Ryan Delany in
Apr 15th, 2013 |
As a Product Marketing Manager for Trend Micro™ Worry-Free™ Business Security Services, I hear a lot of objections about the product, and in particular, a lot of cloud-related fears. Some examples of things I hear from customers and partners are:
“I wouldn’t be secure if my Internet connection went down.”
“I don’t want to put all my data in the cloud.”
“I don’t want to waste all my bandwidth, uploading everything to the cloud to be scanned.”
The cloud is becoming better understood by the average person these days, thanks to companies like Google, Apple, Netflix, and other...
Eva Chen in
Sep 7th, 2012 |
Like many of you, I saw today’s news of Google’s announced acquisition of VirusTotal. I had some thoughts that I wanted to share about this.
Quite simply, I think this is excellent news for Trend Micro, for the industry and everyone.
Why is that, you might ask?
First, Google is definitely not trying to make money from stand-alone security. Google acquired Postini, an email security company, for $625 million in 2007, but they recently announced that they will be retiring Postini, and will instead be offering its security and archiving features in some of their Google Apps products...
Patrick Wheeler in
Cloud, Cloud-based Security, Consumerization of IT, hybrid-cloud, Privacy, Compliance and Identity, private cloud, public cloud, SaaS, Securing the Cloud, Security, Threats, Virtualization
Jun 20th, 2011 |
For all its hype iCloud does not represent a fundamentally new problem. Employees are already bringing personal devices to work and wanting to use them in their jobs, and these unmanaged devices are mixing personal and corporate data on a system that is outside the control of the security and IT teams. There are already many apps and cloud-based services for sharing data between users and between devices (such as Dropbox), and these services are giving security pros fits. What is new is that iCloud will make these things happen automatically, and potentially without the intent or even awareness...
Rik Ferguson in
Cloud, Cloud-based Security, Cyber crime, Malware, Securing the Cloud, Security, Smart Protection Network, Threats, Threats from the Cloud
May 31st, 2011 |
With the launch announcements of various Google Chrome netbooks, the focus of the press and security companies alike is beginning to take a closer look at the security promises made and also at some of the more ’media friendly‘ statements such as, “…users don’t have to deal with viruses, malware and security updates”.
Let’s have a look at some of the security features of Chrome OS:
1 – Get out of my playpen. Each process runs in its own sandbox. Effectively this means that if an application is malicious or compromised, it is unable to interact with or otherwise affect...
Dave Asprey in
Cloud, Cloud-based Security, Cyber crime, IaaS, PaaS, public cloud, SaaS, Securing the Cloud, Security, Smart Protection Network, Threats, Threats from the Cloud, Virtualization
Apr 7th, 2011 |
For years now, if you knew where to shop on the shady side of the Internet cloud, you could pick up a botnet for cheap. But it was so much work to log in to IRC and pay with egold that a busy cybercriminal just couldn’t be bothered.
That’s not a problem anymore, thanks to Robopak. Applying the latest cloud provisioning and marketing analytics technologies, they’ve created an entirely new type of cloud service, Exploits as a Service, or EaaS. Robopak’s EaaS lets you pay as little as $30 per day to access Java, PDF, and IE exploits and roll them out to build your cybercrime...
Bharath Chandrasekhar in
Cloud, IaaS, PaaS, SaaS, Secure Data Centers, Securing the Cloud, Virtualization
Feb 28th, 2011 |
One of the delivery models of Cloud Computing is Platform-as-a-Service. In its true definition, a PaaS provider takes care of the underlying infrastructure including the VMs, OS patches, elasticity, auto-scaling, firewalling, etc and provides an API — and a language runtime — to which the programmer should write the code. The users of PaaS have no control over the underlying infrastructure, i.e. there is nothing “open” about it. The most prominent PaaS offerings are Force.com from Salesforce (Apex), Google App Engine (Python and Java), and Microsoft Azure (.NET). It is obvious...
Justin Foster in
Cloud, Cloud-based Security, IaaS, PaaS, Secure Data Centers, Securing the Cloud, Security, Smart Protection Network, Threats, Threats from the Cloud, Virtualization
Feb 14th, 2011 |
A year ago we posted a compendium of Cloud and Cloud Security resources. This posting has been consistently among the top hits to the Cloud Security Blog proving that, when it comes to Cloud the one thing we all need is clarity!
Two of the most useful resources for Cloud 101 make up the common body of knowledge for the CCSK certification:
Cloud Security Alliance: Security Guidance for Critical Areas of Focus in Cloud Computing
European Network and Information Security Agency: Cloud Computing Risk Assessment
Once you have the basics down, there are several industry organizations and groups which...
Dave Asprey in
Cloud, Cloud-based Security, Cyber crime, IaaS, Malware, PaaS, SaaS, Secure Data Centers, Securing the Cloud, Security, Smart Protection Network, Threats, Threats from the Cloud
Feb 6th, 2011 |
In a recent eWeek interview, Citrix CTO Simon Crosby described Conficker malware as “the world’s largest cloud.” He’s right. Cybercriminals use Conficker to create massive clouds of remotely-controlled PCs capable of carrying out a variety of cyber-attacks, including DDoS (Distributed Denial of Service) attacks on a scale larger than any centralized cloud provider could. We tend to think about data center-based clouds with names like Infrastructure-as-a-Service or Software-as-a-Service, but the future of really big clouds looks more like Conficker’s very powerful networks of distributed...
Dave Asprey in
Cloud, IaaS, PaaS, SaaS, Virtualization
Jan 4th, 2011 |
I’m a huge fan of VMware, even though I spent some time competing with them when I ran strategic planning for the Citrix virtualization business (pre-Xen). I even tried to build a cloud with VMware in 2002, when it wasn’t yet server-grade for data center operations. It’s a killer company with great virtualization software, and it’s done an incredible and outstanding job holding its own against industry giants like Microsoft, and pivoting from hypervisor vendor to cloud infrastructure vendor.
That said, I have to wonder why, in this CNET interview, Chris Knowles, VMware’s...
Dave Asprey in
Cloud-based Security, Cyber crime, Malware, Security, Threats, Threats from the Cloud, Uncategorized
Dec 14th, 2010 |
(Ed. note: While the following does not strictly deal with “cloud security,” we thought it was of such a degree of importance to post it here.)
Today’s disclosure by Google and Microsoft that they were tricked into serving malware highlights an inherent conflict of interest between advertising-based businesses and the security needs of their customers. Ad networks like Google and MSN get paid when they sell ads, so they naturally focus on being the best at selling ads. Because these ad networks don’t get paid to keep people’s computers secure, they spend just enough on security...