquarium management.” I think not.
2) Forget that enterprises own clouds too.
Repeat after me: Public cloud is not the only kind of cloud. Private cloud is real.
3) Say the cloud isn’t secure.
Uh, which cloud? The private one...
Posted by
Erica Benton in
Cloud, Virtualization
Nov 13th, 2012 |
No Comments
Patching costs a ton, regardless of whether you measure the costs in terms of time, lost productivity, or hard costs. Even worse is the cost of bad patching (or god forbid) not patching at all. But all of this money that you spend or even risk more or less represents budget that you could be using for more strategic projects. In a recent report, the Aberdeen Group outlines the real costs of not paying enough attention to patching. But the good news is that they go on to recommend strategies for taking control of patching to avoid all kinds of negative impact.
Saving money is good, right? Or, according...
