Blog Posts Tagged with "Virtualization"
Securing Your Company Against BYOD-Created Threats
May 14, 2012 Added by:Ashley Furness
The increasing emergence of Bring Your Own Device (BYOD) policies has both good and bad implications. Here are four strategies your company should implement to keep data secure while supporting employees' choice to use their own laptops, smartphones and tablets in the workplace...
Comments (2)
The Patchwork Cloud: Making the Security Case
May 06, 2012 Added by:Rafal Los
When we think about cloud computing we can think of security as getting a bit of a gentle push, or shove in some cases. The way it is built and billed as services instead of individual components, and the increased emphasis on automation - security has a real chance of not being a roadblock...
Comments (0)
VMware Confirms Older Hypervisor Source Code Exposed
April 27, 2012 Added by:Headlines
"Our security team became aware of the public posting of a single file from the VMware ESX source code and the possibility that more files may be posted in the future. The posted code and associated commentary dates to the 2003 to 2004 timeframe..."
Comments (0)
Protecting Data in Use
April 26, 2012 Added by:Simon Heron
The security of data in use is about risk mitigation. However, with the current targeted attacks and the proliferation of zero day threats, the risk level is high. It is necessary that action is taken to implement the required precautions that reduce the risk to an acceptable level...
Comments (0)
Who is Your Machine Talking To?
April 13, 2012 Added by:Patrick Oliver Graf
Network connections that communicate with machine-to-machine (M2M) management platforms are especially prone to attacks, in part because the M2M systems primarily communicate via Wi-Fi networks and 2 or 3G connections...
Comments (0)
The Patchwork Cloud Part 1: An Overview
February 23, 2012 Added by:Rafal Los
Cloud computing isn't a paradigm every organization will follow whole-hog, nor should it be. Public cloud, hybrid cloud, private cloud, these are all terms need to be understood first and have some sort of rational approaches to security and risk management around them...
Comments (0)
The Difficult Life of a Mac in the Mixed Environment
February 03, 2012 Added by:Bozidar Spirovski
We are not abandoning the Mac - it is a great tool and an asset in our little lab. But in the current state of things, it takes a lot of effort and compromise to fully migrate to a Mac platform, especially since a multi-environment knowledge is required...
Comments (2)
Master the Cloud, Montréal - Notes from the Road Part 2
February 02, 2012 Added by:Rafal Los
As clouds pop up, expand and workloads become mobile across virtualization platforms, federation will allow a much easier move from one provider and from one platform to another without having to worry about separate authentication, authorization, and validation efforts...
Comments (0)
Data Loss Prevention Step 4: Prevent Network Cross-Connect
January 12, 2012 Added by:Rafal Los
Preventing network cross-connect used to be simple as making sure your VPN client wasn't able to perform split-tunneling so malware couldn't bounce to your corporate office. If your corporate office is virtual all that stopped mattering...
Comments (0)
Balkanizing the Internet
November 02, 2011 Added by:Gabriel Bassett
The internet is really not one contiguous environment. Instead, due to the nature of service contracts and peering agreements, it's a mesh of interconnected information systems. These information systems are already undergoing a balkanization as we speak...
Comments (0)
Confusing Inconvenience for Enterprise Security
October 22, 2011 Added by:Rafal Los
When a problem that has been ignored for years suddenly causes immense pain, the result is an often a rash reaction that is grounded in fear and 'the need to do something' rather than a sane approach to securing assets, leading mostly to inconvenience and not better security....
Comments (0)
Security: Tip Toeing Through the Clouds
September 28, 2011 Added by:Rafal Los
As elastic cloud computing becomes more popular, more critical applications and data will be living in those multi-tenant environments. While this is a fantastic development, security professionals can't let bad software development practices ruin the next biggest leap in business technology...
Comments (0)
A Bunch of Virtual Machines Does Not a Cloud Make
September 10, 2011 Added by:Rafal Los
Allow me to interject some sanity here for a moment, because I seem to have stumbled upon a very interesting point which should be quite clear, but apparently is not. Just because you're running a bunch of virtual servers does not mean you're adopting cloud computing. Here's the situation...
Comments (0)
Four Cloud Trends on the CIOs Radar
August 26, 2011 Added by:Bill Gerneglia
Data Center Transformation: CIOs are feeling the stress of virtualization. The goal is to have more than 100 VMs on each server by 2012. That’s putting stress on the netwok and storage infrastructures which look outdated. The CIO needs to consider the impact of this stress...
Comments (0)
What the CISSP Won't Teach You Part Deux
July 01, 2011 Added by:Boris Sverdlik
You should use a layered security model. Port Security should be enabled; IDS Response rules should trigger a port shutdown on multiple ARP responses past a certain threshold. Are you seeing yet how attackers think?? The CISSP will not teach you to think outside the box...
Comments (0)
PCI SSC Releases Virtualization Guidelines
June 26, 2011 Added by:PCI Guru
If I had to take the PCI SSC to task, I would argue that cloud computing does not have anything to do with virtualization. Yes, a lot of cloud computing solution providers are using virtualized systems to provide their services, but not every cloud provider uses virtualization...
Comments (0)
- Not Totally Sure What Just Happened...
- Has Anonymous Infiltrated the US Government?
- Big Opportunities in the Cloud
- Zeus Malware Targeting Facebook, Gmail and Yahoo Users
- Follow Up to the Out of Band Authentication Post
- Skype Malware Campaign Spreading Poison Ivy Trojan
- I Hope Edo is Worth the Privacy Risk
- Dutch MoD Innovation Competition 2012: CYBER Operations 2.0
- NIST Workshop: The Technical Aspects of Botnets
- Security Automation by Hand - Batch/Bash/FOR