Amy Luby in
Cloud, Cloud-based Security, Consumerization of IT
Nov 13th, 2012 |
The benefits of the cloud have been proven for businesses of all sizes – every small business owner can save time and money while increasing their employees’ productivity by leveraging cloud technologies. Cloud technologies are faster to deploy, require minimal technical know how to manage, and cost less than on-premise technologies. These benefits let the small business owner focus on what’s most important: growing their business.
But data breaches, social security card theft, credit card number theft, and identity theft: we hear about these things every day. What does the small business...
Rik Ferguson in
Cloud, Cloud-based Security, Cyber crime, Malware, Securing the Cloud, Security, Smart Protection Network, Threats, Threats from the Cloud
May 31st, 2011 |
With the launch announcements of various Google Chrome netbooks, the focus of the press and security companies alike is beginning to take a closer look at the security promises made and also at some of the more ’media friendly‘ statements such as, “…users don’t have to deal with viruses, malware and security updates”.
Let’s have a look at some of the security features of Chrome OS:
1 – Get out of my playpen. Each process runs in its own sandbox. Effectively this means that if an application is malicious or compromised, it is unable to interact with or otherwise affect...
Dave Asprey in
Cloud, Cloud-based Security, Cyber crime, IaaS, Malware, PaaS, SaaS, Secure Data Centers, Securing the Cloud, Security, Smart Protection Network, Threats, Threats from the Cloud
Feb 6th, 2011 |
In a recent eWeek interview, Citrix CTO Simon Crosby described Conficker malware as “the world’s largest cloud.” He’s right. Cybercriminals use Conficker to create massive clouds of remotely-controlled PCs capable of carrying out a variety of cyber-attacks, including DDoS (Distributed Denial of Service) attacks on a scale larger than any centralized cloud provider could. We tend to think about data center-based clouds with names like Infrastructure-as-a-Service or Software-as-a-Service, but the future of really big clouds looks more like Conficker’s very powerful networks of distributed...
Justin Foster in
Secure Data Centers
May 20th, 2010 |
Java, and other languages, gave us platform independence long ago. Application writers could ignore the underlying operating system (to a large extent) and focus on the work at hand. While this reduced the need for OS and architecture-specific code, the underlying operating system still required a lot of care and feeding.
Recently, Platform as a Service took over management of the underlying operating system and infrastructure, but early PaaS offerings required moving your application and data out to a service provider and risking lock-in.
Last month VMware announced a partnership with Salesforce.com...
Raimund Genes in
Cloud-based Security, Securing the Cloud, Threats from the Cloud
Nov 30th, 2009 |
Recently I have been asked by many CISO’s, CSO’s and IT administrators–who have become very tired of the constant system patch battle and constant security software updates–whether new operating systems like Google Chrome could loosen Microsoft’s stronghold on the desktop OS and just maybe whether we could be safer 5 years from now.
Actually this is a difficult question. We in the IT industry will likely see more disruptive technologies 5 years from now. So the safest way to answer questions like the one above is to reflect on what’s going on at the moment.
Raimund Genes in
Securing the Cloud, Threats from the Cloud
Nov 10th, 2009 |
The public cloud holds tremendous possibilities for goodness in lowering computing costs and increasing flexibility, but the dark side of the world is always ready to take advantage of cloud delivery models like Platform-as-a-Service (PaaS). Arbor Networks recently spotted a Google AppEngine Platform-as-a-Service application being used for Command and Control (CnC) for a botnet (here is a news article). Google promptly took down the application, but the event raises some interesting issues.
In the malware realm, this is nothing new and has been referred to previously as “Malware as a Service”. ...
Andy Dancer in
Oct 6th, 2009 |
Every day brings more headlines about social networking, cloud computing and Software as a Service (SaaS). Each of these fast growth areas shares an important element in common – they rely on a movement of data from private computers into the public cloud. The theory goes that this data is protected by the service provider who is an expert in their field. But in very few cases is that field data security, and there are important implications that should be considered.
Security Researches call for Google and others to use SSL to protect all of the interactions with their services. I agree...
Securing the Cloud
Oct 2nd, 2009 |
The US Federal Government recently announced its apps.gov portal for applications. This CNet News article provides a summary of what was announced by Federal CIO Vivek Kundra. apps.gov is a nice storefront featuring productivity applications to be used on non-sensitive data, and as such this announcement did not make big waves in the security community. These are some of the baby steps necessary before the Feds can consider moving more sensitive applications into the cloud.
While the US Government is talking cloud computing, it is effectively driving towards a private cloud so that they...