Posted by
Christine Drake in
Cloud, Cloud-based Security, Consumerization of IT, Secure Data Centers, Securing the Cloud, Security, Smart Protection Network, Threats, Threats from the Cloud, VMware
Oct 7th, 2011 |
1 Comment
Traditionally businesses have focused their IT security on perimeter defense—blocking threats before they enter the network. This protection is still important. But with today’s cloud computing, mobile devices, and advanced persistent threats (APTs), businesses need security that protects their data wherever it travels and in whatever type of device it resides, requiring new data-centric security.
Earlier this week, Trend Micro held its annual insight event for the analyst community and announced our new vision on data-centric security (see video clips of the event here and here). Back...
Posted by
Dave Asprey in
Cloud, Cloud-based Security, Cyber crime, Deep Security, hybrid-cloud, IaaS, Malware, Privacy, Compliance and Identity, private cloud, public cloud, Secure Data Centers, Securing the Cloud, Security, Smart Protection Network, Threats from the Cloud, Virtualization
Jun 5th, 2011 |
1 Comment
For the last few months, we’ve been conducting a cloud, virtualization, and VDI security survey of 1200 IT professionals from larger companies in 6 countries around the world. Not only did I get to help shape the questions on the survey, I’ve also been on the team interpreting the results.
We’ve learned more than a few things we actually were not expecting to learn. Here is a collection of the most interesting top findings about the state of cloud and virtualization security. I’ll be blogging about some of them in more detail over the next few weeks, but in the meantime, here is the big...
Posted by
Justin Foster in
Cloud, DataCenter, IaaS, PaaS, Secure Data Centers, Securing the Cloud, Virtualization
Apr 18th, 2011 |
1 Comment
Not long ago, we set out on a mission to perform a full scalability test on one of our products (Trend Micro Deep Security). After some quick, back-of-the-napkin calculations we discovered that we needed somewhere in the order of 35 Dell 710′s with virtualization to complete our test. Finding that many available servers is a tall order for any company, and buying that many servers for a month long test was completely out of the question (try asking your managers for 35 servers and see how pale they go!).
Naturally we turned to the cloud to help us out. Amazon Web Services (AWS) was a good...
Posted by
Justin Foster in
Cloud, Cloud-based Security, IaaS, PaaS, Secure Data Centers, Securing the Cloud, Security, Smart Protection Network, Threats, Threats from the Cloud, Virtualization
Feb 14th, 2011 |
1 Comment
A year ago we posted a compendium of Cloud and Cloud Security resources. This posting has been consistently among the top hits to the Cloud Security Blog proving that, when it comes to Cloud the one thing we all need is clarity!
Two of the most useful resources for Cloud 101 make up the common body of knowledge for the CCSK certification:
Cloud Security Alliance: Security Guidance for Critical Areas of Focus in Cloud Computing
European Network and Information Security Agency: Cloud Computing Risk Assessment
Once you have the basics down, there are several industry organizations and groups which...
Posted by
Dave Asprey in
Cloud, Cloud-based Security, Malware, Securing the Cloud, Security, Smart Protection Network, Virtualization
Feb 10th, 2011 |
Comments Off
Is Virtualization stupid? It forces guest VMs sharing a host to do the same things over and over, without sharing. It takes up countless hours of otherwise useful – and expensive – server time. Sure, it’s better to consolidate servers using virtualization than to leave them on separate hardware, but it’s still just plain wasteful when dozens of VMs on a single server suck CPU cycles to do the same things their neighbors are doing.
Why do we allow this? For security and flexibility reasons. The predecessor of desktop virtualization was the Citrix Presentation Server, which...
Posted by
Jon Oliver in
Cloud, Cloud-based Security, Cyber crime, Malware, Securing the Cloud, Security, Smart Protection Network, Threats, Threats from the Cloud
Jan 17th, 2011 |
2 Comments
Today’s threat landscape has required security vendors to change their approach to protecting customer data. TrendLabs℠, Trend Micro’s threat research arm, states there are now 3.5 new threats released every second by cybercriminals. Traditional approaches to security just cannot keep up with this. Those traditional processes looked like this:
Customers would submit a suspicious file to their security vendor for analysis
The security vendor would analyze and confirm it as malicious
A signature would be created to identify that file as suspicious
The signature file would be published...
Posted by
Dave Asprey in
Cloud, IaaS, PaaS, SaaS, Virtualization
Jan 4th, 2011 |
Comments Off
I’m a huge fan of VMware, even though I spent some time competing with them when I ran strategic planning for the Citrix virtualization business (pre-Xen). I even tried to build a cloud with VMware in 2002, when it wasn’t yet server-grade for data center operations. It’s a killer company with great virtualization software, and it’s done an incredible and outstanding job holding its own against industry giants like Microsoft, and pivoting from hypervisor vendor to cloud infrastructure vendor.
That said, I have to wonder why, in this CNET interview, Chris Knowles, VMware’s...
Posted by
Justin Foster in
Cloud-based Security, Cyber crime, Privacy, Compliance and Identity, Secure Data Centers, Securing the Cloud, Threats from the Cloud, Virtualization
Dec 13th, 2010 |
Comments Off
Cloud Security Alliance Congress 2010 Summary – Part 4 of 4
The Cloud Security Alliance kicked off its first major event November 16-17, 2010 in Orlando, Florida. The CSA Congress 2010 successfully hosted 370 people with talks covering all aspects of cloud security over two days.
For those who were not in attendance at Congress, this four-part series summarizes some of the most popular sessions at the event. This is the final part of a four-part series summarizing popular sessions at the Cloud Security Alliance Congress.
Top Threats and Risks to Cloud Computing
Michael Sutton from Zscaler...
Posted by
Dave Asprey in
Cloud-based Security, Privacy, Compliance and Identity, Secure Data Centers, Securing the Cloud, Threats from the Cloud
Dec 6th, 2010 |
Comments Off
The cloud is putting so much pressure on the old device-centric security model that it’s forcing a change to an identity-centric security model, where it matters far more who a person is than what device or network they are using. In a single day, one person might access cloud applications from his iPhone, home, main office, and Peet’s Coffee, and he may use his home PC, his work laptop, his phone, or even his Xbox. Trying to identify and secure what that person does based only on a device IP address or network address is simply a lost cause. But it gets worse because the same person may...
Posted by
Justin Foster in
Cloud-based Security, Cyber crime, Privacy, Compliance and Identity, Securing the Cloud, Virtualization
Nov 29th, 2010 |
Comments Off
Cloud Security Alliance Congress 2010 Summary – Part 1 of 4 parts
The Cloud Security Alliance kicked off its first major event November 16-17, 2010 in Orlando, Florida. The CSA Congress 2010 successfully hosted 370 people with talks covering all aspects of cloud security over two days.
For those who were not in attendance at congress, this four-part series will summarize some of the most popular sessions at the event.
Keynote Address: Creating a Safer, More Trusted Internet
Scott Charney, the Corporate Vice President of Trustworthy Computing at Microsoft, kicked off the congress with his...
