Posted by
Christine Drake in
Cloud, Cloud-based Security, Consumerization of IT, Secure Data Centers, Securing the Cloud, Security, Smart Protection Network, Threats, Threats from the Cloud, VMware
Oct 7th, 2011 |
1 Comment
Traditionally businesses have focused their IT security on perimeter defense—blocking threats before they enter the network. This protection is still important. But with today’s cloud computing, mobile devices, and advanced persistent threats (APTs), businesses need security that protects their data wherever it travels and in whatever type of device it resides, requiring new data-centric security.
Earlier this week, Trend Micro held its annual insight event for the analyst community and announced our new vision on data-centric security (see video clips of the event here and here). Back...
Posted by
Dave Asprey in
Cloud, Cloud-based Security, Cyber crime, Deep Security, hybrid-cloud, IaaS, Malware, Privacy, Compliance and Identity, private cloud, public cloud, Secure Data Centers, Securing the Cloud, Security, Smart Protection Network, Threats from the Cloud, Virtualization
Jun 5th, 2011 |
1 Comment
For the last few months, we’ve been conducting a cloud, virtualization, and VDI security survey of 1200 IT professionals from larger companies in 6 countries around the world. Not only did I get to help shape the questions on the survey, I’ve also been on the team interpreting the results.
We’ve learned more than a few things we actually were not expecting to learn. Here is a collection of the most interesting top findings about the state of cloud and virtualization security. I’ll be blogging about some of them in more detail over the next few weeks, but in the meantime, here is the big...
Posted by
Rik Ferguson in
Cloud, Cloud-based Security, Cyber crime, Malware, Securing the Cloud, Security, Smart Protection Network, Threats, Threats from the Cloud
May 31st, 2011 |
2 Comments
With the launch announcements of various Google Chrome netbooks, the focus of the press and security companies alike is beginning to take a closer look at the security promises made and also at some of the more ’media friendly‘ statements such as, “…users don’t have to deal with viruses, malware and security updates”.
Let’s have a look at some of the security features of Chrome OS:
1 – Get out of my playpen. Each process runs in its own sandbox. Effectively this means that if an application is malicious or compromised, it is unable to interact with or otherwise affect...
Posted by
Dave Rand in
Cloud, Cloud-based Security, Cyber crime, IPv6, Malware, Privacy, Compliance and Identity, public cloud, SaaS, Securing the Cloud, Security, Smart Protection Network
May 4th, 2011 |
1 Comment
Part 1 of 2 parts
IPv6 will change how we use the internet, again. To the typical user, there is no difference; web sites work the same. But email is a different story.
When using IPv6, addresses are allocated in a different manner. Most end-users today get one IP address, which is shared between multiple machines using a Network Address Translation (NAT) router. In IPv6, each user gets an address block – a /64 – of address space. This is great news, because end-to-end application on the Internet will work much better, and there will be no NAT in the way.
A /64 is a huge amount of space –...
Posted by
Dave Asprey in
Cloud, Cloud-based Security, Malware, Securing the Cloud, Security, Smart Protection Network, Virtualization
Feb 10th, 2011 |
Comments Off
Is Virtualization stupid? It forces guest VMs sharing a host to do the same things over and over, without sharing. It takes up countless hours of otherwise useful – and expensive – server time. Sure, it’s better to consolidate servers using virtualization than to leave them on separate hardware, but it’s still just plain wasteful when dozens of VMs on a single server suck CPU cycles to do the same things their neighbors are doing.
Why do we allow this? For security and flexibility reasons. The predecessor of desktop virtualization was the Citrix Presentation Server, which...
Posted by
Dave Asprey in
Cloud, Cloud-based Security, Cyber crime, IaaS, Malware, PaaS, SaaS, Secure Data Centers, Securing the Cloud, Security, Smart Protection Network, Threats, Threats from the Cloud
Feb 6th, 2011 |
6 Comments
In a recent eWeek interview, Citrix CTO Simon Crosby described Conficker malware as “the world’s largest cloud.” He’s right. Cybercriminals use Conficker to create massive clouds of remotely-controlled PCs capable of carrying out a variety of cyber-attacks, including DDoS (Distributed Denial of Service) attacks on a scale larger than any centralized cloud provider could. We tend to think about data center-based clouds with names like Infrastructure-as-a-Service or Software-as-a-Service, but the future of really big clouds looks more like Conficker’s very powerful networks of distributed...
Posted by
Jon Oliver in
Cloud, Cloud-based Security, Cyber crime, Malware, Securing the Cloud, Security, Smart Protection Network, Threats, Threats from the Cloud
Jan 17th, 2011 |
2 Comments
Today’s threat landscape has required security vendors to change their approach to protecting customer data. TrendLabs℠, Trend Micro’s threat research arm, states there are now 3.5 new threats released every second by cybercriminals. Traditional approaches to security just cannot keep up with this. Those traditional processes looked like this:
Customers would submit a suspicious file to their security vendor for analysis
The security vendor would analyze and confirm it as malicious
A signature would be created to identify that file as suspicious
The signature file would be published...
Posted by
Ron Clarkson in
Cloud, Cloud-based Security, Cyber crime, Malware, SaaS, Securing the Cloud, Security, Smart Protection Network, Threats, Threats from the Cloud
Jan 7th, 2011 |
1 Comment
Not too long ago, a friend of mine switched from iPhone to Android and he was quite loud about it on his Facebook wall, exclaiming that it was nice to have a phone that let you “make your own decisions.” This is a pretty common theme that I hear again and again from newly converted Android devotees and I think it’s pretty cool because let’s face it, our phones are an extension of our personalities. Whether it’s the ability to use removable storage or the ability to install any app you want, Android certainly offers the most freedom of any of the popular smartphones...
Posted by
Dave Asprey in
Cloud-based Security, Cyber crime, Malware, Security, Threats, Threats from the Cloud, Uncategorized
Dec 14th, 2010 |
2 Comments
(Ed. note: While the following does not strictly deal with “cloud security,” we thought it was of such a degree of importance to post it here.)
Today’s disclosure by Google and Microsoft that they were tricked into serving malware highlights an inherent conflict of interest between advertising-based businesses and the security needs of their customers. Ad networks like Google and MSN get paid when they sell ads, so they naturally focus on being the best at selling ads. Because these ad networks don’t get paid to keep people’s computers secure, they spend just enough on security...
Posted by
Justin Foster in
Cloud-based Security, Privacy, Compliance and Identity, Secure Data Centers, Securing the Cloud, Threats from the Cloud, Virtualization
Dec 4th, 2010 |
Comments Off
INTRODUCTION
Cloud Security Alliance Congress 2010 Summary – Part 2 of 4 parts
The Cloud Security Alliance kicked off its first major event November 16-17, 2010 in Orlando, Florida. The CSA Congress 2010 successfully hosted 370 people with talks covering all aspects of cloud security over two days.
For those who were not in attendance at congress, this four-part series will summarize some of the most popular sessions at the event.
Cloud Security Alliance Congress 2010 Summary – Part 2
This is part two in a series of posts summarizing popular sessions at the Cloud Security Alliance Congress...
