Christine Drake in
Cloud, Cloud-based Security, SaaS, Security, Smart Protection Network, Threats
Jan 19th, 2012 |
When people talk about cloud security it can mean either 1) security for the cloud—security that protects your cloud initiatives, like protection for virtual machines or data stored in the cloud; or 2) security from the cloud such as Security as a Service that uses the cloud to deliver some aspect of protection, like hosted email or web security. Here, I’d like to focus on security from the cloud that’s delivered in a hybrid model—a cloud-client architecture.
Using the cloud for security can deliver faster threat protection and better security. Traditional security has relied on signature...
Dave Asprey in
Cloud, Cloud-based Security, Cyber crime, Deep Security, hybrid-cloud, IaaS, Malware, Privacy, Compliance and Identity, private cloud, public cloud, Secure Data Centers, Securing the Cloud, Security, Smart Protection Network, Threats from the Cloud, Virtualization
Jun 5th, 2011 |
For the last few months, we’ve been conducting a cloud, virtualization, and VDI security survey of 1200 IT professionals from larger companies in 6 countries around the world. Not only did I get to help shape the questions on the survey, I’ve also been on the team interpreting the results.
We’ve learned more than a few things we actually were not expecting to learn. Here is a collection of the most interesting top findings about the state of cloud and virtualization security. I’ll be blogging about some of them in more detail over the next few weeks, but in the meantime, here is the big...
Dave Asprey in
Citrix, Cloud, Cloud-based Security, cloudbursting, Deep Security, hybrid-cloud, IaaS, PaaS, private cloud, public cloud, SaaS, Securing the Cloud, Security, Smart Protection Network, Virtualization, VMware
May 25th, 2011 |
Today at Synergy, Citrix announced “Project Olympus,” effectively making open source clouds a more viable option for enterprises. In the past, it was cloud providers like Rackspace who tended to focus on open source cloud infrastructure, while enterprises tended to make more conservative choices where support contracts were available.
The new support from Citrix, along with about 60 other supporting commercial hardware and software vendors, should go a long way towards helping enterprises see OpenStack as an enterprise-grade choice of cloud infrastructure. Enterprises can now get a Citrix-certified...
Greg Boyle in
Cloud, Cloud-based Security, Cyber crime, Malware, public cloud, SaaS, Securing the Cloud, Security, Threats, Virtualization
May 23rd, 2011 |
I recently had an interesting chat with the operator of our snack vending machine while making a coffee in the kitchen. She was restocking our machine and had her iPad sitting on the table. In their 2 person company they now have 2 iPads and a PC. They do their inventory control and tracking while onsite at customer premises via the iPad. Then they sync it with their PC and, using an online storage solution they transfer it to the cloud; this then syncs with their online accounting package. Her reason was very, very simple: she wants to reduce the amount of time they spend on bookkeeping and back-office...
Dave Asprey in
Cloud, Cloud-based Security, public cloud, Securing the Cloud, Security, Threats from the Cloud, Virtualization
Mar 23rd, 2011 |
Surveys indicate that security is the number 1 challenge about the cloud. Using encrypted, self-defending hosts mitigates many security-in-the-cloud issues. Dave Asprey, VP-Cloud Security for Trend Micro, presented to the SD Forum these 16 valuable points of advice regarding data privacy in the cloud.
PLEASE CLICK ON THE “READ MORE” BUTTON TO ADVANCE DIRECTLY TO THE PRESENTATION.
Encryption in the Public Cloud: 16 Bits of Advice for Security Techniques
Justin Foster in
Cloud, Cloud-based Security, IaaS, PaaS, Secure Data Centers, Securing the Cloud, Security, Smart Protection Network, Threats, Threats from the Cloud, Virtualization
Feb 14th, 2011 |
A year ago we posted a compendium of Cloud and Cloud Security resources. This posting has been consistently among the top hits to the Cloud Security Blog proving that, when it comes to Cloud the one thing we all need is clarity!
Two of the most useful resources for Cloud 101 make up the common body of knowledge for the CCSK certification:
Cloud Security Alliance: Security Guidance for Critical Areas of Focus in Cloud Computing
European Network and Information Security Agency: Cloud Computing Risk Assessment
Once you have the basics down, there are several industry organizations and groups which...
Jon Oliver in
Cloud, Cloud-based Security, Cyber crime, Malware, Securing the Cloud, Security, Smart Protection Network, Threats, Threats from the Cloud
Jan 17th, 2011 |
Today’s threat landscape has required security vendors to change their approach to protecting customer data. TrendLabs℠, Trend Micro’s threat research arm, states there are now 3.5 new threats released every second by cybercriminals. Traditional approaches to security just cannot keep up with this. Those traditional processes looked like this:
Customers would submit a suspicious file to their security vendor for analysis
The security vendor would analyze and confirm it as malicious
A signature would be created to identify that file as suspicious
The signature file would be published...
Dave Asprey in
Cloud-based Security, Privacy, Compliance and Identity, Secure Data Centers, Securing the Cloud, Threats from the Cloud
Dec 6th, 2010 |
The cloud is putting so much pressure on the old device-centric security model that it’s forcing a change to an identity-centric security model, where it matters far more who a person is than what device or network they are using. In a single day, one person might access cloud applications from his iPhone, home, main office, and Peet’s Coffee, and he may use his home PC, his work laptop, his phone, or even his Xbox. Trying to identify and secure what that person does based only on a device IP address or network address is simply a lost cause. But it gets worse because the same person may...
Dan Crowe in
Cloud-based Security, Secure Data Centers, Securing the Cloud, Virtualization
Oct 28th, 2010 |
We have all borne witness to the cloud promise by now. Cloud vendors offer instant and autonomic access to compute resources, deliver economic efficiencies, streamlining of business process and persistent, highly-available storage. I’m quite sure most of us have also read of the security challenges lurking behind this promise. As the physical boundaries of your data center disappear, the multi-tenant nature of the cloud introduces a seemingly murky environment of unknown neighbors and data privacy should be on the forefront of every security administrator’s mind. Looking deeper, I feel that...
Dave Asprey in
Cloud-based Security, Secure Data Centers, Securing the Cloud, Threats from the Cloud, Virtualization
Sep 8th, 2010 |
In this 30-second video, Todd Thiemann, Sr. Director, Data Protection Marketing, talks about all the buzz around the Trend Micro SecureCloud public beta at the VMWorld Conference in San Francisco, Aug. 31-Sept. 2, 2010. Click “Read More” button for the link to the short video.
click to view Trend Micro SecureCloud public beta :30 video