Patrick Wheeler in
Cloud, Cloud-based Security, Consumerization of IT, hybrid-cloud, Privacy, Compliance and Identity, private cloud, public cloud, SaaS, Securing the Cloud, Security, Threats, Virtualization
Jun 20th, 2011 |
For all its hype iCloud does not represent a fundamentally new problem. Employees are already bringing personal devices to work and wanting to use them in their jobs, and these unmanaged devices are mixing personal and corporate data on a system that is outside the control of the security and IT teams. There are already many apps and cloud-based services for sharing data between users and between devices (such as Dropbox), and these services are giving security pros fits. What is new is that iCloud will make these things happen automatically, and potentially without the intent or even awareness...
Dave Rand in
Cloud, Cloud-based Security, Cyber crime, IPv6, Malware, Privacy, Compliance and Identity, public cloud, SaaS, Securing the Cloud, Security, Smart Protection Network
May 4th, 2011 |
Part 1 of 2 parts
IPv6 will change how we use the internet, again. To the typical user, there is no difference; web sites work the same. But email is a different story.
When using IPv6, addresses are allocated in a different manner. Most end-users today get one IP address, which is shared between multiple machines using a Network Address Translation (NAT) router. In IPv6, each user gets an address block – a /64 – of address space. This is great news, because end-to-end application on the Internet will work much better, and there will be no NAT in the way.
A /64 is a huge amount of space –...
Bharath Chandrasekhar in
Cloud, Cloud-based Security, cloudbursting, DataCenter, hybrid-cloud, private cloud, public cloud, Securing the Cloud, Security, Threats from the Cloud, Uncategorized, Virtualization
Mar 15th, 2011 |
Do you know what cloudbursting is? It is a concept where when you run out of your computing resources in your internal data center, you “burst” the additional workload to an external cloud on an on-demand basis. The internal computing resource is the “Private Cloud” and the external cloud is typically a “public cloud” for which the organization gets charged on a pay-per-use basis. When your deployment has the ability to do “cloudbursting” or spreading the load to the public cloud, you essentially have a Hybrid Cloud.
Hybrid Clouds can deliver a bit...
Justin Foster in
Cloud-based Security, Cyber crime, Privacy, Compliance and Identity, Secure Data Centers, Securing the Cloud, Threats from the Cloud, Virtualization
Dec 13th, 2010 |
Cloud Security Alliance Congress 2010 Summary – Part 4 of 4
The Cloud Security Alliance kicked off its first major event November 16-17, 2010 in Orlando, Florida. The CSA Congress 2010 successfully hosted 370 people with talks covering all aspects of cloud security over two days.
For those who were not in attendance at Congress, this four-part series summarizes some of the most popular sessions at the event. This is the final part of a four-part series summarizing popular sessions at the Cloud Security Alliance Congress.
Top Threats and Risks to Cloud Computing
Michael Sutton from Zscaler...
Justin Foster in
Securing the Cloud
Jan 5th, 2010 |
As new applications are developed based on the cloud model, developers are turning to Platform-as-a-Service (PaaS) to simplify application development and deployment. After all, babysitting the operating systems, data stores, messaging queues and application containers running below the application is complicated and costly. The promise of PaaS is the delivery of an application infrastructure, where the provider handles the care and feeding of the underlying stack.
Sounds great, until you consider how much control you are really giving up from a security perspective:
Visibility – In a PaaS...
Justin Foster in
Secure Data Centers, Securing the Cloud
Oct 28th, 2009 |
Portability and interoperability in cloud computing may seem tangential to security, but avoiding vendor lock-in is about more than having access to competitive pricing or better service. When relying on a single provider there is inherent risk, especially in the availability of the service and data.
Throughout history the need for portability and interoperability has usually been dealt with through standardization. Standard railroad gauges enabled cross continental travel, just as TCP/IP unlocked worldwide communications. It’s not surprising then, that many people look at cloud computing...